Yearly Archives: 2018

Spotlight on 1Kosmos BlockID

Meet 1Kosmos BlockID

1. What is the vision and mission of 1Kosmos BlockID?

Our mission is to revolutionize identity management by enabling people and companies to escape from the legacy systems of paper-based documents and move into a true digital identity with unprecedented privacy, security, transparency, and individual rights by leveraging the power of blockchain technology. 

BlockID by 1Kosmos enables people to store their identity data – their driver’s license, passport, credit or debit cards, insurance cards, employee ID, professional or educational credentials, and more – in a secure digital identity safe way on their own mobile devices, and provide it easily to those who need to access and validate it.

BlockID eliminates usernames and passwords, which can be hacked or stolen. Instead, it allows people to use their face, voice or fingerprint to access online services such as banking or email. More importantly, BlockID puts people in control of their own identity data by allowing them to determine what information is shared and with whom it’s shared.

2. Why is trustworthy digital identity critical for existing and emerging markets?

Today user identities exist in many different forms including:

  1. Physical identities in the form of unstructured data, taking the form of images and photocopies
  2. Multiple logins on multiple sites
  3. Biometrics and Internet of Things (IoT)

One of the objectives is to combine these identities into a single, portable, digital identity based on the following principles:

Control – A user must have control of their identity information – controlling who can modify it, and authorizing who can see it and what they can see. They should be able to withhold or approve access as owner of their own identity information.

Transparency and Persistence – Users must have access to their own data and be able to easily verify and consent on how their data is used with no hidden data and no gatekeepers. All user actions and authorizations must be captured on an immutable ledger to maintain transparency and security.

Portability and Interoperability – Information and services about the identity must be transportable and available across international boundaries / third party services without a single vendor locking in or storing user data in a central database. A BCIAM solution is not completely decentralized if the architecture allows part of the user identity to be stored by a singular third party, even if it’s a trusted entity that is expected to work in the best interest of the user. Being part of a centralized service raises the question of vendor lock in and security issues that have been plaguing traditional siloed IAM solutions.

Protection – The rights and privacy of the user are to be protected. The information stored should never be available for consumption by any party without the consent of the user managing their identity.

3. How will digital identity transform the Canadian and global economy? How does 1Kosmos BlockID address challenges associated with this transformation?

The two greatest obstacles to developing secure web services are verifying the user’s identity and securing their identity data.

Today, businesses and governments rely largely on paper-based documents, which can’t easily be used for online services, or usernames and passwords, which are easily hacked or stolen. Every service provider must build and maintain its own siloed identity management system – a costly and inefficient practice. Protections on these systems are wildly inconsistent, ranging from strong to barely existent. Users have little or no control over their own identity data, which is essentially owned by the dozens of services a user interacts with that collect and store it. The identity data itself can be full of inaccuracies, inconsistencies or outdated information because there are dozens or even hundreds of copies and no single authoritative source of the truth.

BlockID removes these obstacles. It eliminates the need for each service provider to validate or store user credentials, and uses the power of blockchain technology to help eliminate fraud and ensure the validity and accuracy of the user’s identity information.

The user’s identity information is first independently verified by trusted third parties, then encrypted and stored on the public blockchain as well as in a secure, digital wallet on the user’s mobile device. The data is encrypted using a public key; only the holder of the corresponding private key can decrypt it – and therefore only the holder of the private key can be the credential’s true owner. Because the encrypted identity data on the public blockchain is immutable – that is, it can’t be modified after the fact – it’s guaranteed to be authentic and accurate, and no single business or government entity controls it.

This can transform the Canadian economy – and indeed the global economy – by creating a universally recognized trusted digital ID that enables businesses and governments to securely identify users, helping to eliminate fraud (for both business and consumers), eliminate “fake” accounts, and protect the privacy of users. It can speed identify verification, allowing businesses to comply with Know-Your-Customer (KYC) requirements in seconds rather than days or weeks – all without having to implement costly and redundant identity management systems or inefficient manual processes to handle the task.

4. What else should we know about 1Kosmos BlockID?

Since forming 1Kosmos in 2016, we have added some of the leading minds in identity management on our staff and board of advisors. We have multiple financial and telecommunications customers using our solution, and analysts have called the BlockID Solution the most complete solution in digital portable identity.

