Uploaded bycatalyticgov
PPTX, PDF269 views

Peter Watkins

The document discusses scenarios for improving online identity verification and authentication in Canada to enable more government services to move online. It proposes that governments issue "digital credentials" similar to how they currently issue identity documents. This could allow individuals to securely provide identity information and proof of authentication to access online government services. The document also suggests that the financial sector and government need to work together to update systems using new credential technologies in a way that improves privacy while enabling online self-service options for citizens.

Embed presentation

Download to read offline
Government of British Columbia Identity Information Management SCENARIOS FOR THE FUTURE OF THE CANADIAN PAYMENTS SYSTEM NOVEMBER 3, 2010
2 Dilemma For Online Opportunity For Fraud / Abuse First Name Last Name Address CreditCard# $12.00 Book ?
3 Dilemma For Online First Name Last Name Address CreditCard# $12.00 Book ?
4 Dilemma For Online First Name Last Name Address CreditCard# $12.00 Book ? • Financial sector has been trail blazer for government in relation to online services. • The pain vs. gain equation. • Threat model is an industry unto itself. $7000.00 credit limit $5000.00 account balance
5 Government Cards at Counters • Why do most really important government services need to happen in-person? – Because the FIRST thing that happens is we ask you for your ID. We need to know who you are. – Citizens prove their ID with cards that we (Government) issue to them. – Government documents do not work online – Paper processes only – Downloading a PDF form to fill out does not count as “online” • Despite this it is Government that runs some of the best ID verification and registration processes (birth, death, driving)
6 Banks Know About Government And Identity Information …. Source: Access to Basic Banking Services Regulations (SOR/2003-184)
7 Government Analogues for Online Banking and Commerce Blood test in morning View results in evening Change your kids school and courses online Renew your autoplan online and confirm no outstanding fines or fees are due Schedule doctor visit online without phone call or email View your kids report card on-line Online income assistance, injured worker, courts filing... How can Government make the move to online when identity information is land-locked by paper documents?
8 Dilemma For Online Government Not Appropriate First Name Last Name Address Personal Health # Lab Results Prescription History ? No way for service provider to be confident about who is at the keyboard. Unable to put valuable information and services online.
9 Dilemma For Online Government What’s the consequence of misuse of Health Care Number? • Government has no means of “absorbing” the risk First Name Last Name Address Pers. Health# Lab Results Prescriptions ? $ Health limit? Receive wrong med’s? Privacy violated?
10 Learning from Financial Sector • Shared “secrets” – Credit Card number, name, address, “CCV” number • Passwords – Account numbers – Email address • One-time password token / fob • Etc.. None of these are adequate to the task.
11 The On-Line World • Governments are in the business of identity services. – Can no longer run and hide from this duty just because the internet has happened. – Governments need to issue “digital” credentials just like we issue paper/plastic ones. • Credentials need to be: – Issued from a high quality verification and registration process – Protected against forgery, fraud and abuse – Convenient and easy to use – Respectful of, and enhance, privacy protections – Reusable across all types of government services and jurisdictions – Reusable to convey trusted identity information to third parties over the internet when desired
12 Identity Information Management First Name: David Last Name: Watkins Address: 1’st Ave Personal Health#: 1234 567 890 Lab Results Prescription History + PassCode Identity information NOT stored in chip in card.
13 Identity Information Management First Name: David Last Name: Watkins Address: 1’st Ave Personal Health#: 1234 567 890 Lab Results Prescription History+ PassCode • Service provider asks client for trusted identity information and receives it from the client along with proof of who is backing it. • Card used as authentication credential for obtaining identity information. • Result is assurance of who is at the keyboard. • Medical services plan client • Name • Date of birth / age • Current address
14 Improved: Minimized Information Requests Age: Over 19 = Yes Enhances Privacy Enhances In-Person Services • Name • Date of birth / age • Current address
15 Improved: Verified Access to Services Personal Health #: 1234 567 890 • Assurance that client is eligible. • Assurance needle is going into correct person’s arm. • Assurance that records looked up and generated are for correct client. • Medical services plan client
16 Online Self-Service Becomes Feasible Requested Identity Information Online Self-Services + PassCode Blood test in morning View results in evening Change your kids school and courses online Renew your autoplan online Schedule doctor visit online without phone call or email Change your address online with government & utilities Online income assistance, injured worker, courts...
17 Financial Sector To Do’s • Update online banking and commerce – Infrastructure for contactless chip and pin • Contactless readers and associated systems: home use, as well as at retail / merchant – Train the public through their experience with bank and credit cards – Get us out of Payment Card Industry Compliance problem $$$$ • Change the bank card / credit card transaction flow to eliminate disclosure of identifiers to merchants • Ensure new infrastructure is open for leverage by government issued contactless chips – Through government membership in a trust-framework that establishes rules and standards • Advocate for government to ensure identity information management works trans-nationally to avoid trade barrier • New forms of banking transactions that make appropriate use of government backed identity information – New accounts for individuals and/or businesses – Mortgages, auto loans, insurance – ...
18 Government To Do’s • Modify existing identity verification and registration procedures to issue trusted credentials for online – In the Canadian federation this falls mostly to provinces • Provide policy based trust-frameworks establishing rules and good conduct – Identity information related “Trustmark(s)” certifiably used by government and private business – Ensure these work on trans-national basis to avoid creation of new form of trade barrier • Provide online services and infrastructure for government backed identity information in a “citizen” centric way – In the Canadian federation this falls mostly to provinces – Open to private sector through membership in a trust-framework that establishes rules and standards and through the protocol of asking the client to provide information • Enable improved privacy practices – Minimize information requests in first place – Proper use of any information as provided • Initiate a move to online self-service – Make use of government backed identity information – Often need to make use of payment cards as well – Ex: Compensation for health care providers working with injured workers, auto accidents – Ex: Student loans – Ex: Income assistance – ...
19 Possibilities Requested Identity Information + PassCode
20 Possibilities Requested Identity Information + PassCode
21 Possibilities Requested Identity Information + PassCode “Trusted” Authentication Credentials Identity Information Services Online Services
22 Conclusion • Financial sector and Government sector operate as foundational components of Canada • Mutual need for improved methods for identity information management services, credentials, cards, authentication • Need to work together to enable a next-generation of online services • Public and private
23 END ---- Dave.Nikolejsin@gov.bc.ca Peter.Watkins@gov.bc.ca http://www.cio.gov.bc.ca/cio/idim/index.page
24

