SlideShare a Scribd company logo

The Super Broken Story of the True Digital Identity

M
Manah Khalil

A true portable and reusable Digital Identity does not exist today. A federated identity is mostly used in low risk use cases and has yet to attain the adoption of a real passport or ID. In addition, federated identities are offered at the expense of privacy. Enterprise federation is mostly limited between businesses. A true digital identity is one that can find adoption and usage across consumer, business and enterprise use cases without sacrificing user privacy, scalability of infrastructure or the increase of liability due to a centralized user profile repository. We have the technology and building blocks today to build such a digital identity, and its availability would unleash a wide array of use cases.

Technology
1 of 24
Download to read offline
The Super Broken Story of the True Digital Identity Manah Khalil IT Director – Application Security /SecurelyYours
Who I Am IT Director – Application Security • Responsible for IAM for the Digital Channel • Digital Identity enthusiast • New dad for the 3rd time  • IT department for my family and our farm of devices • Maintaining a list of a 100+ passwords • 3 iPhones, 3 iPads, 3 laptops, 1 Surface, 4 Xboxes, 2 desktops, 2 smart TVs, a garage door opener and a Ring® doorbell, …. 2 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
For a Digital Identity to Be a True Identity… It needs to be issued to an individual by a trusted entity 1 It needs to stay with that individual for life 2 It should not rely for its lifetime on a specific identity provider 3 It needs to be Universal, just like a real ID card 4 3 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
It needs to be Universal, just like a real ID card 4 4 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
TRUST a hit or miss Let’s boogie!!! 5 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
CONSENT hidden or absent Consent can be: • Completely absent • Buried in fine prints • Not possible to obtain • Provided by the wrong party I sure hope you’re not allergic. 6 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
PRIVACY 3rd Parties Involved Bear with me. I’ll need to make a call to validate your ID. 7 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
Digital ID Fails the Everyday Use Cases TRUST PRIVACY CONSENT 8 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
So, What’s Broken? • Technology & Protocols? • Standards & Guidelines? • Technology & Protocols • OAuth 2.0 • SAML • OpenID Connect • Continuous Authentication • Token Binding • FIDO Alliance • Standards & Regulations • NIST SP 800-63 • eIDAS • GDPR, CCPA 9 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
Federation! 10 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
RP as the IdP & Authenticator A hassle for Users & RPs User • Manage hundreds of passwords Relying Party • Deal with breaches • Call volume associated with logins • Cost of doing business to manage profiles 11 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
In 3rd Party We Trust! User: • Privacy, consent, and trust • Security concerns • Portability of ID (e.g., Facebook) Relying Party: • Reliability & SLA • Liability: implications of a breach Identity Provider: • Scalability: growing at the speed of Business • Liability: biting more than can chew 3rd Party as IdP & Authenticator 12 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
Authorization / Session Management AuthenticationIdentification Breaking Down the Functions Claiming an identity based on a unique identifier issued by an IdP Validating you are who you claim to be, with proofing attributes through the IdP Establish a session with the RP and provide access to resources IAM 13 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners. Animated slide Play in presentation mode
WHAT IF WE CAN… • Change Identification to: • Be a one-time operation • Perform identity proofing (at some IAL Level) • Issue a Digital Identity with built-in assurances • Store the Digital Identity in a secure Digital Wallet • Change Authentication to: • Be done by Relying Party based on said assurances 14 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
Identity that Carries its Own Assurances Identity Provider • Provides One-Time Identity Proofing • Issues Identity with signed attributes User • Secures in it the Digital Identity • Maintains the ‘Digital Wallet’ (Mobile Device) • Manages/maintains identity attributes Relying Party • Authenticates identity by on its own assurances and the trust in the issuer Redefining the Roles 15 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
Checklist • Privacy • Scalability • Liability • Reliability & SLA • PortabilityID Issuer ID Owner Authenticator & ID Consumer      16 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners. Animated slide Play in presentation mode
Blueprint to Solution: Putting it All Together • Telecoms • Financial Services • Credit Bureaus Authentication & Session Mgmt Identity Issuers Wallet/Mobile Device How it can be Achieved: • Custom but simple authentication protocol/flow • Check Certificates and CRLs 17 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
Blueprint to Solution: Putting it All Together • Telecoms • Financial Services • Credit Bureaus Ethereum Hyperledger Corda Quorum OpenChain Stellar Authentication Identity RepositoryIdentity Issuers Wallet/Mobile Device Session Mgmt 18 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
Universal Means Universal • Issued identities extend everywhere and to everyone • Not limited to direct customer base (secondaries and devices) • Uses the blockchain to allow primary users to endorse identities of other entities • Household members • IoTs • … 19 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
Extending Identity to Digital Entities Entities with Identities • People: adults and children • Devices, IoT • Applications • Processing Units • Bots, RPA 20 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
Endorsed Identities and IoT 21 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
We Have the Building Blocks 22 Identity Providers A network of trusted issuers of identities Leverage a spectrum of identity proofing attributes Build enough assurances (as- needed) in the Digital ID Authentication Services Handled by Relying Parties Leverages trust the in the Identity Issuers and the assurances in the digital ID Point-to-Point authentication Session Management & Authorization Services Handled by Relying Parties Identity Repository A permissioned blockchain as a repository for the network of trusted identity providers Manages identity aliases, revocation list and secondary IDs © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
Digital Identity is One that is… UNIVERSAL • Issued to you • Stays with you • Grows with you • Moves with you 23 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
Thank You 24 Continue the discussion: /SecurelyYours © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.

