Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Australian Payments Network - Digital Identity

194 views

Published on

Around the world a range of private and public sector organisations are focused on digital identity as a means of delivering secure and convenient services on line.

On 25 July 2017, AusPayNet hosted a visit from TD bank in Canada to learn first-hand about the opportunities and challenges inherent in rolling out a nationwide, cross-sector digital identity framework.

Speakers at the event were:
* Chuck Hounsell, Senior Vice President Payments, TD Bank
* Andre Boysen, Chief Identity Officer, SecureKey
* David G.W. Birch, Author and Consultant

Published in: Economy & Finance
  • Be the first to comment

Australian Payments Network - Digital Identity

  1. 1. www.chyp.comPlease copy and distribute@AusPayNet #DigitalID
  2. 2. www.chyp.comPlease copy and distribute01/08/20172 Digital Identity – Why Now? the opportunity for banks David G.W. Birch Director, Consult Hyperion Australia and New Zealand July 2017
  3. 3. www.chyp.comPlease copy and distribute David G.W. Birch An internationally-recognised thought leader in digital identity and digital money; Named one of the global top 15 favourite sources of business information (Wired magazine); In the London FinTech top ten (City A.M.); most influential commentators Ranked one of the top five Leaders in IDentity (Rise); One of the top ten Twitter accounts followed by innovators, along with Bill Gates and Richard Branson (PR Daily); One of the top ten most influential voices in banking (Financial Brand); Ranked Europe’s most influential commentator on emerging payments (Total Payments magazine). 3
  4. 4. www.chyp.comPlease copy and distribute Available at all good bookshops… > 4
  5. 5. www.chyp.comPlease copy and distribute Identity as a Strategy “It’s not about payment. It’s about identity” Jack Dorsey, Founder of Square and Twitter (New York Times, 22nd December 2013) 5
  6. 6. www.chyp.comPlease copy and distribute Thinking it Through 6 Section 1, Digital identity model; Section 2, Identity infrastructure architectures; Section 3, Banking sector identity imperatives; Section 4, Informed speculation about identity innovation.
  7. 7. www.chyp.comPlease copy and distribute Section 1: Understanding Identity 7 01/08/2017 What is ”digital identity”? A simple model of digital identity that shows the dynamics of the sector
  8. 8. www.chyp.comPlease copy and distribute A Three Domain Model 8
  9. 9. www.chyp.comPlease copy and distribute Identification Domain Binding a digital identity to a mundane identity is expensive 9
  10. 10. www.chyp.comPlease copy and distribute Authorisation Domain Allow me to… get on a plane 10
  11. 11. www.chyp.comPlease copy and distribute Authentication Domain Establishing the right to use an identity 11
  12. 12. www.chyp.comPlease copy and distribute Using Identities In practice, identities from each layer will be needed 12
  13. 13. www.chyp.comPlease copy and distribute Section 2: Approaches to Identity 13 01/08/2017 How can digital identity be used? Different models are emerging
  14. 14. www.chyp.comPlease copy and distribute “Transatlantic Model” UK Example 14
  15. 15. www.chyp.comPlease copy and distribute “Scandinavian Model” Norwegian Model 15
  16. 16. www.chyp.comPlease copy and distribute “Continental Model” Estonian Example 16
  17. 17. www.chyp.comPlease copy and distribute “Transpacific Model” (Perhaps…) Canadian Example 17
  18. 18. www.chyp.comPlease copy and distribute “Asian Model” Indian Example 18
  19. 19. www.chyp.comPlease copy and distribute “Web Model” Self-Sovereign (Sovrin) Example 19
  20. 20. www.chyp.comPlease copy and distribute Section 3: Why Now? 20 01/08/2017 Why should banks develop a digital identity strategy now? Regulation, of course…
  21. 21. www.chyp.comPlease copy and distribute Personal Data 21
  22. 22. www.chyp.comPlease copy and distribute PSD2 Means Business 22
  23. 23. www.chyp.comPlease copy and distribute Shifting to APIs Of course it’s a 2x2… 23
  24. 24. www.chyp.comPlease copy and distribute UK Example: Starling 24
  25. 25. www.chyp.comPlease copy and distribute Continental Example: BBVA 25
  26. 26. www.chyp.comPlease copy and distribute Continental+ Example: ItsMe 26
  27. 27. www.chyp.comPlease copy and distribute Commonwealth Example: CBA 27
  28. 28. www.chyp.comPlease copy and distribute Section 4: Where Next? 28 01/08/2017 We haven’t fixed the old ID and the new ID is here New technologies mean big changes are coming to identity
  29. 29. www.chyp.comPlease copy and distribute Internet of Things and Fintech 29
  30. 30. www.chyp.comPlease copy and distribute Blockchain and Regtech 30
  31. 31. www.chyp.comPlease copy and distribute Visit our website: http://www.chyp.com Follow us on Twitter: @chyppings Email us: info@chyp.com Read: Tomorrow's Transactions Blog Listen: Consult Hyperion Podcasts Consult Hyperion UK Tweed House, 12 The Mount Guildford, Surrey GU24HN, UK. +44 1483 301793 Consult Hyperion USA 535 Madison Avenue, 19th Floor New York, NY 10022, USA. +1 888 835 6124 Contact 01/08/201731
