SlideShare a Scribd company logo

Can Blockchain Enable Identity Management?

Priyanka Aash
Priyanka Aash

Blockchain continues to gain traction in the market place as a compelling solution for making identity and access management (IAM) more cost effective by harnessing the power of distributed members in order to “crowdsource” identity services. This session will review an attempt to prove this hypothesis through a proof-of-concept (POC) built for a not-for-profit healthcare consortium. Learning Objectives: 1: Learn what blockchain is and how it can help solve problems within IAM. 2: Understand the intended end-state and key players in the blockchain identity ecosystem. 3: Learn about the key elements and lessons learned from this POC. (Source: RSA Conference USA 2018)

Technology
1 of 22
Download to read offline
SESSION ID: #RSAC Kurt Lieber CAN BLOCKCHAIN ENABLE IDENTITY MANAGEMENT? IDY-R12 VP, CISO of IT Infrastructure Aetna Prakash Sundaresan Chief Technical Officer Trusted Key
#RSAC What we are hearing about IdenIty 1. A poor user experience ResulIng from the need for mulIple credenIals and enrollments when a member: •  Makes an appointment (Payer/Provider) •  Sees a physician (Provider) •  Files claims (Payer) •  Picks up a prescripIon (Pharma, other ecosystem partners) 3. Dependence on for-profit enJJes for idenJty-proofing services IdenIty-proofing services in the market today are provided by a few commercial enIIes who can charge a premium price due to the lack of compeIIon. This results in implied trust and “unchecked power” which may sIfle innovaIon and increase health care costs for the member. 4. Provider credenJaling is repeJJve and Jme- consuming The credenIaling process (e.g., requests for medical transcripts, state licenses, background check) is repeated each Ime a provider: •  Joins a new facility as part of a float pool •  Moves to a different health system 2. DuplicaJve IAM efforts and infrastructure costs NH-ISAC working group and other partners in the health ecosystem each maintain their own idenIty infrastructure (and bear the associated costs). Leading to: Increased costs 2
#RSAC Example: A member has to manage separate idenIIes and NH-ISAC consorIum partners have to manage separate IAM infrastructure Provider Care delivery CollecIons Compliance Customer service Denials or referrals PaIent access PaIent engagement Telemedicine Payer Billing and premium Care management Claims Compliance Customer service Membership management Plan or product management Provider networks Other ecosystem partners Pharma, regulatory, retail and telecom. PaIent portals Mobile Wearables Benefits and claims portal Social media Implantables Self- service Sensors and monitors Care coordinaIon Member 1. A member uses different credenIals across the digital health life cycle. 2. A member provides personal informaIon mulIple Imes 3. Payers, providers, other partners (collecIve NH-ISAC consorIum partners) maintain separate IAM infrastructure 3
#RSAC A DAY IN THE LIFE OF A MEMBER
#RSAC “Day in the life” of a member video
#RSAC Our vision: Shared idenIty Users: members (B2C) and providers (B2E) ConIngent workers Business partners/ vendors Employees Customers Devices Own Relying parJes: Providers, Payers, Partners (NH-ISAC consorJum members) Access administraIon IdenIty data services Access enforcement Use Proofers: Providers, Pharmacy, etc. Data exchange vendors Government agencies Health payer/providers (incl. NH-ISAC) Vet Document verificaIon apps Portable idenJty “Vet once, use many” Users own a portable idenIty which is accepted across the health ecosystem. Proofers vet abributes of a user increasing the fidelity of a user’s trust score over Ime. Relying parIes use the portable idenIty to make access decisions. 6
#RSAC The NH-ISAC Portable ID… Is an idenIty for members or providers Aims to improve the user experience and lower health care costs through efficiency gains Is built on open standards (e.g., NIST 800-63) Has a non-profit moJve where the working group: —  Establishes governance, leading pracIces and guidelines —  Collaborates with other standard bodies (e.g., SAFE Biopharma), privacy working groups —  Shares the cost of infrastructure Is in proof-of-concept stage Is a supplement to exisIng IAM infrastructure 7