 

 

Request for Proposal: Development of the Pan-Canadian Trust Framework

Request for Proposal: Community Editor to Accelerate the Development of the Pan-Canadian Trust Framework

Shape Canada’s Policy for a Trusted and Secure Digital Economy

NOTE: The deadline has been extended to August 14 at 11:59 PM PST.

The DIACC is seeking a Community Editor to drive forward the development and refinement of the Pan-Canadian Trust Framework (PCTF). Request for Proposals were due by Monday, August 7 at 11:59 PM PST and the deadline has been extended to August 14 at 11:59 PM PST.

The PCTF is a set of standards that are intended to support Canada’s full and secure participation in the global digital economy through secure and interoperable services, transactions, and digital activities. The PCTF describes the roles, services, and requirements to be agreed on between participating service delivery and commercial industry sector organizations, to meet current and future Canadian innovation needs.

The framework is built in collaboration with DIACC members on the Trust Framework Expert Committee (TFEC) from both the public and private sector and with the broad federal, provincial, and territorial input of the Joint Councils Identity Management Sub-Committee. The drafts are developed with a focus on creating standards that are easy to implement and promote a secure, user-centric digital identity ecosystem of interoperable solutions and services.

The PCTF is published by the DIACC and based on collaboration of the Canadian and international community over time and the established DIACC digital identity ecosystem principles.

Who We’re Looking For

The PCTF Community Editor will be an experienced communicator who has experience developing related industry Trust Frameworks and managing projects with multiple stakeholders. Qualified candidates will be able to demonstrate their skills and success in supporting similar projects.  

They will be responsible for combining the input and feedback of the Trust Framework Expert Committee and the Identity Management Sub-Committee. The development is subject to the DIACC community standardization process and the final result will be the delivery of PCTF review drafts, which will be released for a public call for comments.

How to Submit a Response  

Review the PCTF Community Editor Request for Proposal requirements to submit your proposal.

RFPs are due on Monday, August 14 at 11:59 PM PST.

The project will begin on August 31, with a full project timeline to be created and determined by September 7.

The PCTF Community Editor will play a critical role in building out the framework and simplifying it to make  the content cohesive and comprehensive.

If you’re interested in building Canada’s digital economy and creating a trusted, reliable, and user-friendly identification ecosystem for all Canadians, we want to work with you! We look forward to receiving applications and achieving more progress on this critical framework. 

  • The DIACC Team

Request For Proposals Frequently Asked Questions:

  1. What’s the size of the collaborative stakeholder group? While DIACC has approximately 50 member organizations, the DIACC PCTF TFEC community has the benefit of approximately 20 individual participants. The Community editor will interface with these organizations and individuals as well as one point of contact for the IMSC.
  2. Has a budget been set for the role? While DIACC has set a budget to support the PCTF community efforts as a whole, we seek to gain a better understanding of the resources needed to deliver the PCTF documentation through the review of the RFP responses.  A number of metrics (including cost) will be used to review responses. DIACC is aware that advancing Canada’s digital economy is no small task and DIACC expects bids to deliver real-world value.
  3. Who can submit a response? Individuals and organizations.
  4. Is the winning bidder expected to build consensus in the community? Yes, it is expected that the winning bidder will demonstrate the ability facilitate discussions in order to build consensus of stakeholders.
  5. May applicants provide references to persons who can attest to an applicant’s competency in addition to or in place of testimonials? Yes, applicants may provide references and contact information for persons who can attest to their competency.

Digital Identity & Civic Action: PlaceSpeak Civic Networks White Paper

DIACC member PlaceSpeak recently published a new white paper, “Civic Networks: The Future of Community Engagement” outlining the shortcomings of global social networks and the huge potential of place-based networks rooted in verifiable digital identity. We connected with their team to find out how PlaceSpeak is using digital identity solutions to transform community action and how people connect, contribute, and relate online.

DIACC: Tell us a bit about PlaceSpeak and the “Civic Networks: The Future of Community Engagement” white paper.

PlaceSpeak: Our new white paper outlines some of the recent challenges with social networks which have been brought more sharply into public view, such as the Cambridge Analytica revelations. Governments and politicians have relied heavily on social media to reach and engage with citizens. However, it is now apparent that social media is inadequate for genuine online civic participation – bots, trolls and astroturfing undermine digital democracy and there is no way to tell whether comments on social media genuinely come from a community member, or from bots run by special interest or lobby groups. Furthermore, advertising-based models incentivize social media platforms to reinforce users’ existing paradigms by showing them content that they are more likely to engage with. It’s clear that a new paradigm is required. 

