getting to trusted identity online€¦ · use case examples payment only (anonymous or self...

Proprietary & Confidential © SecureKey Technologies Inc. All rights reserved.

Getting to trusted identity online Giving users and RPs what they came for

Proprietary & Confidential © SecureKey Technologies Inc.

Online identity today is based on secrets, lies and lies about secrets. It is like the whole thing is run by SAMCRO.


Online, with enough information anyone can be you.


PSTD - Online Authentication Discombobulation


The User View Online authentication mousetrap wounds

I hate this

S*$#!


The RP View Serving online resembles The Matrix


Current Desired Users Hard Easy Crooks Easy Hard

Authentication Scheme


Observation As the security anchor of online identity secrets suck!


My bankcard, which has access to all my money

4 digit PIN

Facebook controls access to nothing I really care about 8+ characters, with crazy

rules (which becomes 12+ chars on mobile)

Yet Facebook has more problems than banks


The definition of identity is polymorphic


Observation Ownership is not a useful concept in the context of identity


“Identity is the new money” David Birch Consult Hyperion


Four fields of identity

Advertising

Reputation/Social

Asset Protection

Transactional

Street ID

Digital ID


Payments and Identity go together

Use case Examples Payment Only (anonymous or self asserted)

Newspaper, bus, ecommerce, etc

Payment & Identity Beer, loans, hotel check in, get a new phone Identity only Voting, bar access, getting on airplanes, benefits

Payments and Identity go together Same use cases, same basic model


i den ti ty 1. A set of attributes forming a personal currency which enables

an individual to perform transactions and/or indicate ownership. synonyms: name, ID

identity 1


Skirmishes at the bits/atoms border

Street Model Digital Model Payments Moving to embrace cloud

Visa One card + many merchants

Moving to break out the cloud (Apple, Paypal, Google, etc) One ‘card’ – many destinations

Identity 6 cards – all destinations Lots of providers

One ‘card’ per destination

Ato

ms

Bits


It takes a village to make an identity.


Identity as a collage of authoritative sources

Who is the authoritative on email address?

1.Birth Certificate (foundational) Name, Date of Birth, Place of Birth, Parent Names

2.Province of Ontario – Drivers license Name, DOB, Address, Picture Uniqueness

3.Passport Canada – Passport Name, DOB, Picture, Na:onali:es Uniqueness

4.Bank Card Name, DOB

5.Credit Card Name, DOB

6.Utility bill Name, Address

7.Ontario College of Teachers Name, Was a Registered Teacher

8.PADI Scuba Instructor Name, Is a Scuba Instructor

9.Transport Canada – Pilot Name, Is a Private Pilot, Lic

10.University of Western Ontario – M B A Name, Degree, Date

11.University of Ottawa- B A Sc Name, Degree, Date

12.University of Maine – B Sc Ed Name, Degree, Date

13.Huntsville Fire Department – Firefighter Name, First Responder

14.Telus – +1 64******44 Name, Mobile #

15.Twitter - @idg*rilla Name, TwiIer Handle

16.Facebook – andre.boysen Name, Facebook email, friend list

17.OHIP – asdf Name, Healthcare #, DOB


Finding trusted providers

Street ID Players Digital ID Players Enrollment Face-to-Face Online

Recovery In -person Other social media

Assurance Base Transactions Surveillance

User Stance Responsible User Attitude Relaxed User Attitude

Standards Regulated: KYC Unregulated

Data Breaches Rare Common

Privacy Secure and Privacy Enhanced Data Mining

Integration Once Multiple Ongoing


Conclusions about Identity

Ü  Gotta get beyond secrets! Ü  Authentication across branch, phone, web, mobile come together

for user

Ü  Auth gets anchored in user devices & cardsI Ü  Identity continues as public-private partnership Ü  Street ID and Digital ID come together

Ü  Identity and credentials goes the way of payment networks §  Functions as a two-sided market

§  Fewer but stronger credentials, higher business assurance, less friction

Ü  User centric model with privacy and consent directives


How SecureKey Is Solving It

Consumer BYOD BYOC Simpler and Easier

New Revenue Stream

Unified Channel Access Security

Increase Business Services

Attract and Shift

Eliminate Costs

Credential Provider

Credential Subscriber


Bank Account Anchor credential

Driver’s License Name, address, dob, photo

Passport Nationality, name, dob, photo

Credit Card CC number, ccv

Credit Bureau Credit history

Post Office Verified address,

verified email

Telco Mobile phone, acct type

Identity as money Sources and uses of ‘funds’

Sources Uses

eCommerce

New Utility Account

New Bank Account

Apply for Credit

Name Address Mobility Consent

briidge.net

ü User assembled collage User asserts in pieces Privacy


Case Study Government of Canada

Ü  Forgotten passwords frustrating users

Ü  Users pushed to higher cost channels b/c of friction in the profile set up

Ü  Cost of creating an LOA2 credential prohibitive

Value Solution Problem

Ü  SecureKey delivers a privacy-enhanced connection between government services and tier-one branded credential providers.

.

Ü  Result: SecureKey is making it easier for users to in to over 120 Canada government agencies

Over one million users now sign in to government service via SecureKey Concierge


Case Study: Government of Canada

§  Trusted Brands §  Secure systems §  Know Your Customer

(KYC) regulations

§  127 Government applications §  22 Subscriber Integrations §  CRA (IRS in CA) §  Launched Apr12; Ramp Aug12 §  <8 months contract to launch §  Privacy Enforcing: Triple Blind §  Improved user experience §  National Standard §  …expanding to Province, City

Concierge

8/6/13 11:21 PMCUETS.jpg 183×43 pixels

Page 1 of 1https://www.kawarthacu.com/SharedContent/images/CUETS.jpg

briidge.net Exchange Platform deployed as a branded service called “SecureKey Concierge”

Credential Providers Frequently Used Trusted Credentials

Credential Subscribers Infrequently Used Services

SAML SAML


Market Problem (Government)

The Solution (FCCX)

Federal Cloud Credential Exchange (FCCX) enables the NSTIC vision by allowing agencies to securely interact with a single

“broker” to authenticate consumers

FCCX a consumer hub for gov access

FCCX


Getting to trusted identity online Giving users and RPs what they came for

getting to trusted identity online€¦ · use case examples payment only (anonymous or self...

Documents