Beyond Digital Identity
•Download as PPTX, PDF•
0 likes•123 views
Slides from Cheryl Stevens (DWP Digital), presenting at the Service North SIAM conference on September 12th 2019
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to Beyond Digital Identity
Similar to Beyond Digital Identity (20)
Recently uploaded
Recently uploaded (20)
Beyond Digital Identity
- 1. Beyond Digital Identity – Is orchestration of attributes the key? Cheryl Stevens @CherylJStevens
- 2. Proud Prestonian 2 Source: Wikipedia Source: @winedownpreston @CherylJStevens
- 3. Even Prouder Civil Servant Gary Barnett @thinkovation @CherylJStevens
- 4. …serving 20 million people …with 84,000 employees …running on 55 million lines of code …making 10k changes to our IT systems per year …and handling 200m calls from the public each year DWP: One of the UK’s biggest digital transformations...
- 5. Our purpose sets us apart, what we do really really matters
- 6. THIRD PARTY DELEGATED AUTHORITIES ORGANISATIONSCITIZEN Our customers – diverse needs
- 7. We have a responsibility to innovate…boldly To reduce costs to the taxpayer Improve outcomes for society To meet our customers’ ever- changing needs To stay ahead of digital trends @CherylJStevens
- 9. DWP Identity & Trust: Our Vision 9 @CherylJStevens “Digital Services are able to operate securely with proportionate, tailored Identity and Trust solutions that meet both customer and service needs, whilst ensuring that the person, the data and the transaction are protected”.
- 10. High hurdles and trust @CherylJStevens
- 11. Customer Journey – High hurdle ID Passed Transact online Success 11 ID Failed Offline route @CherylJStevens
- 13. Trust in the Session The channel is secure and we see normal interactions Trust in the Action ‘Data’ is verified, we are confident in what we are being told Trust in the Person We are confident that we are interacting with the right person Attribute based – Identity as the example @CherylJStevens
- 14. USER CHANNELS SERVICE REQUEST TRUST ENGINE MACHINE LEARNING CONTEXT WATCHLISTS DEVICE INFO USER BEHAVIOURS TRANSACTION HISTORY LOCATION INFO The transaction risk differs for each application/service – this contributes to the trust score Multi-channel business applications are decoupled from authentication INTELLIGENT AUTHENTICATION PROPORTIONATE ACCESS & ACTION Proportionate, intelligent authentication, based on trust in person, session, action, and user preferences A comprehensive real-time trust score is calculated for every transaction based on an various trust dimensions Business policies and decision management • Password • PIN • OTP • Push Notifications • Gesture request e.g. swipe • Knowledge based questions • Behavioural Biometrics • Fingerprint • Facial recognition FEEDBACK The context and outcomes of the user authentication is managed within and across sessions, to build user trust over time while increasing the accuracy of trust scoring models Achieving a low hurdle - Context, Transaction Risking & Authentication @CherylJStevens
- 15. Consent Management Information Exchange Credential Management Directory Services Change of circumstances events service Policy Services KBV Services Transaction Risking Risk Engine Behavioural Analytics Service Orchestration Service Service API Gateway Identity Verification Dynamic Trust Hub @CherylJStevens
- 16. Customer Journey – Low Hurdle with Transaction Risking ID failed or TrX risk too high Offline process 16 ID Level achieved Can we transact? Yes Success Transaction Risking ID Level achieved Can we transact? No Additional Authentication SuccessTransaction Risking @CherylJStevens
- 17. DWP Identity & Trust: Our Vision 17 @CherylJStevens “Digital Services are able to operate securely with proportionate, tailored Identity and Trust solutions that meet both customer and service needs, whilst ensuring that the person, the data and the transaction are protected”. Orchestration of attributes is the key
- 18. What you do to enable us to serve our customers really really matters. Thank you for listening. 18 @CherylJStevens
Editor's Notes
- Hi, I’m Cheryl Stevens, Head of Identity & Trust services at the Department for Work and Pensions. I’m really glad of the opportunity to talk to you all today. Its my first Service North event but, all being well in the next 45 mins, it won’t be my last. Little bit about me, I am a 20 year Civil Servant and joined on purpose I love what I do and hold the firm belief that I, we make a difference My passions are My family, holidays, Leadership, Fraud & Error prevention and Digital Identity – not necessarily in that order.
- I’m a proud Prestonian, so I thought I’d share the highlights. Apparently, it’s the cheapest place for a pint according to what I’m sure was an accurate poll by the Daily Mirror The bus station is the second largest in western Europe and was recently granted Grade 2 listed status – yes, that building in the background is Gov Finally, the best place ever – Winedown, an underground wine bar and deli where the cheese matches your chosen tipple. But – I do drink Yorkshire tea. Lancashire tea is rank.
