FB pixel

Verifiable Credentials go mainstream at Identiverse 2022

Verifiable Credentials go mainstream at Identiverse 2022
 

The digital identity community came together last week at arguably the first major and fully in-person conference since 2019 – Identiverse 2022. After a two year hybrid model due to the pandemic, Identiverse was back in session with four days of sessions and over 175 individual presenters. Attendance matched the 2019 event in Washington, D.C. The general feeling among attendees was that it’s good to be back.

CyberRisk Alliance acquired Identiverse from Ping Identity in December 2021. Digital identity is increasingly becoming a critical area of expertise for good security practices, so it makes sense for Identiverse to find a home in the security space.

“The digital identity industry, and the standards, technologies, products and solutions that we build, are on the cusp of enabling a fundamental change in the way that we get ‘life’ done in the digital world,” says Andrew Hindle, content chair for Identiverse.

Verifiable Credentials breakthrough

Verifiable Credentials was a breakthrough topic and it’s clearly on the path to mainstream adoption. Main sessions by Microsoft and Avast showcased their application of VCs in the IAM landscape, showing VCs aren’t the future anymore–they are the present.

Microsoft’s Kristina Yasuda kicked off a general introduction, ‘What is a Verifiable Credential, and Why Does it Matter?’ Microsoft has been a long-time supporter of Verified Credentials, and Kristina Yasuda is the co-chair of the recently re-chartered Verifiable Credentials Working Group. Yasuda and Microsoft also demonstrated what SC Media describes as an “open, standards-based self sovereign identity package” at the event.

Drummond Reed and Brent Zundel, both at Avast, presented ways in which VCs can be used with existing IAM systems in their ‘How Verifiable Credentials Can Enhance and Extend Existing IAM Systems.

Kaliya Young presented a historical context in her session, ‘Seeing Self-Sovereign Identity in Historical Context.’ And the panel ‘Establishing Trust with Decentralized Identity Networks, Verifiable Credentials, and Zero Trust’ discussed how you can improve security using verifiable credentials and decentralized networks.

Last but not least, Steve Pannifer, managing director of Consult Hyperion, gave a fascinating presentation comparing decentralized identity components to central banking components in his ‘Decentralized Identity – The Key to Central Bank Digital Currency.’ Is the dream of a digital currency using existing decentralized identity technology really viable to central bankers? It’s a long shot, but Pannifer gave me hope!

Keynotes of note

Ian Glazer, the SVP of Identity Product Management at Salesforce shared his ‘Lessons on the Road to Complete Customer MFA Adoption,’ a heartfelt keynote that shared the journey of building and releasing MFA to 100 percent of customers in 1 year (or at least the attempt to do so). I was especially touched with Glazer’s suggestion to hire a writer at the beginning of the project — because it forced the technical team to explain what they were building to a non-technical person, who in turn used their learning process to explain what was being built to customers. It’s an important insight that I, unfortunately, don’t see many companies or new technologies utilizing.

Steve Lockstep was as provocative as ever in his two sessions, challenging the digital identity industry to stop using the term identity. I love Lockstep’s provocation, but I didn’t quite agree we should drop the term identity. And I love the identity profession’s navel gazing – philosophizing about the nature of identity is one of the things we love!

Social engineer Rachel Tobac scared the audience with her ‘Hacking Trust’ keynote showing the ways even the best IAM and MFA security can be sneaked through incorrect answers, “innocent” questions, realistic scenarios and Amygdala hijacking – which is when a hacker evokes your emotion to shut down your rationality.

Nishant Kaushik, CTO at Uniken gave us hope after Tobac’s session describing how we can use digital identity to build trust into our products and systems in his ‘The Design of Trustworthy Things.’

“There has been tremendous progress over the past 24 months across the board, including passwordless solutions, powerful token experiences with passkeys, prototypes of verifiable credentials, and more effective fraud detection using shared signals. This work is the key enabler for better customer and citizen experiences,” says Identiverse’s Hindle.

The place for identity

Identiverse is also the place to learn about the organizations that support the digital identity community via specific standards and community focus, like the OpenID Foundation, Open Identity Exchange, Kantara, Women in Identity and IDPro (disclaimer, I am also the president and executive director).

There were also many sessions on FIDO’s new passwordless solution and improving the password paradigm. But I’ll save those details for my next piece.

If you missed Identiverse 2022, don’t fret. Sessions are recorded and will be available in a couple weeks. If you don’t want to wait, there are plenty of sessions from the archives.

Planning for Identiverse 2023 has already begun – it will be held at the Aria Resort & Casino in Las Vegas, May 30 to June 2. See you there!

About the author

Heather Vescent is a digital identity industry thought leader and futurist with more than a decade of experience delivering strategic intelligence consulting to governments, corporations and entrepreneurs. Vescent’s research has been covered in the New York Times, CNN, American Banker, CNBC, Fox and the Atlantic. She is co-author of the The Secrets of Spies, The Cyber Attack Survival Manual and The Comprehensive Guide to Self Sovereign Identity.

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

Biometrics developers dance with data privacy regulations continues

Biometrics controversy and investments are often found side by side, as seen in many of this week’s top stories on…

 

EU AI Act should revise its risk-based approach: Report

Another voice has joined the chorus criticizing the European Union’s Artificial Intelligence Act, this time arguing that important provisions of…

 

Swiss e-ID resists rushing trust infrastructure

Switzerland is debating on how to proceed with the technical implementation of its national digital identity as the 2026 deadline…

 

Former Jumio exec joins digital ID web 3.0 project

Move over Worldcoin, there’s a new kid on the block vying for the attention of the digital identity industry and…

 

DHS audit urges upgrade of biometric vetting for noncitizens and asylum seekers

A recent audit by the DHS Office of Inspector General (OIG) has called for the Department of Homeland Security (DHS)…

 

Researchers spotlight Russia’s opaque facial recognition surveillance system

In recent years, Russia has been attracting attention for its use of facial recognition surveillance to track down protestors, opposition…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events