As opposed to social networks, civic networks are tied to place-based communities, such as streets, neighbourhoods, schools, stratas/homeowner associations and more. PlaceSpeak has been developing one such civic network that is not based on advertising or the data mining of users. It authenticates users to place, ensuring that they are real people – not bots. We believe that this is the future of online community engagement: hyperlocal and privacy-protecting, with the capacity to support respectful and authentic dialogue on wicked community issues, by design.

DIACC: How is does PlaceSpeak take a unique approach to reframing control over personal information and activating local communities?

PlaceSpeak: People are becoming increasingly cognizant of the fact that their personal information and data is being mismanaged by social media platforms. Terms and Conditions/Privacy Policies are usually opaque and difficult even for tech-savvy users to understand.

As a Privacy by Design (PbD) ambassador, protecting the privacy of users is of utmost importance at PlaceSpeak. PbD principles ensure that privacy measures are architected into the very structure of the platform. Instead of responding to a privacy breach, PbD works proactively to ensure that such circumstances do not happen in the first place. PbD assumes that privacy is the default. User information is kept private and never shared with third-party individuals or organizations – users have to agree to make their information public.

The assurance of privacy protection is crucial for building trust in the digital identity authentication process – thus creating a safe, secure environment where people can be confident that they are engaging with other real people in their communities.

 

DIACC: The white paper opens with a strong analysis of the shortcomings of social media for civic engagement, and points to the business models of behemoth platforms like Facebook and Twitter as a core issue. What alternatives are there? How might digital identity support the creation of new business models?

PlaceSpeak: The issues which have emerged in recent months in platforms such as Facebook and Twitter stem fundamentally from their business model, which exploits the personal information of users to advertise to them. For example, Facebook’s pay-per-click model (PPC) charges, on average, between $0.20 – $0.80 USD when a user clicks on a link. Advertising-based models are incentivized to show users content which aligns with their pre-existing viewpoints, which they are more likely to click on and engage with.

Civic networks, such as PlaceSpeak, must be 1) authentic, 2) privacy-protecting, and 3) not funded by advertising. Digital identity authentication ensures that people are who they say they are online – not bots or hackers pretending to be community members. This, in combination with the protection of the personal information and data of users, is critical to building trust. Finally, any platform that relies on advertising prioritizes those who are able to pay to get the word out. Genuine civic engagement can only truly occur when everyone can have their voice heard – not only industry or lobby groups which can afford to pay to amplify their message.

DIACC: How does digital identity support a shift from treating users as commodities to empowering them as citizens?

PlaceSpeak: Identity authentication is very self-explanatory during in-person forms of engaging with government. You have to prove that you are who you say you are before voting or accessing government services (e.g. applying for a driver’s licence, applying for Employment Insurance, filing your taxes, etc.)

So much of the online world thus far has been anonymous or pseudonymous that people have come to take that for granted. However, how can people access government services or genuinely engage with government online if there is no way of ensuring that they are the correct person? Digital identity authentication is therefore crucial for empowering users as citizens, as they move towards the full range of ways that they can engage with their governments online, whether that’s filing taxes, signing a petition or participating in a public consultation.

DIACC: How do you balance the need and desire for open data and transparency with privacy and security?

PlaceSpeak: Open data and transparency is crucial for building trust and empowering citizens to hold decision-makers accountable for outcomes which affect them and their communities. However, it must work hand-in-hand with privacy and security.

In PlaceSpeak’s case, the balance between transparency and privacy means that all aspects of a public consultation (e.g. background information, real-time results such as poll results and discussion forum comments) are publicly viewable by anyone, but the personal information that is used to authenticate participants is disaggregated from the results.

The participants’ private information (e.g. email address, physical address) is never sold, transferred, or otherwise shared with any third party, not even the organization conducting the consultation.

This is just one simple way in which transparency and privacy can work together to build trust and support robust systems for ongoing citizen engagement. In other cases such as open data, this includes aggregating and anonymizing the data that is released so that individual identifiable information cannot be publicly accessed.

DIACC: What key benefits of civic networks and/or community engagement strategies extend to different types of multi-stakeholder communities?

