There are many aspect to one’s identity. The World Economic Forum breaks down the technical identity stack into the right layers. The layers are discussed in more detail below, somewhat proportional to the level of startup activity in each.
Attribute Collection involves the processes by which characteristic data is collected and stored and encompasses personal data stores. See also verifiable claims.
Authentication is perhaps the most crowded space within the digital identity stack. Authentication answers the questions “how do I prove who I am?” and “how do I prevent others from pretending to be me?”
Attribute Exchange involves how data is exchanged between entities and encompasses privacy-preserving methods for data exchange. Data encapsulation is one approach, which keeps data private and confidential while allowing identity verification via a protocol that enables a common source of truth. These systems can then leverage selective disclosure, whereby third parties can verify attributes without accessing the entirety of the underlying data (ie. a person is above 18 years old, a passport matches the one on file, etc.).
Authorization involves permissioning and access management. It answers the questions like “is this person allowed to enter?” or “is this person allowed to access this file?” In practice, authorization relies on authentication, and therefore solutions that operate in the authorization layer also authenticate users.
Service Delivery encompasses identity-as-a-service providers and password managers. This is the layer in which the biggest valuations, and public companies, reside. Identity-as-a-service providers abstract the complexity of authentication workflows and enable many different authentication approaches.