This webinar discussed the process for becoming approved as conformant with NIST 800-63-3 under Kantara's Identity Assurance Framework. It covered an overview of the approval process, what is assessed in accordance with NIST 800-63-3, the role of third party assessors, the role of the Assurance Review Board in reviewing applications, and how approval can help organizations and impact the market. Representatives from Kantara, a third party assessor, and ID.me discussed their perspectives on the approval process.
This webinar discussed the process for becoming approved as conformant with NIST 800-63-3 under Kantara Initiative. It covered an overview of Kantara's Identity Assurance Framework and approval process, which involves an independent third-party assessment, ARB review, and board ratification. Representatives from assessment companies and identity providers discussed their roles in assessments and how approval helps organizations. The webinar provided information on what is assessed under each part of NIST 800-63-3 and best practices for the assessment process.
This document provides an overview of the Entity Authentication Assurance Framework (EEAF), which specifies four levels of assurance (LoAs) for entity authentication over open networks. The EEAF is based on NIST SP 800-63 and includes a five step process for implementation. It covers the phases, actors, threats and controls related to credential management, enrollment and authentication. Trust framework operators and credential service providers are responsible for establishing criteria and assessing compliance for the specified LoAs.
An update on the status, progress and activities of the Kantara Initiative. Overview of our Trust Framework offerings, our governance and how our programs develop. We provide a neutral forum for industry, business, governments and communities to meet to drive their Identity Management Project, Standards and Programs forward!
Kantara Initiative is the premier US ICAM Trust Framework provider. We're very international, liaising with ISO and ITU-T as well as others. We love to collaborate. We draw on representatives from many sectors and all over the world. Bring us your IdM project and we'll bring you our solid membership and governance!
The Realities of Residential EvaluationsCarl Streck
Do you know when you need an evaluation vs. an appraisal and who can complete both reports? Get the answers you need to know now with MountainSeed's most recent webinar slides.
The document discusses online trust and how some businesses are able to inspire consumer confidence. It provides eBay as a case study, outlining the ways eBay builds confidence through authoritative sources, experiential sources, ability, motivation, trust management, and risk transfer. These same trust enabling principles can be applied to both online and offline contexts to improve levels of trust.
This webinar discussed the process for becoming approved as conformant with NIST 800-63-3 under Kantara Initiative. It covered an overview of Kantara's Identity Assurance Framework and approval process, which involves an independent third-party assessment, ARB review, and board ratification. Representatives from assessment companies and identity providers discussed their roles in assessments and how approval helps organizations. The webinar provided information on what is assessed under each part of NIST 800-63-3 and best practices for the assessment process.
This document provides an overview of the Entity Authentication Assurance Framework (EEAF), which specifies four levels of assurance (LoAs) for entity authentication over open networks. The EEAF is based on NIST SP 800-63 and includes a five step process for implementation. It covers the phases, actors, threats and controls related to credential management, enrollment and authentication. Trust framework operators and credential service providers are responsible for establishing criteria and assessing compliance for the specified LoAs.
An update on the status, progress and activities of the Kantara Initiative. Overview of our Trust Framework offerings, our governance and how our programs develop. We provide a neutral forum for industry, business, governments and communities to meet to drive their Identity Management Project, Standards and Programs forward!
Kantara Initiative is the premier US ICAM Trust Framework provider. We're very international, liaising with ISO and ITU-T as well as others. We love to collaborate. We draw on representatives from many sectors and all over the world. Bring us your IdM project and we'll bring you our solid membership and governance!
The Realities of Residential EvaluationsCarl Streck
Do you know when you need an evaluation vs. an appraisal and who can complete both reports? Get the answers you need to know now with MountainSeed's most recent webinar slides.
The document discusses online trust and how some businesses are able to inspire consumer confidence. It provides eBay as a case study, outlining the ways eBay builds confidence through authoritative sources, experiential sources, ability, motivation, trust management, and risk transfer. These same trust enabling principles can be applied to both online and offline contexts to improve levels of trust.
Secrets for Successful Regulatory Compliance ProjectsChristopher Foot
This document provides information about an upcoming webinar on regulatory compliance best practices presented by RDX and MegaplanIT. The webinar will cover an overview of regulatory standards like PCI DSS and AICPA SOC assessments. It will discuss MegaplanIT's PCI assessment approach and RDX's best practices for maintaining compliance. Presenters will include Michael Vitolo from MegaplanIT and Chris Foot from RDX.
The document summarizes the work of the OASIS Trust Elevation Technical Committee, which aims to define standardized methods for service providers to increase the level of trust in an electronic identity during authentication. The committee has completed cataloging existing trust elevation methods and is analyzing them to determine their ability to elevate assurance levels. Future phases will establish a trust elevation protocol. The document outlines five categories of trust elevation methods and provides examples of existing methods.
Investigating Stockbrokers and Financial Advisers was originally held April 9, 2014.
Learn whether stockbrokers or investment advisers have run afoul of regulators or been the subject of customer complaints.
This one-hour webinar will guide you, step-by-step, through the FINRA BrokerCheck database and the SEC’s Investment Adviser registration database, which contain records on 1.3 million current and former professionals.
You’ll also learn how state securities regulators police the industry and how to obtain results of their investigations for your stories. Reporters can conduct this research for free on any computer with an Internet connection; no special software or database knowledge is needed.
WHAT YOU WILL LEARN
Find regulatory penalties and employment history of stockbrokers and investment advisers using free databases.
Understand how the SEC, state regulators and industry regulatory groups supervise Wall Street, and how to get your hands on their findings.
Decode regulator-speak and find key “red flags” in these filings, such as “10b5” fraud and unsuitable investment cases.
YOUR INSTRUCTOR
Rob Wells is a lecturer at the Philip Merrill College of Journalism at the University of Maryland and a former Reynolds Visiting Professor in Business Journalism at the University of South Carolina. A former SEC beat reporter, Wells used the FINRA and SEC databases in an extensive computer-assisted reporting project.