  32. 32. www.chyp.comPlease copy and distribute Who Are Consult Hyperion? Consult Hyperion specialises in working out the opportunities and threats which result from the harmony and collision of security, networks and transactions. We are constantly assessing these factors, as they change continuously, and delivering ideas, solutions and products to our clients 32
  33. 33. www.chyp.comPlease copy and distribute What Do We Do? We have a structured and practical approach to secure electronic transaction systems from the local to the global 33 Strategy Roadmapping Market Analysis Business Modelling Prototyping Requirements Analysis Risk Analysis System Architecture Technical Specification Procurement Support Software Development Vendor Management Project Management Certification Management Acceptance Testing Evaluation We can help clients in all phases of the product and service lifecycle, from the whiteboard scribble to the person in the street’s everyday use
  34. 34. www.chyp.comPlease copy and distribute Who do we do it For? 34 01/08/2017
  35. 35. 35©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. @AusPayNet #DigitalID
  36. 36. 36©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. Chuck Hounsell SVP of Payments, TD
  37. 37. 37©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. Banks have big challenges ▪ Open Data – Open Banking ▪ Decline in transaction revenue ▪ Increased competition ▪ Presence at transaction in decline ▪ Need to create new value ▪ How do we leverage unique position of trust with customers to make their lives easier?
  38. 38. 38©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. ▪ Account opening is hard and expensive ▪ Fraudsters keep getting better ▪ It’s a mobile first world ▪ Regulatory requirements ▪ Customers hate friction ▪ Governments driven identity models ▪ IoT creates many more attributes ▪ Consumers want more control over their data Why build a digital identity ecosystem?
  39. 39. 39©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential.
  40. 40. 40©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential.
  41. 41. 41©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. What is needed for success ▪ Must be an open ecosystem –that can onboard a world of attributes ▪ Must be commercial by design – a marketplace for attributes with market price ▪ Must set the standard for privacy and security ▪ Must work in real time ▪ Must become part of how you do many things everyday ▪ The proof will be measured in millions of dollars of friction costs eliminated and the change customers expectations for thousands of interactions
  42. 42. 42©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. Digital Identity in Canada – ecosystem required!! ANDRE BOYSEN, CIO | @igorilla SECUREKEY TECHNOLOGIES
  43. 43. 43©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential.
  44. 44. 44©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. Data Breaches 2017 Statistics from: VulnDB – Risk Based Security; Data Breach QuickView
  45. 45. 45©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. Piecemeal responses don’t work
  46. 46. 46©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. SECUREKEY RAISES $27 MILLION FROM MAJOR BANKS TO DEVELOP DIGITAL IDENTITY NETWORK
  47. 47. 47©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. Digital Assets and Destinations My Digital Asset Providers My Places to Share Open bank/ telco account Change address See my medical records Prove that I am trusted Prove age of majority
  48. 48. 48©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential.
  49. 49. 49©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential.
  50. 50. 50©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. Use Case Example – Opening a Telco Account Your device will be delivered on May 1, 2017
  51. 51. 51©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. Transform cost centre to revenue centre ▪ Silo Approach ▪ $100M call centre costs for ▪ Income verification ▪ Superannuation contribution limit ▪ Assume 10M calls ▪ Cost $10 per call ▪ Ecosystem Approach ▪ Claims loaded in to service ▪ Banks willing to pay $2.50 ▪ Better close rate ▪ Don’t have to handle paper ▪ Net Revenue $2.00 to Gov $12.00 positive cashflow
  52. 52. 52©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. Places Frictionless Identity Will Help Apply for a new banking product BANK ACCOUNT OPEN Apply for insurance Sign up for Utility or Telco service Apply for Government Benefits or programs Sign into accounts online Claim benefits Collect parcels from post office Club and memberships HEALTH CARE Log-ins BUSINESS ACCOUNTS Rent a vehicle Signup utility/telco services Collect prescription medicines Receive health care APARTMENT RENTAL Access Medical Records Share medical Records Make medical appointment Discount/Loyalty Redemption Call centre support GOVERNMENT SERVICES Proof of age Proof of residency Payroll Employee onboarding UTILITY OPEN Business Proof of control Hotel Check In Immigration Accommodation and hotel check-in Airline check-in Online bookings - Airbnb etc. Pay tax Apply for a license Voting Change of address Adoption guardian/POA Name change
