Yearly Archives: 2016

Spotlight on Applied Recognition

ar-logo-jpg   In this edition of the DIACC member Spotlight, we chat with experts from Applied Recognition. Learn about their work, why they believe trustworthy digital identification is critical for existing and emerging markets, and why they joined the DIACC league of experts.

 

 

1. What is the mission and vision of Applied Recognition?

Applied Recognition’s vision is to create the most accurate and most easily deployed biometric face recognition technology to help protect people, their credentials and their transactions.

Our mission is to partner with organizations which understand the importance of embedding face recognition into their processes to improve both security and users’ experience while respecting privacy.

2. Why is trustworthy digital identity critical for existing and emerging markets?

Simply put, because of the eternal temptations to lie or to steal to which some small percentage of any population will always succumb. Whether to improve existing processes like the validation of an ID at a liquor store or to prevent fraud in an emerging domain like fintech, digital identity is increasingly a prerequisite.

3. How will digital identity transform the Canadian and global economy? How does Applied Recognition address challenges associated with this transformation?

Today, the economy – and society as whole – suffers enormous drag due to problems that have their root in identity considerations.   Fraud is just the tip of the iceberg.  There’s the cost of fraud prevention, enforcement costs, the purchases that don’t happen because the risk of extending a credit is too great, the loss of social capital when tax-funded services are illegally used, the loss of well-being when opioids end up in the wrong hands. Many people have even given up on using dating sites due to identity misrepresentation.

Applied Recognition makes it easy for organizations to integrate face recognition-powered identity verification into how they operate, in all relevant processes.  When the friction caused by lack of confidence in identity is removed, organizations and indeed, society as a whole, can begin to move again at the “speed of trust”.

4. What role does Canada have to play as a leader in the space?

Canada might well be at the sweet spot of “big enough, but not too big” where there’s sufficient pressure to push organizations to deploy new technology yet scope for the kind of cross-industry coordination and private/public alignment that’s going to be required to achieve full ignition.

5. What else should we know about Applied Recognition?

We’ve been at this for longer than just about anyone else – 13 years now – and orient ourselves to serve those organizations that understand the long-term implications of digital identity going biometric. We’ve architected our technology to run entirely on mobile devices as well as in the cloud. Now, that might seem to be a narrow technical observation until considering the importance of preserving flexibility in the face of still emerging user expectations with regards to privacy, speed, security, etc. and the lack of settled law, regulations, and customs. Whether an organization chooses to work with us directly or to spec – in our technology when building an RFP, Applied Recognition is the future-proof choice in a domain where any kind of false start is likely to be very costly.

Learn more about how we make it easy to deploy biometric digital identity at

http://appliedrecognition.com/

Spotlight on Securefact

SecurefactIn this edition of the Spotlight, we chat with DIACC member experts from Securefact. Learn about their work and why they strongly believe in the vision of a Pan-Canadian digital ID ecosystem to deliver world-class innovations.

 

1. What is the mission and vision of Securefact?

Mission:
To deliver authoritative data, exceptional software and expert advice

Vision:
To be the North American hub for know your customer, AML/ATF, registry Information and a trusted partner of the financial services industry, regulators and governments

2. Why is trustworthy digital identity critical for existing and emerging markets?

Trusted digital identity is fast becoming a valued currency as the world of digital transactions and mobility continues to transform our lives.  Over a quarter of the world’s population are members of various social media networks and the number of machine-to-machine connections, the “Internet of Things”, is growing at an exponential rate. Our digital foot-print continues to increase and so does our digital identity on who we are, our history and our interests. Companies today continue to find innovative solutions to improve digital customer experience as a key driver for growth.

As our digital identity footprint may reveal a complete picture of us as individuals, and corporations increasingly use applications for their insatiable appetite to win customers, there remains grave concerns. Individuals are concerned with losing privacy and control over their personal information, in addition to the real risk of their identities being stolen. In respect to the latter, with the numerous incidents of major data breaches at fortune 500 companies and reputable government agencies, public trust has been significantly eroded.

Yet, both consumers and organizations realize that a digital identity should be the electronic fingerprint that verifies who we are. It’s the starting point of a digital relationship that allows for the exchange of information, commercial transactions and mutual value. Various studies indicate that personal data must be safeguarded and protected while being used to deliver more value to consumers and organizations. This means striking the right balance between privacy, data protection and authorized use. Our economies depend on electronic communications, commerce and now digital identities.

Therefore, policymakers in partnership with the private sector should ensure that while privacy safeguards are central to any regulations on digital identity, such regulations should be flexible enough so as to not stifle innovation. Consumers should be able to make their own choice on whether they want to derive value from sharing their personal data with the assurance that their data will not be misused.

In conclusion, while many consumers are concerned about protecting their privacy in an ever increasing digital world, billions of people in developing nations globally simply do not have verified digital identities. A trusted digital identity global framework will go a long way in solving the issue of financial inclusion as the momentum of mobile technology solutions continues to transform emerging economies.

What strategic goals does Securefact target to achieve in the next 3 years?

  1. Focus on the Know Your Customer (KYC), Anti-Money Laundering (AML) and Anti-Terrorist Financing (ATF) solutions
  2. Enter and succeed in the US market for KYC advisory and software solutions
  3. Committed to develop a positive work culture for our people to have the freedom to be awesome

Why did Securefact join DIACC?

Securefact, a KYC regulatory technology (RegTech) firm with deep expertise in digital identity software solutions and AML/TF compliance advisory is keen to work closely with DIACC to support the development of a national trusted digital identity system.

What else should we know about Securefact?

Securefact enables established financial institutions and emerging FinTechs to operate and continuously innovate in a dynamic, complex, and onerous regulatory environment.

For 20 years, Securefact’s secured lending technologies and KYC solutions have provided data validation, business account opening entity verification and lien registration services.

Securefact offers in-depth AML/TF advisory services and highly innovative KYC SaaS and web-services that enable financial institutions and FinTechs to automate, digitally verify and confidently onboard new customers in compliance with government regulations.

Securefact has the capacity, the strategy and the team to take its proprietary solutions and scale them globally, all while continuing to service the many financial institutions that have grown along with Securefact.

Visit us at www.Securefact.com

 

Digital ID and Authentication Critical to the Global Digital Economy

success-1093891_1280International Leaders Praise Canada’s Focus on Privacy by Design and Collaboration

Ottawa November 22, 2016 – Digital ID and Authentication leaders from around the world gathered in Ottawa on November 3rd to attend Digital ID International Industry Day. The Day, co-convened by the Digital ID and Authentication Council of Canada (DIACC) and the Treasury Board of Canada Secretariat, is an annual gathering convening public and private innovators from around the world.

