5 nov gsma_eema


Published on

Sharing presentation given at GSMA London offices, at the European Association for e-Identity and Security (EEMA) / Open Identity Exchange event. November 5, 2013

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • The Avoco IDP is both user-centric and privacy enabled. Underpinning the capability to scale and handle large volumes of transactions is an architecture that incorporates much of what has been learnt from social networking systems that have the ability to handle a billion identities. This avoids the limiting factors, that are prevalent in Enterprise identity systems, which have been adapted to try and deliver consumer mass market identity. Avoco offer several variants of Identity Provider Platforms. Each enables you to issue and manage online digital identities which are user centric, privacy enabled, simple to deploy in the cloud, or a local network, totally customisable and scalable to millions of users. Information Card (WS- Trust), Saml and OpenID digital identities are all supported by Avoco identity services. These services are based on an attribute/claims based architecture. The issued identities can be used with many types of credential including social network federated login, digital certificates, Mobile phone SMS text, username and password, etc. A service to issue and manage online digital identities that can then be used to access online services, secure documents and sign HTML web forms.Avoco Secure is an innovation company whose areas of focus are solutions for cloud identity, security, and privacy. Using an Avoco identity, you can access online services from iPads, mobile phones, PCs etc. in a simple, secure and easy to use way. Users can seamlessly log in and send data to online services. This is done in a secure manner that both mirrors and extends their everyday experience with social networks and webmail. Avoco solutions are user centric, enhanced by security and incorporate privacy by design.Vocalink study: Younger adults are especially likely to be mobile payment users (41% of 16 to 24 year olds), and around half of those who are not already using the service are interested in doing so.
  • 5 nov gsma_eema