For more information about training for journalists, please visit http://businessjournalism.org.
A presentation about the Kantara Identity Assurance Trust Framework Program. Kantara is THE organization to Accredit and Certify Levels 1,2 and 3 non-crypto Assurance.
CSP and LegalTech in Leeds hosted an event on Thursday 9th February 2023. This event discussed ‘Data and Cyber Security’ to help the Legal sector be more aware, protected and secure.
Scott Rea - IoT: Taking PKI Where No PKI Has Gone BeforeDigiCert, Inc.
Scott Rea presented on using PKI for IoT. PKI traditionally establishes trust between previously unknown parties on a network by binding identities to cryptographic keys through certificates issued by a trusted certification authority. However, PKI faces challenges for IoT where device attributes like ownership and location may frequently change, requiring dynamic authorization instead of long-term identity certificates. Separating identity from dynamic authorization through a linked but separate mechanism could provide more efficient management of trust as devices and their attributes change over time in IoT networks.
Ethics: Real Life Application of the AICPA Code of Professional ConductMcKonly & Asbury, LLP
This webinar focuses on specific ethical examples related to both public accounting and industry. There is also a discussion on key points in the AICPA Code of Professional Conduct and their application to our daily responsibilities.
WSO2 provides an open source cloud platform and removes barriers to enterprise agility. It focuses on business logic and value. This document discusses governance and security patterns for service-oriented architectures. It covers why SOA is used, what governance is, and security requirements and patterns. Security patterns allow identifying and authenticating users, authorizing access, and using protocols like OAuth for delegation. The document provides examples and implementations of patterns for requirements like role-based access control, claim-based authorization, and constrained delegation.
CIS13: NSTIC Update and Reports from PilotsCloudIDSummit
Jeremy Grant, Senior Executive Advisor, Identity Management, NIST (US Government)
Cathy Tilton, VP of Standards & Technology, Daon
Hear the “State of the NSTIC” from the head of the US Government’s NSTIC National Program Office detailing progress made toward implementing the Strategy through partnership with the private sector. Then, learn about the first of three NSTIC pilots, as Daon discusses its efforts to deploy smartphone-based multi-factor authentication with several major commercial partners.
How Cloud-Based Service Providers Can Integrate Strong Identity and SecurityGlobalSign
Our Chief Product Officer, Lila Kee spoke at Cloud Computing Expo in New York.
The talk is about how cloud-based service providers must build security and trust into their offerings. It is imperative that as these cloud-based service providers make identity, security, and privacy easy for their customers as customers become more reliant on these offerings. The slides include the best practices for cloud-based service providers and how a superior user experience that is backed by security features will enable business growth and reduce customer churn.
You can find out more in our webinar: https://www.globalsign.com/en/lp/webinar-the-business-advantages-of-ssl-as-a-service/
This document discusses three common appraisal compliance challenges and how Mercury Network software can help address them:
1. Ensuring appraiser independence by automating the vendor selection process to prevent bias and maintain independence.
2. Conducting proper due diligence on appraisers and vendors by tracking their performance, easily replacing underperforming vendors, and maintaining their profiles with regular license and insurance checks.
3. Compliantly delivering appraisals to borrowers by sending documents securely and with appropriate disclosures to prove delivery and comply with electronic disclosure laws.
ControlCase CSO, Kishor Vaswani, and HITRUST VP of Adoption, Mike Parisi take a deep dive into HITRUST.
This webinar covers the basics of HITRUST and introduces the new updates including; HITRUST Basic Assessment, HITRUST i1 Validated Assessment and HITRUST R2 Validated Assessment.
The webinar agenda includes the following:
- What is HITRUST
- What is HITRUST CSF?
- What are the HITRUST Implementation levels?
- What are the HITRUST Domains?
- What is a HITRUST Report?
- What is the HITRUST bC Assessment
- What is the HITRUST I1 Assessment?
- What is the HITRUST r2 Assessment?
- What can go wrong with a HITRUST Assessment?
- ControlCase methodology for HITRUST Compliance
Explore the Implicit Requirements of the NERC CIP RSAWsEnergySec
Regulated entities should consider the RSAW templates when preparing evidence of compliance with the NERC CIP Standards. There are a number of implicit requirements in CIP v5 which an entity needs to fulfill to be compliant, which are not specifically identified in the actual requirements.
In this webinar, our experts will discuss such implicit requirements. Key learning's from this session would be:
RSAW format
Implicit requirements of CIP RSAWs
Leveraging technology for RSAW management
This document provides information about Alcumus, a market leader in management system certification and compliance risk management services. It details Alcumus' experience and focus on innovation to support customers. Key facts are provided about Alcumus ISOQAR, their UK certification body, including their size, growth rate, and audit capabilities across various standards. Customer logos and testimonials demonstrate the breadth of Alcumus' customer base. The document outlines Alcumus' service offerings including certification, software solutions, training and more.
MSP Sales Tactic | Using Kaseya to Perform an IT Network Assessment to Win Ne...David Castro
MSP sales tips and techniques. How to use Kaseya to perform an IT network assessment as an effective sales prospecting tool. Topics include how to create a sales pitch for using IT network assessments, what types of network information to gather, and how to analyze the data. Also discussed are tips on how to use Kaseya as the technology that enables this sales tactic, how to prepare for the client meeting to be ready to answer questions - and objections. See a sample Report of Findings and learn how to use the summary report to convert the prospect to a new MSP client.
How to work with a vendor during an audit & what not to do – is there such a ...Martin Thompson
How to work with a vendor during an audit & what not to do – is there such a thing as a win win audit?: Brian Ross, Veritas (ITAM Review US Annual Conference 2016)
20230717 ARMA Canada How to Select the Right IM Certifications for You.pptxJesse Wilkins
This presentation, delivered on July 17, 2023, at the ARMA Canada Information Conference, compared and contrasted the various IM and IM-adjacent certifications. Attendees also learned how to determine the right certification for them based on their career goals.
