Digital Identity Exchange is the center of an Internet-based universal identification (ID) system sometimes referred to as Identity 2.0. This idea centers around using universally recognized login information for a wide range of different sites all over the Internet. In many ways, the idea of the Digital Identity Exchange is to make the Internet work more like the real world, where a single piece of ID, such as a driver's license or passport, is acceptable identification practically everywhere a person may go. The idea has alternated between receiving praise and scorn from Internet privacy groups.
In most current web-login situations, a person makes an account on a site. The site keeps track of the login information for that person independently of other sites. The same person may make an account on a different site using the same information, but since the two sites aren’t connected, the information remains separate. That same user may also make a second account on the original site using different credentials. This would allow the user multiple platforms for activity in the same place.
With a Digital Identity Exchange system, a person’s login information would remain in a central location, and that location would allow a person to login to different sites. Instead of the site checking its internal records looking for an account, it would query a central database. If the site is appropriate for the user, the central database would transfer information to the site. The user wouldn’t have to design a profile or come up with a login; it would already be in the central records.
Digital Identity Exchange has been folded into the OpenID system. OpenID works along the same lines as the original system, although it currently uses large companies as verification rather than a central server. Sites such as Facebook, Google or PayPal allow users to login to specially equipped third-party pages using login for their sites. In effect, the third-party sites recognize the validity of the larger company’s login and allow it instead of one specifically for their site.
Internet privacy groups are split on the validity of the Digital Identity Exchange system. On one hand, a person will no longer need to spread personal information out over the Internet. This will cut down on the number of identity thefts through spoofing websites or poor security. In addition, if a person starts exhibiting strange web behavior, the system can shut them down in a way similar to what a credit card company does to a stolen card.
This increase in privacy and security comes at a cost. The central database will have a record of web logins whether the user wishes the information to be stored or not. This database will also keep track of Internet activities, such as browsing habits or commonly purchased items. Lastly, anything that manages to compromise the security of the central database will allow access using credentials to any participating site, rather than a single hacked website or password.