Post on 16-Dec-2015
Canonical Use CasesDigital ID and Authentication
Ecosystem
• The beer store• The medical lab results• The bank account
Canonical Use CasesDigital ID and Authentication
Ecosystem
• The beer store• The medical lab results
• The bank account
ConsiderationsKey Actors
• Applicant (user)• Bank app from the app store• Government entity trusted for name, dob,
address• Agent (for the user) that ran on the phone
ConsiderationsNot Shown
• Technical architecture, technical specifications, protocols• Phone registration / agent activation• Credential used during phone registration• Credential issuance / activation• User’s registration with government entity that provided name,
dob, address• Bank app development/developer/registration• Agent accreditation/certification• Privacy enabling infrastructure/services• Assurance standards• Evidence of identity standards• …
Plan to see session by Dick Hardt on
Authentication and Authorization Privacy Protecting ProtocolA2P3
Tomorrow
Segue…
• Even with answers to all the previous items
How was it that the bank was able to meet its obligations per: KYC/AML etc. through this approach?
Barriers to Collective Success(some of the things we have to talk about, or ignore at our peril)
• Ensuring Privacy By Design• Liability Rules• Reputation Risk• Ubiquity Of Platform Access, Interoperability• Equality Of Service Irrespective Of Technology Access,
(Dis)ability, Age, Etc.• What Will The Trust Frameworks Be? • Compelling Use Cases• Responsibility to Educate Consumers• Enabling Consumer Power – Vs. Relying Party Power– Vs. Identity Provider Power