Recognizing the critical role that Digital ID and Authentication play in enabling the global digital economy, Digital ID International Industry Day enables global leaders from all sectors to share perspectives that help accelerate the establishment of a secure, trusted, privacy-respective digital ID ecosystem. Attendees include thought leaders from Australia, Canada, Denmark, Israel, Japan, the United Kingdom and the United States.

“Privacy, trust, security, efficiency, transparency – these are all critical to the establishment of an internationally accepted digital ID and authentication ecosystem,” said Alastair Treharne, Digital Identity Advisor, Government Digital Service, UK. “Canada has done an outstanding job in bringing these issues to the fore and is developing a compelling trust framework that we are all watching with great interest.”

Around the world, governments and industries are developing technology and policy frameworks, more commonly known as trust frameworks. A trust framework enables digital identity and, by extension, facilitates trust worthy digital transactions. The Pan-Canadian Trust Framework (PCTF) is a collaborative approach to developing a digital id and authentication ecosystem for Canada. The PCTF enables Canada’s full and secure participation in the global digital economy through economic sector innovation and the enablement of modernized digital service delivery.

“The global nature of the digital economy requires thoughtful and diligent collaboration both amongst different nations and various sectors,” Paul Grassi, Sr. Standards Advisor, The National Institute of Standards and Technology (NIST), U.S. Department of Commerce. “Canada’s model of public and private sector partnership in leading the development of a digital identity trust framework is a great example of integrated planning, and one we pattern after as we engage our stakeholders.”

Canada’s full participation in the digital transformation and global digital economy depends on developing reliable, secure, scalable, privacy-enhancing, and convenient solutions for digital identity. Made-for-Canada solutions reflect and incorporate Canadian principles, business interests, technical models and, demonstrate compliance with Canadian regulations. Made-for-Canada solutions also enable pathways to safe and secure cross-border transactions and service delivery.

“It has been a privilege to welcome global digital ID and authentication leaders to Canada and to share the work that innovators from the Canadian public and private sectors have done to advance the Pan-Canadian Trust Framework,” said Joni Brennan, President, DIACC. “DIACC members share resources by working together to address challenges and accelerate the adoption of digital identity services that respect Canadian cultural values, business needs and regulatory requirements. These collaborative efforts are essential to help secure Canada’s full and beneficial participation in the global digital economy.”

Review the workshop presentations.

About Digital ID and Authentication Council of Canada (DIACC)

Created as a result of the federal government’s Task Force for the Payments System Review, the DIACC is a non-profit coalition of public and private sector leaders committed to developing a Canadian digital identification and authentication framework to enable Canada’s full and secure participation the global digital economy. DIACC members include representatives from both the federal and provincial levels of government as well as private sector leaders.

The DIACC’s objective is to unlock economic opportunities for Canadian consumers, and businesses by providing the framework to develop a robust, secure, scalable and privacy enhancing digital identification and authentication ecosystem that will decrease costs for governments, consumers, and business while improving service delivery and driving GDP growth. In keeping with this objective, DIACC works with partners – in Canada and round the world – to catalyse investments and collaborations in digital ID and authentication. To learn more visit www.diacc.ca or follow us on twitter @mydiacc

For more information, please contact:

Krista Pawley
Digital ID and Authentication Council of Canada
Kpawley@diacc.ca
416-270-9987

 

 

 

DIACC Workshops – Ottawa, November 2 & 3, 2016

canada-301426_1920

DIACC Workshop Exploring Digital ID Federation Opportunities (Nov.2) was an opportunity to connect, share and learn about the emerging digital ID ecosystem. The DIACC Trust Framework working group – the Trust Framework Expert Committee (TFEC) – provided a report out of the latest developments to develop components of the Pan-Canadian Trust Framework (PCTF).  DIACC members shared their perspectives regarding the challenges and opportunities ahead.

Digital ID International Industry Day (Nov.3) converged public and private innovators from around the world to share perspectives that help to accelerate the establishment of a privacy-respective digital ID ecosystem that Canadians can use securely and with confidence. Attendees had the opportunity to network with thought leaders from Australia, Canada, Denmark, Israel, Mexico, the United Kingdom and the United States. Attendees gained insights regarding the Canadian market place and in the perspective of the digital ID requirements for the global digital economy.

Publicly available presentations from the events are below.
Presentations that were made available only to DIACC members can be found on the myDIACC wiki.

 Presentation Speaker
Going from central to distributed identity in population scale trust ecosystems (PDF)Marcel Wendt & Dick Dekkers, Digidentity
Digital Citizen Engagement Critical for Democracy (PDF)Colleen Hardwick, PlaceSpeak
Finding Needles in a Needle Factory – neural networks in the context of privacy and security (PDF)Dr. Nur Zincir-Heywood, Dalhouse University
CANARIE Canadian Access Federation (PDF)Chris Phillips, CANARIE
FIDO An emerging industry standard – Biometrics in the context of public sector services delivery (PDF)Jeremy Grant, FIDO
Ransomware Threat Environment in the Context of Digital Identity (PDF)Adam Madlin, Symantec
Government support for industry consortia and why it matters (PDF)Colin Wallis, Kantara Initiative

Spotlight on Digidentity

In this edidigidentitytion of the DIACC member Spotlight, we chat with DIACC member experts from Digidentity. Learn about their work, why they strongly believe international industry standardizations are critical, and why they joined the DIACC.

 

  1.      What is the mission and vision of your organization?

Digidentity gives you back your privacy on the internet. We offer you one online identity that only you control. Completely digital, without passcodes or tokens. Forget the washing list of usernames and passwords. With your online identity you will be able to deal with an ever-increasing number of companies and government services.

Your Digidentity, your online identity, secure and easy. Be Verified.

  1.      Why is Digital Identity critical for your success?

Digidentity is an Identity Provider with a strong focus on high assurance identity, in various verticals. The Digital Identity is the core of our company, where the user and their privacy is key in everything we do.

  1.      With regard to Digital Identity, what strategic goals does your organization target to achieve in the next 5 years?
  1. Align international frameworks and standards
  2. Further developing the market for High Assurance Identities and transactions
  3. Stimulate eIDAS and High Assurance digital identity across borders
  4. Identity repair
  5. Re-use of identities in private and public sector, in a consumer / citizen / business environment
  1.      What else would you like us to know about your organization?

Digidentity is an Identity Provider, focussing on end-to-end high assurance identity services. From validation, verification and authentication up to authorization and digital signing on a business level. Our services are being used by local and central governments (The Netherlands and the United Kingdom). Other clients vary from SMEs to multinational enterprises in various industries. We see a high demand in financial services.

Digidentity solutions cover more than 10 million verified unique identities and we handle more than 250 million transactions per year.