Recommended

The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...ForgeRock
 
The Road to Intelligent Authentication Journeys
The Road to Intelligent Authentication JourneysThe Road to Intelligent Authentication Journeys
The Road to Intelligent Authentication JourneysForgeRock
 
Preventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity TheftPreventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity TheftDiane M. Metcalf
 
Strong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsStrong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsFIDO Alliance
 
Bio-Authentication (FIDO) and PKI Trends in Korea
Bio-Authentication (FIDO) and PKI Trends in KoreaBio-Authentication (FIDO) and PKI Trends in Korea
Bio-Authentication (FIDO) and PKI Trends in KoreaFIDO Alliance
 
Loqr
LoqrLoqr
LoqrCaixa Geral Depósitos
 
SG(Signgate) PKI Abroad Business
SG(Signgate) PKI Abroad Business SG(Signgate) PKI Abroad Business
SG(Signgate) PKI Abroad Business Jinhwan Shin
 
Eco [3 c] introduction of national pki-sg-jaejung kim-15_apr10
Eco [3 c] introduction of national pki-sg-jaejung kim-15_apr10Eco [3 c] introduction of national pki-sg-jaejung kim-15_apr10
Eco [3 c] introduction of national pki-sg-jaejung kim-15_apr10Hai Nguyen
 

Recommended

The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...
The Value of User and Data Centricity Beyond IoT Devices: Stein Myrseth and G...ForgeRock
 
The Road to Intelligent Authentication Journeys
The Road to Intelligent Authentication JourneysThe Road to Intelligent Authentication Journeys
The Road to Intelligent Authentication JourneysForgeRock
 
Preventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity TheftPreventing Internet Fraud By Preventing Identity Theft
Preventing Internet Fraud By Preventing Identity TheftDiane M. Metcalf
 
Strong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsStrong Customer Authentication & Biometrics
Strong Customer Authentication & BiometricsFIDO Alliance
 
Bio-Authentication (FIDO) and PKI Trends in Korea
Bio-Authentication (FIDO) and PKI Trends in KoreaBio-Authentication (FIDO) and PKI Trends in Korea
Bio-Authentication (FIDO) and PKI Trends in KoreaFIDO Alliance
 
Loqr
LoqrLoqr
LoqrCaixa Geral Depósitos
 
SG(Signgate) PKI Abroad Business
SG(Signgate) PKI Abroad Business SG(Signgate) PKI Abroad Business
SG(Signgate) PKI Abroad Business Jinhwan Shin
 