#RSAC What it is NOT Meant to store Personal Health InformaIon (PHI). A replacement for electronic medical records (EMR). A replacement for industry frameworks (e.g., SAFE Bio-pharma Trust Framework, NIST). A replacement for exisIng individual NH-ISAC consorIum IDs (e.g., Aetna ID, CVS ID etc.). A replacement for all exisIng IAM infrastructure. Set in stone. This is a proof-of-concept and we are conInually incorporaIng feedback from the field. Meant to exist in a silo. IntegraIon with other standards bodies, idenIty working groups is key. 8
#RSAC An example of how the POC would work On day 1 and ongoing basis FirstName LastName DLN (High trust level if selfie verified) DOB Address Trust Level Portable idenJty (blockchain) 2. Providers verify a user (on day 1 and during regular touch points with members) 1. Member performs iniIal idenIty capture and form fill (with web form if needed) AbestaIons of abributes Verified idenIty Blockchain-based ledger Scan driver’s license and (take selfie for facial recogniJon) IdenIty requestor and exisIng IAM infrastructure (NH-ISAC relying parIes) Complete web form (import IDs from NHISAC partners as appropriate) Verify last name Verify DOB Verify addiIonal abributes Acquired user abributes 9
#RSAC TECHNICAL DEMO
#RSAC IntroducIon – How will the member get the app? •  Mobile friendly •  Something that will always be carried with the member •  Discoverable through app stores •  Member to be made aware of the app during the insurance enrollment process 11
Day 1 - Member Enrollment
#RSAC On Day 1 - Enrollment •  Seamless enrollment on Day 1 by: •  ImporIng exisIng IDs with NH-ISAC partners •  Form fill thru driver’s license scan •  Trust Level 1 verificaIon with self asserted abributes •  Trust Level 2 with remote driver’s license verificaIon 13
Going to the provider
#RSAC When going to the provider •  “Passwordless” login through biometrics (e.g., FaceID) •  Easy check-in at provider’s office by QR code scan •  Similar to a mobile boarding pass 15
#RSAC Wearable check-in – for those with their hands full… •  Added convenience without having to reach for your phone 16
Checking the member in
#RSAC Provider’s perspecIve – whattherecepIonistattheproviderdoes… •  Provider has a companion app in the office •  On an iPad •  Provider verifies the ID concurrently with check-in •  Trust Level 3 – in-person verificaIon with provider •  Usage / asserIon history can be used by insurance provider for proofing (opIonal) 18
#RSAC Can Blockchain enable IdenIty? – Sniff Test 19 Are the answers to any of these “Yes”? Portability Are there mulIple parIes that could benefit from sharing idenIty data? Can we enhance the user experience by enabling a single idenIty at different places? Cost Savings Is there a duplicaIon of idenIty infrastructure across the ecosystem? Is there a reliance on commercial enIIes for proofing services? Persistence Is the use case "write once - read many"?
#RSAC Lessons Learned 20 Driving adopIon from stakeholders is key, non-profit moIves help Maturity of blockchain tools are sIll evolving Front-end, UI/UX design is key: The end-user should not know that Blockchain was used Don’t try to change consumer behavior PHI should not be put on the blockchain (tough sell) Co-existence with IAM tools is necessary
#RSAC Apply What You Have Learned Today 21 IdenIty + Blockchain = Portability Enable digital trust across untrusted parIes. Decentralized, sovereign, immutable fabric IdenIty Management plaporms (e.g., AuthN, authZ, directory)
#RSAC Apply What You Have Learned Today 22 Next week you should: IdenIfy idenIty issues related to portability, duplicaIon and costly proofing In the first three months following this presentaIon you should: Summarize your idenIty pain points, interested business partners Explore a proof-of-concept Socialize the vision with key sponsors, customers and gauge interest Within six months you should: Expand the proof-of-concept to other business partners Conduct a roadshow at industry consorIums to drive awareness and adopIon

Recommended

User & Mobile Centric Identity
User & Mobile Centric IdentityUser & Mobile Centric Identity
User & Mobile Centric Identitywegdam
 
Identity federation & user centric identity
Identity federation & user centric identityIdentity federation & user centric identity
Identity federation & user centric identitywegdam
 
Session 7 e_raja_kailar
Session 7 e_raja_kailarSession 7 e_raja_kailar
Session 7 e_raja_kailarHai Nguyen
 
Identity Management
Identity ManagementIdentity Management
Identity ManagementVenkatesh Jambulingam
 
Sp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideSp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideHai Nguyen
 
