Yearly Archives: 2020

DIACC Launches New Special Interest Group (SIG) to Address Foundational Identity

Collaboration is at the core of the DIACC’s work, and we are pleased to announce a new initiative – one that engages multiple stakeholders to further advance digital identity. 

We’re pleased to advise that DIACC’s Foundational Identity Special Interest Group (SIG) will launch soon. This is a great opportunity to connect insights. Participation is open to DIACC members and non-members. All are welcome. 

This SIG will seek to answer one question: “How can existing birth and immigration record sets be used to improve service delivery and reduce fraud?” This SIG will develop recommendations for a roadmap for improving service delivery and reducing fraud through better identity resolution capabilities. 

Reference the Foundational Identity SIG Charter for additional information.

To learn how you can get involved, please contact us at info@diacc.ca.

The DIACC Board of Directors have ratified the formation of DIACC’s first SIG. DIACC SIGs are open to all sustaining members, adopting members, as well as non-members who are interested to convene discussions around a specific interest. SIGs enable more opportunities to connect subject-matter experts around the world. 

The concept for this SIG was proposed by DIACC Members Valid8ID Solutions and the Government of British Columbia. The SIG will form to discuss opportunities for ‘Reducing Identity Fraud by Leveraging the Existing Unique Foundational Identities’. A topic that has been presented to DIACC’s Innovation Expert Committee (IEC).

“The work of this SIG is important because, when our foundational identity systems and processes are weak, the opportunity to have strong, well-trusted digital identity solutions is diminished.”

Andrew Johnston, IEC Co-Chair

As the name implies, foundational identity is a key concept, he explained, as components of the Pan-Canadian Trust Framework (PCTF) make reference to “foundational evidence of identity” which is evidence that is commonly kept in a birth registry for example. These records serve as the starting point for official and authoritative identification of people. Unfortunately, fraudsters may take advantage of such systems to defraud government programs and service providers, as well as to impersonate real people. 

“If we’re going to build digital identity solutions that can be trusted, building on a solid and trustworthy foundation is fundamental to that mission,” he added.  

“For a number of reasons, variants of our legal names are quite commonly used on secondary documents such as driving permits and resident cards,” explained Bill Pezoulas, Co-founder, Valid8ID Solutions. “The disparity between our legal name and the name used on common identifying documents gives rise to inefficiencies in identity validation in service delivery contexts and provides opportunities for identity theft and other kinds of fraud, which cost significant losses to public and private sector institutions.

The Foundational Identity SIG was formed as a forum to examine ways to anchor evolving Digital Identities in the foundational record sets to reduce inefficiency and fraud, Pezoulas said. The anticipated outcome of the group’s discussion is to recommend approaches to engage foundational evidence authorities regarding opportunities to increase trust in our Digital Identity ecosystem and accelerate adoption so that Digital Identity can be a driver of Canadian economic growth.

“When I learned that the birth certificate is the one unique identifier that allows for multiple people to be named John Smith it was an “ah ha” moment,” said Don Waugh, IEC Co-Chair alongside Johnston. The anchor for identity, this document is the method by which a relying party can know which ‘John Smith’ they are dealing with.

Pointing out that, in Canada, the birth certificate is foundational for digital identities and is even more important than SINs, passports and driver’s licence numbers, Waugh said that when identity attributes are anchored to this document, it eliminates the confusion that arises form duplicate names and alternate nicknames.

SIGs are a great way to engage broad Pan-Canadian and international discussions and we expect that more SIGs will be established going forward. Johnston noted that all ideas are welcomed, and topics or challenges of interest should be brought to the attention of the IEC. “The motivating drive of this committee is to organize members of DIACC and the identity community at large to address outstanding problems, kick the tires on new approaches and assist in the alignment of those new approaches to the PCTF,” he said.

OARO: Fighting COVID-19 with Automated Temperature Screening

by Brenan Isabelle, Director, Enterprise Solutions, OARO

As the world is grappling with coronavirus (COVID-19), minds are churning with the desire to come up with innovative ideas. We need solutions, and fast.

Leveraging our OARO ACCESS product line, a physical access control system that uses facial recognition and blockchain identity technology, the team at OARO took a leap forward – offering a technology solution to meet the needs of the current pandemic. 