Slide deck from Webinar 11/07/18 introducing the Third Party Network, shared-evidence network concept and how it can support the maturity of Third Party risk management programs.
IMPERATIVES OF STANDARDS AND PROFESSIONALISM OF IDENTITY VERIFICATION Jelani....Abdulkadir Jelani Abubakar
This document discusses the importance of standardization and professionalism in the identity verification and background check industry in Nigeria. It outlines some key standards relevant to the sector, including ISO 27001 on information security management and ISO 9001 on quality management. It notes that while several private and public sector players have emerged in Nigeria to provide these services, regulation and certification are needed to ensure high standards and protect stakeholders. The Standards Organisation of Nigeria (SON) can help by developing relevant standards, providing training and certification, and facilitating collaboration across the industry. Overall standardization is important to make the industry more effective and protect it from mediocrity.
The Kantara Initiative held its annual general members meeting on December 7, 2022. The agenda included organizational updates on DEI initiatives, membership growth, and revisions to organizational bylaws. Reports were provided on the Assurance Program, UK Certification Program, and various working groups. Candidates for election to the board of directors were also introduced. The meeting concluded with closing remarks.
The document provides an agenda and overview for the Kantara Initiative Annual General Member Meeting. The agenda includes welcome remarks from the executive director and board president, organizational updates on bylaws changes and the 2022 budget and fee structure, and reports from the assurance program chair and leadership council chair. It also includes an introduction of board director candidates and a wrap up from the executive director.
More Related Content
Similar to Kantara webinar 800 63-3 approval 2020-07-15
Secrets for Successful Regulatory Compliance ProjectsChristopher Foot
This document provides information about an upcoming webinar on regulatory compliance best practices presented by RDX and MegaplanIT. The webinar will cover an overview of regulatory standards like PCI DSS and AICPA SOC assessments. It will discuss MegaplanIT's PCI assessment approach and RDX's best practices for maintaining compliance. Presenters will include Michael Vitolo from MegaplanIT and Chris Foot from RDX.
The document summarizes the work of the OASIS Trust Elevation Technical Committee, which aims to define standardized methods for service providers to increase the level of trust in an electronic identity during authentication. The committee has completed cataloging existing trust elevation methods and is analyzing them to determine their ability to elevate assurance levels. Future phases will establish a trust elevation protocol. The document outlines five categories of trust elevation methods and provides examples of existing methods.
Investigating Stockbrokers and Financial Advisers was originally held April 9, 2014.
Learn whether stockbrokers or investment advisers have run afoul of regulators or been the subject of customer complaints.
This one-hour webinar will guide you, step-by-step, through the FINRA BrokerCheck database and the SEC’s Investment Adviser registration database, which contain records on 1.3 million current and former professionals.
You’ll also learn how state securities regulators police the industry and how to obtain results of their investigations for your stories. Reporters can conduct this research for free on any computer with an Internet connection; no special software or database knowledge is needed.
WHAT YOU WILL LEARN
Find regulatory penalties and employment history of stockbrokers and investment advisers using free databases.
Understand how the SEC, state regulators and industry regulatory groups supervise Wall Street, and how to get your hands on their findings.
Decode regulator-speak and find key “red flags” in these filings, such as “10b5” fraud and unsuitable investment cases.
YOUR INSTRUCTOR
Rob Wells is a lecturer at the Philip Merrill College of Journalism at the University of Maryland and a former Reynolds Visiting Professor in Business Journalism at the University of South Carolina. A former SEC beat reporter, Wells used the FINRA and SEC databases in an extensive computer-assisted reporting project.
For more information about training for journalists, please visit http://businessjournalism.org.
A presentation about the Kantara Identity Assurance Trust Framework Program. Kantara is THE organization to Accredit and Certify Levels 1,2 and 3 non-crypto Assurance.
CSP and LegalTech in Leeds hosted an event on Thursday 9th February 2023. This event discussed ‘Data and Cyber Security’ to help the Legal sector be more aware, protected and secure.
Scott Rea - IoT: Taking PKI Where No PKI Has Gone BeforeDigiCert, Inc.
Scott Rea presented on using PKI for IoT. PKI traditionally establishes trust between previously unknown parties on a network by binding identities to cryptographic keys through certificates issued by a trusted certification authority. However, PKI faces challenges for IoT where device attributes like ownership and location may frequently change, requiring dynamic authorization instead of long-term identity certificates. Separating identity from dynamic authorization through a linked but separate mechanism could provide more efficient management of trust as devices and their attributes change over time in IoT networks.
Ethics: Real Life Application of the AICPA Code of Professional ConductMcKonly & Asbury, LLP
This webinar focuses on specific ethical examples related to both public accounting and industry. There is also a discussion on key points in the AICPA Code of Professional Conduct and their application to our daily responsibilities.
WSO2 provides an open source cloud platform and removes barriers to enterprise agility. It focuses on business logic and value. This document discusses governance and security patterns for service-oriented architectures. It covers why SOA is used, what governance is, and security requirements and patterns. Security patterns allow identifying and authenticating users, authorizing access, and using protocols like OAuth for delegation. The document provides examples and implementations of patterns for requirements like role-based access control, claim-based authorization, and constrained delegation.
CIS13: NSTIC Update and Reports from PilotsCloudIDSummit
Jeremy Grant, Senior Executive Advisor, Identity Management, NIST (US Government)
Cathy Tilton, VP of Standards & Technology, Daon
Hear the “State of the NSTIC” from the head of the US Government’s NSTIC National Program Office detailing progress made toward implementing the Strategy through partnership with the private sector. Then, learn about the first of three NSTIC pilots, as Daon discusses its efforts to deploy smartphone-based multi-factor authentication with several major commercial partners.
