Cartesian assesses the current state of identity management, and outlines the opportunity for trusted service providers such as MNOs, financial institutions and governments to act as “digital identity authorities”.
Balancing Security and Customer ExperienceTransUnion
Using Device Insight to Balance Fraud Prevention and Customer Experience
Today, your customer’s device has become their proxy for a large percentage of their online retail and banking activity. By using insight from those devices, you can reduce risk and ensure a smooth experience along the entire customer journey.
In this webinar, you’ll learn from Max Anhoury, our VP of Global partnerships, about:
* Today’s fraud and security trends
* What a fraud ring looks like
* The evolving online experience with EMV
* How to create frictionless security across the consumer journey
Innovation in the Digital Identity space is crucial for progress. Here’s a fact: a new identity is generated with every birth. Now consider this: by the time you finish your day today, a staggering 360,000 children will be eligible for an identity document.
Replace The Current Antiquated Credit Card SystemWarren Smith
To replace the current antiquated credit card system with origin based credit systems. Offer customers features high on protecting their Assets (identity, money)
Cartesian assesses the current state of identity management, and outlines the opportunity for trusted service providers such as MNOs, financial institutions and governments to act as “digital identity authorities”.
Balancing Security and Customer ExperienceTransUnion
Using Device Insight to Balance Fraud Prevention and Customer Experience
Today, your customer’s device has become their proxy for a large percentage of their online retail and banking activity. By using insight from those devices, you can reduce risk and ensure a smooth experience along the entire customer journey.
In this webinar, you’ll learn from Max Anhoury, our VP of Global partnerships, about:
* Today’s fraud and security trends
* What a fraud ring looks like
* The evolving online experience with EMV
* How to create frictionless security across the consumer journey
Innovation in the Digital Identity space is crucial for progress. Here’s a fact: a new identity is generated with every birth. Now consider this: by the time you finish your day today, a staggering 360,000 children will be eligible for an identity document.
Replace The Current Antiquated Credit Card SystemWarren Smith
To replace the current antiquated credit card system with origin based credit systems. Offer customers features high on protecting their Assets (identity, money)
Mobile Banking Security Risks and Consequences iovation2015TransUnion
View the recorded presentation: https://www.iovation.com/resources/webinars/mobile-banking-security-risks-consequences
Gain insight into the evolution of mobile banking and the risks that accompany this business channel.
Doubling Down Winning over your VIP Customers Webinar with iovation TransUnion
Knowing who to trust online is as critical as identifying the high-risk fraudsters—this is especially true for many gambling operators. Recent studies have shown that it costs six to seven times more to acquire a new customer than retain an existing one. Quickly identify, reward and retain your VIP customers with enticing promotions and an excellent playing experience. This will engage them more, keep them on your site longer, and increase your bottom line.
In this webinar, you will learn:
*How to help Marketing target the right audience for VIP promotions
*Ways to safely accelerate more players to VIP status
*Techniques for streamlining login to reduce friction for good players
*How to capture more devices and strengthen your fraud protection through a hybrid device recognition approach
New York - Virtual Currencies Compliance ConferenceJuan Llanos
I present my point of view on how to approach the inevitability of regulation, and how to build a risk and compliance program the smart way. Part 1 deals with the main risk areas facing non-bank financial institutions and how to identify the risks, and why focusing on the spirit of the law is important. Part 2 is about designing a program the smart way, i.e., with an engineering mindset. Part 3 is an introduction to suspicious activity detection via transaction monitoring and data analysis, leveraging the blockchain, Part 4 includes a few words of unsolicited advice (contrarian, of course) that I've followed myself to build several companies, obtain and maintain hundreds of bank accounts and pass dozens of examinations in multiple countries.
An IT manager of a multinational financial services holding company involved in investment Banking, Private Banking, and Asset Management discovered a phishing site impersonating their brand.
Learn more at https://resources.digitalshadows.com/
Verifiable Credentials for Travel & HospitalityEvernym
In this webinar, Evernym's Jamie Smith and Andrew Tobin discuss how verifiable credentials and digital wallets can reduce fraud, automate workflows, and transform customer experiences across the travel and hospitality industries.
Automate Lawsuit Filing? The Brave New World of "Anti Robocall AppsJeff Martinez
It’s easier than ever for consumers to file TCPA complaints for unwanted calls – between growing awareness and apps that let them file complaints at the touch of the button, the risk of fines is too big to ignore any longer.