Mainly used to secure areas in New Brunswick’s Saint John Airport, we have expanded this line to now feature an optional body temperature module for fever screening. A common symptom of COVID-19, up to 80 per cent of individuals suffering from the virus may have a higher than normal temperature, making temperature a critical factor to measure. To enable fully automated detection of elevated body temperatures, OARO has integrated the latest generation of smart thermal cameras with our AI-based facial recognition technology. Additionally, with this solution, physical contact at entry points is also greatly reduced.  

How does temperature screening work?

Involving both a thermal camera and a visual camera, the two video feeds are streamed back to a computer server that uses facial recognition to automate the temperature screening process. Artificial intelligence recognizes faces in the visual video stream, identifying the best place to measure skin temperature, which is near an individual’s inner eye (the tear duct). It is important to note that this is not a diagnosis, it is simply a screening method.

Why temperature screening in the time of COVID-19?

One issue in today’s health sensitive world is that many physical access control systems use either palm or fingerprint readers, which carry the risk of viral transmission. Thus, there has been a shift towards the use of facial recognition and thermal cameras. Our vision at OARO is to have this integrated within access control or video management systems, optimizing it for large enterprises. 

For contactless access control systems, there are two various set-ups: a thermal camera can run automated facial recognition at an entry check-point, and the gate could be configured to open for authorized employees and contractors. Alternatively, smart facial recognition terminals can be installed at doors, and read employee keycards. 

What differentiates OARO’s thermal screening approach from other thermal screening approaches? 

We are striving to move away from having trained operators, with an entirely automatic system that scans multiple faces so people do not have to stop at screening points. 

As with all technologies today, maintaining a responsible approach to privacy by design and data management is key, as is compliance with PIPEDA and Canada’s Privacy Act. If done wrong, this technology has the potential to be quite invasive and “big brother-esque.”

An extremely popular technology today, the current demand for thermal cameras is very high (there is limited inventory across North America)! As businesses are considering this technology, which many are, it is important to remember that, despite being in a pandemic situation, identity and privacy needs must be continually upheld. As many of the current systems were not built on privacy by design principles, our goal was to take a modern, blockchain and cryptographic approach to this, rather than one that is centred on surveillance and big data.  

Learn More about DIACC member initiatives and identity solutions including OARO’s within the COVID-19 Actions Directory, where we are pleased to share the actions taken to address the demands of these extraordinary circumstances.

About the Author: Brenan Isabelle

Brenan is the Director of Enterprise Solutions at OARO. Brenan’s background is in private equity and venture capital investments. Prior to this, he was a strategic and operations consultant at Deloitte — the largest professional services network in the world and a bond trading analyst at Scotia Capital. He holds an MBA in finance from Dalhousie University and a BBA from St. Francis Xavier University. Outside work, Brenan is an expert skydiver with over 3,700 logged parachute jumps.

Reliance on the Internet and the Battle Against COVID-19 Highlight the Need for Multi-Channel Authentication

By Karl P. Kilb III, CEO, Boloro Global Ltd.

Today, as COVID-19 rocks the world, the importance of digital identity solutions are only emphasized. We are pleased to share a number of guest blogs in the context of the DIACC network, showcasing members with capabilities, solutions and forward-thinking ideas surrounding the pandemic.

Learn more about DIACC member initiatives and identity solutions within the COVID-19 Actions Directory, where we are pleased to share the actions taken to address the demands of these extraordinary circumstances. 

Due to the COVID-19 pandemic, society is moving towards an increasingly virtual lifestyle, as many of our daily activities are now taking place in the digital realm, including online banking and eCommerce. We are all traveling non-stop on an information superhighway that was not built with safety and security in mind, as the Internet was built for mass dissemination of information and not for secure transactions and other risky activity that could allow fraudsters to run rampant with identity theft. We see stories each day about emails being hacked and Operating Systems being subjected to malware, making online activity inherently vulnerable to fraud. Our increased reliance on online activity during the current pandemic highlights these long-standing problems, as SIM Swaps, email hacks, malware, man-in-the-middle attacks and other forms of fraud are all rising dramatically. The decentralization of customer support desks may also be contributing to the ability of fraudsters to wreak havoc on current security systems in place. 

So, what can be done to put real security in the hands of consumers? 