Eco [3 c] introduction of national pki-sg-jaejung kim-15_apr10
Eco [3 c] introduction of national pki-sg-jaejung kim-15_apr10Eco [3 c] introduction of national pki-sg-jaejung kim-15_apr10
Eco [3 c] introduction of national pki-sg-jaejung kim-15_apr10Hai Nguyen
 
Protection on cyber fraud
Protection on cyber fraudProtection on cyber fraud
Protection on cyber fraudBUSINESS SOFTWARES & SOLUTIONS
 
Delivering Imperatives of Modern Organizations Such As Cybersecurity and Open...
Delivering Imperatives of Modern Organizations Such As Cybersecurity and Open...Delivering Imperatives of Modern Organizations Such As Cybersecurity and Open...
Delivering Imperatives of Modern Organizations Such As Cybersecurity and Open...IdentityNorthEvents
 
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...FIDO Alliance
 
KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...
KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...
KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...FIDO Alliance
 
electronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engelectronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engFrank Mercado
 
Current Trends Related to Mobile Network Operators & FIDO SCA Adoption
Current Trends Related to Mobile Network Operators & FIDO SCA AdoptionCurrent Trends Related to Mobile Network Operators & FIDO SCA Adoption
Current Trends Related to Mobile Network Operators & FIDO SCA AdoptionFIDO Alliance
 
Biometrics for Payment Authentication
Biometrics for Payment AuthenticationBiometrics for Payment Authentication
Biometrics for Payment AuthenticationFIDO Alliance
 
Expected Use Cases of FIDO Authentication for Social Applications
Expected Use Cases of FIDO Authentication for Social ApplicationsExpected Use Cases of FIDO Authentication for Social Applications
Expected Use Cases of FIDO Authentication for Social ApplicationsFIDO Alliance
 
Overall cryptography and pki introduction
Overall cryptography and pki introductionOverall cryptography and pki introduction
Overall cryptography and pki introductionAvirot Mitamura
 
Building trust attributes in e transactions (final) ver 3.0
Building trust attributes in e transactions (final) ver 3.0Building trust attributes in e transactions (final) ver 3.0
Building trust attributes in e transactions (final) ver 3.0Aladdin Dandis
 
Usher overview.2014.02 hi
Usher overview.2014.02 hiUsher overview.2014.02 hi
Usher overview.2014.02 hiMark Fazackerley
 
FIDO Authentication and GDPR
FIDO Authentication and GDPRFIDO Authentication and GDPR
FIDO Authentication and GDPRFIDO Alliance
 
Belgian mobile ID presents itsme
Belgian mobile ID presents itsmeBelgian mobile ID presents itsme
Belgian mobile ID presents itsmeBelgian Mobile ID - itsme
 
Eliminating Passwords with Biometrics for Identity Access Management Webinar
Eliminating Passwords with Biometrics for Identity Access Management WebinarEliminating Passwords with Biometrics for Identity Access Management Webinar
Eliminating Passwords with Biometrics for Identity Access Management WebinarVeridium
 
TrustBearer - CTST 2009 - OpenID & Strong Authentication
TrustBearer - CTST 2009 - OpenID & Strong AuthenticationTrustBearer - CTST 2009 - OpenID & Strong Authentication
TrustBearer - CTST 2009 - OpenID & Strong AuthenticationTrustBearer
 
Inside Security - Strong Authentication with Smartphones
Inside Security - Strong Authentication with SmartphonesInside Security - Strong Authentication with Smartphones
Inside Security - Strong Authentication with SmartphonesUbisecure
 
Mobile Authentication - Onboarding, best practices & anti-patterns
Mobile Authentication - Onboarding, best practices & anti-patternsMobile Authentication - Onboarding, best practices & anti-patterns
Mobile Authentication - Onboarding, best practices & anti-patternsPieter Ennes
 
