The ability to distinguish one person from another is so innate that nobody, aside from the occasional more systematically minded portrait painter (Leonardo da Vinci) ever bothered to try and analyse what makes one face different from the rest.
But in 1888 the Frenchman Alphonse Bertillon invented the mug shot, creating a library of photos of individuals known to the Parisian police. He went further, making measurements of their heads, creating the science of Anthropometry and in 1912 published a paper that introduced a standard way of comparing the 16 ridge characteristics that make up a fingerprint. Sherlock Holmes, it is said, was a big admirer of the ‘French savant’.
Since then, these two biometric markers have been the principle methods used to identify an individual. And now, every day, Apple and Samsung together release over half a million devices carrying fingerprint scanners.
> See also: Biometrics is the sexy side of identity management, but not the most effective: Kevin Cunningham, Sailpoint
It’s not that we’re either too lazy or too stupid to remember 4 digits, it’s just too easy for anyone else to learn them. And as we focus more and more of our digital lives (which is more and more of our actual lives) through our phones, our vulnerability increases.
Ultimately, only you can ever be you. Although my DNA is the sum of my parents’, the combination is unique. The vein patterns in my fingers, my iris colouration, my fingerprints and many other physical characteristics are mine and mine alone.
But proving that you're you every time you want to use the digital world is a pain. That’s why your bank doesn’t ask you to do it anymore – your contactless card does that for you. No PIN to remember, no passwords to forget.
There’s a reason that banks are so keen on this stuff. Even more than nation states, banks have historically been the Go-To guys for verification of identity. Opening a bank account gives you access to the global financial system and banks guard that door jealously.
But new players like Google, Facebook and PayPal are appearing. More doors are available, and quite what constitutes a key is struggling to keep up.
This development leads to the big debate – Privacy vs. convenience. Which one do you want? Because you can’t have both. If it’s privacy you value most, you can keep yourself to yourself and stay off the radar but it’s going to be tough doing even the simple things – like getting on a bus or going to the doctor. If it’s convenience, you may choose to abdicate control to someone else and remove all the friction.
Ultimately, it boils down to one word: Identity. If you are who you say you are we can work together. But defining what we mean by identity is a complicated task. And that definition, not surprisingly, depends on where you live. The idea of who I am, and whose business that is, is not universal.
To the British, ‘Identity’ is a fluid, slippery thing, or so it would seem. Almost uniquely in Europe, British citizens do not carry ID cards, and are under no legal requirement to produce any when challenged.
There is a deeply ingrained instinct in the British character that identity is none of your damned business – it’s their personal, private, closely guarded property. The issue is not to prove it, but to use it to identify myself. That’s a subtle but significant distinction.
Perhaps it’s because, as a Brit, Iegally you wouldn't be a citizen with rights but a subject with liberties. Not counting the Magna Carta incident, we’ve never had a revolution, so we have no constitution or bill of rights.
Our society and political system derives from an ongoing battle to evade the demands of a monarch. It’s a strange kind of centrally managed anarchy and so, instead of a central registry or database, the UK is creating an ‘Open Standards Federation’, meaning multiple agencies can participate, mitigating the risk of having all my identities stolen and misused.
And, in theory, because you can choose which one you use (and this might include Google or Facebook or PayPal) to let you verify your identity, you begin to have a sense of ownership of your identities and what you can use them for. You understand that you need to look after them because they have value.
It’s all very nice and consensual and adult and gratifyingly chaotic and vague in a way that aims to strike a very British balance between privacy and convenience.
> See also: Why identity and privacy rule on the road to digital transformation
In the film Bladerunner (set, as it happens in 2019, the year the EU eID system is due to go live) only two things distinguish humans from robots: memories and the capacity for empathy. Physically, everything we are can be manufactured, and presumably copied.
But memories come from real life experience and no two lives can ever be exactly the same. And the capacity for empathy – to feel what another is feeling, to sympathise, to pity and feel emotions at second hand is a human ability that springs from our deepest self; from the fountainhead of emotions from which religion and art both emanate. These are the biometric characteristics that are the hardest to fake and closest to who we really are.
And so, as the science and the arts eye each other warily like two candidates for an arranged marriage, it becomes clear just how complex and all-pervading this topic will become, and how the idea of the individual – what it is and what it means to be one, will be every bit as important as the technologies used to identify them and the channels built to connect them together.
Matthew Maxwell is Associate Creative Director, Sapient Nitro