How Cloud-Based Service Providers Can Integrate Strong Identity and SecurityGlobalSign
Our Chief Product Officer, Lila Kee spoke at Cloud Computing Expo in New York.
The talk is about how cloud-based service providers must build security and trust into their offerings. It is imperative that as these cloud-based service providers make identity, security, and privacy easy for their customers as customers become more reliant on these offerings. The slides include the best practices for cloud-based service providers and how a superior user experience that is backed by security features will enable business growth and reduce customer churn.
You can find out more in our webinar: https://www.globalsign.com/en/lp/webinar-the-business-advantages-of-ssl-as-a-service/
This document discusses three common appraisal compliance challenges and how Mercury Network software can help address them:
1. Ensuring appraiser independence by automating the vendor selection process to prevent bias and maintain independence.
2. Conducting proper due diligence on appraisers and vendors by tracking their performance, easily replacing underperforming vendors, and maintaining their profiles with regular license and insurance checks.
3. Compliantly delivering appraisals to borrowers by sending documents securely and with appropriate disclosures to prove delivery and comply with electronic disclosure laws.
ControlCase CSO, Kishor Vaswani, and HITRUST VP of Adoption, Mike Parisi take a deep dive into HITRUST.
This webinar covers the basics of HITRUST and introduces the new updates including; HITRUST Basic Assessment, HITRUST i1 Validated Assessment and HITRUST R2 Validated Assessment.
The webinar agenda includes the following:
- What is HITRUST
- What is HITRUST CSF?
- What are the HITRUST Implementation levels?
- What are the HITRUST Domains?
- What is a HITRUST Report?
- What is the HITRUST bC Assessment
- What is the HITRUST I1 Assessment?
- What is the HITRUST r2 Assessment?
- What can go wrong with a HITRUST Assessment?
- ControlCase methodology for HITRUST Compliance
Explore the Implicit Requirements of the NERC CIP RSAWsEnergySec
Regulated entities should consider the RSAW templates when preparing evidence of compliance with the NERC CIP Standards. There are a number of implicit requirements in CIP v5 which an entity needs to fulfill to be compliant, which are not specifically identified in the actual requirements.
In this webinar, our experts will discuss such implicit requirements. Key learning's from this session would be:
RSAW format
Implicit requirements of CIP RSAWs
Leveraging technology for RSAW management
This document provides information about Alcumus, a market leader in management system certification and compliance risk management services. It details Alcumus' experience and focus on innovation to support customers. Key facts are provided about Alcumus ISOQAR, their UK certification body, including their size, growth rate, and audit capabilities across various standards. Customer logos and testimonials demonstrate the breadth of Alcumus' customer base. The document outlines Alcumus' service offerings including certification, software solutions, training and more.
MSP Sales Tactic | Using Kaseya to Perform an IT Network Assessment to Win Ne...David Castro
MSP sales tips and techniques. How to use Kaseya to perform an IT network assessment as an effective sales prospecting tool. Topics include how to create a sales pitch for using IT network assessments, what types of network information to gather, and how to analyze the data. Also discussed are tips on how to use Kaseya as the technology that enables this sales tactic, how to prepare for the client meeting to be ready to answer questions - and objections. See a sample Report of Findings and learn how to use the summary report to convert the prospect to a new MSP client.
How to work with a vendor during an audit & what not to do – is there such a ...Martin Thompson
How to work with a vendor during an audit & what not to do – is there such a thing as a win win audit?: Brian Ross, Veritas (ITAM Review US Annual Conference 2016)
20230717 ARMA Canada How to Select the Right IM Certifications for You.pptxJesse Wilkins
This presentation, delivered on July 17, 2023, at the ARMA Canada Information Conference, compared and contrasted the various IM and IM-adjacent certifications. Attendees also learned how to determine the right certification for them based on their career goals.
Slide deck from Webinar 11/07/18 introducing the Third Party Network, shared-evidence network concept and how it can support the maturity of Third Party risk management programs.
IMPERATIVES OF STANDARDS AND PROFESSIONALISM OF IDENTITY VERIFICATION Jelani....Abdulkadir Jelani Abubakar
This document discusses the importance of standardization and professionalism in the identity verification and background check industry in Nigeria. It outlines some key standards relevant to the sector, including ISO 27001 on information security management and ISO 9001 on quality management. It notes that while several private and public sector players have emerged in Nigeria to provide these services, regulation and certification are needed to ensure high standards and protect stakeholders. The Standards Organisation of Nigeria (SON) can help by developing relevant standards, providing training and certification, and facilitating collaboration across the industry. Overall standardization is important to make the industry more effective and protect it from mediocrity.
Similar to Kantara webinar 800 63-3 approval 2020-07-15 (20)
The Kantara Initiative held its annual general members meeting on December 7, 2022. The agenda included organizational updates on DEI initiatives, membership growth, and revisions to organizational bylaws. Reports were provided on the Assurance Program, UK Certification Program, and various working groups. Candidates for election to the board of directors were also introduced. The meeting concluded with closing remarks.
The document provides an agenda and overview for the Kantara Initiative Annual General Member Meeting. The agenda includes welcome remarks from the executive director and board president, organizational updates on bylaws changes and the 2022 budget and fee structure, and reports from the assurance program chair and leadership council chair. It also includes an introduction of board director candidates and a wrap up from the executive director.
The Kantara Annual General Meeting highlighted accomplishments in 2020 including the Kantara Trust Framework, User Managed Access specification, and Consent Receipt. Membership increased with interest in identity assurance and new working groups. Kantara provides global input on identity standards and plans to further align with ISO. Award recipients were recognized for exemplary contributions. The Board outlined priorities like organizational architecture and value propositions to realize the vision over 2021-2025.
The Kantara Initiative held its 2020 Annual General Meeting on November 30th. The meeting agenda included welcoming remarks, a report on the accomplishments of 2020, an overview of Kantara's strategic roadmap for 2021-2025, and award presentations for exemplary contributors. Highlights from 2020 included growth in the Trust Framework scheme and publications, the launch of a new discussion group, and increased engagement in standards development. Going forward, Kantara will focus on new strategic priorities, closer alignment with ISO standards, and potential bylaws changes to support this work. The meeting provided an opportunity for members to discuss the organization's progress and future plans.
