Digital identity is the network or Internet equivalent to the real identity of a person or entity (like a business or government agency) when used for identification in connections or transactions from PCs, cell phones or other personal devices.
Trusting the link between a real identity and a digital identity first requires someone to validate the identity, or in other words, to prove you are who you say you are. Once established, using a digital identity involves some type of authentication-a way to prove it is really you when you are using digital connections like the Internet. The more valuable the digital identity, the more work required to validate it and establish secure authentication.
For example, you can set up webmail with no validation of your identity other than an email address, and then use the email address and a password to provide authentication. For something more valuable, like cell phone service, your carrier will make sure they know who you are and where to send your bills!
Stronger security is also available for higher value services or information using two-factor authentication, which requires a personal digital security device during the login or ID validation process. These devices are usually based on smart card technology, a computer that adds enhanced security features like special access keys that are calculated by the smart card on-the-fly and are unique for each login or connection. In the case of cell phones, special smart cards called SIMs inside many cell phones protect the subscriber’s phone number from fraudulent use and help to scramble the calls to prevent eavesdropping.
For Internet transactions, in general business-to-business authentication tends toward more security while consumer access to Web-based services tends towards less secure username/password authentication.