Federated Authentication in SharePoint 2010André Vala
Session presented at the European SharePoint Conference 2011, about federated authentication in SharePoint 2010, using Azure ACS as an identity provider.
The importance of being human-centric instead of techno-centric is now fundamentally assessed in the context of secure digital identity for the financial services landscape.
Forward-looking banks and financial institutions are increasingly responding with resources and investments that deliver NEC’s state-of-the-art authentication methods
to meet consumer expectations. As a result, NEC’s vantage point goes far beyond cutting-edge technologies and solutions, such as integration of multimodal biometrics. Brought to you by NEC. To find out more, do visit http://www.nec.com/safety
We stand on the trifecta of digitization: automation, enhanced diligence, and robust decisioning for straight through processing; creating a state-of-the-art digitization process without compromising on security and quality.
Maximizing PayPal's New Identity Services to Create Seamless and Safe User Ex...PayPalX Developer Network
Outsourcing identity-related services—such as customer authentication—to PayPal could speed your application development, save you the hassle of dealing with password resets, and give your customers a shorter and easier path to purchases. An authentication service is just one example of the identity services we've got planned. Come learn how all of them can improve business opportunities and enhance user experiences.
apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
Identification & Authentication for Individuals with API at eIDAS Substantial Security Level
Nicolas Bigand, CTO & COO at L'identité Numérique La Poste at Groupe La Poste
Sharing presentation given at GSMA London offices, at the European Association for e-Identity and Security (EEMA) / Open Identity Exchange event. November 5, 2013
Portabl - The state of open banking, regulations, and the intersection of SSI...SSIMeetup
Complying with Know Your Customer and Anti Money Laundering regulations is hugely complicated and expensive for financial institutions, and burdensome for their customers. Nate Soffio, Co-Founder and CEO of Portabl, believes that the solution lies in secure, interoperable data - enabled by verifiable credentials. In this webinar, he explains why it is such a thorny problem, how open banking needs to evolve to more of a “tap to prove” model as organizations increasingly need continuous identity assurance, and why despite describing the task as “playing SSI on ‘hard mode’”, he believes building a “compound startup” is the best way to get the job done.
Mobile Banking Security Risks and Consequences iovation2015TransUnion
View the recorded presentation: https://www.iovation.com/resources/webinars/mobile-banking-security-risks-consequences
Gain insight into the evolution of mobile banking and the risks that accompany this business channel.
Doubling Down Winning over your VIP Customers Webinar with iovation TransUnion
Knowing who to trust online is as critical as identifying the high-risk fraudsters—this is especially true for many gambling operators. Recent studies have shown that it costs six to seven times more to acquire a new customer than retain an existing one. Quickly identify, reward and retain your VIP customers with enticing promotions and an excellent playing experience. This will engage them more, keep them on your site longer, and increase your bottom line.
In this webinar, you will learn:
*How to help Marketing target the right audience for VIP promotions
*Ways to safely accelerate more players to VIP status
*Techniques for streamlining login to reduce friction for good players
*How to capture more devices and strengthen your fraud protection through a hybrid device recognition approach
New York - Virtual Currencies Compliance ConferenceJuan Llanos
I present my point of view on how to approach the inevitability of regulation, and how to build a risk and compliance program the smart way. Part 1 deals with the main risk areas facing non-bank financial institutions and how to identify the risks, and why focusing on the spirit of the law is important. Part 2 is about designing a program the smart way, i.e., with an engineering mindset. Part 3 is an introduction to suspicious activity detection via transaction monitoring and data analysis, leveraging the blockchain, Part 4 includes a few words of unsolicited advice (contrarian, of course) that I've followed myself to build several companies, obtain and maintain hundreds of bank accounts and pass dozens of examinations in multiple countries.
An IT manager of a multinational financial services holding company involved in investment Banking, Private Banking, and Asset Management discovered a phishing site impersonating their brand.
Learn more at https://resources.digitalshadows.com/
Verifiable Credentials for Travel & HospitalityEvernym
In this webinar, Evernym's Jamie Smith and Andrew Tobin discuss how verifiable credentials and digital wallets can reduce fraud, automate workflows, and transform customer experiences across the travel and hospitality industries.
Automate Lawsuit Filing? The Brave New World of "Anti Robocall AppsJeff Martinez
It’s easier than ever for consumers to file TCPA complaints for unwanted calls – between growing awareness and apps that let them file complaints at the touch of the button, the risk of fines is too big to ignore any longer.