This document summarizes a presentation about the Authentication and Authorisation for Research and Collaboration (AARC) project. The AARC project aims to build on existing identity federations and infrastructures to create interoperable authentication across research collaborations in Europe. It addresses issues like defining minimum levels of assurance, security incident response policies, and tools for monitoring adoption of best practices. The presentation discusses work being done to define security requirements and assess compliance through a self-assessment tool to help scale identity federation while maintaining user privacy and enabling secure incident response.
This document summarizes a presentation on how the User Managed Access (UMA) standard addresses challenges in health information interoperability and user control. It discusses how current health systems have data silos and lack of user access to their own health records. UMA allows for interoperability across services/data sources through a centralized authorization server. It enables user-directed delegation so others can access data on a user's behalf. Case studies demonstrate implementations like Trustee that use UMA to create a self-sovereign universal health record. Another case study discusses Ontario's FPX which uses UMA and standards for identity, authentication, and access in health care.
The document summarizes the mission and activities of the Kantara Initiative, a global non-profit consortium focused on improving trustworthy use of identity and personal data. Key points:
- Kantara develops specifications and operates conformity assessment programs to enable trustworthy identity and data sharing. This includes the Kantara Trust Framework and specifications like Consent Receipt and User Managed Access.
- It has an international membership of organizations and individuals and works on projects like identity assurance and privacy through working groups.
- Kantara also contributes to standards bodies and has transitioned assets from the IDESG to a new Educational Foundation nonprofit.
The document discusses the Kantara Initiative, a global consortium focused on improving trustworthy use of identity and personal data. It was founded in 2009 as a non-profit in the US and Estonia. Kantara develops specifications like Consent Receipt and User Managed Access, and operates conformity assessment programs. It nurtures technical communities, develops standards, and operates trust frameworks to help companies comply with regulations like GDPR and PSD2. Kantara has over 100 member organizations and its specifications have seen adoption in various identity and privacy applications.
The document provides an overview of the Kantara Initiative, a global consortium focused on improving trustworthy use of identity and personal data. It discusses that Kantara was founded in 2009 as a non-profit to develop specifications and standards through working groups. It operates conformity assessment programs to enable companies to meet standards. Kantara has developed award-winning specifications for consent receipts and user-managed access that are being deployed by companies and incorporated into other standards.
The document summarizes the Kantara Initiative, a global consortium focused on improving trustworthy use of identity and personal data. It discusses Kantara's mission, business model, leadership structure, key specifications developed, example deployments, and educational foundation. Kantara nurtures emerging technical communities, develops and standardizes community practices, and operates conformity assessment programs to enable compliance.
Kantara Initiative Inc is the global ‘commons’ non-profit consortium passionate about giving control of personal data back to people, through innovation, standardization and good practice. Attracting established and emerging organizations, governments and individuals to its open collaborative ethos, Kantara operates Trust Frameworks to assess and assure digital identity and privacy solution service providers and is the home of 2 open specifications selected in the top 5 trends for 2018 - UMA, the OAuth extension enabling respecting user-controlled delegation, and the Consent Receipt. Kantara maintains leadership positions in OECD ITAC and ISO SC27 in topics around digital Trust, Privacy and Identity.
Kantara Initiative is a global non-profit consortium that works to improve trustworthy use of identity and personal data through innovation, standardization, and good practice. It comprises over 60 leading organizations and hundreds of participants from businesses, governments, and academia. Kantara develops and standardizes specifications and practices to define relationships between people, devices, and services in the digital identity and data landscape and operates certification programs to enable implementation.
The document summarizes the agenda for a pre-conference workshop on cloud identity at a summit on June 6th, 2016. The workshop will include presentations from the chairs of various working groups at the Kantara Initiative on topics like user managed access, identity assurance, consent and information sharing, and privacy services. There will also be panel discussions and opportunities to learn about Kantara's programs and sign a professional pledge. The workshop aims to explore collaboration between governments, industry and users to better manage data and digital identity.
The document discusses digital identity trust frameworks. It defines a digital identity as a trusted electronic representation of who someone is. A trust framework establishes rules for how organizations can interact and handle identity, authentication, and authorization. It covers functions like identity proofing, credential management, access control, and more. A framework helps standardize these processes, lessens the burden on organizations by amalgamating standards, and makes negotiating agreements easier. The document provides examples of framework elements and tools that can be included, and discusses how frameworks can evolve over time to address new roles, functions, and needs.
Mobile Device and Attribute Validation (MDAV) is a proposed approach to allow first responders and field personnel to verify credentials across jurisdictions using digital certificates stored on mobile devices. The certificates would contain anonymized attributes issued by a credentialing authority, bound cryptographically to the device. This allows credentials to be verified offline or with intermittent connectivity while maintaining individual privacy and strong audit trails. Potential transition activities include prototyping with access control partners and productizing credential management with certificate authorities to promote standards-based adoption across devices and systems.
Kantara Initiative is increasingly known globally as the 'go to' place for operationalized identity and consent based privacy services. This overview provides viewers an insight into Kantara's aims and objectives, services and members. Join us!
Learn about the Kantara Consent & Information Sharing WG and their major deliverable the digital Consent Receipt - an Alpha project designed to upgrade the way a person provides consent on-line. This is an open standardization project.
Extending the Power of Consent with User-Managed Access & OpenUMAkantarainitiative
At HIMSS 2015 Kantara Initiative will focus on the User Managed Access (UMA) initiative with a networking breakfast held on April 15th sponsored by ForgeRock and MedAllies. More information about HIMSS15 and registration.