  1.      Why did you join DIACC?

To learn from DIACC research and to share our insights into identity standards and lessons learned from Europe, specifically the UK and The Netherlands. Together with the other members we could drive the development and adoption of a Pan-Canadian Trust Framework. We have extensive knowledge and experience in working closely with Governments to develop population scale trust ecosystems.

 

 

 

DIACC Announces New President and Directors

Digital ID & Authentication Council of Canada Announces New President and Directors

Public and Private sector leaders come together to build and grow Canada’s digital economy by supporting the establishment of a trustworthy digital ID solutions ecosystem

Toronto, Ontario. August 25, 2016 — On behalf of the DIACC Board, David Nikolejsin, (Chair) today announced the appointment of three new Board members and a new President to support the establishment of a trustworthy digital ID solutions ecosystem to benefit all Canadians

The DIACC convenes innovators and leaders in the private and public sectors to share resources to develop digital ID frameworks, proof of concepts, and applied research to enable digital transformation and global digital economy.

“On behalf of the Board  it is  my pleasure to welcome Susie De Franco (General Manager Digital Channel & Products, Canada Post), Franklin Garrigues (Vice President Digital Channels, Mobile for Everyone TD), and Jeff Wright (Vice-President, Customer Journey Leader, BMO Financial Group) to the Board. I am also pleased to announce that Joni Brennan will be taking on the role of DIACC President,” said Nikolejsin. “ I would also like to take this opportunity to thank our retiring Board members and Aran Hamilton, the founding President of the DIACC for their support and vision in establishing and growing the DIACC to build and strengthen Canada’s digital economy.”

“Canada’s success in the global digital economy requires vision and leadership in innovation and digital transformation, “said Aran Hamilton, outgoing DIACC President. “Much like our forbearers, today, we are building the railway of the next century online. But you can’t have a digital economy or digital privacy without digital ID and authentication. For the past few years, I’ve had the honour and privilege to work with a dedicated group to ensure that Canadian digital transactions for people, businesses, and organizations are secure and privacy enhancing. I am proud to have played a part in helping to build Canada’s digital economy.”

“Digital ID and authentication innovations connect Canadians to each other and to the global marketplace. The leadership of the DIACC Board of Directors, and their respective organizations, demonstrates the importance of DIACC’s initiatives to accelerate an ecosystem of digital ID services that Canadian governments, businesses, non-profits and citizens can trust,” said Eros Spadotto, Vice-Chair of the DIACC Board and EVP, Technology Strategy & Operations at TELUS

Joni Brennan, President | DIACC

Joni brings 15 years of hands on experience connecting digital identity innovators and policy influencers in not-for-profit consortia to advance identity management and personal data protection industry standardization and service adoption. Prior to joining DIACC Joni lead the Kantara Initiative, a U.S. based and globally focused initiative developing identity management industry standards and operating as a trust framework provider for the U.S. Federal Government and federations at international scale.

Joni has participated in international organizational initiatives including: OECD-ITAC, ISOC, IEEE, OASIS SSTC, ISO SC27 WG5, and ITU-T SG17 Q6. She has testified regarding trusted Identity and Access Management systems for the US Office of the National Coordinator for Health Information Technology Security and Privacy (ONC HITSP). Joni recently concluded 15 years of service to the IEEE, the worlds largest professional society for electrical engineers.

“I am honored to take this opportunity to contribute to Canada’s digital evolution by leading the DIACC to accelerate innovations that connect Canadians to each other and the world through adoption of digital identity solutions that respect privacy, enable modernization of service delivery, and grow our economic and societal opportunities in support of Canada’s Innovation Agenda.” said Joni Brennan, President of the DIACC. 

New Director Biographies

  • Susie De Franco, General Manager Digital Channel & Products | Canada Post

Susie De Franco is a veteran business leader in the secure communications market space with over 20 years’ experience in leading the creation, development and management of electronic products and services for Canadian businesses.  In 2000, she joined EPO Inc., Canada Post’s subsidiary that operated the epost service in the position of Vice-President, Client Services and Product Management.

In her current role as General Manager Digital Channel & Products Susie De Franco is responsible for leading the organization into the twenty-first century with the creation of a new suite of digital solutions to securely connect every Canadian business to their customers in a reliable and trusted manner from any internet enabled device. This includes canadapost.ca as well as epost.ca sites and mobile.  The cornerstone of this transformation is epost, Canada Post’s free digital mail service that lets you receive, pay, manage and store your documents all in one place.  Used by over 18,000 companies, epost is the Canadian market leader in electronic document delivery.  epost Connect is a product that offers a better way to securely transmit large files and time sensitive information between parties.

Prior to joining Canada Post, she held progressively responsible positions in Technology, Client Services and Product Management across multiple industries including finance, public sector, oil and gas, and technology.

  • Franklin Garrigues, Vice President Digital Channels, Mobile for Everyone | TD Bank

As Vice President, Digital Channels, Franklin leads the effort to “mobilize” TD Bank on a North American basis, with a focus on both employees and customers. In his role, he is responsible for strategy, design, and oversight of solutions to digitize the Bank and empower employees and customers to take full advantage of mobile capabilities.

Prior to this role, Franklin held various Risk Management roles in Direct Channels and Business Banking, and also led several Branch Services Centres in Canada. Prior to joining TD in 2008, Franklin was a consultant with McKinsey & Company where he served as a leader in the North American Financial Institutions Operations practice. He has also worked with L’Oreal, as a Project Engineer and in various General Management roles in manufacturing plant operations in France.

  • Jeff Wright, Vice-President, Customer Journey Leader, BMO Financial Group

Jeff has been with BMO Financial Group for 12 years holding a variety of positions. He started in the Office of Strategic Management in Toronto and then moved to Chicago as the Head of U.S. Strategy with Harris Bank. After 18 months with Harris Private Bank Jeff then returned to Canada and spent five years in the field managing branches within the Canadian retail bank including being the District Vice President for GTA Central. He then returned to a headquarters role as the Vice President, Personal Sales Force Effectiveness before moving into his current role as Vice President, Customer Journey Leader. In this role Jeff leads a team that is charged with defining and delivering superior customer experiences, largely in the digital space.

Prior to joining BMO Jeff spent nearly five years with The Boston Consulting Group in the Toronto and Amsterdam offices and three years doing customer satisfaction research and consulting with Walker Information. Jeff has a M.B.A. with distinction from Duke University and a B.Comm (Honours) from Queen’s University.