Federated Authentication in SharePoint 2010André Vala
Session presented at the European SharePoint Conference 2011, about federated authentication in SharePoint 2010, using Azure ACS as an identity provider.
The importance of being human-centric instead of techno-centric is now fundamentally assessed in the context of secure digital identity for the financial services landscape.
Forward-looking banks and financial institutions are increasingly responding with resources and investments that deliver NEC’s state-of-the-art authentication methods
to meet consumer expectations. As a result, NEC’s vantage point goes far beyond cutting-edge technologies and solutions, such as integration of multimodal biometrics. Brought to you by NEC. To find out more, do visit http://www.nec.com/safety
We stand on the trifecta of digitization: automation, enhanced diligence, and robust decisioning for straight through processing; creating a state-of-the-art digitization process without compromising on security and quality.
Maximizing PayPal's New Identity Services to Create Seamless and Safe User Ex...PayPalX Developer Network
Outsourcing identity-related services—such as customer authentication—to PayPal could speed your application development, save you the hassle of dealing with password resets, and give your customers a shorter and easier path to purchases. An authentication service is just one example of the identity services we've got planned. Come learn how all of them can improve business opportunities and enhance user experiences.
apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
Identification & Authentication for Individuals with API at eIDAS Substantial Security Level
Nicolas Bigand, CTO & COO at L'identité Numérique La Poste at Groupe La Poste
Sharing presentation given at GSMA London offices, at the European Association for e-Identity and Security (EEMA) / Open Identity Exchange event. November 5, 2013
Portabl - The state of open banking, regulations, and the intersection of SSI...SSIMeetup
Complying with Know Your Customer and Anti Money Laundering regulations is hugely complicated and expensive for financial institutions, and burdensome for their customers. Nate Soffio, Co-Founder and CEO of Portabl, believes that the solution lies in secure, interoperable data - enabled by verifiable credentials. In this webinar, he explains why it is such a thorny problem, how open banking needs to evolve to more of a “tap to prove” model as organizations increasingly need continuous identity assurance, and why despite describing the task as “playing SSI on ‘hard mode’”, he believes building a “compound startup” is the best way to get the job done.
A presentation on Self Sovereign Identify - jointly presented with D&B. The topic explores the concept of SSI and the evolving W3C Community proposals around DID (Digital Identity), DID Doc, DID Auth and Verifiable Credentials. Please email me if you would like more information about SSI or wish to chat with me: mohan@chainyard.com
The Essence of Online ID Verification for Enhanced User Authentication.pdfIDMERIT IDMERIT
The significance of a robust identity verification process cannot be overstated while businesses are struggling to deal with online frauds & thefts. The online transactions are growing continuously, ensuring safe and trusted user authentication becomes a mandatory concern for businesses and service providers. One key solution that takes center stage in this endeavor is online ID verification.
https://www.idmerit.com/blog/the-essence-of-online-id-verification-for-enhanced-user-authentication/
Identity Verification API The Cornerstone of Digital Trust.docxrpacpc
In the digital age, trust is the cornerstone upon which meaningful interactions and transactions are built. By leveraging the power of Identity Verification API, organizations can cultivate a trusted digital ecosystem wherein users feel confident in sharing their personal information and engaging in online activities.
An Introduction to Authentication for ApplicationsUbisecure
This whitepaper is an ideal introduction on authentication categories and their suitability to different requirements. Recommended reading to anyone who wants to get more familiar with online authentication.
Fraud Prevention Strategies to Fight First-Party Fraud and Synthetic Identity...TransUnion
We believe Gartner’s report, “The Growing Problem of Synthetic Identity and First-Party Fraud Masquerades as Credit Losses,” discusses the rise of synthetic identity and first party fraud losses being concealed as credit losses. In Part 2 of this webinar series we will explore Gartner’s recommendations and provide some real-world advice on how you can prepare your business to fight this trend.
In Part 2 of this webinar series, we’ll conclude with:
- Exploring how to battle synthetic identities and first party fraud
- Reviewing Gartner’s recommendations for building a comprehensive fraud prevention strategy
- Looking at some specific capabilities for helping to stop this type of fraud
*Gartner: Take a New Approach to Establishing and Sustaining Trust in Digital Identities, Tricia Phillips, Danny Luong, 1 March 2018.
A slide for elevator pitch during ADB Hack 2018 event.