A case for identities - Etisalat, George Held at TADSummit
A case for identities - Etisalat, George Held at TADSummitA case for identities - Etisalat, George Held at TADSummit
A case for identities - Etisalat, George Held at TADSummitAlan Quayle
 
Biometric Trends for 2017 Webinar
Biometric Trends for 2017 WebinarBiometric Trends for 2017 Webinar
Biometric Trends for 2017 WebinarVeridium
 
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CloudIDSummit
 
GDPR is coming in Hot. Top Burning Questions Answered to Help You Keep Your C...
GDPR is coming in Hot. Top Burning Questions Answered to Help You Keep Your C...GDPR is coming in Hot. Top Burning Questions Answered to Help You Keep Your C...
GDPR is coming in Hot. Top Burning Questions Answered to Help You Keep Your C...ForgeRock
 
Cloud Privacy Update: What You Need to Know
Cloud Privacy Update: What You Need to KnowCloud Privacy Update: What You Need to Know
Cloud Privacy Update: What You Need to KnowAct-On Software
 

More Related Content

What's hot

Delivering Imperatives of Modern Organizations Such As Cybersecurity and Open...
Delivering Imperatives of Modern Organizations Such As Cybersecurity and Open...Delivering Imperatives of Modern Organizations Such As Cybersecurity and Open...
Delivering Imperatives of Modern Organizations Such As Cybersecurity and Open...IdentityNorthEvents
 
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...FIDO Alliance
 
KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...
KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...
KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...FIDO Alliance
 
electronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engelectronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engFrank Mercado
 
Current Trends Related to Mobile Network Operators & FIDO SCA Adoption
Current Trends Related to Mobile Network Operators & FIDO SCA AdoptionCurrent Trends Related to Mobile Network Operators & FIDO SCA Adoption
Current Trends Related to Mobile Network Operators & FIDO SCA AdoptionFIDO Alliance
 
Biometrics for Payment Authentication
Biometrics for Payment AuthenticationBiometrics for Payment Authentication
Biometrics for Payment AuthenticationFIDO Alliance
 
Expected Use Cases of FIDO Authentication for Social Applications
Expected Use Cases of FIDO Authentication for Social ApplicationsExpected Use Cases of FIDO Authentication for Social Applications
Expected Use Cases of FIDO Authentication for Social ApplicationsFIDO Alliance
 
Overall cryptography and pki introduction
Overall cryptography and pki introductionOverall cryptography and pki introduction
Overall cryptography and pki introductionAvirot Mitamura
 
Building trust attributes in e transactions (final) ver 3.0
Building trust attributes in e transactions (final) ver 3.0Building trust attributes in e transactions (final) ver 3.0
Building trust attributes in e transactions (final) ver 3.0Aladdin Dandis
 
FIDO Authentication and GDPR
FIDO Authentication and GDPRFIDO Authentication and GDPR
FIDO Authentication and GDPRFIDO Alliance
 
Eliminating Passwords with Biometrics for Identity Access Management Webinar
Eliminating Passwords with Biometrics for Identity Access Management WebinarEliminating Passwords with Biometrics for Identity Access Management Webinar
Eliminating Passwords with Biometrics for Identity Access Management WebinarVeridium
 
TrustBearer - CTST 2009 - OpenID & Strong Authentication
TrustBearer - CTST 2009 - OpenID & Strong AuthenticationTrustBearer - CTST 2009 - OpenID & Strong Authentication
TrustBearer - CTST 2009 - OpenID & Strong AuthenticationTrustBearer
 
Inside Security - Strong Authentication with Smartphones
Inside Security - Strong Authentication with SmartphonesInside Security - Strong Authentication with Smartphones
Inside Security - Strong Authentication with SmartphonesUbisecure
 
Mobile Authentication - Onboarding, best practices & anti-patterns
Mobile Authentication - Onboarding, best practices & anti-patternsMobile Authentication - Onboarding, best practices & anti-patterns
Mobile Authentication - Onboarding, best practices & anti-patternsPieter Ennes
 
