Digital identity, which is also known as Identity 2.0, is everything that identifies us in the online world.
In the online world, in addition to retaining the same data that identifies us in the offline world, our identity is completed through everything we do: comments on articles, likes on Facebook, retweets, photos on Instagram, petitions we sign on Change.org, etc.
This set of online actions contribute to forming the perception that others have about us. In a context where digital identity theft is becoming increasingly common, how can we protect our digital identity?
This post is also available in Spanish.
What is digital identity?
As we discussed in our post What defines your digital identity and what legal rights are associated with it?, our identity in the analogical world is made up of a series of characteristics - name and surname, birthdate, gender, level of education, etc.
Some of these features are included in our identity cards, which is an element associated to our analogic identity. In the digital environment, each one of us keeps this same identifying data, but our Identity 2.0 is also made up of all of our actions online.
How do we identify ourselves online?
With the development of the Internet, we are making more online purchases and accessing more services online. For example, the weekly shopping purchases or carrying out a bank operation through your bank's mobile application are both very common actions.
This is undoubtedly a breakthrough, but it also poses an important challenge regarding our digital identity’ security and the privacy of our personal data online.
In that sense, one of the main challenges is developing systems for any person to prove his/her identity in the digital environment. That means that each person needs to be able to prove that he/she is who he/she claims to be, when making an online purchase or accessing a service online.
From here, the concepts of identification and authentication online arise. While identifying yourself is saying who you are, authenticating is proving that you are who you say you are.
Normally to access an online service, you identify yourself through your name and/or email, and you authenticate yourself with your password. We have discussed this in more detail in our post How to verify your customers’ digital identity?
Given the rise of cybercrime in recent years, and specifically digital identity theft, authentication systems are becoming increasingly more sophisticated. An example of that would be Apple’s facial recognition system, Face ID.
This system changes the fingerprint for the face, so that Iphone X users can authenticate and access their device, verify payments with Apple Pay or pay in the App Store.
How to protect your digital identity?
Digital identity theft is one of the most frequent cybercrimes.
If your digital identity is stolen, in addition to the fact that cybercriminals can access your bank accounts or make online purchases in your name, they can also damage your reputation on social networks.
To protect your identity online, first you should be very conscious that digital identity theft is increasingly common. It could happen to you tomorrow.
And secondly, it's highly recommended to put into practice the following tips:
Don't use public or unprotected wifi networks
The free wi-fi networks that are offered in bars, restaurants or cafes, or public wi-fi networks are not usually WPA or WEP encrypted, meaning that they are not secure.
Therefore, if you have to connect to any type of service that contains your personal data, or sensitive personal information, don't use these networks. If you must do so, at least ensure that you can browse safely, accessing only pages that use the https protocol.
- Don't use unprotected webpages
Connected to the previous tip, and although you may be using a private wi-fi, it's also important to only browse websites that use the https protocol (Hyper Text Transfer Protocol Secure).
This protocol means that information that circulates through these websites is encrypted, meaning that no one can intercept it.
- Use strong passwords and change them frequently
For those of us who have basic computer knowledge, passwords are our main resource to protect our digital identity. And perhaps we do not give them the relevance they deserve.
Safe passwords should have a minimum of 16 characters, combine uppercase, lowercase and alphanumeric characters. And you should not use the same password for two different services.
Since it's difficult to memorize all the passwords that we use, especially if we start using strong passwords, we highly recommend to use a password manager.
- Update your software regularly
Whether you use Windows or Mac, operating systems are updated with a certain amount of frequency. Every time a new software update is launched, a notification will appear on your computer asking if you want to update it (in some cases, it will update automatically).
It's important not to delay the process of updating your computer’s software, although it usually means you will have to restart your computer and wait a few minutes. Each update contains a better version of the software, including reinforced security.
Review these privacy policies and review the permissions that you give to each social network. Maybe you're not interested in having your Instagram profile public, or maybe you want to approve each photo that tags you on Facebook, to decide if you want it to appear on your wall or not.
- Monitor your name regularly
Surely you have already looked for your name in Google to see what the search engine knows about you (and what anyone in the world can find out about you!).
It's advisable to monitor your name in Google every so often, to check that you continue to control everything that appears about you online. This means, that you have allowed it to appear publicly on the Internet. This is very related to the previous tip.
The advanced electronic signature also protects your identity
The advanced electronic signature also serves to protect our Identity 2.0.
Whether the signature is handwritten - with pen on paper - as if it's electronic, questions may arise on the signer’s identity. However, objectively determining who signed a document or contract is much easier if the signature is an advanced electronic signature.
In the case of our advanced electronic signature solution, we collect a series of biometric data from the signer’s stroke, and additionally a series of electronic evidences that provide information about the context in which a signature was made.
Signaturit's biometric technology
Signaturit´s solution not only captures unique data from the device with which a signature was made (brand of the device, operating system, …), the exact location where it was done or the IP used, but also the elements that make up the signature, such as the speed and acceleration of the signature, and on devices that allow it, the pressure on the screen.
In this way, in case of a conflict or dispute, a Court, Lawyer or Independent Expert as the case may be, may request to replicate the signature with the same device the signer used, to verify who made the signature.
This means reinforcing the Identity 2.0 over the offline identity, as the biometric data collected are impossible to falsify.
Therefore, a signer’s identity is especially protected if he/she has signed with the advanced electronic signature, since there is objective evidence to prove who a signature’s author is.
If you want to implement the electronic signature in your company’s processes to safeguard signers’ identities, whether they are employees or third parties, don't hesitate to try our advanced electronic signature solution.
Register now and try all of our features for free for 14 days.
This post is also available in Spanish.