Existing notice-and-consent paradigms of privacy have begun to fail dramatically — and as recent Pew surveys have demonstrated, people have begun to (ahem) notice. The discipline of privacy engineering aspires to “craft”, but finds it hard to break out the “compliance” rut. The User-Managed Access (UMA) standard and the OpenUMA open-source project are stepping into the breach with two essential elements that change the game: asynchronous consent and centralized consent management.
The document summarizes progress on the User-Managed Access (UMA) specification for standardized authorization as a service. It discusses specification development, ongoing interoperability testing of implementations, planned standardization timelines, relevant use cases across multiple domains, integration with other standards like OAuth and OpenID Connect, and how UMA can contribute to conversations around privacy and consent for personal data sharing.
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
This talk will cover ScyllaDB Architecture from the cluster-level view and zoom in on data distribution and internal node architecture. In the process, we will learn the secret sauce used to get ScyllaDB's high availability and superior performance. We will also touch on the upcoming changes to ScyllaDB architecture, moving to strongly consistent metadata and tablets.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...Fwdays
Direct losses from downtime in 1 minute = $5-$10 thousand dollars. Reputation is priceless.
As part of the talk, we will consider the architectural strategies necessary for the development of highly loaded fintech solutions. We will focus on using queues and streaming to efficiently work and manage large amounts of data in real-time and to minimize latency.
We will focus special attention on the architectural patterns used in the design of the fintech system, microservices and event-driven architecture, which ensure scalability, fault tolerance, and consistency of the entire system.
How information systems are built or acquired puts information, which is what they should be about, in a secondary place. Our language adapted accordingly, and we no longer talk about information systems but applications. Applications evolved in a way to break data into diverse fragments, tightly coupled with applications and expensive to integrate. The result is technical debt, which is re-paid by taking even bigger "loans", resulting in an ever-increasing technical debt. Software engineering and procurement practices work in sync with market forces to maintain this trend. This talk demonstrates how natural this situation is. The question is: can something be done to reverse the trend?
"Choosing proper type of scaling", Olena SyrotaFwdays
Imagine an IoT processing system that is already quite mature and production-ready and for which client coverage is growing and scaling and performance aspects are life and death questions. The system has Redis, MongoDB, and stream processing based on ksqldb. In this talk, firstly, we will analyze scaling approaches and then select the proper ones for our system.
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving
Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!
Session 1 - Intro to Robotic Process Automation.pdfUiPathCommunity
👉 Check out our full 'Africa Series - Automation Student Developers (EN)' page to register for the full program:
https://bit.ly/Automation_Student_Kickstart
In this session, we shall introduce you to the world of automation, the UiPath Platform, and guide you on how to install and setup UiPath Studio on your Windows PC.
📕 Detailed agenda:
What is RPA? Benefits of RPA?
RPA Applications
The UiPath End-to-End Automation Platform
UiPath Studio CE Installation and Setup
💻 Extra training through UiPath Academy:
Introduction to Automation
UiPath Business Automation Platform
Explore automation development with UiPath Studio
👉 Register here for our upcoming Session 2 on June 20: Introduction to UiPath Studio Fundamentals: https://community.uipath.com/events/details/uipath-lagos-presents-session-2-introduction-to-uipath-studio-fundamentals/
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...DanBrown980551
This LF Energy webinar took place June 20, 2024. It featured:
-Alex Thornton, LF Energy
-Hallie Cramer, Google
-Daniel Roesler, UtilityAPI
-Henry Richardson, WattTime
In response to the urgency and scale required to effectively address climate change, open source solutions offer significant potential for driving innovation and progress. Currently, there is a growing demand for standardization and interoperability in energy data and modeling. Open source standards and specifications within the energy sector can also alleviate challenges associated with data fragmentation, transparency, and accessibility. At the same time, it is crucial to consider privacy and security concerns throughout the development of open source platforms.
This webinar will delve into the motivations behind establishing LF Energy’s Carbon Data Specification Consortium. It will provide an overview of the draft specifications and the ongoing progress made by the respective working groups.
Three primary specifications will be discussed:
-Discovery and client registration, emphasizing transparent processes and secure and private access
-Customer data, centering around customer tariffs, bills, energy usage, and full consumption disclosure
-Power systems data, focusing on grid data, inclusive of transmission and distribution networks, generation, intergrid power flows, and market settlement data
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/temporal-event-neural-networks-a-more-efficient-alternative-to-the-transformer-a-presentation-from-brainchip/
Chris Jones, Director of Product Management at BrainChip , presents the “Temporal Event Neural Networks: A More Efficient Alternative to the Transformer” tutorial at the May 2024 Embedded Vision Summit.
The expansion of AI services necessitates enhanced computational capabilities on edge devices. Temporal Event Neural Networks (TENNs), developed by BrainChip, represent a novel and highly efficient state-space network. TENNs demonstrate exceptional proficiency in handling multi-dimensional streaming data, facilitating advancements in object detection, action recognition, speech enhancement and language model/sequence generation. Through the utilization of polynomial-based continuous convolutions, TENNs streamline models, expedite training processes and significantly diminish memory requirements, achieving notable reductions of up to 50x in parameters and 5,000x in energy consumption compared to prevailing methodologies like transformers.
Integration with BrainChip’s Akida neuromorphic hardware IP further enhances TENNs’ capabilities, enabling the realization of highly capable, portable and passively cooled edge devices. This presentation delves into the technical innovations underlying TENNs, presents real-world benchmarks, and elucidates how this cutting-edge approach is positioned to revolutionize edge AI across diverse applications.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
AppSec PNW: Android and iOS Application Security with MobSFAjin Abraham
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
Dandelion Hashtable: beyond billion requests per second on a commodity server
Kantara webinar 800 63-3 approval 2020-07-15
1. What does it take to be Approved as
NIST 800-63-3 conformant?