PlaceSpeak: The main benefit of civic networks is the breaking down of silos. It’s currently hard to be civically engaged even if you genuinely want to do so – people are busy with many other priorities. In the 2017 Vancouver Foundation report, 51% of respondents said that they didn’t have enough time to get involved. People currently have to subscribe to multiple sites if they want to stay informed and engaged, whether that’s their city’s email list, their child’s school, their neighbourhood association, utilities (hydro, telcos), etc.

Civic networks such as PlaceSpeak provide a one-stop “hub”: by signing up once, they can be kept notified of updates or proposed changes from all these different organizations. Instead of having to go out and hunt for information about a proposed rezoning, potential roadworks, or a scheduled hydro outage, all this information is delivered directly to users’ inboxes. They can also participate in consultations and provide feedback to all these different organizations from one single platform, and engage with others in their community.

DIACC: The paper notes that Facebook deleted 583 million fake accounts – more than a quarter of its monthly active users in early 2018. Yet, few people connect cyberbullying and bots to digital identity. Can you explain the connection?

PlaceSpeak: People behave terribly online when they’re anonymous. We can chalk this up to two factors: deindividuation and dehumanization. Deindividuation refers to the reduced sense of self-awareness and loss of personal responsibility which happens in anonymous contexts. People feel empowered to act and say things that they never would in a face-to-face interaction. Anonymity also dehumanizes the person on the receiving end of cyberbullying: it’s easy to forget that there is a real, live person behind that screen name. In today’s world, that may not be far from the truth – for example, 5-15% of Twitter users could be bots.

Digital identity is one way to hold people accountable for their online behaviour. We have found that even in extremely controversial discussions such as immigration or gun control, people participate respectfully when they have been authenticated.

Moreover, in the context of a civic network, when people know that they’re interacting with someone in their community – someone they could conceivably run into at the grocery store or while picking up their kid from school – they’re more likely to behave appropriately.

DIACC: The benefits of civic networks are outlined for the benefit of informed and involved citizens in a public sector context. How can civic networks empower the private sector?

PlaceSpeak: Within a public sector context there are many obvious applications: once an individual has been authenticated, they can be kept informed and notified of new opportunities to engage on an ongoing basis, whether that’s from their local government, the school district, the local transportation authority, etc.

However, civic networks such as PlaceSpeak have the potential to break down silos between different types of organizations, not only within the public sector. Many private sector projects must go through a permitting or assessment process, which may require public feedback or a duty to consult (e.g. First Nations). There are many potential applications for property developers, the resource industry, telecommunications, etc. to notify and gather defensible feedback from residents within the affected area of a proposed project.

 

 

Digital identity opens new possibilities across sectors. Learn more about PlaceSpeak solutions and become a DIACC member to collaborate with more leaders in digital identity and authentication.

Protected: AGM 2018 Content

This content is password-protected. To view it, please enter the password below.

Posted in AGM

Enter your password to view comments.

A Year of Growth and the Year Ahead: 2018 Annual General Meeting

Identity Week in Canada was a great success. Over the course of three days, leading identity and digital economy experts came together to discuss how to move digital identity forward in Canada. IdentityNORTH’s Annual Summit was held at Toronto’s Mattamy Athletic Centre on June 19 and 20. The following day, DIACC hosted our Annual General Meeting (AGM).

At the AGM, the DIACC members voted on the Board of Directors. John Sharpe, Vice President of CGI, and Allan Foster, Vice President of Global Partner Success at ForgeRock, were re-elected as Directors, and Sajith Nair, Partner of Cybersecurity and Privacy at PwC Canada was named as an Advisor to the DIACC Board of Directors. We’re thrilled to have fresh perspectives on our leadership team that will continue to drive progress.

This has been a year of tremendous growth for the DIACC community. In 2016, the organization  counted 29 members, but over the past 2 years this number nearly doubled, growing to 50 members. The council also has a growing international profile, with presence and recognition in New Zealand, Norway and the United States. DIACC has ramped up participation in international events, including the 2018 European Identity & Cloud Conference. We are proud of our uniquely collaborative and community-centred strategy, which is unlocking the capabilities of the public and private sectors.

The AGM featured a wide variety of demos and Q & A sessions that put a spotlight on the diverse membership of the community. Patrick Cormier from Notarius provided an overview of our new Innovation Expert Committee and called on members interested in pushing forward new initiatives and technologies to join.

