Q&A: How Digital Identity Can Elevate the Internet of Things (IoT)

What role does digital identity play in the rapidly expanding Internet of Things (IoT)? I recently spoke with Jamie Capildeo, Prove’s Enterprise Sales Director for the UK, about the many ways in which the recent evolution of the Internet of Things (IoT) is continuing to shape the digital identity space and vice versa. Here are the top highlights from our conversion: 

The Internet of Things is one of the buzziest topics within the technology industry but there are a lot of misconceptions about it. How would you describe this concept?

‍

Our world is now full of connected ‘things’ – cars, smart motorways, coffee machines, factories, shipping containers… In fact, pretty much anything you can imagine. By the end of 2022, it is estimated that there will be 14 billion connected ‘things’ globally, growing to around 27 billion by 2025.

The concept of connecting things (thereby deriving the name ‘Internet of Things’) has moved from science fiction to full-scale reality. Smart factories are a great example of how IoT is changing the world in which we live. The factories now interact with their employees, operations, and management, providing data to improve manufacturing efficiency, monitor and impact eco-friendly energy usage, reduce wastage and error, and give warnings that things are going wrong before they even go wrong… All the while being fully controllable by an autonomous operations system that controls every connected device within that factory, whether it is a sensor on a machine or a robot making items.

IoT connectivity allows us a unique window into the world, collecting data from anything with an IoT SIM in it, allowing us to improve how we live, work, plan and operate in every sphere of life.

Some of these smart products can appear gimmicky at first glance. Is the Internet of Things worth the hype?

I think this rather misses the point that IoT is not only about personal usage products. Whilst these are also hugely popular – think Alexa, for example – the world of IoT is far wider than this. Global organizations are deploying IoT connectivity on a vast scale to help meet their corporate objectives: increase revenue, improve efficiency, understand their green footprint, and streamline their overall business operations. IoT is here to stay and will only grow as we find more uses for the data that the devices and machines in question create.

The benefits sound amazing but what about privacy? 

Privacy is interesting – the devices are owned by the person/business who buys them, which then lends itself to ‘obvious’ privacy; for example, corporate IoT networked devices belong to the corporation in question. For personally owned devices, there is the risk that the supplier of the device can collect useful personal information from them, but this is normally restricted by network connectivity and security, whereby the data gathered is only available to the individual who owns the SIM-based connectivity. Other regulations such as GDPR give the individual the right to opt into data collection, meaning that any data collected by third parties is given by the consent of the owner.

On a similar topic, IoT devices can be attacked by hackers – this has happened and will continue to happen. The security of IoT networks is paramount, and this starts with analyzing the behavior of the devices to ensure that they are behaving according to normal patterns.

So where does digital identity fit into the Internet of Things? 

The internet of Things is formed by what Prove CEO Rodger Desai describes as a “constellation of  5G enabled smart devices” Almost all of these devices will require some sort of digital authentication, as they behave in the same way as a person does – their daily behavior should be ‘expected’ and predictable, their authorized actions should be the only actions they perform, and any behavior outside of the norm should warrant further inspection.

From a digital identity standpoint, the identity of a thing and a person can be treated in similar ways, and, in fact, as we move into the world of digital asset brokerage (things paying other things – a car paying its own parking, a machine ordering its own spare parts, for example), these micropayments should be subjected to the same stringent authentication and authorization protocols as if it were two humans were making the transaction. Key questions like  ‘Who are you?’ and ‘Am I paying the right person?’ or  ‘Is that a genuine transaction?’ and ‘Is this expected/usual behavior?’ all need to be answered, put in play, and managed as this were a traditional financial transaction.

Digital identity is, therefore, critical as IoT rolls out and impacts every element of our lives, to prevent fraud, avoid being hacked, and ultimately stop the IoT networks from becoming a place where nefarious individuals can easily defraud individuals and organizations out of billions of dollars, or bring whole infrastructures to a standstill.

Prove is in a perfect position to tokenize the identities associated with IoT devices and be the first line of defense against IoT fraud and unexpected behaviors. As IoT is rolled out in critical national infrastructures around the world (financial services, government agencies, military organizations, energy networks, telecommunications, oil and gas companies, to name a few), the role of identity and security for these connected devices becomes paramount during the planning of any IoT project and Prove would love to be an essential part of these conversations.

Interested in learning more about leveraging cryptographic authentication to fortify IoT? Speak with an identity expert today.