One thing we’ve always felt we were pretty good at is adapting. Shifting project goals and changing priorities is just a part of the process of building solutions from scratch. Usually these changes are brought on by hard to answer questions that arise during development, but sometimes they are necessitated by the outside forces of the world. In this blog post, we want to share our approach during the COVID-19 pandemic to redesigning Dublin Identity, an application designed for in-person onboarding.
In 2018, when we first began designing this project, like everyone else, we were under the assumption physical interaction between people would always be a normal everyday activity. Now that 2020 has proven otherwise, we have found ourselves in a situation calling for some serious adaptation. Dublin Identity is an application whose primary value proposition is built on the notion we would be creating validated digital identities. Identities would be created in-person, using verifiable credentials. Without these identities, the rest of the system suffers.
Fortunately, once an identity is created the application’s functionality lends itself well to the remote world of today. Verified digital identities allow the city to continue to interact with its residents online. They help the city collect actionable residential information or opinions remotely. These identities can be used to identify residents wishing to speak at a City Hall e-meeting, and they can still be used to identify users and distribute reward points as the city sees fit. The only real challenge we’re facing is our approach to step-one: onboarding.
Easy enough. We will design a remote sign up system, but why didn't we do that in the first place? To understand our reasoning, it is prudent to first understand how identities are authenticated using the application.
For our solution we designed an authentication system similar to how trusted servers are identified on the internet. In this approach, the City of Dublin is acting as a ‘certificate authority’. As a certificate authority, it is not the City’s job to simply supply identifying information to those requesting it, but instead to certify whether the information being supplied is from a trusted source. In this case, the trusted source of information is an individual who has gone through Dublin’s verification process. If Dublin has certified an individual's information as trusted, the recipient can be assured that information has been verified previously for its accuracy.
Unfortunately, one constraint of this solution is that a certificate authority needs a chance to validate your information prior to supplying a certificate of trust. Meaning for Dublin to assert your information is trusted --in order to confirm your identity, they first need to review and validate your information for authenticity. With this constraint in mind we determined any data being shared through Dublin Identity would be required to go through a manual review process prior to a digital identity being created.
In the name of simplicity, it was determined the best approach to validating all incoming information was to have a city staff member to review the individual’s information on the spot. With a quick check of a State ID at signup, an individual's identity can be confirmed and their digital ID can be created.
Obviously, in today's world this approach is no longer as viable as previously believed. The city has no desire to meet residents in-person for a simple registration and the majority of people have no desire to go out. So, how have we adapted the review process for remote registration without compromising security or the authenticity of data? Our solution involves a three-pronged approach.
First, we have developed a new registration process allowing users to self-register online. Users will be requested to scan their physical state ID via their phone, take a selfie for their account, and separately provide a photo of the front and back of their state ID.
Second, once all required information has been submitted for self-registration, users are added to a queue where system administrators manually review and approve of newly created identities. This process ensures all city certified data has been validated before authentication and further reduces the likelihood of false claims.
Third and most importantly, we’ve added a concept of ‘features by security level’. Just because Dublin has not yet reviewed your account doesn’t mean they don’t want you using the app. To account for the time between submission and review, we’ve added multiple levels of ‘trust’ that can be assigned to an individual, dependent on the amount of information the city has verified. The tiers of trust and the features available can be broken into four user categories:
Self-registered User without ID. This user is assigned a certificate of “Untrusted”. Meaning the city has no means of verifying any identifying information the user has claimed. Untrusted users are limited to the following features:
Self-registered Users with ID - Unverified. Initially, when a user has submitted their information with the accompanying ID, the city will assign a level of trust as “Unverified”. An unverified user will temporarily have restrictions applied to their account until the review process has been completed. Unverified users are temporarily limited to the following features:
Self-registered Users with ID - Verified. Once a user’s account has been reviewed and approved, their level of trust will be increased to “Verified”. In addition to the previously available features, Verified users will also be permitted to participate in city surveys and provide more granular identifying information. A full list of available features is as follows:
In Person Fully-Verified User. An in person, fully verified user will be assigned the highest level of trust. This user will have met with a Dublin official in person and had their credentials inspected upon sign up. With this level of authentication, Dublin is willing to extend the windows of time before personal information will need reconfirmed. In addition, the city will be able to add more identifying fields, such as the Dublin City Recreation Center membership status. A full featured list include the following:
We believe using this tiered level of trust approach will allow users to continue to sign up and use the application now and in the future as the pandemic progresses, and this need to adapt has improved the overall user experience. It was our goal to adapt our solution to the world today without compromising on our original goals of authenticity. How do you think we did? Comment below.