FirstNet ICAM
FirstNet ICAMFirstNet ICAM
FirstNet ICAMAdam Lewis
 
Access management
Access managementAccess management
Access managementVenkatesh Jambulingam
 
Securing corporate assets_with_2_fa
Securing corporate assets_with_2_faSecuring corporate assets_with_2_fa
Securing corporate assets_with_2_faHai Nguyen
 

Recommended

User & Mobile Centric Identity
User & Mobile Centric IdentityUser & Mobile Centric Identity
User & Mobile Centric Identitywegdam
 
Identity federation & user centric identity
Identity federation & user centric identityIdentity federation & user centric identity
Identity federation & user centric identitywegdam
 
Session 7 e_raja_kailar
Session 7 e_raja_kailarSession 7 e_raja_kailar
Session 7 e_raja_kailarHai Nguyen
 
Identity Management
Identity ManagementIdentity Management
Identity ManagementVenkatesh Jambulingam
 
Sp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideSp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideHai Nguyen
 
FirstNet ICAM
FirstNet ICAMFirstNet ICAM
FirstNet ICAMAdam Lewis
 
Access management
Access managementAccess management
Access managementVenkatesh Jambulingam
 
Securing corporate assets_with_2_fa
Securing corporate assets_with_2_faSecuring corporate assets_with_2_fa
Securing corporate assets_with_2_faHai Nguyen
 
Identity as a Matter of Public Safety
Identity as a Matter of Public SafetyIdentity as a Matter of Public Safety
Identity as a Matter of Public SafetyAdam Lewis
 
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
317c0cdb 81da-40f9-84f2-1c5fba2f4b2dP2PSystem
 
The Road to Identity 2.0
The Road to Identity 2.0The Road to Identity 2.0
The Road to Identity 2.0Adam Lewis
 
Kerberos-PKI-Federated identity
Kerberos-PKI-Federated identityKerberos-PKI-Federated identity
Kerberos-PKI-Federated identityWAFAA AL SALMAN
 
Pg 2 fa_tech_brief
Pg 2 fa_tech_briefPg 2 fa_tech_brief
Pg 2 fa_tech_briefHai Nguyen
 
76 s201923
76 s20192376 s201923
76 s201923IJRAT
 
Federated Identity Architectures Integrating With The Cloud
Federated Identity Architectures Integrating With The CloudFederated Identity Architectures Integrating With The Cloud
Federated Identity Architectures Integrating With The Cloudrsnarayanan
 
Authentication and Authorization Models
Authentication and Authorization ModelsAuthentication and Authorization Models
Authentication and Authorization ModelsCSCJournals
 
Government Citizen ID using Java Card Platform
Government Citizen ID using Java Card PlatformGovernment Citizen ID using Java Card Platform
Government Citizen ID using Java Card PlatformRamesh Nagappan
 
End-to-End Identity Management
End-to-End Identity ManagementEnd-to-End Identity Management
End-to-End Identity ManagementWSO2
 
Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authorityKrutiShah114
 
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)Pace IT at Edmonds Community College
 
M-Pass: Web Authentication Protocol
M-Pass: Web Authentication ProtocolM-Pass: Web Authentication Protocol
M-Pass: Web Authentication ProtocolIJERD Editor
 
Kantara - Consent & Information Sharing WG Update
Kantara - Consent & Information Sharing WG UpdateKantara - Consent & Information Sharing WG Update
Kantara - Consent & Information Sharing WG Updatekantarainitiative
 
Authentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationAuthentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationSylvain Maret
 
Patterns and Antipatterns in Enterprise Security
Patterns and Antipatterns in Enterprise SecurityPatterns and Antipatterns in Enterprise Security
Patterns and Antipatterns in Enterprise SecurityWSO2
 
Identity Federation on JBossAS
Identity Federation on JBossASIdentity Federation on JBossAS
Identity Federation on JBossASRoger CARHUATOCTO
 
The day when role based access control disappears
The day when role based access control disappearsThe day when role based access control disappears
The day when role based access control disappearsUlf Mattsson
 
Smart card kantara pids presentation grey
Smart card kantara pids presentation greySmart card kantara pids presentation grey
Smart card kantara pids presentation greyDan Combs
 