Shelley Bryen of WorldReach Software shared a presentation on the implications, opportunities, and challenges of border-crossing as we move towards a virtual border. Bryen noted that, with policy changing “at the speed of tweets”, it is important to be ready for these changes. She highlighted how innovations such as facial recognition and information transfer prior to arrival can enable seamless border travel.

Patrick Drolet of Notarius provided an overview of trends in digital transformation, including a demonstration of how a visible digital seal can create a bridge between electronic and paper documents. Approaches like this make the transition to digital easier and enhancing trust.

   “Fantastic sessions and informative conversations with the community”                       

The Government of B.C.’s John Jordan demonstrated how governments are working together to help businesses reduce the cost of government registration forms and permits to make for a more efficient process. Under this system, known as “TheOrgBook”, the hope is to make it easier for businesses to work with matters like verifying government issued licences and permits instead of using paper.

Allan Foster from ForgeRock offered a demo of the new Verified.Me collaborative platform, which will launch in Canada later this year. It allows users to open a Canadian bank account with a UK digital ID, without having to visit a branch. Users install an app on their mobile device that confirms their identity, allowing businesses and governments to immediately do transactions without asking for proof of identity.

Amber D. Scott of Outlier Solutions presented a compliance overview that demonstrated the need for regulations that are simultaneously more robust and flexible to take into account emerging technologies including cryptocurrencies and digital identity solutions.

As a further testament of DIACC’s international reach, Karl Kilb, CEO of New York City-based Boloro Global Solutions, provided an informative overview of the trends in mobile authentication.

The DIACC meeting concluded with a panel, consisting of Colleen Boldon, Hugh McKee and Greg Elcich. The panelists discussed final thoughts and calls to action. On digital identity progress in Canada, Boldon said: “I think we’re at a tipping point. We can feel it, we can touch it, and we’re close to getting it done.”

Thank you to everyone who came out and who has consistently participated in the community to bring digital identity to this point. We will work together to enhance clarity around our objectives and accelerate awareness about the role of secure, reliable digital identity. As the conversation grows and this technology becomes increasingly important, our community is bigger, stronger, and more vital than ever before.    

 

Biggest IdentityNORTH to Date Brings Together Digital Identity Leaders and DIACC Members

The 2018 Identity Week in Canada was an incredible success, kicking off with IdentityNORTH and bringing together more people than ever before to discuss the impact and opportunities of digital identity in Canada. DIACC members played a large role at this year’s IdentityNORTH Summit. Members participated in several panels and led some of the most popular unconference sessions, emphasizing the strength of our community and how key collaboration is to advancing an interoperable digital identity.

The role of DIACC as a meeting point for public and private sectors to contribute their strengths was made clear on our leadership panel. “The public sector brings strong identity documents and the private sector brings innovation,” said Franklin Garrigues, VP of Digital Channels at TD and member of the DIACC board.

With the successful collaboration between the private sector and public sector, Canada has a unique strategy, and one that is sparking interest around the globe. “The level of trust that we have in Canada between the public and private sectors is not comparable around the world,” said John Sharpe, Vice President at CGI and a director of DIACC.

“Around the world, we have the strongest collaboration that I’ve seen,” said Joni Brennan, President of the DIACC. “It takes time and cooperation to work together and to find value together, but we’ve excelled in that way.”

DIACC Members Demonstrate Community Leadership at IdentityNORTH

Enlightening sessions were held by DIACC members during the unconference, putting a spotlight on the thought leadership and high level of expertise in our community. Deep conversations, big questions, and innovative ideas were shared throughout the second day, with strong interest in the DIACC-led session focused on next steps for the Pan-Canadian Trust Framework. The framework is a set of industry standards designed for interoperability in a global digital economy.

Among other DIACC member-led sessions were an intimate group led by Patrick Cormier of Notarius, who asked: what constitutes a legally reliable document? He explained various qualities of document reliability, such as proof of authenticity. Andre Boysen, Chief Executive Officer of SecureKey, focused on liability models, and how they might look in a world of digital identity where ID and authentication are provided by third parties.

“IdentityNORTH is where the conversation occurs, and DIACC is where the action happens,” Aran Hamilton, Chair of IdentityNORTH, clarified. While anyone is welcome to come to IdentityNORTH, organisations must apply to join the DIACC.