The DIACC Board of Directors 2016/2017 Slate:

  • Dave Nikolejsin (Chair),Deputy Minister, Ministry of Natural Gas Development
    Province of British Columbia
  • Eros Spadotto (Vice-Chair), Executive Vice-President, Technology Strategy, TELUS
  • Andre Boysen (Treasurer), Chief Identity Officer, SecureKey
  • Jeff Wright, Vice-President, Customer Journey Leader, BMO Financial Group
  • Brenda Clark,Vice-President, Payment Innovation and Integration, CIBC Retail & Business Banking Division
  • Susie De Franco, General Manager Digital Channel & Products, Canada Post
  • André Lesage, Vice-President of AccèsD, Desjardins Group
  • Corinne Charette, Senior Assistance Deputy Minister of the Spectrum, Information Technologies and Telecommunications, Innovation, Science, and Economic Development
  • John Messina, Chief Information Officer of the Government of Canada, Treasury Board of Canada Secretariat
  • John Jacobson, Deputy Minister, Ministry of Technology Innovation and Citizens’ Services, Province of British Columbia
  • David Nicholl, Office of the Corporate Chief Information Officer, Treasury Board Secretariat
  • Janice Wagner, National Digital Lead, Public Sector, PricewaterhouseCoopers LLP
  • and Franklin Garrigues, Vice President Digital Channels, Mobile for Everyone, TD Bank

About the Digital ID and Authentication Council of Canada (DIACC)

Created as a result of the federal government’s Task Force for the Payments System Review, the DIACC is a non-profit coalition of public and private sector leaders committed to developing a Canadian digital identification and authentication framework to enable Canada’s full and secure participation the global digital economy. DIACC members include representatives from both the federal and provincial levels of government as well as private sector leaders.

The DIACC’s objective is to unlock societal and economic opportunities for Canadian consumers, and businesses by providing the framework to develop a robust, secure, scalable and privacy enhancing digital identification and authentication ecosystem that will decrease costs for governments, consumers, and business while improving service delivery and driving GDP growth.

Contact:

twolf@diacc.ca

 

The Pan-Canadian Trust Framework

The Digital ID & Authentication Council of Canada Releases the Pan-Canadian Trust Framework Overview

A Collaborative Approach to Developing a Pan-Canadian Trust Framework

Toronto, August 11, 2016 – Today the Digital ID & Authentication Council of Canada (DIACC) releases the Pan-Canadian Trust Framework (PCTF) Overview, (English/French) a collaborative approach to developing a Pan-Canadian Trust Framework. The PCTF enables Canada’s full and secure participation in the global digital economy through economic sector innovation and the enablement of modernized digital service delivery. The PCTF supports open government principles.

“Publication of the Pan-Canadian Trust Framework Overview marks an important milestone for the Canadian digital identity ecosystem. It confirms the commitment of government and private sector to work collaboratively to safeguard digital identities online through a robust framework which will standardise processes and practices across the ecosystem and facilitate the growth in  trusted digital services.” said Corinne Charette, Senior Assistant Deputy Minister, Spectrum, Information Technologies and Telecommunications Sector & Chief Digital Officer, Innovation, Science and Economic Development Canada.

Around the world, governments and industries are developing technology and policy frameworks, more commonly known as trust frameworks. A trust framework enables digital identity and, by extension, facilitates trust worthy digital transactions.

Canada’s full participation in the digital transformation and global digital economy depends on developing reliable, secure, scalable, privacy-enhancing, and convenient solutions for digital identity. Made-for-Canada solutions reflect and incorporate Canadian principles, business interests, technical models and, demonstrate compliance with Canadian regulations. Made-for-Canada solutions also enable paths to safe and secure cross-border transactions and service delivery.

“Innovators from the Canadian public and private sectors have come together in the DIACC to advance the Pan-Canadian Trust Framework. These collaborative efforts are essential to help secure Canada’s full and beneficial participation in the global digital economy.  DIACC members share resources by working together to address challenges and accelerate the adoption of digital identity services that respect Canadian cultural values, business needs and regulatory requirements.” said Joni Brennan, President, DIACC.

The PCTF approach builds on global knowledge and experience gained over time and practice. The PCTF is developed through a collaborative approach between the DIACC, a non-profit neutral forum, and the Pan-Canadian Identity Management Sub-Committee (IMSC) of the Joint Councils of Canada, a forum consisting of the Public Sector Chief Information Officer Council (PSCIOC) and the Public Sector Service Delivery Council (PSSDC).

The PCTF supports the establishment of an innovative, secure, and privacy respecting Canadian digital identity ecosystem. The PCTF may be updated based upon various dialogues with interested parties and stakeholders. Organizations and individuals who wish to participate in the PCTF collaborative development should contact the DIACC.

About the Digital ID and Authentication Council of Canada (DIACC)

Created as a result of the federal government’s Task Force for the Payments System Review, the DIACC is a non-profit coalition of public and private sector leaders committed to developing a Canadian digital identification and authentication framework to enable Canada’s full and secure participation the global digital economy. DIACC members include representatives from both the federal and provincial levels of government as well as private sector leaders.

The DIACC’s objective is to unlock economic opportunities for Canadian consumers, and businesses by providing the framework to develop a robust, secure, scalable and privacy enhancing digital identification and authentication ecosystem that will decrease costs for governments, consumers, and business while improving service delivery and driving GDP growth.

Contact:

twolf@diacc.ca

Spotlight on PlaceSpeak

placespeak

In this edition of the DIACC member Spotlight, we chat with experts from PlaceSpeak. Learn about their work, why they strongly believe Canada benefits from a unified set of Digital Identity standards, and why they joined the DIACC.

1. What is the mission and vision of PlaceSpeak?

Mission: How do you consult with people online within specific geographical boundaries… and prove it?  The answer is PlaceSpeak, a pioneering location-based smart cities civic engagement platform. Our solution combines digital identity authentication with privacy by design principles to strengthen legitimacy in online public processes.

By connecting digital identity to residential address, PlaceSpeak provides geo-located feedback to public, private and nonprofit sector organizations, and closes the feedback loop between public consultation, evidence-based decision-making and accountability; engendering trust.

At the same time, PlaceSpeak enables a citizen-centred approach, leveraging the network effect.  Using open data, PlaceSpeak delivers address-based notifications to keep residents informed, while providing opportunities to be consulted and involved,as well as encouraging collaboration, all of which ultimately empower citizens.

Vision: Over time, PlaceSpeak aims to advance digital democracy: “making it real”. Currently, online citizen engagement is anonymous. and not tied to place. This has led to the proliferation of trolls, sock puppets, astroturfing and other forms of online dysfunctions designed to skew and distort public opinion. Institutions that seem to have left “the people” out of the governing equation have deeply undermined the public trust.

