What’s under the OneID® bonnet? Part 3 of 3

Our principles  

If you’ve stayed with me this far, you will probably have already figured out that we develop and manage OneID® solutions against a set of design, operating and governance principles. These will continue to guide all future OneID® product developments.

OneID® has been designed from the ground up as an identity service, custom-built for the UK market. The principles borrow from the thinking that went into successful digital ID schemes from around the world, such as the bank IDs in the Nordics, but have been adapted to fit with the UK’s particular history and culture with identity.   

It also stems from our company values as a B Corp. 

Our principles are: 

1. User-centricity – we provide the user with choice and control via consent. 
2. Inclusivity – we can support 90% of the UK adult population who bank online. 
3. Social Purpose – we aim to meet our broader stakeholder needs and have a positive social benefit by reducing fraud and increasing online safety, productivity and inclusion. 
4. Security – we run a robust, secure, and scalable platform. 
5. Transparency – we are transparent in governance and operations. 
6. Interoperability – the product is built on open, global standards for identity. 
7. Privacy – we prioritise protecting privacy with a ‘need to know’ approach and implement ‘data protection by design and default’ in everything we do. 
   

The last principle is particularly important to us. When we say ‘privacy by design’, we mean it. 

A double-blind to enhance privacy  

The OneID® privacy model is designed with the GDPR's data protection by design and default principles in mind. It minimises the amount any party knows about what the user is doing while still enabling traceability (and, from that, accountability) back to the user if required. 

OneID® has a privacy-enhancing model that is a ‘double-blind’ between the ‘relying party’ and the bank (neither party knows who the other is). We don’t store or monetise data —it stays with the bank. OneID® stores the consent for the data attributes that are shared from the bank but never the actual data. 

Who can see user data? 

Who knows who is requesting the data?

Each OneID® use from a customer (‘relying party’ API call) will return a user subject ID or ‘OneID sub’, which is a consistent unique identifier for each user, that OneID® sends to the relying party so they know that the person connecting is the same person each time. This ‘OneID sub’ attribute is returned with every OneID® product along with the personal data. The sub is generated by OneID® as a ‘pairwise’ identifier (RP-user pair) to be different for each relying party that the user connects to, increasing privacy by decreasing account data correlation risks in any data breach event. RPs cannot share ‘sub’ data to compare who their common customers are. 

OneID® gets a different consistent unique identifier from the bank for each (a ‘Bank sub’) and hashes and stores the one-way hash so the ‘Bank sub’ cannot be reverse-engineered from OneID® data. This protects the user in the event of a OneID® data breach (they cannot be identified). 

Keeping data within the UK

Finally, given its sensitivity and ownership, we want to keep data and services in UK ownership. For that purpose, we have a Social Benefit Trust with trustees who keep us on track with our social purpose. They also control a ‘golden share’ to protect the company from foreign or hostile takeovers. 

So, to summarise, at OneID®, we continually ensure that anything we do is in the interest of our users and the UK as a whole. We protect individuals' right to privacy while allowing them to participate safely in the UK’s digital economy. How many can say that…. 

Take the OneID demo journey to see how fast it is and the format in which the data is shared with the relying party.