Biometric Trends for 2017 Webinar
Biometric Trends for 2017 WebinarBiometric Trends for 2017 Webinar
Biometric Trends for 2017 WebinarVeridium
 
Identity as a Service
Identity as a ServiceIdentity as a Service
Identity as a ServicePrabath Siriwardena
 
International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)International Journal of Engineering Inventions www.ijeijournal.com
 

More Related Content

What's hot

Identity as a Matter of Public Safety
Identity as a Matter of Public SafetyIdentity as a Matter of Public Safety
Identity as a Matter of Public SafetyAdam Lewis
 
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
317c0cdb 81da-40f9-84f2-1c5fba2f4b2dP2PSystem
 
The Road to Identity 2.0
The Road to Identity 2.0The Road to Identity 2.0
The Road to Identity 2.0Adam Lewis
 
Kerberos-PKI-Federated identity
Kerberos-PKI-Federated identityKerberos-PKI-Federated identity
Kerberos-PKI-Federated identityWAFAA AL SALMAN
 
Pg 2 fa_tech_brief
Pg 2 fa_tech_briefPg 2 fa_tech_brief
Pg 2 fa_tech_briefHai Nguyen
 
76 s201923
76 s20192376 s201923
76 s201923IJRAT
 
Federated Identity Architectures Integrating With The Cloud
Federated Identity Architectures Integrating With The CloudFederated Identity Architectures Integrating With The Cloud
Federated Identity Architectures Integrating With The Cloudrsnarayanan
 
Authentication and Authorization Models
Authentication and Authorization ModelsAuthentication and Authorization Models
Authentication and Authorization ModelsCSCJournals
 
Government Citizen ID using Java Card Platform
Government Citizen ID using Java Card PlatformGovernment Citizen ID using Java Card Platform
Government Citizen ID using Java Card PlatformRamesh Nagappan
 
End-to-End Identity Management
End-to-End Identity ManagementEnd-to-End Identity Management
End-to-End Identity ManagementWSO2
 
Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authorityKrutiShah114
 
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)Pace IT at Edmonds Community College
 
M-Pass: Web Authentication Protocol
M-Pass: Web Authentication ProtocolM-Pass: Web Authentication Protocol
M-Pass: Web Authentication ProtocolIJERD Editor
 
Kantara - Consent & Information Sharing WG Update
Kantara - Consent & Information Sharing WG UpdateKantara - Consent & Information Sharing WG Update
Kantara - Consent & Information Sharing WG Updatekantarainitiative
 
Authentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationAuthentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationSylvain Maret
 
Patterns and Antipatterns in Enterprise Security
Patterns and Antipatterns in Enterprise SecurityPatterns and Antipatterns in Enterprise Security
Patterns and Antipatterns in Enterprise SecurityWSO2
 
Identity Federation on JBossAS
Identity Federation on JBossASIdentity Federation on JBossAS
Identity Federation on JBossASRoger CARHUATOCTO
 
The day when role based access control disappears
The day when role based access control disappearsThe day when role based access control disappears
The day when role based access control disappearsUlf Mattsson
 
Smart card kantara pids presentation grey
Smart card kantara pids presentation greySmart card kantara pids presentation grey
Smart card kantara pids presentation greyDan Combs
 
Biometric Trends for 2017 Webinar
Biometric Trends for 2017 WebinarBiometric Trends for 2017 Webinar
Biometric Trends for 2017 WebinarVeridium
 

What's hot (20)

Identity as a Matter of Public Safety
Identity as a Matter of Public SafetyIdentity as a Matter of Public Safety
Identity as a Matter of Public Safety
 
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
317c0cdb 81da-40f9-84f2-1c5fba2f4b2d
 
The Road to Identity 2.0
The Road to Identity 2.0The Road to Identity 2.0
The Road to Identity 2.0
 
Kerberos-PKI-Federated identity
Kerberos-PKI-Federated identityKerberos-PKI-Federated identity
Kerberos-PKI-Federated identity
 
Pg 2 fa_tech_brief
Pg 2 fa_tech_briefPg 2 fa_tech_brief
Pg 2 fa_tech_brief
 
76 s201923
76 s20192376 s201923
76 s201923
 
Federated Identity Architectures Integrating With The Cloud
Federated Identity Architectures Integrating With The CloudFederated Identity Architectures Integrating With The Cloud
Federated Identity Architectures Integrating With The Cloud
 