  53. 53. 53©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. Use Case Example – Opening a Bank Account
  54. 54. 54©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. Find places listed by verified, trusted landlords Kijiji Use Case Example – Apartment Rental Vet prospective tenants, including credit scores and a background check, and receive applications online (416)421-3524
  55. 55. 55©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. Use Case Example – Apartment Rental (continued) Sign-up for insuranceSign your lease Pay deposit and rent View Lease Sign Contract Now Kijiji $29.67 $20,000 $5,000 View Terms & Conditions Sign-up for internet, TV
  56. 56. 56©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. Rationale for Blockchain Pros • Consumer is in the middle • Provider of Claims doesn’t know where they are shared Cons • Lots of work and Friction • Lots of Opportunity for Fraud • When parties connect directly each knows about the other Banks Governments Commerce, rentals, health social buying Utilities TRADITIONAL APPROACH
  57. 57. 57©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. Rationale for Blockchain Pros • Easier to connect Cons • Honest but Curious • Single Point of Failure • Often requires or builds honeypots of data (big fraud target) • User Tracking • Central mapping opens the data – relying on controls Banks Governments Commerce, rentals, health social buying Utilities Credential Broker CENTRAL CREDENTIAL BROKER
  58. 58. 58©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. Rationale for Blockchain Pros • No Data visible to network operator • No central database or honeypots • No central point of failure • Triple Blind – PRIVACY • Cannot track user across relying parties Cons • New - open standards needed Banks Governments Commerce, rentals, health social buying Utilities IDENTITY AND ATTRIBUTE SHARING NETWORK BUILT ON HYPERLEDGER FABRIC
  59. 59. 59©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. "You are You" with Efficiency, Privacy and Security • Putting the consumer in middle • Frictionless experiences • Strong ID Validation ✓ Multiple sources • Strong Authentication: ✓ What I know ✓ What I have ✓ What I am • Privacy first • Requires an Ecosystem
  60. 60. 60©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. @AusPayNet #DigitalID
  61. 61. Delivering a Pan-Canadian Trust Framework and Privacy by Design Principled World-Class Innovation Andre Boysen, Treasurer Jully 2017 DIACC.ca
  62. 62. Innovation Canada can be a world leader in digital innovation. We can’t afford not to be. - Hon. Bill Morneau, Minister of Finance DIACC.ca
  63. 63. 2010 Electronic Payments Task Force DIACC.ca Provide concrete, actionable advice and recommendations to Minister of Finance. • safe and efficient payments system • effective in light of new innovations
  64. 64. - Fraud + Trust - Costs + Opportunities Interoperability Canadian innovations, solutions, and services DIACC.ca DIA Framework to Grow Canada’s GDP
  65. 65. Digital ID & Authentication Council of Canada Develop a Canadian digital identification and authentication (DIA) framework 1. Identify and Develop Standards for Verifiable Interoperability 2. Promote Adoption 3. Develop Canadian IP and Workforce DIACC.ca Result of the federal government’s Payments System Task Force Non-profit coalition of public and private sector leaders Securing Canada’s full, secure, and beneficial participation the global digital economy
  66. 66. Public and Private Sector Commitment Global Digital Economy DIACC.ca Collaboration
  67. 67. Growing Coalition of Public & Private Sector Members Financial Sector Governmen t Technology Service Providers Telco, Service & Strategy
  68. 68. Interoperable Verifiable Interoperable Platform for Digital Identity DIACC.ca
  69. 69. Robust, secure, scalable01 Implement, protect, enhance Privacy by Design02 Inclusive, open, meets broad stakeholder needs03 Transparent governances and operations04 Provide Canadians choice, control, convenience05 Built on open standards-based protocol06 international standards interoperability07 Cost effective open to competitive market forces08 Able to be independently assessed, audited, subject to enforcement09 Minimum data transfer between authoritative sources, no new identity databases10 Canadian Principles for DIA
  70. 70. Verifiable Interoperability Business LegalTechnical Pan-Canadian Trust Framework - business, legal, and technical processes Canada’s full, secure, and beneficial participation in the digital economy • A foundation of high-level Canadian standards • Describes roles, services, and requirements • Governments, financial institutions, mobile network operators, service & strategy providers, software vendors • All federal, provincial, and territorial public sector service delivery leads, all public sector CIOs DIACC.ca
  71. 71. Relationship s OrganizationPerso n Strategy for Verification of… Intersection of personal and corporate identity…