WEBINAR 2020-07-15
Ethics & Conformance Trust Marked
2. Agenda
1. Welcome – Colin Wallis, Kantara’s Executive Director
2. Identity Assurance Trust Framework Overview and Approval
process - Ruth Puente, Kantara's Assurance Operations Director
3. Kantara Assessment - Ray Kimble, Kuma's Founder & CEO
4. Role of the Assurance Review Board in the Approval process
- Leif Johansson, ARB Chair
5. How do you see Kantara's approval helping your organization
and its impact in the market? - Blake Hall, ID.me's Founder & CEO
6. Q&A session moderated by Colin Wallis
7. Wrap-up by Colin Wallis
3. Identity Assurance Trust Framework and Approval process
Ruth Puente, Kantara's Assurance Operations Director
Ethics & Conformance Trust Marked
4. Kantara’s Identity Assurance Framework (IAF)
• Kantara Initiative is a Trust Framework Provider since 2010, which accredits Assessors and Approves Service
Providers based on the agreed Service Assessment Criteria.
• Approval is based on independent third-party assessments, performed by Kantara-Accredited Assessors, of the
subject services, to determine those services’ conformity to the applicable criteria.
Kantara is the only organization that provides Third Party Assessment against the primary NIST
standard for identity.
5. Kantara Approval Processes
Initial
Application
• Scope
• Application package: Statement of Criteria Applicability; Specification of a Service Subject to Assessment (S3A);
Application form.
• ARB Review
3rd Party
Assessment
• Accredited Assessor conducts triennial assessment relative to appropriate Service Assessment Criteria and
produces a Kantara Assessor Report (KAR).
• Applicant works with the Assessor to address non-conforming service areas.
Approval
Application
•Application package following assessment and a finding of conformity: Kantara Assessor’s Report (KAR), Statement of
Conformity (SoC), detailed Service Subject to Assessment (S3A) and updated application form.
•ARB Review
Decision
• ARB Recommendation
• Board of Directors ratification of approval
• Issuance of 3-year cycle Trust Mark; Trust Mark License Agreement
Surveillance
• Annual Conformity Reviews
• Unscheduled assessments
• Changes that may affect approval
https://kantarainitiative.org/trustoperations/service-provider-approval/
8. What is assessed?
• NIST Special Publication 800-63-3A (Enrollment and Identity Proofing)
• NIST Special Publication 800-63-3B (Authentication and Lifecycle Management)
• NIST Special Publication 800-63-3C (Federation and Assertions)
2
9. 800-63-3A – Enrollment and Identity Proofing
• IAL 1
• CSP shall not validate and verify attributes
• IAL 2 (remote or in-person)
• Allows for remote and in-person proofing
• Once piece of SUPERIOR or STRONG evidence OR
• Two pieces of STRONG evidence OR
• One piece of STRONG evidence plus two pieces of FAIR evidence
• IAL3 (in-person or supervised remote)
• Two pieces of SUPERIOR evidence OR
• One piece of SUPERIOR evidence and one piece of STRONG OR
• Two pieces of STRONG and one piece of FAIR evidence
3
10. 800-63-3A – Enrollment and Identity Proofing
• Strengths of Evidence (Driver’s License, SSN, Phone number, etc)
• Fair
• Unique identifier or Photo/biometric
• Strong
• Issuing source of evidence confirmed the claimed identity through written procedures
• Has it’s written procedures subjected to recurring oversight by regulatory or publicly
accountable institutions
• Unique identifier
• Full name match
• Photo, Biometric or existing AAL2/IAL2 service
• Superior
• Written procedures, recurring oversight, visually identified
• Unique identifier, full name match
• Photo and Biometric and protected digital information
4
11. 800-63-3A – Enrollment and Identity Proofing
• Validating Identity Evidence
• Fair
• Attributes confirmed as valid by comparison to held or published issuing or authoritative
source Or
• Has confirmed as genuine using appropriate technologies Or
• Confirmed as genuine by trained personnel Or
• Confirmed as genuine by confirmation of the integrity of crypto security features.
• Strong
• One of the above plus comparison with held or published information
• Superior
• All of the above.
5
12. 800-63-3A – Enrollment and Identity Proofing
• Verifying Identity Evidence
• Strong
• CSP shall confirm applicant’s ownership of claimed identity by
• Physical comparison to the strongest piece of evidence Or
• Biometric comparison
• Superior
• Both
6
13. NIST 800-63-3B (Authentication and Lifecycle
Management)
• AAL 1
• Either single-factor or multi-factor authentication
• Requires claimant prove possession and control of the Authenticator
• AAL 2 (remote or in-person)
• Proof of possession and control
• Two distinct authentication factors are required
• Approved crypto techniques are required
• AAL3 (in-person or supervised remote)
• Requires proof of possession of a key through a crypto protocol
• Hardware-based authenticator and an authenticator that provides verifier impersonation
resistance
• Proof of possession and control
• Two distinct authentication factors are required
• Approved crypto techniques are required
7
14. NIST 800-63-3B (Authentication and Lifecycle
Management)
• Consistent identifier for subject and identifier
• MFA or 2 Single Factors
• Multi factor OTP device
• Multi factor Crypto device or software
• 2 single factors
• Memorized secret authenticator plus one of
• Look-up secret
• Out of band device
• Single-factor OTP device, Crypto software (FIPS 140-1) or device
• Data Retention schedule, privacy controls, etc
8
15. Assessment Process
Engage with one of the certified third-party assessors
Assessment typically begins with evidence collection and then quickly moves into analysis
Typical assessments take any where from 4-6 weeks
Assessment cycle is the initial full certification; followed by annual conformity reviews
9
16. Best Practices
• Understand your need for conducting the assessment
• Customer requirement
• Competitive Advantage
• Maturity Assessment
• Review the NIST 800-63-3 guidelines and Kantara materials to gauge your readiness or talk to an
assessor
• Have your documentation ready to go for the assessment
10
18. Role of the Assurance Review Board in the Approval
Leif Johansson, ARB Chair
Ethics & Conformance Trust Marked
19. The Assurance Review Board (ARB)
● Tom Barton (InCommon/Internet2)
● Jamie Clark (OASIS)
● Nathan Faut (KPMG)
● Leif Johansson (SUNET - ARB Chair)
● David Temoshok (NIST)
● Richard Trevorah (T-Scheme)
● Ken Dagg (independent, IAWG liason - non-voting)
● Richard Wiltshire (Zygma, technical advisor - non-voting)
20. The ARB scope & composition
1. Review applications and make recommendations to the Board of Directors
2. Provide oversight over the Kantara Trust Program Operations
https://kantarainitiative.org/trustoperations/arb/arb-charter/
21. The ARB day-to-day operations
● Meets every Monday
● Oversight and process issues are discussed by the full ARB
● Reviews are conducted by voting members in recused sessions
22. A typical ARB review (service)
● Service organization provides supporting documentation and review letter (KAR) produced by the designated
auditor
● ARB review normally takes 1-2 meetings - anything longer indicates a problem or clarification that needs
addressing.