Currently, Canada and other Western Democracies continue to use ineffective and obsolete citizen engagement methods that no longer stand up to scrutiny. At the same time, advancement in information and communications technology has made it possible to engage in legitimate, scalable democratic practices.  PlaceSpeak’s vision is to improve the quality and legitimacy of decision-making and public policy development by modernizing authentication of  digital identity, protecting privacy by design and ‘making it real’ and actionable with regards to public input. This requires a robust, secure, scalable and privacy enhancing digital identification and authentication ecosystem.

2. Why is Digital Identity critical for PlaceSpeak’s success?

Digital identity combined with privacy by design are essential elements of democratic innovation. Popular control in democratic practices requires citizen engagement as well as periodic elections.  Citizen engagement produces the feedback data required as evidence to inform deliberation and outcomes. Evidence, in this case, requires digital identity authentication to be defensible. There can be no official online public participation without an online proof of residency framework that is privacy enhancing, secure, transparent, robust and efficient.

In order to ensure that consultation proponents and decision-makers are hearing from affected  citizens in the relevant geographical area, digital identity verification to place is critical for PlaceSpeak. This aligns with DIACC’s recent proof of concept on Online Proof of Residency, which seeks to demonstrate individuals’ ties to a physical address, on demand, with a reasonable level of assurance.

Finally, by authenticating identity to place, PlaceSpeak is able to use open data to automate the delivery of location-based notifications on an ongoing basis.

3. What strategic goals does PlaceSpeak target to achieve in the next 5 years?

  • Consolidate our position as the standard for digital identity authentication to place.
  • Develop and integrate additional verification options through partnerships with government telecommunications to incrementally establish and strengthen digital identity to place.
  • Establish our citizen-centric model to break down silos of levels of government, departments, regulatory agencies and the private sector to keep citizens informed where they live.
  • Land and expand into communities globally, connecting digital identity to place to significantly increase our presence across sectors wherever authentic consultation is desired.

4. What else should we know about PlaceSpeak?

PlaceSpeak is pioneering a citizen-centric model which removes the silos between governments at all levels (federal, state/provincial, local/municipal), between departments and between other public sector and regulatory agencies. By focusing on the individual and creating opportunities to stay informed; be consulted and involved; to collaborate; and be empowered, public participation is encouraged, and thus, leveraging the network effect. By building the tools to facilitate legitimate, defensible online conversations around issues that matter, PlaceSpeak sees itself as an antidote to persistent issues around citizen apathy and public trust.

5. Why did PlaceSpeak join DIACC?

Solidarity. PlaceSpeak seeks to connect and network with other like-minded individuals and organizations. We were alone in the wilderness crying out for an identity ecosystem, and then one emerged in the form of DIACC. PlaceSpeak is committed to advancing best practices in citizen engagement and, in doing so, building trust in our democracy.

What are Digital Identities?

what-is-IDToday we present an article submitted by DIACC guest blogger Patrick Cormier, VP of Business Development and Sales at Notarius.  DIACC member guest bloggers share their unique insights and expertise. Guest blogger articles do not represent a formal opinion of the DIACC. This guest blog is shared under the Creative Commons BY-ND terms. (texte français)

What are Digital Identities?

Patrick Cormier

At DIACC and IdentityNorth, strong claims are made that digital identities will unlock considerable growth and innovation in the Canadian economy. The far-reaching ramifications of that assertion beg the question: What are digital identities? Can you explain in simple terms what digital identities are or even answer the question “What is an identity?” Take a moment… Stop… Try putting your thoughts into a clear definition.

If you can’t come up with a definition or remain unsure, don’t feel bad! In recent years, I have asked that question routinely and have never got a simple, concise and precise answer, although there are some online references such as The Field Guide to Identity by Identity Woman (Kaliya “Identity Woman” Young [formerly Hamlin]) that are great references when exploring the multifaceted aspects of identity.

So, plainly put, I am motivated to define digital identities in a simple and straightforward manner because absent a common semantic ground on digital identities it would be more challenging to unlock economic growth and innovation that can be unlocked with robust digital identities.

What is Identity?

Simply put, an identity is a representation of who you claim to be and who you are. A digital identity is an electronic representation that claim. And finally, a trusted digital identity is a representation of you that can be relied on with confidence for high value transactions such as signing a contract or applying for a passport.

Identity is at the core of the authenticity of social interactions and the integrity of business processes. Identity is the starting point of any relationship, trust and confidence in ongoing interactions between individuals, organizations, and government. Identity is also dependent on context. Within an identity context, it is critical to be able to distinguish individuals from one another so that services can be delivered to the right individual.

A person’s Identity can be subjective or objective. The set of psychological and physiological properties that make me and you unique as we perceive ourselves is subjective identity. It is a mental construct allowing us to relate to one another while retaining our distinctiveness. That is all I have to say about subjective identity because I am primarily interested in the objective identity of a person: a social convention that binds identifiers and attributes to persons. Let’s deconstruct that definition to see how it holds.

A social convention: if you are the sole survivor of the Mars One mission and live alone on Mars without communication to Earth, identity – your name for example – becomes meaningless because you cease to relate to others. When people relate to others in society, in a group or online, they need to refer to one another, hence the social convention of assigning names to infants when they are born. The convention is social because its primary function is to allow persons (both physical and organizations) to relate to one another. It has more the flavour of a convention because some group members may refer to one another using identifiers appropriate to the context, i.e. usernames on a web site or the children of a family calling the father of a family Dad.

An identifier is a pointer that points towards a specific person. An identifier may be unique in a defined system, for example, a Social Insurance Number (SIN) in Canada. Two persons should never possess the same SIN. Although an identifier is intended for a specific person, it may in fact not be unique, for example, my name “Patrick Cormier” is shared by a lot of people. It may not even be related to real-world social convention (my online alias could be Fidel5351). Given this, some types of  identifiers (such as our names or aliases) may not be unique in a given context and may point at more than one person. Other examples of identifiers: SIN/SSN, driving licence numbers, employee numbers…  I will tackle a little later the need to uniquely identify persons in a given system.

An attribute is a property likely to be shared by many persons. Attributes can be professional (e.g. Lawyer, CPA, engineer, architect). Attributes can also be affiliations (e.g. employee of a company, alumni member), physical characteristics (e.g. eye colour, sex, height), etc.. Finally, attributes can also be in relation to corporate persons, like size (e.g. “Small & Medium Businesses”).

A person may be a physical or corporate person – any entity with standing in court. A person here is not a concept – it literally is a physical person (or organization). For greater clarity, I am not referring to marketing persona – generic roles.

Binding an identifier or attribute to a person generally implies that the person must have a way to legitimately claim the identifier or attribute. In addition to claims and in some contexts, binding may also imply that an identifier or attribute be legitimately associated with a person in the absence of a claim.

