A short talk for the Biometrics Congress, explaining the digital identity vision in contrast to the dead-end digitised identity vision.
Here are what people tweeted about it...
@FGQuismondo "I ain’t gonna comment about the brief keynote by @dgwbirch today, no sir, I am not going to... oh, dammit, I can’t resist it: I absolutely love this gentleman! His slide about differences between “digitized identity” and “digital identity” will be in my mind for many many time"
@rickynav "Great presentation from @dgwbirch, a strategic view on digital identity at #BiometricsCongress @BiometricsInsti . Clever and mind opening as always!
@TOC_biometrics proud member."
@seif_benmabrouk "Very interesting session #BiometricsCongress : Digital Identity vs Digitised Identity.
Thank you @BiometricsInsti"
1. www.chyp.comPlease copy and distribute19/10/20181
Digital Me, Digitised Me
a strategic view of digital identity
Biometrics Institute
London
October 2018
2. www.chyp.comPlease copy and distribute
Marshall McLuhan
In the new electric world, where everybody is
involved with everybody, where everybody is
involved in complex processes, the
old identity cards, the old means of finding
out who am I, will not work
We need to take this on board, give up trying
to digitise the old identity systems and start
building the new digital identity system we
need.
3. www.chyp.comPlease copy and distribute
Digitised–So What?
Marginal benefits: Like ApplePay vs. Contactless Card
4. www.chyp.comPlease copy and distribute
Where Next?
4
Digitised Identity Digital Identity
Nodes Edges
Static Dynamic
Single Multiple
Hierarchy Relationships
Dumb Smart
Stand-alone Interactive
Asymmetric Symmetric
5. www.chyp.comPlease copy and distribute
Digital ID Paradigm
Multiple digital identities
dave.birch#barclays.co.uk and davebirch#telefonia.com
(different private/public key pairs)
Anonymous credentials
IS_A_DOCTOR, HAS_DRIVING_LICENCE
(bound to public key and signed by self or third-parties)
Persistent unlinkable pseudonyms
no1mancityfan, dgwbirch
(unique domain identifier pointing to public key)
5
6. www.chyp.comPlease copy and distribute
Digital Identity Model
6
Digital Identity
A simple model
to aid discussion
but a model that is
rich enough for analysis
7. www.chyp.comPlease copy and distribute
Three Domain Digital ID (3DID)
Time for “digital identity” – but what is it? Time for some clear thinking.
7
9. www.chyp.comPlease copy and distribute
Creating a Persona
Hide the complexity
Create the digital ID
Create the persona
9
10. www.chyp.comPlease copy and distribute
Using a Persona
Symmetric apps…
Service provider wants
attribute
Customer chooses
persona
10
11. www.chyp.comPlease copy and distribute
Domain Persona
Loyalty and customer service
Data is the new oil
Personal data is the new
toxic waste
11
12. www.chyp.comPlease copy and distribute
Visit our website: http://www.chyp.com
Follow us on Twitter: @chyppings
Email us: info@chyp.com
Read: Tomorrow's Transactions Blog
Listen: Consult Hyperion Podcasts
Consult Hyperion UK
Tweed House, 12 The Mount
Guildford, Surrey GU24HN, UK.
+44 1483 301793
Consult Hyperion USA
535 Madison Avenue, 19th Floor
New York, NY 10022, USA.
+1 888 835 6124
Contact
19/10/201812
13. www.chyp.comPlease copy and distribute
Who Are Consult Hyperion?
Consult Hyperion specialises in working out the
opportunities and threats which result from the
harmony and collision of security, networks and
transactions.
We are constantly assessing these factors, as they
change continuously, and delivering ideas, solutions
and products to our clients
13
14. www.chyp.comPlease copy and distribute
What Do They Do?
We have a structured and practical approach to
secure electronic transaction systems from the
local to the global
14
Strategy
Roadmapping
Market Analysis
Business Modelling
Prototyping
Requirements Analysis
Risk Analysis
System Architecture
Technical Specification
Procurement Support
Software Development
Vendor Management
Project Management
Certification Management
Acceptance Testing
Evaluation
We can help clients in all phases of the product and service lifecycle, from the whiteboard scribble to
the person in the street’s everyday use
All the things you are
The number of proposed biometric technologies increases daily. Starting with the well-established fingerprint systems to the more esoteric such as ear geometry (commonly left by listeners at crime scenes in Switzerland, apparently), gait (the way you walk) and body odour. How should you go about deciding the most appropriate technology for any given application?
Biometric technologies are useful means of identifying people against databases or verifying that they are who they say they are. A small number of technologies are good at the former function (e.g. iris and fingerprint) whereas many are capable of verification against a biometric template stored on a token such as a smart card or travel document.
There are many different applications for these two functions within UK government such as:
Verifying that a document holder is the legitimate document holder by matching them against a biometric held within the document.
Preventing duplicate applications for documents by searching against the database of currently issued documents.
Preventing people holding different identities on different systems (e.g. Driving License vs Passport) by sharing and cross-checking biometric data.
Ensuring that only legitimate members of staff have access to secure areas and systems.
The complexity of the individual requirements of each application coupled with the speed of advance of biometric technologies means that there is no single best biometric for all applications.
All the things you are
The number of proposed biometric technologies increases daily. Starting with the well-established fingerprint systems to the more esoteric such as ear geometry (commonly left by listeners at crime scenes in Switzerland, apparently), gait (the way you walk) and body odour. How should you go about deciding the most appropriate technology for any given application?
Biometric technologies are useful means of identifying people against databases or verifying that they are who they say they are. A small number of technologies are good at the former function (e.g. iris and fingerprint) whereas many are capable of verification against a biometric template stored on a token such as a smart card or travel document.
There are many different applications for these two functions within UK government such as:
Verifying that a document holder is the legitimate document holder by matching them against a biometric held within the document.
Preventing duplicate applications for documents by searching against the database of currently issued documents.
Preventing people holding different identities on different systems (e.g. Driving License vs Passport) by sharing and cross-checking biometric data.
Ensuring that only legitimate members of staff have access to secure areas and systems.
The complexity of the individual requirements of each application coupled with the speed of advance of biometric technologies means that there is no single best biometric for all applications.
All the things you are
The number of proposed biometric technologies increases daily. Starting with the well-established fingerprint systems to the more esoteric such as ear geometry (commonly left by listeners at crime scenes in Switzerland, apparently), gait (the way you walk) and body odour. How should you go about deciding the most appropriate technology for any given application?
Biometric technologies are useful means of identifying people against databases or verifying that they are who they say they are. A small number of technologies are good at the former function (e.g. iris and fingerprint) whereas many are capable of verification against a biometric template stored on a token such as a smart card or travel document.
There are many different applications for these two functions within UK government such as:
Verifying that a document holder is the legitimate document holder by matching them against a biometric held within the document.
Preventing duplicate applications for documents by searching against the database of currently issued documents.
Preventing people holding different identities on different systems (e.g. Driving License vs Passport) by sharing and cross-checking biometric data.
Ensuring that only legitimate members of staff have access to secure areas and systems.
The complexity of the individual requirements of each application coupled with the speed of advance of biometric technologies means that there is no single best biometric for all applications.