European Identity & Cloud Conference 2014
13.05. – 16.05.2014, Munich, Germany


BYOID is Stepping Up

14.05.2014 11:00-13:00

BYOID is Stepping Up

Identity Providers are becoming recognized as an interesting source of Authentication and Identification services. While the security teams are reasonably suspicious of such new advances, the business people in may enterprises are waking up to the potential of customers and even employees and contractors bringing their own identity. Governments too are engaging in this area as the high cost of delivering citizen services is tackled in many different countries.

National Identity Initiatives Compared – Convergence or Divergence?

The presentation compares a group of national online identity initiatives against a set of wide ranging criteria,and explores their potential trajectory.

The Challenges of Third-party Identity Credentials & How a Trusted Identity Registry May Help: Example Initiatives in the UK and the US

Common law governments worldwide have begun to make commitments to adopt federated models for identity registration and credential authentication for central government services.  This approach requires close collaboration with industry to create the needed schemes or trust frameworks that organize the business, legal, and technical standards, and policies and best practices needed to succeed.

As these countries architect and deploy their identity federations it’s important that such development does not become siloed by jurisdiction.  Rather, for the successful operation of any market there needs to be trusted information sharing.  Listings—like the yellow pages—leverage data.  Directories—like the DNS—speed introductions. Exchanges—like the NASDAQ—grow markets.  Registries simplify transactions – wedding registries are an example.

Today, there are no such forums for sharing information on trusted identity.  OIX is building one.

Under the direction of the OIX Board of Directors, OIX is building OIXnet, an authoritative registry for online identity trust and a neutral exchange for sharing trusted identity data to enable global interoperability among identity federations in the commercial, non-profit, and public sectors.  The goal: a greater variety of trusted transactions at a greater velocity.

Belgian eID as Trust Generator Accross Sectors, Banking Included

Today more and more countries get involved in issuing National Online Identity schemes and solutions (e-ID). All e-Gov officials agree unanimously that this is the best way forward to implement authentication and signature for e-Gov applications in their own realm. The question whether the National e-ID schemes are fit to serve in commercial applications as a genuine business enabler gains more and more importance. This presentation is a real business case on how a government and a commercial partner in the finance industry joined forces to leverage a national eID solution. With unique wins for each partner like :

  • easier customer enrollment and verification
  • generic use of the e-ID scheme
  • use of legally binding signature
  • respect for privacy

BYOI � Making Citizen and Consumer IdM Easy using Social IDs � and Secure using Attribute Verifiers and 2FA

Self-service portals are a universal “big bet”

  • Increase customer satisfaction … Reduce operational costs
    • Retail, Utilities, Education, Credit, Insurance, Banking, Healthcare, Government

For many organizations they are a losing bet!

  • Consumers:
    • Hate creating new passwords & security questions for every site
  • Department heads, IT admins:
    • Weak & re-used passwords neuter security & privacy defenses
  • Regulators, Law enforcement, Taxpayers
    • Increased fraud losses offset operational cost savings

Augmenting BYOI can make everyone a winner

  • Consumers:
    • Hate creating new passwords & security questions for every site
    • “Bring-your-own-identity” enables logon with existing social IDs
  • Department heads, IT admins:
    • Weak & re-used passwords neuter security & privacy defenses
    • “Step-up phone 2FA” delivers user-friendly strong authentication
  • Regulators, Law enforcement. Taxpayers
    • Increased fraud losses offset operational cost savings
    • “Verified attributes” provide online identity assurance

Attribute-Based Credentials (ABCs) for Privacy-Preserving Authentication

Privacy-ABCs are the (old) newcomer in the area of identity management. Being designed to protect the privacy of consumers in the internet ecosystem they include some concepts that are worth to be reviewed by enterprise identity management practitioners.This presentation will provide a high-level background on the privacy-ABC technology and introduce two pilots that had been run during ABC4Trust project. Additional typicalprivacy-ABC scenarios will be presented and the differences to non privacy-ABC instantiations highlighted.

Seraphinite AcceleratorOptimized by Seraphinite Accelerator
Turns on site high speed to be attractive for people and search engines.