More Related Content

PPTX
Idt
bySpringboard
 
PDF
Acc 675 control audit final project
byKelly Giambra
 
PPTX
Background verification services
byicrederity info services pvt ltd
 
PPTX
Training for Bank Employees
by- Mark - Fullbright
 
PDF
ID Theft: What You Need to Know - Juliana Harris
byIT-oLogy
 
PDF
Pre Employment Criminal Screening By BackgroundChecks.org
byeminentsilhouet88
 
PDF
IDShield
byALYCIA McINTYRE-JOHNSON "AMJ"
 
PDF
online shopping
byObger Mercier , MBA
 
Idt
bySpringboard
 
Acc 675 control audit final project
byKelly Giambra
 
Background verification services
byicrederity info services pvt ltd
 
Training for Bank Employees
by- Mark - Fullbright
 
ID Theft: What You Need to Know - Juliana Harris
byIT-oLogy
 
Pre Employment Criminal Screening By BackgroundChecks.org
byeminentsilhouet88
 
IDShield
byALYCIA McINTYRE-JOHNSON "AMJ"
 
online shopping
byObger Mercier , MBA
 

What's hot

PPT
Identity Theft: Protecting & Restoring Your Good Name
bySpringboard
 
PDF
Child Identity Theft LegalShield Business Solutions
bylegalshieldofficial
 
PDF
Information Compromise and the Risk of Identity Theft Guidance for your Business
by- Mark - Fullbright
 
PDF
E – COMMERCE AND CONSUMER RIGHTS
byKenneth Muhangi Esq.
 