Binding is the action of reliably recording the relationship between a set of identifiers or attributes and the person. In modern societies, for identifiers, this is often made possible by the possession of state-issued documents such as a certificate of birth and, later, driving licences and passports. People also claim identifiers and attributes using community recognition (when a lot of other persons agree the claim is legitimate) and using Knowledge-Based Authentication (KBA). The premise underlying KBA – that only the person corresponding to an identifier would logically know the answers to specific questions – is losing credibility because of past massive data breaches. Finally, identifiers and attributes may also be assigned to persons without any claims intervening.

An identity is therefore a social convention that binds identifiers and attributes to persons. From this definition and above explanations, we can draw the following inferences:

  • We each possess at least as many identities as we possess identifiers. On a web site, my digital identity might be solely known as “Fidel5351” to others in the web site – Fidel5351 is my identity on that website.
  • Some identities are legal because they are issued and/or recognized by the State. Such identities can hold property and sue or be sued in courts. In the context of economic growth fueled by the Digital Economy, legal digital identities are crucial.
  • Some contexts may require a composite identity, or set of identities, to be joined. This happens when several identities are simultaneously claimed to complete a transaction, sign a document or create an identity which uniquely defines a person in a specified context or system. For brevity, composite identities are often called contextual identities or even identities.
  • A contextual identity is a set of identity attributes that is used to distinguish a particular person within an identity context. While identity attributes such as name and date of birth, may identify an individual, these attributes are usually not sufficient to distinguish a person within a large population (such as a province or country), an artificial identifier is assigned that is used solely for the purpose of providing uniqueness and points to specific person. For example, “Patrick Cormier” and my driving licence, taken together, uniquely point to me (no other person may claim both my name and driving licence number) to create an identity which is effective in ensuring that two Patrick Cormier can be safely distinguished from one another.
  • To distinguish an identity from one another, another method consists in including attributes in the identity. For example, if I were the only lawyer in Quebec named “Patrick Cormier”, then my identity “Patrick Cormier” together with the two attributes “lawyer” and “Quebec” would uniquely point to me. Alas, there is another lawyer Patrick Cormier, so another attribute or identifier would need to be added to distinguish us.
  • The need for composite identities and attribute-supported identities is contextual. To sue in court, you would need to do so under your State-issued name and provide your address, minimally. To obtain provincial health services, you need to provide both your name and provincial health coverage number. To publish a post on a blog, you may only need a validated pseudonym, i.e. a username associated with an email.

The above inferences are just some of the inferences that should be clarified before considering what are digital identities. Digital identities are technological conventions that bind digital identifiers and attributes to persons. They necessarily exist in the technological realm. Digital identities can come in the following flavours:

  • Self-asserted digital identities are claims, created and used without external validation or verification of their veracity. One example is an Adobe self-sign digital certificate. I can create such a certificate under any name of my choosing. Similarly, I can associate a name of my choosing with a gmail account and be known to my correspondents under that name. Obviously, such claims are not optimal in contexts of legal or commercial transactions.
  • Verified digital identities are digital identities for which the identifiers (and perhaps the attributes) have been verified by one or more third party, but not necessarily trusted third parties. In other words, some third party has validated that the owner of the digital identity may legitimately claim the identifiers and attributes.To the extent you trust the third party and understand the validation method, you would trust the veracity of the claimed identity and attributes. For example, if you understand that signing digital certificates issued by Certificate Authority X and if you deem acceptable the issuance process of their certificates, you would trust the veracity of the claimed identity and its attributes.
  • Trusted digital identities exist when conditions, or conformance criteria,  set by a Trust Framework are met in providing a digital identity. By way of example, DIACC is currently developing a Trust Framework for Canadian Digital Identities. On the other hand, a Trust Framework can be as simple as, for example, the explicit recognition by a governmental authority that Certificate Authority X digital identities and signatures may be relied upon for the purpose of conducting transaction Y with the government. To be exact, Trust Frameworks should be really thought of as Accountability Frameworks – see The Trouble with Trust, & the case for Accountability Frameworks for NSTIC. Also, I should clarify here the semantic distinction between objective and subjective trust. The term”trust”, by ordinary definition, is subjective – it is an opinion about the reliability (an objectively perceived quality) of someone or something. Here, when I define the term “trusted digital identities”, I mean objectively trusted, that is, digital identities that meet objective criteria set forth in a Trust Framework should be called “trusted digital identities”. Of course, anyone relying on a so-called “trusted digital identity” may make the personal choice of not trusting (subjectively) that identity. However, despite that semantic distinction, I think it is worthwhile to define objectively the term trusted digital identity to specifically refer to those identities that comply with the conditions set in a trust framework.

To the question “what are digital identities”, one can also complete the answer by referencing the purpose they serve. A digital identity is intended to be a legally equivalent alternative to presenting yourself in-person with paper documents. A digital identity is intended to ensure that a specific person is at the other end of a transaction or at the origin of a signed document, for example, digital identities can be used to sign birth certificates, passports, University transcripts and diplomas, contracts, engineering drawings and plans, affidavits… Any document requiring proof of its origin weeks, months or even decades later.

Canada’s economy is fuelled by millions of transactions completed and documents signed every day. Now, imagine a world in which, over time, all these transactions and signatures could be completed digitally, legally and reliably. Imagine that for each transaction completed and document signed digitally, considerable savings have been realized because you can finally dispense with in-person appearances and paper processes inefficiencies. Imagine the range of new commercial activity that could be unlocked because the online market is a worldwide market as opposed to doing business locally.

Digital identities can, and will, unlock a modern, forward-looking and technologically advanced society. It is up to us to build the required trust frameworks to make this vision a reality. Get involved in DIACC now and attend IdentityNORTH next year!

QU’EST-CE QU’UNE IDENTITÉ NUMÉRIQUE?

what-is-IDAujourd’hui, nous présentons un article présenté par DIACC blogueur invité Patrick Cormier, vice-président du développement des affaires et des ventes chez Notarius . DIACC membre blogueurs invités partagent leurs idées et leurs compétences uniques. articles Guest blogger ne représentent pas un avis formel de l’ DIACC . Ce blog invité est partagé sous la licence Creative Commons BY-ND termes. (English text)

QU’EST-CE QU’UNE IDENTITÉ NUMÉRIQUE?

Patrick Cormier

À DIACC et IdentityNORTH, on affirme haut et fort que les identités numériques sont la clé d’un important mouvement de croissance et d’innovation dans l’économie canadienne. Les ramifications importantes de cette affirmation nous forcent à nous demander : qu’est-ce qu’une identité numérique? Pouvez-vous expliquer en termes simples ce que sont les identités numériques ou même répondre à la question : « Qu’est-ce qu’une identité? » Prenez quelques minutes pour tenter de formuler une définition claire.