Authentication and Authorization Models
Authentication and Authorization ModelsAuthentication and Authorization Models
Authentication and Authorization Models
 
Government Citizen ID using Java Card Platform
Government Citizen ID using Java Card PlatformGovernment Citizen ID using Java Card Platform
Government Citizen ID using Java Card Platform
 
End-to-End Identity Management
End-to-End Identity ManagementEnd-to-End Identity Management
End-to-End Identity Management
 
Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authority
 
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
 
M-Pass: Web Authentication Protocol
M-Pass: Web Authentication ProtocolM-Pass: Web Authentication Protocol
M-Pass: Web Authentication Protocol
 
Kantara - Consent & Information Sharing WG Update
Kantara - Consent & Information Sharing WG UpdateKantara - Consent & Information Sharing WG Update
Kantara - Consent & Information Sharing WG Update
 
Authentication and strong authentication for Web Application
Authentication and strong authentication for Web ApplicationAuthentication and strong authentication for Web Application
Authentication and strong authentication for Web Application
 
Patterns and Antipatterns in Enterprise Security
Patterns and Antipatterns in Enterprise SecurityPatterns and Antipatterns in Enterprise Security
Patterns and Antipatterns in Enterprise Security
 
Identity Federation on JBossAS
Identity Federation on JBossASIdentity Federation on JBossAS
Identity Federation on JBossAS
 
The day when role based access control disappears
The day when role based access control disappearsThe day when role based access control disappears
The day when role based access control disappears
 
Smart card kantara pids presentation grey
Smart card kantara pids presentation greySmart card kantara pids presentation grey
Smart card kantara pids presentation grey
 
Biometric Trends for 2017 Webinar
Biometric Trends for 2017 WebinarBiometric Trends for 2017 Webinar
Biometric Trends for 2017 Webinar
 

Similar to Can Blockchain Enable Identity Management?

Nikhil wagholikar _risk_based_penetration_testing - ClubHack2009
Nikhil wagholikar _risk_based_penetration_testing - ClubHack2009Nikhil wagholikar _risk_based_penetration_testing - ClubHack2009
Nikhil wagholikar _risk_based_penetration_testing - ClubHack2009ClubHack
 
An Introduction to Authentication for Applications
An Introduction to Authentication for ApplicationsAn Introduction to Authentication for Applications
An Introduction to Authentication for ApplicationsUbisecure
 
#MFSummit2016 Secure: Mind the gap strengthening the information security model
#MFSummit2016 Secure: Mind the gap strengthening the information security model#MFSummit2016 Secure: Mind the gap strengthening the information security model
#MFSummit2016 Secure: Mind the gap strengthening the information security modelMicro Focus
 
Fool Proof: Protecting Digital Identity in the Age of the Data Breach
Fool Proof: Protecting Digital Identity in the Age of the Data BreachFool Proof: Protecting Digital Identity in the Age of the Data Breach
Fool Proof: Protecting Digital Identity in the Age of the Data BreachPriyanka Aash
 
CIS13: NSTIC Update and Reports from Pilots
CIS13: NSTIC Update and Reports from PilotsCIS13: NSTIC Update and Reports from Pilots
CIS13: NSTIC Update and Reports from PilotsCloudIDSummit
 
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...IRJET Journal
 
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Andrew Hughes
 
Understanding Identity Management and Security.
Understanding Identity Management and Security.Understanding Identity Management and Security.
Understanding Identity Management and Security.Chinatu Uzuegbu
 
A Simplified Guide to the Evolution of Authentication!
A Simplified Guide to the Evolution of Authentication!A Simplified Guide to the Evolution of Authentication!
A Simplified Guide to the Evolution of Authentication!Caroline Johnson
 
Shaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital IdentityShaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital IdentityNoreen Whysel
 
Smart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldSmart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldKatherine Cola
 
CIS 2015- User-centric Privacy of Identity- Jenn Behrens
CIS 2015- User-centric Privacy of Identity- Jenn BehrensCIS 2015- User-centric Privacy of Identity- Jenn Behrens
CIS 2015- User-centric Privacy of Identity- Jenn BehrensCloudIDSummit
 

Similar to Can Blockchain Enable Identity Management? (20)