Additional Script
-----------------------------------
CNP "card not present“ fraud is rising. CNP fraud includes telephone, internet and mail order transactions
According to a 2017 report by the US Payments Forum, the increased security of chip cards forced criminals to shift the focus of their activities to CNP transactions.6
The United States is especially vulnerable to CNP fraud, as it leads the world with the highest percentage of e-commerce sales, with 77 percent of U.S. merchants selling online.6
The Payments Forum report includes a prediction that the EMV implementation is projected to lead to an increase of CNP fraud in the U.S. from $3.1 billion in 2015 to $6.4 billion in 2018.6
-----------------------------------
Our solution has 2 parts,First is the technical part, we will build a centralize gateway, which citizen can access on bank premise. These gateway act a broker to authenticate in each nationality ID system.
-----------------------------------
The second part of the solution is the partnership strategy.
One problem that normal citizen cannot verify with their national ID before is because each national ID system have different security mechanism. India have fingerprint, Thailand have smart card, Singapore have password.
> Government responsibility is to maintain the validity of the system
> Bank provide secure infrastructure need such as Internet, Biometric Reader, Smart card reader
> Citizen and Business benefit from secure validation. In turn, bank will get access to validation reason which can be use for KYC analysis.
> Government spend less money, increase adoption rate, and ensure that identity data is updated.
-----------------------------------
Digital businesses need to establish trust between customers, suppliers, and services at massive scale, which at the core is about trust in its people, data, and systems. CIO’s running hybrid IT inclusive of the mainframe platform should consider best practices that are based on customer adoption patterns for establishing a system of digital trust leveraging blockchain and machine learning algorithms.
Verify People – How do you verify people are who they say they are?
Protect Data – How do you protect data so that your business runs securely?
Ensure Systems – How do you ensure systems are reliable and available and self healing?
To learn more on how to credibly establish and demonstrate Digital Trust, visit http://www.digitaltrust.ai/
Fool Proof: Protecting Digital Identity in the Age of the Data BreachPriyanka Aash
In the age of the data breach there are no more secrets. Name, address, date of birth and Social Security number have been the de facto identity attributes for years. But as this information has become more exposed it’s time for organizations to rethink identity proofing and take a more holistic approach to knowing who they are doing business with online.
Learning Objectives:
1: Learn why there are no more secrets.
2: Discover why we must stop relying on traditional attributes for ID proofing.
3: Learn to take a holistic view of identity proofing.
(Source: RSA Conference USA 2018)
Everyone knows that you need to provide your consumers with excellent online experiences, and that you have to do it while also protecting them against account takeovers, session hijacking and credential compromise. But very few know how to do it. Everything you do to improve the login experience for your users erodes assurance and security, right?
In this webinar, we’ll discuss Dynamic Authentication, a method of combining authentication controls in a risk-responsive, user-friendly way. You’ll learn:
* The importance of context in providing the right level of authentication for any circumstance
* The need for authentication that is continuous, throughout the user’s online journey
* How authentication tools in the consumer environment need to become complementary, supporting each other as conditions of risk or context change
We’ll discuss how device intelligence provides the risk insight that can drive authentication decisions in real time, and provide examples of customers in retail, finance and gaming verticals who are achieving this balance today.
Cuentas provides innovative mobile banking, mobility, and telecommunications solutions to underserved, unbanked, and emerging markets. The Company’s portfolio of fintech solutions meet the highest-volume services demand of the estimated 70 million underbanked and unbanked consumers in the US. ‘Underbanked’ refers to those who have limited or restricted access to banking services, due to poor credit or their international/resident status, and represent more than $1 trillion in total purchasing power.
0x01 - Newton's Third Law: Static vs. Dynamic AbusersOWASP Beja
f you offer a service on the web, odds are that someone will abuse it. Be it an API, a SaaS, a PaaS, or even a static website, someone somewhere will try to figure out a way to use it to their own needs. In this talk we'll compare measures that are effective against static attackers and how to battle a dynamic attacker who adapts to your counter-measures.
About the Speaker
===============
Diogo Sousa, Engineering Manager @ Canonical
An opinionated individual with an interest in cryptography and its intersection with secure software development.
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...Orkestra
UIIN Conference, Madrid, 27-29 May 2024
James Wilson, Orkestra and Deusto Business School
Emily Wise, Lund University
Madeline Smith, The Glasgow School of Art
Have you ever wondered how search works while visiting an e-commerce site, internal website, or searching through other types of online resources? Look no further than this informative session on the ways that taxonomies help end-users navigate the internet! Hear from taxonomists and other information professionals who have first-hand experience creating and working with taxonomies that aid in navigation, search, and discovery across a range of disciplines.