Si vous n’y arrivez pas ou hésitez, ne vous en faites surtout pas. Même si j’ai fréquemment posé la question au cours des dernières années, je n’ai pas encore réussi à obtenir une réponse simple, concise et précise. Toutefois, d’excellents ouvrages de référence en ligne, comme The Field Guide to Identity par Identity Woman (Kaliya “Identity Woman” Young [anciennement Hamlin]) explorent les multiples aspects de l’identité.

En bref, je suis motivé à définir les identités numériques de manière simple et directe parce que l’absence d’une base sémantique commune pour les identités numériques rend plus difficile la réalisation de la croissance économique et de l’innovation qui seraient possibles grâce à des identités numériques robustes.

Qu’est-ce qu’une identité?

En termes simples, une identité est une représentation de qui vous affirmez être et de qui vous êtes. Une identité numérique est une représentation électronique de cette affirmation, de cette assertion d’identité. Finalement, une identité numérique de confiance est une représentation de vous à laquelle on peut se fier pour des transactions de grande valeur comme la signature d’un contrat ou une demande de passeport.

L’identité est au cœur de l’authentification des interactions sociales et de l’intégrité des processus d’affaires. C’est le point de départ de toute relation, de la confiance accordée aux transactions réalisées continuellement entre des personnes, des organisations et le gouvernement. L’identité dépend également du contexte. Dans le contexte d’une identité, il est essentiel de pouvoir distinguer une personne d’une autre de manière à ce que la prestation de services soit dirigée vers la bonne personne.

L’identité d’une personne peut être subjective ou objective. L’identité subjective est l’ensemble de propriétés psychologiques et physiologiques qui font que chaque personne se perçoit comme étant unique. C’est une construction mentale qui nous permet d’interagir avec d’autres tout en conservant notre caractère distinctif. Je n’en dirai pas plus sur l’identité subjective parce que ce qui m’intéresse principalement c’est l’identité objective d’une personne, une convention sociale qui lie des identifiants et des attributs aux personnes. Décortiquons cette définition pour évaluer sa justesse.

Une convention sociale : si vous êtes le seul survivant de la mission Mars One et vivez seul sur Mars sans communication avec la Terre, votre identité (votre nom, par exemple) ne veut plus rien dire parce que vous cessez d’être en relation avec d’autres personnes. Quand des individus interagissent, en personne, dans un groupe ou en ligne, ils doivent se désigner entre eux. Par convention sociale, chaque enfant reçoit donc un nom dès sa naissance. Cette convention est qualifiée de « sociale » parce que sa principale fonction consiste à permettre aux personnes (physiques ou morales) d’interagir. La « convention » (ou la pratique) vient du fait que les membres d’un groupe choisissent l’identifiant en fonction du contexte, c.-à-d. qu’une personne est désignée par un nom d’utilisateur dans un site Web ou alors que ses enfants l’appellent simplement « papa ».

Un identifiant est un pointeur associé à une personne en particulier. Il peut être unique à un système donné, comme c’est le cas du numéro d’assurance sociale (NAS) au Canada. Deux personnes ne peuvent avoir le même NAS. Même si un identifiant est prévu pour une personne en particulier, dans les faits, il peut ne pas être unique. Par exemple, je ne suis pas le seul à porter le nom de « Patrick Cormier ». L’identifiant peut même ne pas être lié à une convention sociale du monde réel (mon identifiant en ligne pourrait être Fidel5351). Certains types d’identifiants (comme les noms et les identifiants en ligne) peuvent ne pas être uniques dans un contexte donné et peuvent pointer vers plus d’une personne. À titre d’exemple, le NAS, le numéro de sécurité sociale, le numéro de permis de conduire ou le numéro d’employé sont également des identifiants. Je reviendrai plus loin sur le besoin d’un identifiant unique pour une personne dans un système donné.

Un attribut est une propriété susceptible d’être partagée par plusieurs personnes. Il peut être professionnel (p. ex., avocat, CPA, ingénieur, architecte). Il peut également être lié à une affiliation (p. ex., les employés d’une entreprise, les diplômés d’une université), à des caractéristiques physiques (p. ex., la couleur des yeux, le sexe, la grandeur), etc. Un attribut peut aussi être lié à des personnes morales, comme la taille d’une organisation (p. ex., les petites et moyennes entreprises).

Une personne peut être une personne physique ou morale, ce peut être toute entité ayant un statut légal. Dans le contexte qui nous préoccupe, une personne n’est pas un concept, c’est réellement une personne physique (ou une organisation). Pour fins de clarté, je ne réfère pas ici à des persona de marketing non plus – des rôles génériques.

Le fait de lier un identifiant ou un attribut à une personne implique généralement que la personne ait une manière de légitimement  réclamer l’identifiant ou l’attribut. En plus de l’assertion d’identité et dans certains contextes, le lien peut également impliquer que l’identifiant ou l’attribut est légitimement associé à la personne en l’absence d’assertion d’identité.

« Lier » est l’action d’enregistrer de manière fiable une relation entre, d’une part, un ensemble d’identifiants ou d’attributs et, d’autre part, une personne. Dans les sociétés modernes, cela se traduit souvent par la possession de documents produits par un organisme gouvernemental, comme un certificat de naissance, un permis de conduire ou un passeport. Pour les assertions d’identité, les personnes utilisent également la reconnaissance collective (lorsque plusieurs autres personnes s’entendent pour dire que l’assertion est légitime) et l’authentification fondée sur les connaissances. Cependant, d’importantes violations de données font perdre de la crédibilité à ce dernier mode d’authentification qui repose sur la prémisse que seul le détenteur de l’identifiant connaît les réponses à un ensemble de questions données. Enfin, il est aussi possible d’attribuer des identifiants et des attributs à des personnes sans avoir recours à des assertions d’identité.