Identity as a Service
Identity as a ServiceIdentity as a Service
Identity as a Service
 
International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)
 
Nikhil wagholikar _risk_based_penetration_testing - ClubHack2009
Nikhil wagholikar _risk_based_penetration_testing - ClubHack2009Nikhil wagholikar _risk_based_penetration_testing - ClubHack2009
Nikhil wagholikar _risk_based_penetration_testing - ClubHack2009
 
An Introduction to Authentication for Applications
An Introduction to Authentication for ApplicationsAn Introduction to Authentication for Applications
An Introduction to Authentication for Applications
 
#MFSummit2016 Secure: Mind the gap strengthening the information security model
#MFSummit2016 Secure: Mind the gap strengthening the information security model#MFSummit2016 Secure: Mind the gap strengthening the information security model
#MFSummit2016 Secure: Mind the gap strengthening the information security model
 
PCI-DSS for IDRBT
PCI-DSS for IDRBTPCI-DSS for IDRBT
PCI-DSS for IDRBT
 
Fool Proof: Protecting Digital Identity in the Age of the Data Breach
Fool Proof: Protecting Digital Identity in the Age of the Data BreachFool Proof: Protecting Digital Identity in the Age of the Data Breach
Fool Proof: Protecting Digital Identity in the Age of the Data Breach
 
CIS13: NSTIC Update and Reports from Pilots
CIS13: NSTIC Update and Reports from PilotsCIS13: NSTIC Update and Reports from Pilots
CIS13: NSTIC Update and Reports from Pilots
 
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
 
Compliance & Identity access management
Compliance & Identity access management Compliance & Identity access management
Compliance & Identity access management
 
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
 
Understanding Identity Management and Security.
Understanding Identity Management and Security.Understanding Identity Management and Security.
Understanding Identity Management and Security.
 
A Simplified Guide to the Evolution of Authentication!
A Simplified Guide to the Evolution of Authentication!A Simplified Guide to the Evolution of Authentication!
A Simplified Guide to the Evolution of Authentication!
 
Defining Enterprise Identity Management
Defining Enterprise Identity ManagementDefining Enterprise Identity Management
Defining Enterprise Identity Management
 
Shaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital IdentityShaping the Future of Trusted Digital Identity
Shaping the Future of Trusted Digital Identity
 
Smart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldSmart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud World
 
Aggregation Platforms-White Paper
Aggregation Platforms-White PaperAggregation Platforms-White Paper
Aggregation Platforms-White Paper
 
SWXG 2010.6.9 v2
SWXG 2010.6.9 v2SWXG 2010.6.9 v2
SWXG 2010.6.9 v2
 
CIS 2015- User-centric Privacy of Identity- Jenn Behrens
CIS 2015- User-centric Privacy of Identity- Jenn BehrensCIS 2015- User-centric Privacy of Identity- Jenn Behrens
CIS 2015- User-centric Privacy of Identity- Jenn Behrens
 
180926 ihan webinar 2
180926 ihan webinar 2180926 ihan webinar 2
180926 ihan webinar 2
 

More from Priyanka Aash

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfPriyanka Aash
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfPriyanka Aash
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfPriyanka Aash
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfPriyanka Aash
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfPriyanka Aash
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfPriyanka Aash
 
Cyber Crisis Management.pdf
Cyber Crisis Management.pdfCyber Crisis Management.pdf
Cyber Crisis Management.pdfPriyanka Aash
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfPriyanka Aash
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfPriyanka Aash
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfPriyanka Aash
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldPriyanka Aash
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksPriyanka Aash
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Priyanka Aash
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Priyanka Aash
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Priyanka Aash
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsPriyanka Aash
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 

More from Priyanka Aash (20)

Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
 
Verizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdfVerizon Breach Investigation Report (VBIR).pdf
Verizon Breach Investigation Report (VBIR).pdf
 
Top 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdfTop 10 Security Risks .pptx.pdf
Top 10 Security Risks .pptx.pdf
 
Simplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdfSimplifying data privacy and protection.pdf
Simplifying data privacy and protection.pdf
 
Generative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdfGenerative AI and Security (1).pptx.pdf
Generative AI and Security (1).pptx.pdf
 
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdfEVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
 