As activity on the Internet and Operating Systems are increasingly becoming easy prey to sophisticated fraudsters who routinely exploit this single point of failure, we need to consider new approaches to security that avoid such systems. Security should not only be multi-factor, but also multi-channel, eliminating the vulnerabilities of a single point of failure. “In app security” is still touching the inherently vulnerable Internet, meaning its users are still putting all of their eggs in an unstable basket. Out-of-band security is one option that stands as a viable alternative, meaning, when activity is on one channel, authentication should be on a separate channel, providing an independent lock-and-key that cannot be intercepted and compromised. 

At a time when the world is increasingly becoming aware of the inherent vulnerabilities of virtual technologies, we are also seeing the dangers of physically touching public Point of Sale devices, ATM keypads, finger scanners, or anything that could spread the virus. During a time of social distancing, conducting multi-factor and multi-channel security safely on one’s own device is an effective approach.

Along with data protection and privacy, authentication processes must also be considered. In Europe, for instance, the Payment Services Directive (PSD2) defines Secure Customer Authentication, and the General Data Protection Regulation (GDPR) defines the guidelines for protection of personal data, regardless of the form it might take. There is a need to address both. One way this can be achieved is with a multi-channel approach that provides real security (both what you possess and what you know). Authentication should strive to provide assurance to the question “Is this really you?” without being unnecessarily intrusive in its use of a consumer’s personal data.

At Boloro, we believe that authentication should be multi-factor and multi-channel, separating the security process from the activity itself in order to avoid the vulnerabilities of a single point of failure. Authentication should be secure, user-friendly, instantaneous and compatible with all mobile phones, giving everyone the opportunity to safely, securely and seamlessly participate in the global economy and social media using what should be their most trusted device – their own personal, mobile handset. 

We should all strive to work together to make the world safer and healthier, and doing this through secure mobile activity is one of the ways we can work towards achieving this goal.

About the Author: Karl P. Kilb III

Karl P. Kilb III has been the CEO of Boloro Global Limited since October 2016, focusing on the licensing of Boloro Authentication for all forms of identity verification and activity validation. Boloro Authentication is patented in 84 countries and approved by the GSMA, among others. Prior to Boloro, Kilb was a pioneer in data, analytics, media, and electronic trading at Bloomberg LP, serving as General Counsel for more than 15 years. Kilb regularly lectures on identity verification, cyber security, fraud prevention, and welcomes exploring collaboration opportunities.

Self-Assessment: CitizenOne by Vivvo

This document is intended to be used by identity network providers that want to demonstrate how their solution fits into the framework and requirements as described in the Making Sense of Identity Networks white paper. This self-assessment is an informal way to illustrate the concepts discussed in the white paper and has been reviewed by Consult Hyperion to ensure it is objective, accurate, and aligns with the framework.

View the self-assessment: CitizenOne by Vivvo

Self-Assessment: Verified.Me by SecureKey Technologies Inc.

This document is intended to be used by identity network providers that want to demonstrate how their solution fits into the framework and requirements as described in the Making Sense of Identity Networks white paper. This self-assessment is an informal way to illustrate the concepts discussed in the white paper and has been reviewed by Consult Hyperion to ensure it is objective, accurate, and aligns with the framework.

View the self-assessment: Verified.Me by SecureKey Technologies Inc.

A Summary: Making Sense of Identity Networks

Who do identity networks serve, what functions do they support, and what are some key questions to consider, when selecting a network? This infographic distills the key concepts laid out in the DIACC white paper Making Sense of Identity Networks, based on research performed by DIACC member Consult Hyperion and developed in consultation with DIACC members.

Download the infographic: Making Sense of Identity Networks Infographic 

Download the paper: Making Sense of Identity Networks

Making Sense of Identity Networks

This DIACC white paper is based on research performed by DIACC member Consult Hyperion and developed in consultation with DIACC through a community review process, provides an objective and impartial comparison of identity networks. Considering the different types of identity networks that currently exist or are being developed, and using ‘Mary’ as an example, the paper presents a high-level framework with which to understand and assess them, offering guidance to those who are considering participating in such a network.

Download the paper: Making Sense of Identity Networks 

Read the infographic: Making Sense of Identity Networks Infographic

Reference industry self-assessments: Verified.Me by SecureKey Technologies Inc.; CitizenOneTM by Vivvo

How does this apply to your solution? Contact us to contribute a self-assessment

Yoti’s Commitment to Doing Good During the COVID-19 Pandemic

by Leigh Day, Business Development Manager, Canada, Yoti

In response to the COVID-19 pandemic, the team at Yoti made a pledge. We are offering free, contactless identity verification for health organizations and volunteer initiatives working on the front lines. Using our existing technologies, we have been able to achieve positive change, in light of this crisis, reaching a wider audience and assisting those in need. 