Une identité est donc une convention sociale qui lie des identifiants et des attributs aux personnes. Cette définition et les explications précédentes nous permettent de tirer un certain nombre de conclusions :

  •  Chaque personne possède au moins autant d’identités que d’identifiants. Dans un site Web, mon identité numérique peut être connue uniquement sous l’identifiant « Fidel5351 » par les autres personnes dans le site Web. « Fidel5351 » est mon identité pour ce site Web.
  • Certaines identités sont qualifiées de juridiques parce qu’elles sont émises ou reconnues par l’État. De telles identités peuvent posséder des biens et poursuivre ou être poursuivies en justice. Dans le contexte de croissance économique propulsée par l’économique numérique, les identités numériques juridiques sont essentielles.
  • Certains contextes peuvent exiger une identité composite ou l’association d’un ensemble d’identités. C’est le cas lorsque plusieurs identités sont utilisées simultanément pour exécuter une transaction, signer un document ou créer une identité qui désigne une personne de manière unique dans un contexte ou un système en particulier. Par souci de concision, les identités composites sont souvent appelées identités contextuelles ou simplement identités.
  • Une identité contextuelle est un ensemble d’attributs d’identité utilisés pour distinguer une personne donnée dans un contexte d’identité. Même si les attributs d’identité, comme le nom et la date de naissance, peuvent identifier une personne, ils ne suffisent pas pour distinguer une personne au sein d’une vaste population (comme celle d’une province ou d’un pays). On attribue donc un identifiant artificiel à une personne dont le seul but est de désigner cette personne en particulier. Par exemple, l’association de « Patrick Cormier » et de mon numéro de permis de conduire pointe uniquement vers moi (personne d’autre ne peut affirmer porter mon nom et avoir mon numéro de permis de conduire) pour créer une identité qui peut efficacement et assurément faire la distinction entre moi et un autre Patrick Cormier.
  • Pour distinguer une identité d’une autre, il est également possible d’inclure des attributs dans l’identité. Par exemple, s’il n’y a qu’un seul avocat au Québec à porter le nom de « Patrick Cormier », mon identité « Patrick Cormier » associée aux deux attributs « avocat » et « Québec » pointerait uniquement vers moi. De la même manière, s’il y a un autre Patrick Cormier avocat, l’ajout d’un nouvel attribut ou identifiant serait nécessaire pour nous distinguer l’un de l’autre.
  • Le besoin d’identités composites et d’identités associées à des attributs est contextuel. Si vous souhaitez poursuivre quelqu’un en justice, vous devez fournir, au minimum, votre nom tel que reconnu par l’État et votre adresse. Pour obtenir des soins de santé fournis par la province, vous devez fournir votre nom et votre numéro d’assurance maladie provincial. Pour publier un article de blogue, vous pourriez n’avoir besoin que d’un pseudonyme validé, p. ex., un nom d’utilisateur associé à une adresse de courriel.

Ces conclusions ne sont que quelques-unes des conclusions qu’il importe de comprendre avant d’examiner les identités numériques. Les identités numériques sont des conventions technologiques liant des identifiants numériques et des attributs à une personne. Essentielles dans le monde technologique, les identités numériques existent en diverses versions :

  • Les identités numériques autoproclamées sont des assertions d’identité, créées et utilisées sans validation externe ni vérification de leur véracité. C’est le cas, par exemple, d’un certificat numérique autosigné d’Adobe. Pour créer un tel certificat, je peux utiliser n’importe quel nom qui me plaît. De la même manière, je peux choisir un nom, l’associer à un compte Gmail et l’utiliser pour me faire connaître de mes correspondants. De toute évidence, de telles assertions ne sont pas optimales dans un contexte d’actes juridiques ou de transactions commerciales.
  • Les identités numériques vérifiées sont des identités numériques pour lesquelles les identifiants (et possiblement les attributs) ont été vérifiés par au moins un tiers, mais pas nécessairement par un tiers de confiance. Autrement dit, un tiers a validé que le propriétaire de l’identité numérique peut légitimement se réclamer des identifiants et des attributs. Dans la mesure où vous faites confiance à ce tiers et comprenez son processus de validation, vous pouvez faire confiance à la validité de l’assertion d’identité et des attributs qui y sont associés. Par exemple, si vous comprenez que les certificats numériques de signature sont émis par l’Autorité de certification X et jugez acceptable le processus d’émission de leurs certificats, vous pourriez avoir confiance en la véracité de l’assertion d’identité et des attributs afférents.
  • On parle d’identité numérique de confiance lorsque l’identité numérique a été fournie par un environnement de confiance et qu’elle respecte les conditions ou les critères de conformité de cet environnement de confiance. Par exemple, DIACC est en train de créer un environnement de confiance pour les identités numériques canadiennes. D’autre part, un environnement de confiance peut simplement être, par exemple, la reconnaissance explicite par une autorité gouvernementale de la fiabilité des identités numériques et des signatures de l’Autorité de certification X pour l’exécution de transactions Y avec le gouvernement. Plus exactement, les environnements de confiance devraient être vus comme des environnements de responsabilité comme l’explique l’article suivant (en anglais) The Trouble with Trust, & the case for Accountability Frameworks for NSTIC. Je devrais également clarifier la distinction sémantique entre la confiance objective et la confiance subjective. Par définition, la confiance est subjective; c’est l’opinion quant à la fiabilité (une qualité perçue objectivement) de quelqu’un ou de quelque chose. Lorsque je définis le terme « identités numériques de confiance », je parle de confiance objective. En d’autres mots, ce sont des identités numériques qui respectent des critères objectifs établis par un environnement de confiance et qui devraient donc être désignées par le terme « identités numériques de confiance ». Bien sûr, une personne peut (subjectivement) ne pas faire confiance à une « identité numérique de confiance ». Cependant, malgré cette distinction sémantique, je crois qu’il est valable de déterminer objectivement que le terme identité numérique de confiance désigne les identités qui respectent les conditions établies par un environnement de confiance (“trust framework”).

En réponse à la question « Qu’est-ce qu’une identité numérique? », on peut également faire référence à la raison d’être d’une telle identité. Une identité numérique devrait juridiquement équivaloir à se présenter soi-même en personne avec des documents papier. Une identité numérique devrait garantir qu’une personne en particulier est à l’autre bout de la transaction ou à l’origine d’un document signé. Par exemple, on peut utiliser des identités numériques pour signer des certificats de naissance, des passeports, des relevés de notes ou des diplômes universitaires, des contrats, des plans et dessins techniques, des déclarations sous serment, etc. En bref, pour tout document pour lequel la preuve d’origine peut être requise des semaines, des mois ou même des décennies plus tard.

L’économie canadienne fonctionne parce que des millions de transactions sont exécutées et documents signés quotidiennement. Imaginez un monde dans lequel, éventuellement, l’exécution de toutes ces transactions et signatures pourraient être numériques, juridiquement contraignantes et fiables. Imaginez les économies considérables réalisées parce que les personnes n’ont plus à se présenter pour signer et que les inefficacités des processus papier sont évitées. Imaginez toutes les activités commerciales qui deviendraient possibles grâce aux transactions en ligne dans un marché mondial accessible en s’affranchissant du besoin de contact en personne.

Les identités numériques peuvent être, et sont, la clé d’une société moderne, tournée vers l’avenir et technologiquement évoluée. C’est à nous de créer les environnements de confiance requis pour concrétiser cette vision. Participez à DIACC maintenant et assister à IdentityNORTH l’an prochain!

« Older Entries