Tech Tarik Think Tank Explores the Future of Digital Identities and Trust

Technology is catapulting us into a future that is ever more connected, efficient and undeniably digital. And based on the current trajectory, it seems inevitable that our identities will follow suit. Consider this: global digital identity users are set to grow by 82% by 2027 compared to 2023. What’s more, digital identity app installations are forecasted to hit 5.2 billion by 2029, touching more than 60% of the world’s population.

As we move towards a future in which we shift more and more of our personal and professional lives into the digital world, are we really prepared for the security challenges this will bring?

This complex issue was at the heart of the second Tech Tarik Think Tank, supported by Redis and Gogopass, held recently at Bala’s Banana Leaf in Bangsar. The unconventional venue was chosen to maintain the relaxed, informal spirit of these gatherings, where IT professionals and leaders from all walks of industries can engage in candid discussions about the future of technology in a casual setting. Building on the first session which went into the real-world impact of generative AI, this gathering shifted its focus to another pressing topic: the evolving role of digital identities in our increasingly connected world.

Digital identity as a key national priority

The discussion began with a fundamental question: what exactly does “digital identity” mean in today’s world? Though interpretations may vary, the panellists agreed on the basics—it is essentially a digital footprint that encompasses everything associated with a person and ensures that they are who they say they are when transacting or engaging in activities online. As the conversation progressed, however, it became clear that the scope of digital identity extends far beyond this simple definition.

Types of static and dynamic data that shape digital identities (Source: https://redis.io/learn/howtos/solutions/fraud-detection/digital-identity-validation)

The consensus was that digitising identity is not as simple as replicating existing processes online. For instance, in Malaysia, verifying one’s identity for payment transactions or e-wallets often involves a hybrid system—where a physical ID is scanned or linked to other offline methods. While functional, this approach is fragmented and inconsistent across services.

It’s an experience that is at odds with the expectations of modern users, who are used to fast, frictionless digital interactions. Lengthy verification steps or, worse, filling in paper forms can feel like a relic of the past—one that’s becoming less and less tolerable in today’s tech-driven world.

Some participants in the discussion pointed to Estonia as an example of what a more unified system could look like. There, a centralised digital ID forms the basis for almost all aspects of daily life, and enables secure access to electronic banking, healthcare and even the ability to provide legally binding digital signatures.

Essentially, it is about providing seamless services to citizens while ensuring secure verification for both government and private organisations. For this reason, the Malaysian government’s MyDigital ID initiative was recognised as a necessary and positive step towards unifying fragmented systems into a cohesive digital ecosystem that benefits citizens.

Still, the Think Tank cautioned that execution is everything, and that there is still a long way to go to make this vision a reality here in Malaysia. Nevertheless, it is a step that must be taken.

As stated by Kenneth Loo, Redis’ Enterprise Account Executive, “One important thing to keep in mind is that as our lives straddle both physical and digital spaces, the trade-off between convenience and security is becoming increasingly precarious. Without top-notch safeguards, even the best-intentioned systems run the risk of undermining public trust and ultimately their own effectiveness”.

The promise and perils of digital identity

Beyond the immediate benefits of efficiency and access, digital identity offers nations the opportunity to unlock significant economic value. According to McKinsey, achieving full digital identity coverage could contribute between 3 and 13 percent of GDP by 2030. But why is security such a critical concern? Because this isn’t just about technology, it’s also about trust. People are surrendering deeply personal data and making themselves vulnerable to:

• Misuse if proper controls are not in place.
• Threats from system failures, data breaches and privacy violations.

As the discussion progressed, it also became clear that a “digital footprint” today is much more than just a digital ID. It encompasses everything a person does online, especially on social media. For better or worse, these digital breadcrumbs paint a picture of who someone is, often with surprising accuracy. The worrying reality is that cybercriminals are exploiting this vast data to carry out highly targeted attacks. With the growing capabilities of AI and deepfakes, threat actors can now craft remarkably convincing identities to steal and orchestrate fraud, reaching new levels of scale and precision in their schemes.

It’s no secret that the human factor remains a significant vulnerability in the cybersecurity landscape. One study found that human error is responsible for 84% of serious security incidents, and 80% of security breaches in financial services are linked to authentication flaws. The panellists shared that, anecdotally, the majority of breaches that they too have encountered, including ransomware attacks, stem from phishing, showing that humans unfortunately remain the weakest link. And AI has significantly lowered the barriers for criminals to target unsuspecting individuals.

Building a culture of security and awareness

The Think Tank were in agreement that protecting against these threats and securing digital identities requires a combination of the right tools, processes and a solid framework of checks and balances.

A significant portion of the conversation focused on the critical need to train employees well enough to recognise the threats and avoid becoming easy targets. In this sense, individual responsibility definitely matters, but the panellists stressed that leadership also has a pivotal role to play in making sure their teams take cybersecurity seriously and stay informed. Additionally, employee training should be an ongoing, up-to-date process that keeps pace with the rapidly evolving nature of threats.

While members of the Think Tank believe that effective leadership is crucial within organisations, they were quick to point out that the same sense of accountability needs to be driven from the top down in terms of government regulations.

For businesses to take digital identity security seriously, the rules need to be clear and enforced. Bank Negara, for instance, has already stepped up in the financial services industry by introducing regulations that ensure secure digital identity and risk management practices, and the experts agree that this kind of proactive approach should be extended to other sectors.

Authentication at the speed of modern business

From a purely technical perspective, the foundation of protecting digital identities lies in robust authentication systems that ensure every party in a transaction is exactly who they claim to be. And the scale is anything but small.

Kenneth Loo from Redis emphasised, “Traditional systems can no longer keep up with the speed and complexity of modern threats. Fraud attempts and identity theft don’t wait—they exploit every moment of delay. This makes real-time authentication powered by high-performance data platforms an essential investment for businesses.”

Kenneth illustrated just how demanding modern authentication has become. According to him, businesses are now expected to process complex identity data from diverse sources and formats, all while validating identities as it happens. Using Redis Enterprise to highlight the level of precision and speed required by today’s financial services organisations, he explained how such a platform could deploy machine learning risk scoring models in less than one millisecond of latency while processing hundreds of millions of read and write operations per second.

“Without the ability to process and verify data instantaneously, organisations are leaving themselves exposed to increasingly sophisticated cyber attacks,” he added.

Laying the foundation for a secure tomorrow

What the Think Tank made abundantly clear is that digital identities aren’t a question of “if” but “when”, and for many, the answer may already be “now”. The challenges are many—technical, ethical and logistical—but they all revolve around a single truth: security must be the bedrock.

Initiatives like MyDigital ID mark a pivotal moment, but they are only the opening act. How we handle this transition will shape not only the systems but also the very fabric of trust between people and technology. Whether this future becomes a success story or a cautionary tale depends on the decisions we make today.

The Think Tank reminds us that progress in this important area is not about rushing ahead, but about ensuring that every step is secure, thoughtful and sustainable.