This presentation, created by Syed Faiz ul Hassan, explores the profound influence of media on public perception and behavior. It delves into the evolution of media from oral traditions to modern digital and social media platforms. Key topics include the role of media in information propagation, socialization, crisis awareness, globalization, and education. The presentation also examines media influence through agenda setting, propaganda, and manipulative techniques used by advertisers and marketers. Furthermore, it highlights the impact of surveillance enabled by media technologies on personal behavior and preferences. Through this comprehensive overview, the presentation aims to shed light on how media shapes collective consciousness and public opinion.
This presentation by Morris Kleiner (University of Minnesota), was made during the discussion “Competition and Regulation in Professions and Occupations” held at the Working Party No. 2 on Competition and Regulation on 10 June 2024. More papers and presentations on the topic can be found out at oe.cd/crps.
This presentation was uploaded with the author’s consent.
Acorn Recovery: Restore IT infra within minutesIP ServerOne
Introducing Acorn Recovery as a Service, a simple, fast, and secure managed disaster recovery (DRaaS) by IP ServerOne. A DR solution that helps restore your IT infra within minutes.
2. § Challenges
§ What is Identity?
§ Verification
§ Authentication
§ APIs, Federated Identity
§ Trust Frameworks
I D E N T I T Y A S A
B U S I N E S S E N A B L E R
3. Mobile, Cloud, and
decentralized data can
now deliver solutions
never before possible
CHALLENGES
INNOVATION
TRUST FRAMEWORKS
FUTURE COMMERCE
ON
4. W E A K I D E N T I T Y S Y S T E M S C R E AT E C H A L L E N G E S
F O R P E O P L E A N D B U S I N E S S
P E O P L E
Service exclusion,
Poor user experience
Information overexposure,
Process inefficiency to prove ID
B U S I N E S S
Inefficient service delivery,
Obscures risk profile
Fraud from stolen ID / poor auth,
Multiple checks required
S O C I E T Y
Services exclusion (financial/govt),
Incorrect service delivery
Fraudulent access to services
(medical, etc.), Inefficient
manual/paper processes require
human remediation
World Economic Forum, “A Blueprint for Identity”, 2016, p.33, available at: http://www3.weforum.org/docs/WEF_A_Blueprint_for_Digital_Identity.pdf
5. Identity is not a monolith. It is a collection of individual
attributes that describe an entity and determine the
transactions in which that entity can participate.
6. S O W H AT I S Y O U R I D E N T I T Y ?
INDIVIDUALS LEGAL ENTITIES
Age, Height, DOB,
Fingerprints
Health records,
Preferences, Behaviors
National ID numbers,
Telephone number,
Email address
Industry, Business
Business records,
Legal records
Identifying numbers,
Legal jurisdiction
Inherent Attributes –
Intrinsic to an entity
Accumulated Attributes –
Gathered or developed
over time
Assigned Attributes –
Reflects relationships
held with others
World Economic Forum, “A Blueprint for Identity”, 2016, p.41, available at: http://www3.weforum.org/docs/WEF_A_Blueprint_for_Digital_Identity.pdf
7. I D V E R I F I C AT I O N I N
F I N A N C I A L S E RV I C E S
§ Banks collect data that is available and/or
required by statute
§ The US has a risk-based approach that
puts the burden on the bank
§ Legal Entity Identifier or core data: Name,
DOB, Address, Tax ID
§ Reasonableness standard applied: Does
the bank know the true ID of its client?
§ Primary sources can include public or
private databases, or even another bank’s
KYC data for certain transactions
Strong customer authentication under PSD2, available at: https://www.taylorwessing.com/download/article-strong-customer-authentication-under-psd2.html
Bank Security Act, See: 31 CFR 1010.100(e), available at: https://www.ffiec.gov/bsa_aml_infobase/pages_manual/regulations/31CFR1010_100.pdf
FINCEN Customer Due Diligence Rules, available at: https://www.gpo.gov/fdsys/pkg/FR-2016-05-11/pdf/2016-10567.pdf
FFIEC, CIP Program Overview, available at: https://www.ffiec.gov/bsa_aml_infobase/pages_manual/olm_011.htm
8. D I G I TA L T R E N D S
I N V E R I F I C AT I O N
3L3Anti Money Laundering Task Force, available at:
https://www.eba.europa.eu/documents/10180/16166/3L3A
MLTFCompendium.pdf
Money laundering Risk: Its Not just for Banks, available at:
https://www.lw.com/thoughtLeadership/money-laundering-
risk-not-just-for-banks
Client verification is about
collecting data with little friction
and real-time checking of
multiple data sources to confirm
accuracy of the data.