A case for identities - Etisalat, George Held at TADSummit
A case for identities - Etisalat, George Held at TADSummitA case for identities - Etisalat, George Held at TADSummit
A case for identities - Etisalat, George Held at TADSummitAlan Quayle
 
Biometric Trends for 2017 Webinar
Biometric Trends for 2017 WebinarBiometric Trends for 2017 Webinar
Biometric Trends for 2017 WebinarVeridium
 
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CloudIDSummit
 

What's hot (20)

Protection on cyber fraud
Protection on cyber fraudProtection on cyber fraud
Protection on cyber fraud
 
Delivering Imperatives of Modern Organizations Such As Cybersecurity and Open...
Delivering Imperatives of Modern Organizations Such As Cybersecurity and Open...Delivering Imperatives of Modern Organizations Such As Cybersecurity and Open...
Delivering Imperatives of Modern Organizations Such As Cybersecurity and Open...
 
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...
FIDO Authentication: Its Evolution and Opportunities in Business -FIDO Allian...
 
KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...
KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...
KICA Case Study: Bio-Authentication and PKI Trends in Korea -FIDO Alliance -T...
 
electronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engelectronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_eng
 
Current Trends Related to Mobile Network Operators & FIDO SCA Adoption
Current Trends Related to Mobile Network Operators & FIDO SCA AdoptionCurrent Trends Related to Mobile Network Operators & FIDO SCA Adoption
Current Trends Related to Mobile Network Operators & FIDO SCA Adoption
 
Biometrics for Payment Authentication
Biometrics for Payment AuthenticationBiometrics for Payment Authentication
Biometrics for Payment Authentication
 
Expected Use Cases of FIDO Authentication for Social Applications
Expected Use Cases of FIDO Authentication for Social ApplicationsExpected Use Cases of FIDO Authentication for Social Applications
Expected Use Cases of FIDO Authentication for Social Applications
 
Overall cryptography and pki introduction
Overall cryptography and pki introductionOverall cryptography and pki introduction
Overall cryptography and pki introduction
 
Building trust attributes in e transactions (final) ver 3.0
Building trust attributes in e transactions (final) ver 3.0Building trust attributes in e transactions (final) ver 3.0
Building trust attributes in e transactions (final) ver 3.0
 
Usher overview.2014.02 hi
Usher overview.2014.02 hiUsher overview.2014.02 hi
Usher overview.2014.02 hi
 
FIDO Authentication and GDPR
FIDO Authentication and GDPRFIDO Authentication and GDPR
FIDO Authentication and GDPR
 
Belgian mobile ID presents itsme
Belgian mobile ID presents itsmeBelgian mobile ID presents itsme
Belgian mobile ID presents itsme
 
Eliminating Passwords with Biometrics for Identity Access Management Webinar
Eliminating Passwords with Biometrics for Identity Access Management WebinarEliminating Passwords with Biometrics for Identity Access Management Webinar
Eliminating Passwords with Biometrics for Identity Access Management Webinar
 
TrustBearer - CTST 2009 - OpenID & Strong Authentication
TrustBearer - CTST 2009 - OpenID & Strong AuthenticationTrustBearer - CTST 2009 - OpenID & Strong Authentication
TrustBearer - CTST 2009 - OpenID & Strong Authentication
 
Inside Security - Strong Authentication with Smartphones
Inside Security - Strong Authentication with SmartphonesInside Security - Strong Authentication with Smartphones
Inside Security - Strong Authentication with Smartphones
 
Mobile Authentication - Onboarding, best practices & anti-patterns
Mobile Authentication - Onboarding, best practices & anti-patternsMobile Authentication - Onboarding, best practices & anti-patterns
Mobile Authentication - Onboarding, best practices & anti-patterns
 
A case for identities - Etisalat, George Held at TADSummit
A case for identities - Etisalat, George Held at TADSummitA case for identities - Etisalat, George Held at TADSummit
A case for identities - Etisalat, George Held at TADSummit
 
Biometric Trends for 2017 Webinar
Biometric Trends for 2017 WebinarBiometric Trends for 2017 Webinar
Biometric Trends for 2017 Webinar
 