Remotely and safely onboarding workers at scale

Yoti’s pledge revolves around several use cases, one being healthcare workers coming out of retirement on a volunteer basis, to aid in the COVID-19 efforts. After taking just a few minutes to download the free Yoti app and create their account, the worker can then scan a QR code on their employer’s website to remotely and securely verify their identity and be onboarded. A revocable Staff Digital ID card is then issued into their Yoti app, which they can present when reporting to a hospital to prove their identity and employment. Recruitment can be done remotely, without the need for face-to-face contact. 

This solution has been deployed by the UK’s National Health Service (NHS) in April, 2020. Putting employees’ NHS ID cards directly onto their phones will help improve the onboarding of new NHS staff, as identity can be proved online and in-person within seconds, allowing these front line workers to provide the immediate medical assistance needed.

Lessening regulatory headwinds and rapid regulatory advancement 

The pandemic and associated lockdowns are forcing many organizations to confront the challenge of remote identity verification in order to adapt and ensure they can provide their services effectively. We are seeing certain regulators embracing digital identity solutions, paving the way for rapid technical innovation. Businesses and regulators are realizing that digital identity solutions enable safe business continuity during this unprecedented time. This, we believe, is a step in the right direction. 

For instance, the Canadian real estate industry has been largely disrupted, as real estate agents cannot hold open houses, and land title laws still require in-person identity verification plus wet ink signatures on contracts. Digital identity verification and e-signatures could be allowed, removing the requirement for notaries and clients to meet in person.The time to innovate is now, in real estate and beyond, and businesses that do not adapt quickly enough risk losing their position to those that do, and to new businesses entering the market. 

Existing staff are provided with a secure digital ID Card, which they can present on screen (or prove their ID by text or
email).

Emphasizing the need for true innovation, rather than manual workarounds

In response to this crisis, we are also seeing relaxation of identity verification requirements to enable business continuity.  In B.C. for instance, car insurance is provided by the Insurance Corporation of British Columbia (ICBC). Insurance regulations are decades old and don’t currently contemplate digital identity solutions. To maintain social distancing, ICBC is applying temporary variance from normal in person identity verification in allowing certain transactions to be completed remotely, rather than in person, by phone or email. Instead of innovating and permanently adopting a digital ID solution for verification, this body is creating a temporary and risky work-around. A step away from innovation, this is where fraudsters can thrive. 

Where solutions exist, they should be integrated, and digital ID solutions do exist. Yoti already has a diverse set of products, ranging from an electronic signing solution to enable the remote signing of documents, as well as ID verification solutions. Other technology providers offer their own innovative solutions as well, many of who are members of the DIACC.

Many of these products are already built, they just need to be adapted to the situation at hand. For digital identity adoption globally, this is a massive opportunity. 

Learn More about DIACC member initiatives and identity solutions including Yoti’s within the COVID-19 Actions Directory, where we are pleased to share the actions taken to address the demands of these extraordinary circumstances.

About the Author: Leigh Day

A veteran Cyber Security Executive turned Digital ID evangelist, Leigh is helping expand Yoti’s global presence by driving new business and growth across Canada and the US, and representing Yoti within the Digital ID and Authentication Council of Canada, sitting on expert committees and contributing to the development of the Pan Canadian Trust Framework.

COVID-19 Actions Directory

The social distancing measures that are required to manage the COVID-19 pandemic only serve to further illustrate the urgent need for an ecosystem of identity solutions and services that are secure, privacy-respecting, and convenient to use.

DIACC calls on all of our members to share the actions that they are taking to address the demands of these extraordinary circumstances.

DIACC members who wish to add their COVID-19 related actions to this directory should contact the DIACC team via email or use our contact us form. 