PPT
E commerce
byJed Concepcion
 
PPTX
National identity strategy presentation may 10, 2016
byGuy Huntington
 
PPTX
LegalShield Business Solutions
byBrian Dunican, Ed.D.
 
PDF
What is Social KYC?
byCordula Schellenberger
 
PDF
Resolving Consumer Identity Theft for Foster Youth 2013 Edition
by- Mark - Fullbright
 
PDF
CYVA2PageTrustedAgent_basedAdVentureSynergyFundingSummaryAngelAM20150925
byCYVA Research Corporation
 
PDF
[E government policy training] quito city presentation
byshrdcinfo
 
PPT
Adrs Flip Chart With Red Flags Rev4
bydanc752
 
PPT
Identity Theft Red Flags Rule for Business
byHerring Consulting & Financial Group
 
PDF
Nascio who areyoue-authbrief122104
byHai Nguyen
 
PDF
M6 TM1A Group 4.pdf
byGALEDAPHNEDELROSARIO
 
PPT
E id strategy potii kozlov ang 20 03_2015
byKharkov National University Karazina
 
PDF
Getting the Deal Through "e-Commerce 2014"
byAngela Vásquez Oliver
 
PDF
ICIL IT Enabled Services
byAdnan Tabassum
 
DOCX
Professional issues in IT
bySavithri Nandadasa
 
Identity Theft: Protecting & Restoring Your Good Name
bySpringboard
 
Child Identity Theft LegalShield Business Solutions
bylegalshieldofficial
 
Information Compromise and the Risk of Identity Theft Guidance for your Business
by- Mark - Fullbright
 
E – COMMERCE AND CONSUMER RIGHTS
byKenneth Muhangi Esq.
 
E commerce
byJed Concepcion
 
National identity strategy presentation may 10, 2016
byGuy Huntington
 
LegalShield Business Solutions
byBrian Dunican, Ed.D.
 
What is Social KYC?
byCordula Schellenberger
 
Resolving Consumer Identity Theft for Foster Youth 2013 Edition
by- Mark - Fullbright
 
CYVA2PageTrustedAgent_basedAdVentureSynergyFundingSummaryAngelAM20150925
byCYVA Research Corporation
 
[E government policy training] quito city presentation
byshrdcinfo
 
Adrs Flip Chart With Red Flags Rev4
bydanc752
 
Identity Theft Red Flags Rule for Business
byHerring Consulting & Financial Group
 
Nascio who areyoue-authbrief122104
byHai Nguyen
 
M6 TM1A Group 4.pdf
byGALEDAPHNEDELROSARIO
 
E id strategy potii kozlov ang 20 03_2015
byKharkov National University Karazina
 
Getting the Deal Through "e-Commerce 2014"
byAngela Vásquez Oliver
 
ICIL IT Enabled Services
byAdnan Tabassum
 
Professional issues in IT
bySavithri Nandadasa
 

Similar to Peter Watkins

PPTX
National ICT & Citizen Payments Strategy
byGuy Huntington
 
PPTX
National Identity ICT Defence and Intelligence Strategy
byGuy Huntington
 
PPT
digital identity 2.0: how technology is transforming behaviours and raising c...
byPatrick McCormick
 
PPTX
Alan Shark
byglobalforum11
 
PPTX
Citizen identity lifecycle july 2016
byGuy Huntington
 
PPTX
National citizen identity strategy
byGuy Huntington
 
PPTX
Proposed country identity strategy july 24, 2015
byGuy Huntington
 
PPT
private briefing for Sir James Crosby by William Heath
byKelston Roundhill, Fairfield House Bath, Bath City FC Supporters' Society
 
PDF
Govt authentication brief ca v
byMike Kuhn
 
PPTX
National ICT & Identity Strategy Managing Illegal Citizens & Identity Fraud ...
byGuy Huntington
 