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
 

Similar to The Super Broken Story of the True Digital Identity

GDPR is coming in Hot. Top Burning Questions Answered to Help You Keep Your C...
GDPR is coming in Hot. Top Burning Questions Answered to Help You Keep Your C...GDPR is coming in Hot. Top Burning Questions Answered to Help You Keep Your C...
GDPR is coming in Hot. Top Burning Questions Answered to Help You Keep Your C...ForgeRock
 
Cloud Privacy Update: What You Need to Know
Cloud Privacy Update: What You Need to KnowCloud Privacy Update: What You Need to Know
Cloud Privacy Update: What You Need to KnowAct-On Software
 
Digital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For BanksDigital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For BanksEvernym
 
Kondo-ing API Authorization
Kondo-ing API AuthorizationKondo-ing API Authorization
Kondo-ing API AuthorizationNordic APIs
 
APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...
APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...
APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...apidays
 
Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingPing Identity
 
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...Ping Identity
 
FIDO Authentication Technical Overview
FIDO Authentication Technical OverviewFIDO Authentication Technical Overview
FIDO Authentication Technical OverviewFIDO Alliance
 
FIDO Authentication Technical Overview
FIDO Authentication Technical OverviewFIDO Authentication Technical Overview
FIDO Authentication Technical OverviewFIDO Alliance
 
Customer Safeguarding, Fraud and GDPR: Manah Khalil
Customer Safeguarding, Fraud and GDPR: Manah KhalilCustomer Safeguarding, Fraud and GDPR: Manah Khalil
Customer Safeguarding, Fraud and GDPR: Manah KhalilForgeRock
 
TrustIDNow broshure
TrustIDNow broshureTrustIDNow broshure
TrustIDNow broshureTrustIDnow
 
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENT
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENTBUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENT
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENTForgeRock
 
Understanding Identity Management and Security.
Understanding Identity Management and Security.Understanding Identity Management and Security.
Understanding Identity Management and Security.Chinatu Uzuegbu
 
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce Trends
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce TrendsPrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce Trends
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce TrendsPrestaShop
 
What i learned at the infosecurity isaca north america expo and conference 2019
What i learned at the infosecurity isaca north america expo and conference 2019What i learned at the infosecurity isaca north america expo and conference 2019
What i learned at the infosecurity isaca north america expo and conference 2019Ulf Mattsson
 
FIDO UAF Specifications: Overview & Tutorial
FIDO UAF Specifications: Overview & Tutorial FIDO UAF Specifications: Overview & Tutorial
FIDO UAF Specifications: Overview & Tutorial FIDO Alliance
 
CyberSource MRC Survey - Top 9 Fraud Attacks and Winning Mitigating Strategie...
CyberSource MRC Survey - Top 9 Fraud Attacks and Winning Mitigating Strategie...CyberSource MRC Survey - Top 9 Fraud Attacks and Winning Mitigating Strategie...
CyberSource MRC Survey - Top 9 Fraud Attacks and Winning Mitigating Strategie...Visa
 

Similar to The Super Broken Story of the True Digital Identity (20)

GDPR is coming in Hot. Top Burning Questions Answered to Help You Keep Your C...
GDPR is coming in Hot. Top Burning Questions Answered to Help You Keep Your C...GDPR is coming in Hot. Top Burning Questions Answered to Help You Keep Your C...
GDPR is coming in Hot. Top Burning Questions Answered to Help You Keep Your C...
 
Cloud Privacy Update: What You Need to Know
Cloud Privacy Update: What You Need to KnowCloud Privacy Update: What You Need to Know
Cloud Privacy Update: What You Need to Know
 
Cloud Privacy
Cloud PrivacyCloud Privacy
Cloud Privacy
 
Digital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For BanksDigital Identity Wallets: What They Mean For Banks
Digital Identity Wallets: What They Mean For Banks
 
Kondo-ing API Authorization
Kondo-ing API AuthorizationKondo-ing API Authorization
Kondo-ing API Authorization
 
Barcelona presentationv6
Barcelona presentationv6Barcelona presentationv6
Barcelona presentationv6
 
APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...
APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...
APIdays London 2019 - Why the Financial Industry Needs Intelligent API Securi...
 
Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick Harding
 
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
Standard Based API Security, Access Control and AI Based Attack - API Days Pa...
 
FIDO Authentication Technical Overview
FIDO Authentication Technical OverviewFIDO Authentication Technical Overview
FIDO Authentication Technical Overview
 
FIDO Authentication Technical Overview
FIDO Authentication Technical OverviewFIDO Authentication Technical Overview
FIDO Authentication Technical Overview
 
Customer Safeguarding, Fraud and GDPR: Manah Khalil
Customer Safeguarding, Fraud and GDPR: Manah KhalilCustomer Safeguarding, Fraud and GDPR: Manah Khalil
Customer Safeguarding, Fraud and GDPR: Manah Khalil
 
TrustIDNow broshure
TrustIDNow broshureTrustIDNow broshure
TrustIDNow broshure
 
Who's Playing Who?
Who's Playing Who? Who's Playing Who?
Who's Playing Who?
 
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENT
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENTBUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENT
BUSINESS CASES AND IDENTITY RELATIONSHIP MANAGEMENT
 
Understanding Identity Management and Security.
Understanding Identity Management and Security.Understanding Identity Management and Security.
Understanding Identity Management and Security.
 
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce Trends
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce TrendsPrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce Trends
PrestaShop Barcamp 5 - Authorize.net : Five Notable E-commerce Trends
 
What i learned at the infosecurity isaca north america expo and conference 2019
What i learned at the infosecurity isaca north america expo and conference 2019What i learned at the infosecurity isaca north america expo and conference 2019
What i learned at the infosecurity isaca north america expo and conference 2019
 
FIDO UAF Specifications: Overview & Tutorial
FIDO UAF Specifications: Overview & Tutorial FIDO UAF Specifications: Overview & Tutorial
FIDO UAF Specifications: Overview & Tutorial
 
CyberSource MRC Survey - Top 9 Fraud Attacks and Winning Mitigating Strategie...
CyberSource MRC Survey - Top 9 Fraud Attacks and Winning Mitigating Strategie...CyberSource MRC Survey - Top 9 Fraud Attacks and Winning Mitigating Strategie...
CyberSource MRC Survey - Top 9 Fraud Attacks and Winning Mitigating Strategie...
 

Recently uploaded

Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 

Recently uploaded (20)

Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 

The Super Broken Story of the True Digital Identity

  • 1. The Super Broken Story of the True Digital Identity Manah Khalil IT Director – Application Security /SecurelyYours
  • 2. Who I Am IT Director – Application Security • Responsible for IAM for the Digital Channel • Digital Identity enthusiast • New dad for the 3rd time  • IT department for my family and our farm of devices • Maintaining a list of a 100+ passwords • 3 iPhones, 3 iPads, 3 laptops, 1 Surface, 4 Xboxes, 2 desktops, 2 smart TVs, a garage door opener and a Ring® doorbell, …. 2 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
  • 3. For a Digital Identity to Be a True Identity… It needs to be issued to an individual by a trusted entity 1 It needs to stay with that individual for life 2 It should not rely for its lifetime on a specific identity provider 3 It needs to be Universal, just like a real ID card 4 3 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
  • 4. It needs to be Universal, just like a real ID card 4 4 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
  • 5. TRUST a hit or miss Let’s boogie!!! 5 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
  • 6. CONSENT hidden or absent Consent can be: • Completely absent • Buried in fine prints • Not possible to obtain • Provided by the wrong party I sure hope you’re not allergic. 6 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
  • 7. PRIVACY 3rd Parties Involved Bear with me. I’ll need to make a call to validate your ID. 7 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
  • 8. Digital ID Fails the Everyday Use Cases TRUST PRIVACY CONSENT 8 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
  • 9. So, What’s Broken? • Technology & Protocols? • Standards & Guidelines? • Technology & Protocols • OAuth 2.0 • SAML • OpenID Connect • Continuous Authentication • Token Binding • FIDO Alliance • Standards & Regulations • NIST SP 800-63 • eIDAS • GDPR, CCPA 9 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
  • 10. Federation! 10 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
  • 11. RP as the IdP & Authenticator A hassle for Users & RPs User • Manage hundreds of passwords Relying Party • Deal with breaches • Call volume associated with logins • Cost of doing business to manage profiles 11 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
  • 12. In 3rd Party We Trust! User: • Privacy, consent, and trust • Security concerns • Portability of ID (e.g., Facebook) Relying Party: • Reliability & SLA • Liability: implications of a breach Identity Provider: • Scalability: growing at the speed of Business • Liability: biting more than can chew 3rd Party as IdP & Authenticator 12 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
  • 13. Authorization / Session Management AuthenticationIdentification Breaking Down the Functions Claiming an identity based on a unique identifier issued by an IdP Validating you are who you claim to be, with proofing attributes through the IdP Establish a session with the RP and provide access to resources IAM 13 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners. Animated slide Play in presentation mode
  • 14. WHAT IF WE CAN… • Change Identification to: • Be a one-time operation • Perform identity proofing (at some IAL Level) • Issue a Digital Identity with built-in assurances • Store the Digital Identity in a secure Digital Wallet • Change Authentication to: • Be done by Relying Party based on said assurances 14 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
  • 15. Identity that Carries its Own Assurances Identity Provider • Provides One-Time Identity Proofing • Issues Identity with signed attributes User • Secures in it the Digital Identity • Maintains the ‘Digital Wallet’ (Mobile Device) • Manages/maintains identity attributes Relying Party • Authenticates identity by on its own assurances and the trust in the issuer Redefining the Roles 15 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
  • 16. Checklist • Privacy • Scalability • Liability • Reliability & SLA • PortabilityID Issuer ID Owner Authenticator & ID Consumer      16 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners. Animated slide Play in presentation mode
  • 17. Blueprint to Solution: Putting it All Together • Telecoms • Financial Services • Credit Bureaus Authentication & Session Mgmt Identity Issuers Wallet/Mobile Device How it can be Achieved: • Custom but simple authentication protocol/flow • Check Certificates and CRLs 17 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
  • 18. Blueprint to Solution: Putting it All Together • Telecoms • Financial Services • Credit Bureaus Ethereum Hyperledger Corda Quorum OpenChain Stellar Authentication Identity RepositoryIdentity Issuers Wallet/Mobile Device Session Mgmt 18 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
  • 19. Universal Means Universal • Issued identities extend everywhere and to everyone • Not limited to direct customer base (secondaries and devices) • Uses the blockchain to allow primary users to endorse identities of other entities • Household members • IoTs • … 19 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
  • 20. Extending Identity to Digital Entities Entities with Identities • People: adults and children • Devices, IoT • Applications • Processing Units • Bots, RPA 20 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
  • 21. Endorsed Identities and IoT 21 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
  • 22. We Have the Building Blocks 22 Identity Providers A network of trusted issuers of identities Leverage a spectrum of identity proofing attributes Build enough assurances (as- needed) in the Digital ID Authentication Services Handled by Relying Parties Leverages trust the in the Identity Issuers and the assurances in the digital ID Point-to-Point authentication Session Management & Authorization Services Handled by Relying Parties Identity Repository A permissioned blockchain as a repository for the network of trusted identity providers Manages identity aliases, revocation list and secondary IDs © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
  • 23. Digital Identity is One that is… UNIVERSAL • Issued to you • Stays with you • Grows with you • Moves with you 23 © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.
  • 24. Thank You 24 Continue the discussion: /SecurelyYours © Verizon 2018, All Rights Reserved. Information contained herein is provided AS IS and subject to change without notice. All trademarks used herein are property of their respective owners.