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdfCyber Truths_Are you Prepared version 1.1.pptx.pdf
Cyber Truths_Are you Prepared version 1.1.pptx.pdf
 
Cyber Crisis Management.pdf
Cyber Crisis Management.pdfCyber Crisis Management.pdf
Cyber Crisis Management.pdf
 
CISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdfCISOPlatform journey.pptx.pdf
CISOPlatform journey.pptx.pdf
 
Chennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdfChennai Chapter.pptx.pdf
Chennai Chapter.pptx.pdf
 
Cloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdfCloud attack vectors_Moshe.pdf
Cloud attack vectors_Moshe.pdf
 
Stories From The Web 3 Battlefield
Stories From The Web 3 BattlefieldStories From The Web 3 Battlefield
Stories From The Web 3 Battlefield
 
Lessons Learned From Ransomware Attacks
Lessons Learned From Ransomware AttacksLessons Learned From Ransomware Attacks
Lessons Learned From Ransomware Attacks
 
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
Emerging New Threats And Top CISO Priorities In 2022 (Chennai)
 
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)
 
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 

Recently uploaded

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 

Recently uploaded (20)

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 

Can Blockchain Enable Identity Management?

  • 1. SESSION ID: #RSAC Kurt Lieber CAN BLOCKCHAIN ENABLE IDENTITY MANAGEMENT? IDY-R12 VP, CISO of IT Infrastructure Aetna Prakash Sundaresan Chief Technical Officer Trusted Key
  • 2. #RSAC What we are hearing about IdenIty 1. A poor user experience ResulIng from the need for mulIple credenIals and enrollments when a member: •  Makes an appointment (Payer/Provider) •  Sees a physician (Provider) •  Files claims (Payer) •  Picks up a prescripIon (Pharma, other ecosystem partners) 3. Dependence on for-profit enJJes for idenJty-proofing services IdenIty-proofing services in the market today are provided by a few commercial enIIes who can charge a premium price due to the lack of compeIIon. This results in implied trust and “unchecked power” which may sIfle innovaIon and increase health care costs for the member. 4. Provider credenJaling is repeJJve and Jme- consuming The credenIaling process (e.g., requests for medical transcripts, state licenses, background check) is repeated each Ime a provider: •  Joins a new facility as part of a float pool •  Moves to a different health system 2. DuplicaJve IAM efforts and infrastructure costs NH-ISAC working group and other partners in the health ecosystem each maintain their own idenIty infrastructure (and bear the associated costs). Leading to: Increased costs 2
  • 3. #RSAC Example: A member has to manage separate idenIIes and NH-ISAC consorIum partners have to manage separate IAM infrastructure Provider Care delivery CollecIons Compliance Customer service Denials or referrals PaIent access PaIent engagement Telemedicine Payer Billing and premium Care management Claims Compliance Customer service Membership management Plan or product management Provider networks Other ecosystem partners Pharma, regulatory, retail and telecom. PaIent portals Mobile Wearables Benefits and claims portal Social media Implantables Self- service Sensors and monitors Care coordinaIon Member 1. A member uses different credenIals across the digital health life cycle. 2. A member provides personal informaIon mulIple Imes 3. Payers, providers, other partners (collecIve NH-ISAC consorIum partners) maintain separate IAM infrastructure 3
  • 4. #RSAC A DAY IN THE LIFE OF A MEMBER
  • 5. #RSAC “Day in the life” of a member video
  • 6. #RSAC Our vision: Shared idenIty Users: members (B2C) and providers (B2E) ConIngent workers Business partners/ vendors Employees Customers Devices Own Relying parJes: Providers, Payers, Partners (NH-ISAC consorJum members) Access administraIon IdenIty data services Access enforcement Use Proofers: Providers, Pharmacy, etc. Data exchange vendors Government agencies Health payer/providers (incl. NH-ISAC) Vet Document verificaIon apps Portable idenJty “Vet once, use many” Users own a portable idenIty which is accepted across the health ecosystem. Proofers vet abributes of a user increasing the fidelity of a user’s trust score over Ime. Relying parIes use the portable idenIty to make access decisions. 6
