A digital identity is the body of information about an individual, organization or electronic device that exists online.
Unique identifiers and use patterns make it possible to detect individuals or their devices. This information is often used by website owners and advertisers to identify and track users for personalization and to serve them targeted content and advertising.
A digital identity arises organically from the use of personal information on the web and from the shadow data created by the individual’s actions online. A digital identity may be a pseudonymous profile linked to the device’s IP address, for example, or a randomly-generated unique ID. Digital identities are seen as contextual in nature since a user gives selective information when providing authentication information.
Examples of data points that can help form a digital identity include:
- Username and password
- Purchasing behavior or history
- Date of birth
- Social security number
- Online search activities, such as electronic transactions
- Medical history
Because a profile often includes aspects of a person’s actual identity, digital identities come with privacy and security risks, including identity theft. Pseudonymous profiles can also yield an individual’s identity through cross-site data analysis. While passports and licenses identify users in real life, the inclusion of such personally identifying information (PII) online may pose more risks than benefits for the user. Several authentication and authorization systems have been explored, but there is still no standardized and verified system to identify digital identities.