    1. 1. 1  ATTRIBUTE QUALITY ASSURED AUTHENTICATION Dr. Rachel O’Connell GroovyFuture.com
    2. 2. 2 WHO AM I?  PhD online criminal activity: implications for investigative strategies  Chief Security Officer Bebo, VP AOL  Research Consultant  Oxford Internet Institute:  Effective Age Verification Techniques: Lessons to be Learnt from the Online Gambling Industry  Ctrl_Shift  A market analyst and consulting: changing personal data landscape.  Member of OIX and the GSMA’s UK Assured legal working group  Advisor to commercial organisations on both the policy requirements and business opportunities associated with digital and mobile ID  Co-founder of GroovyFuture.com.
    3. 3. 3 KEY POINTS:  Traditional data sources for ID and age verification:    Increase in the number of data sources: Tipping point   Age is simply an attribute of identity: permissioned, quality assured attributes. Age related attributes enable the following:      Artificial barriers COPPA compliance Improvements in customer acquisition and on-boarding processes Uplift in, and/or generation of new revenue streams Creation of new business development opportunities Effective compliance with consumer protection and data protection regulation Benefits to a number of business sectors including mobile operators, payment providers, retailers, platform providers, digital media producers and advertisers-
    5. 5. 5 BELOW 18 YEARS  Guarantor model - leveraged traditional data sources  Burdensome compliance cost  Little or no elevation in assurance  Open to repudiation  Privacy concerns  No viable commercial or liability models  Not scalable, absence of standards  Not an effective means to mitigate risks  Barrier to innovation  View of a child online
    6. 6. 6 EUROPEAN E-ID LANDSCAPE  Electronic ID cards exist in: Belgium, Estonia, Finland, Germany, Italy, P ortugal and Spain.  Other forms of e-ID, like citizen cards and access tokens are used in: Austria, Czech Republic, Denmark, Lithuania, Luxembourg , The Netherlands, Slovakia, Slovenia and Sweden.  17 EU countries also participate in a project called STORK which has proven that e-IDs can be safely recognised across borders. https://www.eid-stork.eu/index.php?option=com_processes&act=list_documents&s=1&Itemid=60&id=312
    7. 7. 7 PRACTICAL APPLICATIONS  Austria and Iceland enable 'Safer Chat' for 1418 year olds where users need their e-ID card to enter chat rooms for 14-18 year olds.  SaferChat has been tested as a platform for safer online communication cross borders, providing useful eID services for elearning.  Pilot can be taken as an illustration of attribute based authentication with maximum data protection.  Businesses or governmental organizations can utilise this approach, adapting it for specific purposes.  Open Source.
    8. 8. 8 Scalability/Flexibility Various National Credentials  The SaferChat pilot has proven to be very flexible in terms of scalability, both smart cards and SIM cards are used to access pilot applications.  At the outset Icelandic and Austrian credentials were supported  During pilot lifetime support for further cross border electronic identities was added (Estonia, Spain, Italy, Latvia, Luxembourg, Portugal, Slovenia and Finland).  ‘This could be done without any serious effort due to sufficiently flexible and scalable STORK project specifications’.
    9. 9. 9 STORK 2.0: AQAA  Attribute Quality Authentication Assurance (AQAA) framework  Multiple Data Sources  Business Needs /business rules  Legal Framework
    11. 11. 11 DATA SOURCES  IDaaS platform e.g. Avoco Secure, provide a user centric approach (SFA)  Academic attribute providers: SAML  International Student Card: Mobile ID (pilot project)  Banks – miicard  Payments infrastructure – Vocalink, Zapp
    12. 12. 12 DATA SOURCES  Government issued ID docs –  Secure key  OCR – ID Checker  Digital Life Data – Trulioo  Personal Data Empowerment Tools and Services  Biometrics  Traditional data bureaus and CRA’s
    13. 13. 13 BankID NORWAY  Age attributes accessible Examples of when you can use BankID:         BankAxess (a new payment service for online shopping) Log-in and payment via internet bank Change of address with the postal service Placing a bid when buying property Login on municipal websites Purchasing units in equities funds BankID can be used as an electronic proof of identity, for example logging in at a BankID user site. DOB data was originally included so students could avail of discounts.
    15. 15. 15
    16. 16. 16 BUSINESS NEEDS  COPPA 2.0 Email+  20%-40% SPAM FOLDER  Permissioned attributes  Spending limits  Diversity of product offerings  Shared devices 4.4 m - 2.7m 4.8 m
    18. 18. 18 EVOLUTION OF PARAMETERS AGE VERIFICATION: 2008 Burdensome compliance cost Little or no elevation in assurance ATTRIBUTE QUALITY ASSURED: 2013 Business enabler / return on investment Attribute Quality Authentication Assurance Open to repudiation Granular assurance / business rules Privacy concerns Privacy preserving, data minimisation principles No viable commercial or liability models Legal framework / scope for viable commercial models Trust frameworks /interoperable standards Not scalable, absence of standards Not effective personal safety risk mitigation Barrier to innovation Augments security / business risk View of children: passive, vulnerable Active participant, economic socialisation, Data Protection Act: Free market Proposed DP: Human rights, Consumer Protection Directive, Digital Agenda 2020 Foster innovation, product diversity, virtuous cycle
    19. 19. 19 AQAA:VIRTUOUS CYCLE Attribute assurance /token reuse within ecosystem Higher sales, profit margins =Return on investment Consumer satisfaction Improved service delivery Customer loyalty Customer satisfaction Regulatory compliance
    20. 20. 20 BUSINESS ENABLER  A greater variety of data sources will be accessible and permissioned, these can be cross checked and combined to meet specific business rules.  Higher levels of customer acquisition           Remote on-boarding Seamless customer experience Trust elevation – LOA’s, as per business rules Low integration costs Modular, highly configurable Scalable, viable low cost Reusable tokens UX Reputation, foster brand loyalty Challenges: Cross sectorial consensus, time frames, information security, Information security, managing the processes of accreditation, oversight, redress
    21. 21. 21  Thank You  rachel@technologist.com  Twitter: @racheloconnell  www.GroovyFuture.com
    22. 22. 22