FB pixel

Effective digital identity requires strong foundations: a call for collaborators

Effective digital identity requires strong foundations: a call for collaborators
 

Several of the most influential non-profit organizations in digital identity took the stage at KuppingerCole’s EIC 2024 (European Identity and Cloud Conference) to explain their respective roles in the ecosystem and invite more participation.

Their presentation on “Why We Need More Collaboration” was moderated by Judith Fleenor of the Trust Over IP Foundation. The panel also included Kim Hamilton Duffy of DIF, Nick Mothershaw of OIX, Kay Chopard of Kantara, and Joseph Heenan of Authlete, who is also part of working groups with IETF (the Internet Engineering Task Force) and the OpenID Foundation, which he represented on the panel.

The panelists described the work of their organizations in the digital identity space, and how they fit together. For the most part, OIX writes reports, frameworks and reports about frameworks, Trust Over IP, OpenID and DIF create protocols and contribute to standards, and Kantara performs the audits, performance assessments and certifications to established standards.

Fleenor referred to them collectively as “proto-standards groups,” as the protocols and standards they create are often adopted in part or in full by groups like the International Standards Organization (ISO).

Heenan summarized the difference between OpenID and OIX as being that his group does standards, whereas OIX works on policy.

OpenWallet Foundation was introduced as the third pillar in the decentralized identity ecosystem, along with DIF and Trust Over IP. OpenWallet does code, rather than standards, Fleenor says. Duffy specified DIF’s role as involving the trust that individuals can have, as opposed to organizations or relying parties. Fleenor notes that Trust Over IP is partly differentiated by its focus on governance.

They work together, and Fleenor says that Trust Over IP and DIF even considered whether the overlap between their groups indicated they should merge. The differences were found to be sufficient to support separate mandates. During the question-and-answer portion of the discussion, the possibility that W3C may soon be folded into DIF or the EITF was raised, but those discussions are ongoing.

The interplay between groups is demonstrated by OIX’ submission of its guide to frameworks to Trust Over IP to vet its representation of self-sovereign ID back in 2022.

OpenID and Kantara both perform certification. OpenID certifies compliance to its own standards, which Heenan says boil down to “how data moves from one place to another.” The certifications are highly technical, he says, and are performed with an automated tool rather than auditors.

Chopard explained that Kantara’s assessments often involve judging whether a given policy is in place, and whether it is effectively implemented. Most of the standards it performs assessments for can be traced back to governments. The assessments are quite different, therefore, from lab testing, she says. That also gives the assessments some variation from country to country.

Rather than seeing the ecosystem as a series of pies that stakeholders are trying to grow, panelists suggested it should be seen more as a puzzle with specialized pieces. That means involvement in multiple organizations is not only beneficial, but necessary, to understand where your piece fits.

Fleenor concluded the discussion with a dual call for organizations to back the foundations, not just financially, but with engineering talent.

Related Posts

Article Topics

 |   |   |   |   |   |   |   |   |   |   | 

Latest Biometrics News

 

EU AI Act should revise its risk-based approach: Report

Another voice has joined the chorus criticizing the European Union’s Artificial Intelligence Act, this time arguing that important provisions of…

 

Swiss e-ID resists rushing trust infrastructure

Switzerland is debating on how to proceed with the technical implementation of its national digital identity as the 2026 deadline…

 

Former Jumio exec joins digital ID web 3.0 project

Move over Worldcoin, there’s a new kid on the block vying for the attention of the digital identity industry and…

 

DHS audit urges upgrade of biometric vetting for noncitizens and asylum seekers

A recent audit by the DHS Office of Inspector General (OIG) has called for the Department of Homeland Security (DHS)…

 

Researchers spotlight Russia’s opaque facial recognition surveillance system

In recent years, Russia has been attracting attention for its use of facial recognition surveillance to track down protestors, opposition…

 

Estonia digital identity wallet app from Cybernetica lifts off

Tallinn-based Cybernetica has submitted the minimum viable product (MVP) for Estonia’s national digital identity wallet to the Estonian Information System…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events