  72. 72. Partnerships Share Information Securely Respecting Privacy DIACC.ca
  73. 73. Transition DIACC awarded $800k DHS S&T Silicon Valley Innovation to fund SecureKey developed project consumer-centric, privacy-enhanced system toward modern distributed privacy enhancing architectures Applied Research - Blockchain for Consumer ID ImplementDocument Explore Propel Transition
  74. 74. Transition Proof of Concept 1 – Business Problem Transition Can a simple method be established to allow a user to create a new account online that we will meet regulatory and business requirements for a bank?
  75. 75. Transition Proof of Concept 1 – Findings Transition • Developed a Proof of Concept which demonstrated how Canadian residents could open new financial accounts entirely online by leveraging new technology including, but not limited to: attribute sharing, data imaging, and radio-frequency identification (RFID) technology. • The idea is that this first Proof of Concept shall accessible enough to understand and complex enough to test the models under consideration.
  76. 76. Transition Proof of Concept 2 – Business Problem Transition Is there a way to decrease the effort and improve the experience of demonstrating proof of residency for entitlement to provincial programs?
  77. 77. Transition Proof of Concept 2 – Findings Transition • Developed a proof of concept to provide a residency check, on demand, with a reasonable level of assurance. • The residency check confirmed physical activity within a geographic area for a specified period of time by allowing users to consent to share living footprint data (from a bank or telco). • The PoC may leveraged new and existing technology and business processes and allows either the Requesting Party or the Authoritative Party to identify the individual.
  78. 78. Transition Proof of Concept 3 – Business Problem Transition The time and effort to create and maintain corporate registry information that is shared between jurisdictions (Province to Province, Province to Federal Government, Provincial Government to Municipal Government) is high. For example, adding Manitoba to the New West Partnership will create a significant amount of work and new processes and checkpoints. Is there a way to decrease the effort and improve the experience of both Corporate Registrars and business owners? Developed in collaboration considering blockchain related capabilities…
  79. 79. Transition Proof of Concept 3 – Findings Transition • Potential to assist corporate registries challenges cross jurisdictionally • Potential to modernize elements of registry systems where specific actions need recording, and providence of those actions is key • Development is iterative and will take collaboration across interested parties • Companion POC Report to be published in 2017… • Thank you - Province of British Columbia and IBM!
  80. 80. Canada’s contribution to the global market place Privacy-respecting, secure, user-centric, and convenient Public and private sectors making a substantial and sustained commitment Accelerating the establishment of a world-class and made-for- Canada digital ID platform. DIACC.ca
  81. 81. Thank you! Andre Boysen / Treasurer
  82. 82. Chuck Hounsell SVP of Payments, TD
  83. 83. Being present at the transaction creates new opportunities for payments and more • Identity events require payment capabilities to be successful • To pay for goods • Pay fees – licensing, premiums, contract driven • Set up post dated payment arrangements - lease driven, contractual • Provide large value real time options – provide higher limits • Escrow options • Provide credit options • Leverage and integrate existing payment schemes “VERIFIED PAYMENTS” will provide customers with an immediate set of choices from their FI, and deliver immediate payments to the relying party
  84. 84. VERIFIED IMMEDIATE PAYMENT SOLUTION • The customer is returned to the FI to initiate payment • The FI will provide payment options – debit account, used Creditcard, Line of credit, create new loan, utilize loyalty programs • By initiating at the FI, higher values can be made available leveraging higher authentication capabilities • The relying party receives immediate real time payment leveraging real time payment rails. • Additional capabilities are being developed to provide post dated and escrow capabilities, payment guarantees and more.
  85. 85. 85©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. @AusPayNet #DigitalID
  86. 86. Cindy Nicholson Associate Director – Financial Services Industry Innovation Optus Chuck Hounsell Senior Vice President, Payments TD Bank Group Steve Wilson Managing Director Lockstep Jo Cooper Co Founder & Managing Director Cloud Insurance Pty Limited Nigel Dobson GM Wholesale Digital Transformation ANZ PANEL DISCUSSION Topic: “Reactions from the Australian Market” Moderator: Victoria Richardson, AusPayNet @AusPayNet #DigitalID
  87. 87. 87©SecureKey Technologies Inc. All rights reserved. Proprietary and Confidential. @AusPayNet #DigitalID

×