9. Identity verification…
in minutes over
mobile is the new
standard.
Rules Based/IDV/Blockchain ID/Docs/KYC/Fraud. Phone/AI/ML
Blockchain Helix
KYC Chain
BlockNotary
Socure
Trulioo
Cetas Systems
Netki
Norbloc
StartupFintechMature,Client-base
Jumio
Alloy
Au10tix
Blockscore
Clear ID
Cognito
Confirm.io
Digital
Resolve
EVS
Experian
Global Identity
Identity.com
Identity Mind Idology
IDScan
LexisNexis MiiCard
Onfido
Thisisme
Veratad
Yoti
PegaSoftware
Juru
Scanovate
BEYOND KBA…
10. Trulioo Mobile solution
connects to two dozen
mobile network operators
(MNOs), covering 1.8 billion
mobile users across
the globe.
§ Mobile Network Operator data
§ Normalized API integration
§ SaaS/Web portal
§ Custom match rule configuration
§ Verification results matrix
§ Cyber data
§ Address & age verification
§ Risk mitigation
§ Automated watchlists
§ Transaction review (audits)
Trulioo instantly verifies 4.5 billion people and
250 million companies in over 60 countries
https://www.pymnts.com/mobile/2018/kyc-mobile-identity-verification-trulioo-globalgateway/
11. A U T H E N T I C AT I O N O F
V E R I F I E D I D s
§ Determine the validity of an authenticator to a
digital identity
§ Risk Based Approach: NIST recommends the
use of MFA, strong crypto, authenticated
hardware devices and biometric authentication
§ Continuous Authentication with a ‘Step-Up’
capability based on the transaction
value/content is written into law in US/EU
§ Adaptive Authentication addresses:
§ something you Have, Know, and Are
NIST Special Publication 800-63B, Digital Identity Guidelines, July 2017, available at:
https://pages.nist.gov/800-63-3/sp800-63b.html
NYS DFS Rule, available at: http://www.dfs.ny.gov/legal/regulations/adoptions/dfsrf500txt.pdf
“Adaptive Authentication”, Leadership Compass, KuppingerCole Analysis, Feb 2017, available at:
https://www.kuppingercole.com/topic/learnmore/adaptiveauth
12. Mobile, behavioral,
biometrics, and
blockchain enable
privacy/trust and
speedy transactions. BankID
Logrr
Paycasso
Auth0
EZMCom
Gemalto
Sensipass
AimBrain
Averon
BioWatch
iProov
Blockstack
Cambridge
Blockchain
Civic
CryptID
Guardtime BLT
ID.me
SecureKey
2Fa/MFA Bio/Behavioral Blockchain/AI ML
StartupFinancialPilots/ClientsEaseofUse/LargeDeployments Shocard
Uport
Airbitz
Authentify
Behaviosec
Biocatch
BioID
Credence ID
Crossmatch
Deepnet
Duo Security
Gigya
Imageware
InAuth
Keypasco
Launchkey
Msignia NuID
PingID
Shocard
Transmit Sec
Trusona
Vasco
CA
Forgerock
Secureauth
Precognitive
IBM CISMsft Azure OKTA
Centrify
veridiumID
HYPR
ID Authentication
13. CIAM MFA Biometric Behavioral/ML Blockchain Misc
CA BankID Biocatch Aimbrain Airbitz Averon (MNO)
Centrify Deepnet BioID Behaviosec Blockstack Authentify (MNO)
Crossmatch Duo Sec BioWatch InAuth CambridgeBlock Auth0 (Developer)
Forgerock EZMcom Credence Keypasco Civic
Gigya Gemalto Imageware Launchkey Idaas/CIAM
IBM CIS ID.me iProov Precognitive Guardtime
Microsoft Trusona Logrr Sensipass HYPR
OKTA Vasco Msignia Transmit Sec NuID
Ping Identity Paycasso Securekey
SecureAuth VeridiumID Shocard
Uport
T H E B R O A D E R F I N T E C H L A N D S C A P E
14. T H R E E L E A D I N G I N N O VATO R S
Contextual, behavioral biometrics company
that performs step-up authentication with an
OTP or facial/voice authentication.
