Human beings love cities, well many of us do. We love them so much that the United Nations are predicting that by 2050, 66% of us will live in them. So how do to make sure that all of those people are housed, have clean water, can get into and out of the city easily, and can breathe the air without coughing? Well, we make those cities, smart.
The market for smart cities is expected to be around $1.2 trillion USD by 2022. What this translates to, is a rush of companies going to go after that money by building smart products that enable the smart city. Smart cities are creating a veritable gold rush and this time the rush is built upon data - often our personal data. But to share and transact using that data we also need to build smart identity at the same time we build our smart city
Home is Where the Smart is
In the smart city, the home is where it all begins. The concept of the smart home has gone from sci-fi to real-fi in a few short years. However, an unfortunate consequence of smart is that it is becoming synonymous with privacy loss. Examples of this keep popping up, such as FTC recently fining Vizio $2.2 million for breaching the privacy of smart TV watchers. Smart devices like digital assistants and IoT home controls are giving smart a bad name in terms of privacy. These devices are built around identity data and our concerns about the misuse of these data are not unwarranted. But, using smart devices doesn’t have to result in losing our identity; they could even be used to augment it. Smart devices and identity have good potential for pairing to provide:
- Geo-location-based access: Tying a transaction to the home via an identity using a smartphone or IoT device. This could encourage people to only do high-level transactions within a safe setting, like a home
- Authentication: Using a voice-activated assistant as a second-factor credential. You could also tie in the location of the device to add some risk-based authentication
- Better UX: As we become more used to asking for things, “Alexa, purchase my favorite merlot please”, associating a command with the use of our identity will make identity use more seamless
- Pseudonymity/anonymity wherever possible
- Minimal disclosure of data wherever possible
- User-centric consent models within the identity system