“If you want to make change, if you have limited resources of time and money, if you have to choose between IdentityNORTH and DIACC, do DIACC,” said Hamilton.

DIACC is proud to partner with IdentityNORTH – join us at another upcoming event to connect with the community.

DIACC Membership Appoints New Board of Directors

The DIACC Annual General Meeting brought together 75 members of the council together for a day of digital identity insights and community action. At the beginning of the session, the members were asked to vote on nominees who were put forward for the Board of Directors.

The DIACC is happy to announce the results of the 2018 Board of Directors election:

  • Director: John Sharpe, Vice President, CGI
  • Director: Allan Foster, Vice President of Global Partner Success, ForgeRock
  • Advisor: Sajith Nair, Partner of Cybersecurity and Privacy, PwC Canada

The nominees all provided a strong point of view in their statements and will bring a unique perspective to the board.

New Benchmarks for Our Growing Community

This year was the first time Director nominations exceeded the number of Board seats available. This significant milestone demonstrates the continual growth and relevance of digital identity work and the multitude of bright leaders in the community. This represents an exciting momentum as we grow, bringing more diversity, action and thought leadership to Canada’s digital identity ecosystem.

In order to create a representative leadership team, the community was asked to nominate members they felt have the requisite experience and collaborative attitude. Many strong candidates were put forward and we look forward to working with the elected directors, advisors and other nominees to drive progress.

Get more information on the Board of Directors and learn more about joining the DIACC.

Connecting FIDO Alliance with Canadian Solutions for Digital Identity

How FIDO Alliance, the World’s Largest Ecosystem for Standards-Based, Interoperable Authentication, Connects to the DIACC

The DIACC mandate is to identify and develop standards that prioritize and align with Canadian principles. Our Canadian focus and approach enables us to support members with locally-focused solutions and opportunities, while integrating with international frameworks and initiatives, and maintaining a pulse on worldwide trends.

The FIDO Alliance is one example of international standards driving progress in digital identity authentication. We connected with DIACC member Hypersecu, who is also a member of FIDO Alliance, to offer more insight into the authentication initiative.

 

Can you provide an overview of the FIDO Alliance for people who are unfamiliar?

The FIDO Alliance, Fast IDentity Online, is a non-profit organisation created with a mission to develop standards for strong authentication devices and to address the difficulties of managing multiple complex passwords. Password management can often result in high support costs for companies, while at the same time lacking effectiveness when it comes to preventing data breaches. The Alliance aims to ease these concerns by providing mechanisms that reduce reliance on passwords for strong authentication.

Currently, there are two main standards from the Alliance: U2F (Universal 2nd Factor) and UAF (Universal Authentication Framework). U2F uses a physical token, or security key, to add an extra layer of security, but does not require the user to enter an additional code the way one-time password tokens do. Instead, the user simply presses a button on their security key to log in. UAF uses biometrics, such as fingerprinting and other unique processes, to create an entirely password-less experience.

The Alliance is also developing a new standard called FIDO 2. FIDO 2 aims to provide simple and strong authentication on all devices. Its goal is to create a password-less experience with the strong security that 2-factor authentication offers.

 

How did this alliance start?

The Alliance was started by Ramesh Kesanupalli, at the time Chief Technology Officer of Validity Sensors, and Michael Barrett, then PayPal’s Chief Information Security Officer, who wanted to develop identification using biometrics for online authentication, that would be based on an open standard which could support multiple vendors. The FIDO Alliance was thus founded in 2012 by PayPal, Lenovo, Nok Nok Labs, Validity Sensors, Infineon, and Agnitio, and announced publicly in 2013.

In 2014, Hypersecu joined the FIDO Alliance. We are currently actively involved in promoting FIDO solutions.

 

Why is interoperability important to companies, users, and governments?

With so many different systems, applications, and devices that are now interconnected, interoperability is crucial for our current technological ecosystem. It allows different types of industries and enterprises to connect using the same technology without having to invest in new developments. At the same time, users have the reassurance that their devices will work on any platform supported by a particular technology – in this case, FIDO protocols. With online authentication, users, companies, and governments alike need to be able to connect from wherever they are through multiple devices, from smartphones to tablets to laptops.