PPTX
National ICT & Healthcare Strategy
byGuy Huntington
 
PDF
Hp 17 s-bbo-1350-brian-reed
bySatya Harish
 
PDF
Citizen Digital Identity: Enabling and empowering individuals and institutions
byConor Bronsdon
 
PPTX
Developing Countries National ICT Identity Governance Strategy
byGuy Huntington
 
PPTX
The Role of Government in Identity Management
byDon Lovett
 
PPTX
Identity Summit 2015: 2Keys Canadian Digital Identity
byForgeRock
 
PPTX
UK Government identity initiatives since the late 1990s - IDnext 2015
byJerry Fishenden
 
PDF
Accelerating the creation and deployment of e-Government services by ensuring...
bySecure Identity Alliance
 
PPT
03 Malcolm Crompton
byFrocomm Australia
 
PDF
Establishing a Trusted Identity in Cyberspace
byRightPatient®
 
National ICT & Citizen Payments Strategy
byGuy Huntington
 
National Identity ICT Defence and Intelligence Strategy
byGuy Huntington
 
digital identity 2.0: how technology is transforming behaviours and raising c...
byPatrick McCormick
 
Alan Shark
byglobalforum11
 
Citizen identity lifecycle july 2016
byGuy Huntington
 
National citizen identity strategy
byGuy Huntington
 
Proposed country identity strategy july 24, 2015
byGuy Huntington
 
private briefing for Sir James Crosby by William Heath
byKelston Roundhill, Fairfield House Bath, Bath City FC Supporters' Society
 
Govt authentication brief ca v
byMike Kuhn
 
National ICT & Identity Strategy Managing Illegal Citizens & Identity Fraud ...
byGuy Huntington
 
National ICT & Healthcare Strategy
byGuy Huntington
 
Hp 17 s-bbo-1350-brian-reed
bySatya Harish
 
Citizen Digital Identity: Enabling and empowering individuals and institutions
byConor Bronsdon
 
Developing Countries National ICT Identity Governance Strategy
byGuy Huntington
 
The Role of Government in Identity Management
byDon Lovett
 
Identity Summit 2015: 2Keys Canadian Digital Identity
byForgeRock
 
UK Government identity initiatives since the late 1990s - IDnext 2015
byJerry Fishenden
 
Accelerating the creation and deployment of e-Government services by ensuring...
bySecure Identity Alliance
 
03 Malcolm Crompton
byFrocomm Australia
 
Establishing a Trusted Identity in Cyberspace
byRightPatient®
 

More from catalyticgov

PPT
Mott
bycatalyticgov
 
PPTX
Vince D’Agostino & D’Arcy Delamer
bycatalyticgov
 
PDF
Andrew Dresner
bycatalyticgov
 
PDF
David Birch
bycatalyticgov
 
PPT
Michael Adams
bycatalyticgov
 
PDF
JSB presentation
bycatalyticgov
 
PPTX
Greg Wolfond
bycatalyticgov
 
PPTX
Andrew Nash
bycatalyticgov
 
PPT
Chris Hamilton
bycatalyticgov
 
PPT
Michael McDerment
bycatalyticgov
 
PPT
Haag presentation
bycatalyticgov
 
PPT
Mickey McManus
bycatalyticgov
 
Mott
bycatalyticgov
 
Vince D’Agostino & D’Arcy Delamer
bycatalyticgov
 
Andrew Dresner
bycatalyticgov
 
David Birch
bycatalyticgov
 
Michael Adams
bycatalyticgov
 
JSB presentation
bycatalyticgov
 
Greg Wolfond
bycatalyticgov
 
Andrew Nash
bycatalyticgov
 
Chris Hamilton
bycatalyticgov
 
Michael McDerment
bycatalyticgov
 
Haag presentation
bycatalyticgov
 
Mickey McManus
bycatalyticgov
 

Recently uploaded

PDF
Inspiring Global Change_ How the ICC Geller Fellowship Develops Tomorrow’s Le...
byJacob Baime ICC
 