Desjardins encourages members to use Desjardins ATMs or AccèsD (internet, mobile and phone services). Desjardins is asking those who haven’t signed up for government direct deposit services yet to register so they can avoid having to deposit cheques. Learn More

iComply has announced a $2M services grant for government and community organizations in need of online identity verification to support COVID-19 response efforts. Learn More

Jumio Go for Good. Now more than ever, it is important to establish trust remotely. To help in this time of crisis, we’re offering our fully automated, AI-powered identity verification solution FREE of charge to qualifying COVID-19 relief organizations including: Telehealth, Online Education & Testing Services and Other Essential Services. Learn More

OARO has expanded its physical access control system, OARO ACCESS®, to include body temperature screening to help fight COVID-19. The new optional feature can detect individuals exhibiting a fever, the primary symptom of viral infections such as the novel coronavirus. Unlike many other temperature screening systems currently on the market, the new OARO ACCESS® module will be able to analyze trends over time, enabling predictive analytics and improved workplace health and safety measures. The system uses advanced encryption to comply with global data privacy laws. OARO is currently working with existing and new clients to install temperature screening modules on OARO ACCESS® systems. Learn More

The Ontario government put out a call for support from the private sector to fight the spread of COVID-19 using the Ontario Together banner. Included in that call out is a request for supplies, innovation, and ideas. Learn More

TELUS is providing numerous ways to help their customers stay connected and protected. As an essential service, we are ramping up our efforts to keep Canadians connected during this crisis. We are also dedicating $20 million to help COVID-19 relief efforts in support of our frontline healthcare workers, seniors, hospitalized patients, vulnerable Canadians, and families in need. Learn More

Yoti has spent six years building a secure identity platform that makes it simpler and safer to prove who we are in our modern, digital world. We have always offered our digital identity app free to eligible charities and non-profits, and for the next three months, we will be extending this commitment to any public health organization, emergency service and community initiative tackling the COVID-19 crisis. Read more on our COVID-19 crisis pledge. Learn More

Through this challenging time, our top priority remains the health and safety of our employees, customers and partners. We express our deepest sympathies to those who have been affected. We’re also helping the communities in which we operate, and we’ve made donations of supplies and resources in some of the hardest hit areas. Manulife is well-positioned to navigate this evolving situation. We have robust and tested business continuity plans that help ensure we are proactive and prepared, and employees in critical functions can work remotely if required. Manulife will continue to take necessary actions to ensure the health and safety of our teams, and service to our customers, is our top priority. We are committed to helping make decisions easier and lives better. Learn More

OneSpan has rerouted its charitable giving program, OneSpan ACTS, to provide financial contributions toward non-profit organizations or charities working to support those fighting COVID-19 or those impacted by the virus. Through the program, OneSpan employees can submit their association and charity of choice to donate funds to on OneSpan’s behalf.

iProov is providing biometric authentication services free of charge to start-ups that are working on solutions to assist the COVID-19 crisis. A number of projects are already underway, using our Genuine Presence Assurance technology to great effect. One area where we’re seeing a lot of focus is safeguarding. Safeguarding allows genuine offers of help to be encouraged and utilized, by putting processes and systems in place to protect the vulnerable.

Folio has extended the fundamental building blocks of its mobile-based identity platform to support the secure issuance and management of health credentials. The Folio Digital Wallet is highly secure and biometrically bound to the citizen, enabling them to carry their health status, test results and perhaps eventually a vaccination certificate with them conveniently and consent to share attributes to trusted relying parties.

For organizations and governments, Folio allows for the scalability of credential issuance, with certificates that are dynamic and can be time-bound, updated or revoked instantly. Learn more.

To help accelerate this shift to virtual care, Canada Health Infoway reallocated existing funds to create a Rapid Adoption of Virtual Care Fund. In consultation with Health Canada and the jurisdictions, Infoway identified three priority areas for investment that would have the biggest impact in the shortest amount of time: accelerating the implementation of virtual care solutions (including e-visits and home monitoring), offering online mental health services and increasing capacity of 811/ tele-triaging services. As the next stage, mid- to long-term responses are being evaluated.

Understanding Face Biometrics for Identity Verification and Authentication

Applied Recognition and the Digital ID & Authentication Council of Canada (DIACC) developed this report to highlight the opportunities for businesses in adopting biometrics to verify and authenticate identity, with the next generation of technology available to bring instant, secure access to personal data. The report covers areas such as how face biometrics work, the privacy advantages they present, and current market uses of the technology.

Read the full report: Understanding Face Biometrics for Identity Verification and Authentication.

« Older Entries

Newer Entries »