Having standards also allows manufacturers, developers, and service providers to easily incorporate FIDO support into their products and services. As a result, strong authentication becomes accessible to more users and available through more services, reducing the cost and time required for implementation. Anyone can integrate FIDO technology into their day-to-day business with little disruption.

 

How will the FIDO Alliance impact Canadian organisations?

The FIDO Alliance will help advance the cause for trustworthy digital identity in Canada by making it simpler and less costly for Canadian organisations to implement the technology and introduce options for secure authentication. Many Canadian businesses and other organisations rely on digital transactions, such as banking and e-commerce, which makes easy-to-use but effective secure authentication that much more critical.

 

How will the FIDO Alliance impact Canadians?

From what we’ve observed, the average Canadian still requires more motivation to use strong authentication compared to those in other regions. Simple passwords are widely used in Canadians’ daily digital lives, from online banking to email accounts. One of the reasons for this may be due to the high cost and complexities involved in implementing strong authentication.

The FIDO Alliance will, as mentioned, make implementing strong authentication much easier and with minimal disruption. It opens new doors for Canadians to adopt cost-effective solutions for authentication that is widely supported around the world.

 

What is Hypersecu’s role in this initiative?

Hypersecu provides high quality and cost-efficient HyperFIDO™ U2F Security Keys. We’re constantly developing new products and initiatives using the FIDO U2F technology in order to make authentication as simple as possible. This includes mobile friendly FIDO security keys that can be used without additional attachments. We achieve this by taking advantage of features already natively available on most mobile devices such as Near-field Communication (NFC) or Bluetooth, which allow users to quickly connect their security key and log in from anywhere.

We also partner with identity and access management services such as SAASPASS to provide a one-stop multi-factor authentication solution that’s flexible and simple to use, whether you’re a small company or a large enterprise. In addition, we’ve been working to introduce FIDO U2F to universities so that students and faculty alike can protect important information such as exams, grades, student loan details, and other sensitive data.

Why is it important for Canadian companies like Hypersecu to be involved?

Since the digital world is increasingly becoming borderless and Canadian companies have a greater global reach, it’s important that we take initiative to ensure that we are creating an effective security framework. Without a trustworthy digital identity, Canadian companies become vulnerable to costly and dangerous data breaches, especially given today’s heavy reliance on digital access and transactions. However, many Canadian businesses also operate on a smaller scale with limited resources available to dedicate to security and authentication. As a result, FIDO is an excellent way for companies in Canada to implement secure authentication with minimal cost and disruption.

 

The DIACC develops the Pan-Canadian Trust Framework to accelerate interoperability of business, policy, and technology processes for digital identity systems and solutions. Emerging standards and technologies including FIDO, and others, are sure to play a role in accelerating Canada’s digital economy participation.

Register: IdentityNORTH and DIACC’s AGM

Identity week in Canada is approaching. From beginners to experts, IdentityNORTH and DIACC’s Annual General Meeting (AGM) will provide a platform for those who seek to advance our Digital Identity landscape. It’s all happening in Toronto, Ontario. Will you be there?

June 19-20 – IdentityNORTH is Canada’s premier event where all persons and organizations are welcome to join the conversation. DIACC members contact us to get access to your discount code!

June 21 – DIACC’s AGM is the annual gathering where DIACC members shape the future of DIACC.  DIACC members as well as members of the Joint Councils Identity Management SubCommittee may attend the AGM. DIACC will review registrations for approval.

We look forward to seeing you there!

AGM Agenda

Time Topic
8:30 Networking Breakfast
9:00 Chair of BoD Welcome
9:10 Plenary Business – Reporting & Motions, Dave Nikolejsin, Province of BC, Chair of Board, DIACC
9:40 A Year of Growth – State of the DIACC

  • Presentation 20 minutes / Q&A 5 minutes
10:05 Connecting the Community – DIACC action on IdentityNORTH Trends

  • Facilitated discussion 20 minutes
10:25 Networking Break
10:40 Pan-Canadian Trust Framework Progress and Interactive Discussion

  • Trust Framework Expert Committee (TFEC)
  • Presentations 35 minutes / Q&A 10 minutes
11:25 Engaging Member Priorities for Real World Impact

  • Innovation Expert Committee (IEC)
  • Presentation 15 minutes / Q&A 5 minutes
11:45 Rapid On-Boarding for Networked Federations
12:00 Networking Lunch
1:00 Proof of Concept – Cross Border Digital ID Financial Sector Interoperability