  • 7. #RSAC The NH-ISAC Portable ID… Is an idenIty for members or providers Aims to improve the user experience and lower health care costs through efficiency gains Is built on open standards (e.g., NIST 800-63) Has a non-profit moJve where the working group: —  Establishes governance, leading pracIces and guidelines —  Collaborates with other standard bodies (e.g., SAFE Biopharma), privacy working groups —  Shares the cost of infrastructure Is in proof-of-concept stage Is a supplement to exisIng IAM infrastructure 7
  • 8. #RSAC What it is NOT Meant to store Personal Health InformaIon (PHI). A replacement for electronic medical records (EMR). A replacement for industry frameworks (e.g., SAFE Bio-pharma Trust Framework, NIST). A replacement for exisIng individual NH-ISAC consorIum IDs (e.g., Aetna ID, CVS ID etc.). A replacement for all exisIng IAM infrastructure. Set in stone. This is a proof-of-concept and we are conInually incorporaIng feedback from the field. Meant to exist in a silo. IntegraIon with other standards bodies, idenIty working groups is key. 8
  • 9. #RSAC An example of how the POC would work On day 1 and ongoing basis FirstName LastName DLN (High trust level if selfie verified) DOB Address Trust Level Portable idenJty (blockchain) 2. Providers verify a user (on day 1 and during regular touch points with members) 1. Member performs iniIal idenIty capture and form fill (with web form if needed) AbestaIons of abributes Verified idenIty Blockchain-based ledger Scan driver’s license and (take selfie for facial recogniJon) IdenIty requestor and exisIng IAM infrastructure (NH-ISAC relying parIes) Complete web form (import IDs from NHISAC partners as appropriate) Verify last name Verify DOB Verify addiIonal abributes Acquired user abributes 9
  • 11. #RSAC IntroducIon – How will the member get the app? •  Mobile friendly •  Something that will always be carried with the member •  Discoverable through app stores •  Member to be made aware of the app during the insurance enrollment process 11
  • 12. Day 1 - Member Enrollment
  • 13. #RSAC On Day 1 - Enrollment •  Seamless enrollment on Day 1 by: •  ImporIng exisIng IDs with NH-ISAC partners •  Form fill thru driver’s license scan •  Trust Level 1 verificaIon with self asserted abributes •  Trust Level 2 with remote driver’s license verificaIon 13
  • 14. Going to the provider
  • 15. #RSAC When going to the provider •  “Passwordless” login through biometrics (e.g., FaceID) •  Easy check-in at provider’s office by QR code scan •  Similar to a mobile boarding pass 15
  • 16. #RSAC Wearable check-in – for those with their hands full… •  Added convenience without having to reach for your phone 16
  • 18. #RSAC Provider’s perspecIve – whattherecepIonistattheproviderdoes… •  Provider has a companion app in the office •  On an iPad •  Provider verifies the ID concurrently with check-in •  Trust Level 3 – in-person verificaIon with provider •  Usage / asserIon history can be used by insurance provider for proofing (opIonal) 18
  • 19. #RSAC Can Blockchain enable IdenIty? – Sniff Test 19 Are the answers to any of these “Yes”? Portability Are there mulIple parIes that could benefit from sharing idenIty data? Can we enhance the user experience by enabling a single idenIty at different places? Cost Savings Is there a duplicaIon of idenIty infrastructure across the ecosystem? Is there a reliance on commercial enIIes for proofing services? Persistence Is the use case "write once - read many"?
  • 20. #RSAC Lessons Learned 20 Driving adopIon from stakeholders is key, non-profit moIves help Maturity of blockchain tools are sIll evolving Front-end, UI/UX design is key: The end-user should not know that Blockchain was used Don’t try to change consumer behavior PHI should not be put on the blockchain (tough sell) Co-existence with IAM tools is necessary
  • 21. #RSAC Apply What You Have Learned Today 21 IdenIty + Blockchain = Portability Enable digital trust across untrusted parIes. Decentralized, sovereign, immutable fabric IdenIty Management plaporms (e.g., AuthN, authZ, directory)
  • 22. #RSAC Apply What You Have Learned Today 22 Next week you should: IdenIfy idenIty issues related to portability, duplicaIon and costly proofing In the first three months following this presentaIon you should: Summarize your idenIty pain points, interested business partners Explore a proof-of-concept Socialize the vision with key sponsors, customers and gauge interest Within six months you should: Expand the proof-of-concept to other business partners Conduct a roadshow at industry consorIums to drive awareness and adopIon