Uses its Flashmark Technology to create a
one time biometric token of a facial image.
Leverages up to 2,000 device attributes
to consistently and uniquely identify.
15. O P E N B A N K I N G — A P I ’ S A N D F E D E R AT E D I D E N T I T Y
§ Railsbank, enables global banking via APIs
§ FIS Code Connect includes over 300 API’s
for banking, payments, finance
§ Additional API providers in different segments
of the financial services industry:
§ Payments gateways API providers
(Braintree, Dwolla, Stripe, Wirecard, Adyen)
§ Trading APIs (Xignite, Zerodha)
§ Remittance APIs (Uphold, PayCommerce)
§ Data aggregation APIs (Kontomatik, Fidor,
Figo)
https://letstalkpayments.com/top-banking-apis-enabling-access-to-aggregated-rich-financial-data/
https://www.fisglobal.com/about-us/media-room/news-releases/2017/launch-of-fis-code-connect-puts-fis-clients-at-forefront-of-open-api-innovation
16. F E D E R AT E D I D — B A N K S E X T E N D O U T
Application-Programing Interface enables
Capital One customers to safely connect
personal and small business credit card and
banking and financial data with Intuit.
https://www.pymnts.com/authentication/2017/capital-one-launches-digital-id-apis-for-web-kyc/
https://www.xero.com/blog/2017/05/xero-capital-one-partnership/
The Capital One API leverages oAuth
capabilities to provide Xero with
tokenized authorization to access
account information.
17. F E D E R AT E D I D – M E R C H A N T TO C O N S U M E R
DAON joins Visa ID Intelligence for Merchant authentication
https://www.daon.com/newsroom/press-releases/486-visa-selects-daon-to-provide-biometric-authentication-services-for-visa-id-intelligence-platform
FIDO Security Alliance, available at: https://fidoalliance.org/specifications/overview/
18. D E C E N T R A L I Z E D I D E N T I T Y P L AT F O R M S
Civic combines strong authentication and ID verification with attestations
from multiple sectors to establish various levels of trust.
https://www.civic.com/
19. C I V I C A R C H I T E C T U R E
https://www.civic.com/
20. T R U S T F R A M E W O R K S — F E D E R AT E D A N D S E L F S O V E R E I G N
https://www.nist.gov/news-events/news/2018/01/nist-releases-developing-trust-frameworks-support-identity-federations-nist
WORLD ECONOMIC FORUM | 2016, “A Blueprint for Identity”, p.47
21. D I G I TA L I D
T R A N S A C T I O N S
§ Financial Services: Insurance, Loans,
Mortgages, high value transactions
§ Employment: Application and screening
§ Property: Buying / selling a house, renting,
mortgage transfer
§ Age verification: Purchasing age restricted
products, gaming
§ Travel services: Booking, providing
passenger details, visas
§ Business: Registering a company or charity
§ Utilities: Switching suppliers, house moves
22. B E N E F I T S F R O M
D I G I TA L E N G A G E M E N T
§ Improved customer experience
§ Higher retention rates
§ Stronger brand
§ Personalized services
§ Differentiation
§ Faster onboarding with less friction
Digitization of services brings great benefits to
customers: immediacy and convenience,
access to new services, greater choice, and
market competitiveness.
23. P U B L I C - P R I VAT E
PA R T N E R S H I P S @ S C A L E
§ ID.me Wallet enables secure login to
U.S. Dept. of VA and over 250 retailers
§ LuxTrust SA offers nationwide trust
network using Cambridge Blockchain
§ OnGrid, the Trust platform of India is
leveraging Aadhaar biometrics
§ Gov.UK/Verify is working with certified
companies to put users first
§ Securekey Concierge provides
Canadian Gov’t services to millions
24. D I G I TA L A S S E T S A N D
D E S T I N AT I O N S E RV I C E S
Keeping what works
§ Destinations make the rules
§ Users choose what docs to present
§ Plurality of providers
§ Some privacy
§ Common business practice
Overcoming the deficiencies
§ Oversharing of data
§ Document integrity
§ Card Not Present
§ Does not work online or at call center
25. F E D E R AT E D I D E N T I T Y
N E T W O R K
Decentralized “broker model” for
identity and attribute sharing
Why Blockchain?