- A friend of mine, Gary Barnett, recently compared Gov Depts to biscuits, what he was actually saying was that there is nothing that can’t be resolved over a cuppa and a biscuit. Can you guess which is which? We have the special biscuits, I don’t actually know what they taste like because my kids always pinch them – I think they would be interesting and bold and not afraid to stand out Clearly we also have secret biscuits, so secret that I can’t show them to you, in fact I haven’t seen them. Then we have the Departments with many many biscuits Lastly we have the reliable and necessarily resilient to immense dunking
- Who is DWP? One of the UK’s biggest digital transformations... serving 20 million people with 80,000 employees Our systems run on 55 million lines of code We make 10k changes to our IT systems per year And we handle 200m calls from the public each year
- Our purpose sets DWP apart, what we do really really matters, people only come to us when life has thrown them a curve ball like bereavement or separation or even an expected events like pension. We cover a lot of ground and we are here to: •Build a more prosperous society by supporting people into work and helping them to realise their potential. •Ensure financial security for disabled people and people with health conditions and pensioners •Increase every child’s opportunity to succeed by helping separated parents agree effective child maintenance arrangements and supporting families in distress to reduce parental breakdown and separation. •Transform our services and work with the devolved administrations to deliver an effective welfare system for citizens when they need it while reducing costs, and achieving value for money for taxpayers.
- Our customers - Citizen, Organisation, Third Party, Delegated Authorities Predominantly going to talk about Citizen ID & Trust today DWP also deals with organisations such as learning providers We can’t forget that not all of our customers can manage their own affairs as more services move to Digital, DWP cannot afford to exclude those who need help, often also most vulnerable Third parties such as charities or welfare organisations and Delegated access to family members for example all need a solution to enable a frictionless digital journey.
- So how do we serve such a diverse range of customers? One size fits all right? Absolutely not and that’s where proportionality is key. I’m going to spend a little time walking through how I believe we are heading into better, more proportionate services and solutions in DWP Digital that are context driven, attribute based and enabled by smart orchestration
- But why do we need to do that, have we just woken up one morning and decided to do this? No, its wholly user driven.
- Currently we have blunt solutions that fulfil a particular purpose, I’m not saying that they are not good at that particular purpose, they are but it becomes a series of high hurdles, each one separate that the customer has to get over. We know in DWP this is really problematic and they give up or fail and end up in a costly face to face situation, often when they actually need the help yesterday. I’ve talked mainly so far about customers and users, but what about services? Historically high hurdles mean single integrations which severely impacts services, but in order to move away from high hurdles we have to move to potentially more complexity for our services and let me tell you that is not a joyous conversation. So how do we solve the problem of high hurdles and complexity?
- So how do we serve such a diverse range of customers? One size fits all right? Absolutely not and that’s where proportionality is key. I’m going to spend a little time walking through how I believe we are heading into better, more proportionate services and solutions in DWP Digital that are context driven, attribute based and enabled by smart orchestration
- Talk through each one as they appear Now, as you can see in order to really achieve that secure service that I talked about at the beginning you need all of these. The key is that you don’t need them all at the same time – context based proportionality. But how?
- Continuing with the Identity example When you get under the hood, we know that it looks like this Orchestration of multiple factors to achieve trust in session, action, person Layers complexity away from services, 1 integration point Trust engine uses relevant inputs, watchlists, device, behaviour Context of action is vital Example – View Appt different to changing Bank acc Not meeting trust score shouldn’t be end What if any Auth from pantry is needed to increase trust could be KBV, OTP Achieving vision of proportionality for customers whilst building trust, reducing risk and keeping online But it still leaves the problem of integration both from a sheer volume perspective but also because as we all know technology is moving at pace so how do we make sure that we don’t get left behind and that we can switch tech in and out without the services having to change all of their processes and wraparounds.
- What it looks like for services: In order to achieve truly attribute based orchestration we have to layer the complexity away from services Answer = Automated Proportionate risk-based citizen services, orchestrated by a dynamic trust model Orchestration of continuously evolving solutions - interoperable services that are linked by common concepts, standards and purpose Real-time, automated, intelligent decisions – improved efficiency and accuracy Omni-channel Architecture for sustainable development – decoupled from front end services providing flexible configuration for different services / customer journeys with a single integration point Integrate / build on good work already done e.g. Verify continue to be part of it – improve existing capabilities + enable new ones We are referring to this new capability as the Dynamic Trust Hub (DTH) and truly believe that this is the start of an exciting chapter for Identity & Trust.
- What that looks like for customers
- But why do we need to do that, have we just woken up one morning and decided to do this? No, its wholly user driven.