● Secretariat communicates ARB questions with Service
● Issues that require more than 3-4 round-trips are typically dealt with by direct calls with Service representatives.
● ARB does an internal retrospect of reviews that have resulted in many issues and will occasionally ask the IAWG
to consider claritifications or amendments to the current SACs
23. A typical ARB review (assessor)
● Assessor organization provides supporting documentation and review letter
● ARB assessor review normally takes 4-5 meetings
● It is normal and expected for ARB to ask both new and returning assessors lots of clarifying questions to ensure
trust in the assessor.
24. How do you see Kantara's approval helping
your organization and its impact in the market?
Blake Hall, ID.me's Founder & CEO
Ethics & Conformance Trust Marked
26. 2
NetworkedSites
CredentialPortability
Credential Identity & Authentication
ID.me fills the trusted
and portable role
Digital Identity is Broken
Portable logins aren’t trusted and trusted logins aren’t portable
Confidential & Proprietary Information of ID.me
27. At the same time,
identity underpins
literally every
transaction in society
3
Civic Benefits
Employment
Legal Rights
Education
Healthcare
Financial Services
Commerce
Streaming Subscriptions
Transportation
Licensing
Property
Signatures/Notarization
28. Advertising
companies run
portable logins
and our thesis is
users don’t, and
won’t, trust them – will
Facebook be the
identity utility for
voting?
No. They are blocked
by their positioning
and business model.
4
CONSUMERTRUST
H E A LT H C A R E
A P P S
O N L I N E
V O T I N G A P P S
F I N A N C I A L
S E R V I C E S
A P P S
Confidential & Proprietary Information of ID.me
29. Kantara’s Trust Mark Enables Organizations to Rely Upon ID.me:
Enabling a standardized network for portable digital credentials
5
Payments Pre-Visa & MC (1958) Payments Post-Visa & MC
DRIVEN BY NEED FOR:
Trust
Branding
Ubiquity
Network
Competition
Standards
Liability Rules
Confidential & Proprietary Information of ID.me
30. 6
FEDERAL GOVERNMENT
RETAIL & CONSUMER TECHNOLOGY
STATE AND LOCAL GOVERNMENT
HEALTHCARE & FINANCIAL SERVICES
Leading brands trust ID.me to streamline user authentication
and remove friction and fraud from their business
Confidential & Proprietary Information of ID.me
31. ID.me is the only authentication provider in the American market
that has the ability to identity proof all users via all channels
ONLINE, SELF-SERVE
IN-PERSON PROOFING
WITH TRUSTED REFEREE
Trained agent proofs user to
NIST IAL2 via video chat
User visits a healthcare facility
or tax preparer and binds the
in-person visit to a digital ID
MOST COMMON
If user hits a roadblock
verifying their identity online.
VIRTUAL IN-PERSON PROOFING VIA
VIDEO CONFERENCE CHAT WITH AN ID.ME
TRAINED CALL CENTER AGENT
RELIEF
VALVE
Confidential & Proprietary Information of ID.me
EXCEPTIONS OPPORTUNISTIC
7
32. 8
Enabling all users to prove their identity online significantly reduces public
sector agencies’ total cost of ownership when online authentication fails
$54Call Center Proofing
$89In-Person Proofing
Source: GAO Report on Taxpayer Authentication https://www.gao.gov/assets/700/692712.pdf
Confidential & Proprietary Information of ID.me
33. Enabling Secure & Efficient
Transactions for Everyone
Goal is to increase access for
legitimate users and to reduce fraud:
Define an appropriate authentication policy based
on the transaction’s risk and regulatory requirements
Enable users to choose between a custom branded
verification path and ID.me’s interoperable network
Increase revenue and reduce fraud and operational
cost by eliminating friction
9Confidential & Proprietary Information of ID.me
34. Thank You!
Blake Hall
About ID.me
ID.me is the next-generation digital identity platform that enables trusted and
convenient interactions between individuals and organizations. ID.me
provides seamless online identity verification for government, financial
services, and healthcare to facilitate access to high value services online and
keep them safe from fraud. The platform brings together best-in-class identity
and fraud vendors into a comprehensive, easy-to-deploy solution for
partners. For more information, visit www.ID.me.
Founder & CEO
O: 703-639-0052
blake@ID.me
Twitter: @blake_hall
37. Nurture. Develop. Operate.
– that’s what we do!
Contact: Ruth Puente, Assurance Operations Director ruth@kantarainitiative.org
Website: www.kantarainitiative.org
Twitter: @KantaraNews
Newsletter sign-up: website header and footer
Ethics & Conformance TrustMarked
Editor's Notes
Topics include:
Gain understanding of Facial Recognition Technology and how it is used by government and companies
Discuss concerns about both intended and unanticipated consequences of FRT, including government surveillance and racial/ethnic profiling
Learn how government agencies are taking strides to balance the benefits of FRT with ensuring the protection of individuals' data and rights