PPTX
How to Choose the Right Compliance Management System for Your Business
byhepburnindia
 
PDF
CISA-certification-252955007.pdf CISA-certification-252955007.pdf
byFernando Sanchez Risco
 
PPTX
global trend chapter three power point .
bydessiea134
 
PDF
Agile's Post-Transformation Era (RSG-Banff 2025).pdf
byRichard Dolman
 
PDF
Future Trends in Knowledge Management Systems
byWritegenic AI
 
PPTX
nursing care delivery model16_Scenarios_Tutorials.pptx
bysofiamansoor4
 
PPTX
CH5 PROJECT IMPLEMENTATION, MONITORING & EVALUATION
byAtoshe Elmi
 
PPTX
14 Management Principles by Henri Fayol (Overview)
bySujan Chaudhary
 
PDF
PPST.RP_Module 9.pdf Selected, developed, organized and used appropriate teac...
byMARYJANEISRAEL3
 
Inspiring Global Change_ How the ICC Geller Fellowship Develops Tomorrow’s Le...
byJacob Baime ICC
 
How to Choose the Right Compliance Management System for Your Business
byhepburnindia
 
CISA-certification-252955007.pdf CISA-certification-252955007.pdf
byFernando Sanchez Risco
 
global trend chapter three power point .
bydessiea134
 
Agile's Post-Transformation Era (RSG-Banff 2025).pdf
byRichard Dolman
 
Future Trends in Knowledge Management Systems
byWritegenic AI
 
nursing care delivery model16_Scenarios_Tutorials.pptx
bysofiamansoor4
 
CH5 PROJECT IMPLEMENTATION, MONITORING & EVALUATION
byAtoshe Elmi
 
14 Management Principles by Henri Fayol (Overview)
bySujan Chaudhary
 
PPST.RP_Module 9.pdf Selected, developed, organized and used appropriate teac...
byMARYJANEISRAEL3
 