  • Presentation 15 minutes / Q&A 5 minutes
1:20 International Applied Research
1:40 Trends in Mobile Authentication

  • Presentation 15 minutes / Q&A 5 minutes
2:00 Networking Break
2:15 Member Trends in Biometrics

  • Presentation 10 minutes / Q&A 5 minutes
2:30 Member Trends in Digital Transformation

  • Presentation 15 minutes / Q&A 5 minutes
2:50 Panel – The Economics of Identity and why the Pan-Canadian Trust Framework is needed now more than ever
3:20 Calls to Action
3:40 Thanks!
3:45 DIACC Networking Cocktail Hour

 

Setting Flexible Industry Standards for Canadian Leadership and Development

Demystifying Industry Standards

One of the DIACC’s mandates is to identify and develop industry standards around digital identity that prioritize Canadian values through frameworks that are easy to reproduce, export, and apply across a large variety of industries and use cases.

In this post, we explore what the DIACC means by industry standards, why they matter to every Canadian, and how our collaborative approach is designed to unlock strategic insights that drive the delivery of robust and impactful standards.

What is an Industry Standard?

Industry standards are understood as a set of criteria relating to the standard functioning and executing of operations in a respective field of production. Industry standards establish a generally accepted framework to be adopted and followed by members of any given industry.  

“Industry” refers to the field of practice not the sector. In any given industry people and organisations intersect with each other and share interdependencies. This is especially true when it comes to the digital world.

Examples of Industry Standards:

DIACC members work to identify and develop multi-sector and community-driven industry standards for digital identity practitioners that offer broad value to all Canadians, from the private and public sector and around the world. In order to deliver value, industry standards must prioritize flexibility and security to ensure continued effectiveness.

Why do they Matter?

Industry standards establish a framework to ensure a repeatable level of expectation and certainty that benefits everyone involved. This is especially important in the digital world, when it comes to a concept as impactful and wide-reaching as digital identity.

Industry standards allow widespread technology and services adoption, improve user experience through interoperability, and ensure that safety and security are entrenched in solutions by design.

Industry standards for digital identity help:

  • Build customer confidence over time through consistent user experiences
  • Remove risk from a hardware perspective, as standards establish what needs to go into each element of a product, from design to delivery  
  • Ensure interoperability
  • Improve the customer experience and provide more strategic insight into consumer needs
  • Businesses and government understand what’s needed to ensure user confidence and interoperability of products
  • Establish design standards to ensure privacy and security of data
  • Develop a competitive edge through security, predictability, and confidence, resulting in a larger user base

Design standards to maintain the security and privacy of personal identifiable information have a  critical role in building public confidence for adoption of identity innovations. Digital identity industry standards are evolving, yet an inconsistent user experience remains, resulting in less confidence and slower progress.

Through industry standards development, there is an exciting opportunity for leaders of innovating organisations to collaborate and shape our digital lives. Collaboration across sectors and verticals provides key learnings, opportunities for new partnerships, business growth and development, and strategic insights that can’t be gained in isolation.

DIACC’s vision for digital identity is to make Canadians’ lives better. The time, energy, and effort it takes to remove complexity from users is not something Canadians should have to think about. If implemented properly, digital identity will be a simple, trusted and reliable part of how Canadians interact and conduct transactions everyday. 

After all, the hard work of good design is often invisible. Consider something as simple as this lamp:

Industry Standards Development: Why DIACC Uses a Call for Comments

The DIACC’s goal is to unlock public and private sector capabilities through impactful cross-industry collaboration to make the complex systems that underpin digital identity simple,  secure, and more trustworthy for both users and suppliers. One way we will accomplish this vision is through far-reaching and useful frameworks.

Digital identity that delivers impact to grow an economy requires broad collaboration and ultimately, success will be led by inclusion. The DIACC coalition of public and private sector leaders are making a sustained and significant investment in the future of digital identity. By connecting committed stakeholders and the broader Canadian community at-large around focused, inclusive, and beneficial standards, we ensure every Canadian has the opportunity to share their view.

 

Contact us to to share your ideas for collaborative and Canadian principled standards that can advance Canada’s digital economy.

 

 

« Older Entries

Newer Entries »