1) What are some of the most significant achievements in digital identity over the past year?
Over the past year, we’ve really seen digital identity come to the forefront of many important conversations. We’re advancing in our approaches to online security and privacy – all while hackers are becoming more sophisticated in their attacks to exploit our identities for their own gain. Regardless of an organization’s size, we’ve come to realize that the threat of a mass data breach (like the recent WannaCry ransomware attack wreaking havoc globally, or the Bell leak of 2M customer records in May) is very real and polarizing in today’s digital age, impacting both the companies that are attacked, but especially (and most concerning) their customers.
Thinking back, our industry made some incredibly innovative steps. Canada’s major banks have not only invested in us, but are working closely with us to bring to market a new approach to digital identity that puts the consumer back in the middle and reduces the friction they experience trying to get things done in the digital age. We also announced a partnered grant with the Digital ID and Authentication Council of Canada (DIACC) and the Command Control and Interoperability Center for Advanced Data Analytics (CCICADA) a research center of excellence funded by the U.S. Department of Homeland Security Science & Technology Directorate. Beyond SecureKey, Estonia’s e-Estonia digital identity scheme really took off, as did India’s Aadhaar biometric ID program. A Hungarian startup called Taqanu is developing an app to provide refugees with digital identities to help them get back on their feet in new countries. But above all, I think the most important achievement our industry has witnessed over the past year was increased collaboration. None of the above achievements would have been possible if there wasn’t an atmosphere of cross-industry participation. Companies are realizing that, yes, having secure digital identities will keep costs down and prevent mass data breaches, but also that participating in a collaborative environment is helping create a sorely needed social good.
2) How do we ensure privacy systems work as effectively online, as they do in person for every party involved?
One example is the platform we’re developing to put consumers back in the middle, with complete control of their private information – empowering digital consumers to take back their rights to digital assets. We really need a system where people can say “I am me, but you only need xyz to prove it,” and have online services be satisfied with that.
The Triple-Blind privacy enhanced Identity Ecosystem we are working on solves that problem by ensuring that no individual party can track the user journey from start to finish – you can use your digital attributes wherever and whenever you want, and the provider of those assets will never be able to see where they were used. At the same point, the service provider that needs to verify your identity can be assured that your credentials are from a trustworthy source (like your bank), but will not be able to see which specific bank you are using. Lastly, the network provider – in this case SecureKey – can see that you are using your digital credentials with a service, but at no point sees which specific credentials are being used, or where they are being used. None of this would be possible without blockchain and a distributed-ledger approach to attribute sharing courtesy of Hyperledger Fabric.
3) How do we ensure a transition to digital identity and privacy systems do not sacrifice security?
Collaboration and cross-industry participation in the testing and implementation of a digital identity ecosystem - leveraging the best capabilities of each participant - means that security will not be sacrificed. No one can solve digital identity alone and if everyone participates together in the creation of digital identity as a social good, leveraging state-of-the art technology like blockchain, we can all operate in a far more secure, trustworthy and privacy-respectful digital economy.
4) How can a business use digital identity strategies to improve their delivery of goods and services?
The reality is that today, for most customers, verifying who you are is really hard. The traditional approaches of in-person and physical transactions are outdated; identity verification processes often take days or weeks to accomplish, they often don’t allow for immediate access to services and can be subject to fraud, data breaches and human error. Businesses need to approach digital identity in a way that puts users in the middle, giving them back control of their private information and empowering digital consumers to take back the rights to their digital assets. By taking an ecosystem approach to identity, organizations will be able to deliver services to their customers with immediacy, with improved trust and security, and with reduced friction, thus greatly improving both the customer experience and business benefits.
Telus 25 York Street, 3rd Floor Toronto, Ontario
What Attendees are saying
“The only conference in Canada where one can meet the who’s who of knowledgeable people and champions of digital identity to discuss the real issues and opportunities in this space.” Dave Nikolejsin, Deputy Minister of Energy and Mines at Government of British Columbia
“A fantastic platform bringing together Canadian thought leaders and key industry experts to promote innovation in digital identity and authentication.” Mike Vanderkaden, VP Corporate Development, Equifax Canada