Peter Watkins

  • 1.
    Government of BritishColumbia Identity Information Management SCENARIOS FOR THE FUTURE OF THE CANADIAN PAYMENTS SYSTEM NOVEMBER 3, 2010
  • 2.
    2 Dilemma For Online OpportunityFor Fraud / Abuse First Name Last Name Address CreditCard# $12.00 Book ?
  • 3.
    3 Dilemma For Online FirstName Last Name Address CreditCard# $12.00 Book ?
  • 4.
    4 Dilemma For Online FirstName Last Name Address CreditCard# $12.00 Book ? • Financial sector has been trail blazer for government in relation to online services. • The pain vs. gain equation. • Threat model is an industry unto itself. $7000.00 credit limit $5000.00 account balance
  • 5.
    5 Government Cards atCounters • Why do most really important government services need to happen in-person? – Because the FIRST thing that happens is we ask you for your ID. We need to know who you are. – Citizens prove their ID with cards that we (Government) issue to them. – Government documents do not work online – Paper processes only – Downloading a PDF form to fill out does not count as “online” • Despite this it is Government that runs some of the best ID verification and registration processes (birth, death, driving)
  • 6.
    6 Banks Know AboutGovernment And Identity Information …. Source: Access to Basic Banking Services Regulations (SOR/2003-184)
  • 7.
    7 Government Analogues for OnlineBanking and Commerce Blood test in morning View results in evening Change your kids school and courses online Renew your autoplan online and confirm no outstanding fines or fees are due Schedule doctor visit online without phone call or email View your kids report card on-line Online income assistance, injured worker, courts filing... How can Government make the move to online when identity information is land-locked by paper documents?
  • 8.
    8 Dilemma For OnlineGovernment Not Appropriate First Name Last Name Address Personal Health # Lab Results Prescription History ? No way for service provider to be confident about who is at the keyboard. Unable to put valuable information and services online.
  • 9.
    9 Dilemma For OnlineGovernment What’s the consequence of misuse of Health Care Number? • Government has no means of “absorbing” the risk First Name Last Name Address Pers. Health# Lab Results Prescriptions ? $ Health limit? Receive wrong med’s? Privacy violated?
  • 10.
    10 Learning from FinancialSector • Shared “secrets” – Credit Card number, name, address, “CCV” number • Passwords – Account numbers – Email address • One-time password token / fob • Etc.. None of these are adequate to the task.
  • 11.
    11 The On-Line World •Governments are in the business of identity services. – Can no longer run and hide from this duty just because the internet has happened. – Governments need to issue “digital” credentials just like we issue paper/plastic ones. • Credentials need to be: – Issued from a high quality verification and registration process – Protected against forgery, fraud and abuse – Convenient and easy to use – Respectful of, and enhance, privacy protections – Reusable across all types of government services and jurisdictions – Reusable to convey trusted identity information to third parties over the internet when desired
  • 12.
    12 Identity Information Management FirstName: David Last Name: Watkins Address: 1’st Ave Personal Health#: 1234 567 890 Lab Results Prescription History + PassCode Identity information NOT stored in chip in card.
  • 13.
    13 Identity Information Management FirstName: David Last Name: Watkins Address: 1’st Ave Personal Health#: 1234 567 890 Lab Results Prescription History+ PassCode • Service provider asks client for trusted identity information and receives it from the client along with proof of who is backing it. • Card used as authentication credential for obtaining identity information. • Result is assurance of who is at the keyboard. • Medical services plan client • Name • Date of birth / age • Current address
  • 14.
    14 Improved: Minimized InformationRequests Age: Over 19 = Yes Enhances Privacy Enhances In-Person Services • Name • Date of birth / age • Current address
  • 15.
    15 Improved: Verified Accessto Services Personal Health #: 1234 567 890 • Assurance that client is eligible. • Assurance needle is going into correct person’s arm. • Assurance that records looked up and generated are for correct client. • Medical services plan client
  • 16.
    16 Online Self-Service BecomesFeasible Requested Identity Information Online Self-Services + PassCode Blood test in morning View results in evening Change your kids school and courses online Renew your autoplan online Schedule doctor visit online without phone call or email Change your address online with government & utilities Online income assistance, injured worker, courts...
  • 17.
    17 Financial Sector ToDo’s • Update online banking and commerce – Infrastructure for contactless chip and pin • Contactless readers and associated systems: home use, as well as at retail / merchant – Train the public through their experience with bank and credit cards – Get us out of Payment Card Industry Compliance problem $$$$ • Change the bank card / credit card transaction flow to eliminate disclosure of identifiers to merchants • Ensure new infrastructure is open for leverage by government issued contactless chips – Through government membership in a trust-framework that establishes rules and standards • Advocate for government to ensure identity information management works trans-nationally to avoid trade barrier • New forms of banking transactions that make appropriate use of government backed identity information – New accounts for individuals and/or businesses – Mortgages, auto loans, insurance – ...
  • 18.
    18 Government To Do’s •Modify existing identity verification and registration procedures to issue trusted credentials for online – In the Canadian federation this falls mostly to provinces • Provide policy based trust-frameworks establishing rules and good conduct – Identity information related “Trustmark(s)” certifiably used by government and private business – Ensure these work on trans-national basis to avoid creation of new form of trade barrier • Provide online services and infrastructure for government backed identity information in a “citizen” centric way – In the Canadian federation this falls mostly to provinces – Open to private sector through membership in a trust-framework that establishes rules and standards and through the protocol of asking the client to provide information • Enable improved privacy practices – Minimize information requests in first place – Proper use of any information as provided • Initiate a move to online self-service – Make use of government backed identity information – Often need to make use of payment cards as well – Ex: Compensation for health care providers working with injured workers, auto accidents – Ex: Student loans – Ex: Income assistance – ...
  • 19.
  • 20.
  • 21.
  • 22.
    22 Conclusion • Financial sectorand Government sector operate as foundational components of Canada • Mutual need for improved methods for identity information management services, credentials, cards, authentication • Need to work together to enable a next-generation of online services • Public and private
  • 23.
  • 24.