§ Solves the Honest but Curious Broker —
No Data visible to network operator
§ No central database or honeypots
§ No central point of failure
§ Triple Blind – PRIVACY
§ Cannot track user across relying parties
§ Scalable
§ Resiliency to DDOS
§ Immutable Audit Trails (Tx, User Consent)
26. U S E C A S E E X A M P L E — O P E N I N G A T E L C O A C C O U N T
Securekey Technologies – Andre Boysen, Chief Identity Officer
29. S E C TO R S O F I N D U S T RY A N D T H E S U P P LY C H A I N
Raw Materials Manufacturing Distribution Retailer Consumer
Primary
Sector
Extracts or
develops natural
resources such
as timber,
agriculture, oil, or
minerals.
Secondary
Sector
Makes use of
extracted primary
materials to build,
manufacture, or
develop finished
goods
Tertiary Sector
Provides the services
needed to meet the needs
of the end user. For
example, through retailing,
distribution, insurance, and
customer services.
30. S U P P LY C H A I N S E V O LV E I N TO VA L U E W E B S
31. B L O C K C H A I N A L L O W S E C O S Y S T E M D I G I T I Z AT I O N
”Digital Twins”
§ Via tokenization of
real assets
§ Data plus behavior:
Smart Contacts
§ Digital Twins interact
with each other
inside the Blockchain
§ Smart Contracts can
combine behavior of
several Digital Twins
J. Ruiz, Banco Santander
32. N AT I O N A L B L O C K C H A I N N E T W O R K
Nonprofit association, open to everyone
J. Ruiz, Banco Santander
Suppliers
Factories
Logistics Logistics Retailer
Final
product
Customer
Social networks
Usage data
Blockchain
Self-Sovereign Identity
Permissioned Privacy
Resiliency
Smart
Contract
Smart
Contract
Smart
Contract
Smart
Contract
Smart
Contract
Smart
Contract
Services developed by Alastria members
Members collaborate
on the infrastructure
Members compete on
the applications
33. N AT I O N A L B L O C K C H A I N N E T W O R K
J. Ruiz, Banco Santander
Blockchain
Self-Sovereign Identity
Permissioned Privacy
Resiliency
Smart
Contract
Smart
Contract
Smart
Contract
Smart
Contract
Smart
Contract
Smart
Contract
Services developed by Alastria members§ Public-permissioned Blockchain
platform
§ Private and public smart contracts
§ Digital identity of legal validity, based
on Self-Sovereign Identity (SSI)
model
§ Distributed and Secure Storage
architecture
§ Resilient: the platform will be
operated as a critical infrastructure
34. New “Post-Silo” World
Old World
T H E E V O L U T I O N O F D I G I TA L I D E N T I T Y
Business
Identity
Data
Silo
From the “isolated” identity
to the “sovereign” identity
Business
Identity
Data
Silo
Business
Identity
Data
Silo
Business Business Business
Identity Data Silo
Self
Sovereign
User-
Centric
FederatedCentralized
T H E E V O L U T I O N O F O N L I N E I D E N T I T Y
35. A L A S T R I A I D : L E G A L I D E N T I T Y O N T H E B L O C K C H A I N
§ Allows implementing products and services complying with Spanish (and European) regulation
§ Self Sovereign Identity (SSI), for protection and empowerment of the user
Low
Medium
High
Levels of
Assurance
Identity verification processes
(examples)
Self-attested
Based on current KYC
Notarization of DNIe
and other docs
Uses of
Alastria ID
Register in
websites
Purchase of low
value goods/services
Mortgages and other
high-value products
J. Ruiz, Banco Santander
36. F U T U R E S TAT E A P P L I C AT I O N S
P O T E N T I A L F U T U R E - S TAT E A P P L I C AT I O N S
1. Tailored
risk profiles
2. International
resettlement
3. Attributes tied to
payment tokens
4. Digital tax filing
5. Determining
total risk
exposure
6. Identifying
transaction
counterparties
7. Linked individual
identity to corporate
identity
8. Tracking
total asset re-
hypothecation
WORLD ECONOMIC FORUM | 2016, “A Blueprint for Identity”, p.95
37. L AW F I R M S A R E K E Y TO
E M E R G I N G F R A M E W O R K S
§ Smart Contract creation and monitoring to adhere to
real world contract
§ New forms of investing require compliance with SEC
§ Oversee automatic control over transfer of assets
§ Keep track of land registry / improve deed
management
§ Ensure clearing and contract disputes settlement in a
digital manner to avoid court procedures
§ Store, exchange, and control access to valuable data