We frequently use the word “identity” when we don’t really mean it. We frame digital identity solutions around proving who you are or proving who someone is.
But IRL we rarely want to know who someone else really is (and from the personal perspective, we rarely want to reveal who we really are).
The fact is, we do not routinely ask “Who are you?” not with any seriousness anyway. “Who you are” is just vernacular, or shorthand. And it stands for something that is very different from identity.
In business and administration, we are always much more precise about what we really want to know about the other party.
Two parties always go into a transaction with a clear idea of what they need to know about each other and what they are going to have to prove about themselves.
These are known unknowns. In the case of business applications, the unknowns are defined when the systems are designed (typical examples are usernames, legal names, account numbers, licence numbers, government IDs and device serial numbers). And there are recognised sources or systems from which pertinent information originates, together with conventions and mechanisms for telling if the information is reliable.
In general, “digital identity” should not be the question. When we design a transaction system, we should start by asking What Do We Really Need To Know about each party. And the answer should include the all-important metadata that confirms the information is fit for purpose.