Monthly Archives: février 2019

In today’s digital-centered world, Canadians have expectations regarding convenience, data privacy and security. How do businesses and governments deliver on those expectations?

It is imperative to have a vehicle for enabling and growing Canada’s digital economy, one that is open and client-focused, and facilitates more integrated and client-centric services. One that is an interoperable network, in which digital identity information can be asked for and subsequently verified across all industries and all levels of government in the country.

DIACC’s latest publication, Canada’s Digital Identity Ecosystem, stresses the value in building such a system. By unlocking digital identity capabilities from both the public and private sectors, this ecosystem benefits people, businesses and governments across the country. For instance,

• Businesses can leverage the ecosystem to mitigate risks for fraud and accelerate the adoption of electronic business processes.
• The ecosystem can help governments to enable real-time service delivery, and reduce fraud risk for services that are considered high-risk.
• For consumers, it will provide a more convenient user experience, as access should reduce the number of username-password credentials, using a “tell us once” approach to data collection.

“All participants – from individuals to organizations across various industries – are authorized as trusted stewards for Canadian identity information,” said DIACC President Joni Brennan. “By adhering to a common framework, stakeholders share only the essential identity information, and nothing more.

Ken McMillan, Acting Director, Digital Identity at Treasury Board of Canada Secretariat, noted that each province and territory has a different schema, and one definition hasn’t yet been agreed upon.

“The ecosystem approach says that you need a common set of definitions, and we don’t apply definitions uniformly across the country.” he said. “It forces us to have the conversation about a common definition of terms.”

“Most importantly, this ecosystem provides Canadians with choice and control,” Allan Foster, VP Global Partner Success at ForgeRock and member of DIACC’s Board Of Directors, pointed out. “Users are able to offer their consent on what information is shared and are notified of access to their personal information, such as a police background check,” he said.

Other countries have made their own cases for establishing such ecosystems. DIACC posits that having a Digital Identity Ecosystem built in Canada, for Canadians, will set our country up for success in the modern global digital economy.

A recently published white paper developed by DIACC members Digidentity and ID Crowd explores remote identity proofing alternatives to knowledge-based verification. The paper proposes that digital identity has the potential to mitigate risks associated with fraud. Greater customer reach, better compliance, and secure and streamlined onboarding processes are among the benefits digital identity can provide.  

Read the full white paper, “Exploration of Remote Identity Proofing Alternatives to Knowledge Based Verification.”

“The US and Canadian identity ecosystems will benefit from this research as it demonstrates that robust alternative methods of remote verification are theoretically possible, both technical as well as commercial,” said Marcel Wendt, CTO and Founder of Digidentity.

Knowledge-based verification refers to a security method in which a user is asked to answer at least one “secret” question. The challenge with this approach, the authors purport, is that it is largely based upon the foundation of “what the user knows,” and relies on the integrity and secrecy of the underlying information that is being verified.

Given that 2017 and 2018 were years in which online data breaches became part of the public consciousness, concerns surrounding data privacy and protection are mounting.

“Data breaches are becoming more frequent; these breaches undermine the integrity of confirming the identity of an individual using knowledge based verification” said Dick Dekkers, Director Business Development at Digidentity.

“The inability to trust these traditional data set to identify, verify and authenticate individuals and assets, undermines the development undermines the development of identity ecosystems in North America.”

Posing the question – “is the entity asserting the evidence the true owner of the asserted identity?”- the research studied five alternatives to traditional knowledge-based verification.

• The comparison between a machine readable travel document and a “selfie” of the user asserting their identity
• A government issued driver’s license as identity evidence
• Comparing a user’s asserted identity with that of their mobile phone contract
• Verifying the ownership of a financial account under the control of the user
• Verification using credit card transaction data

“The NIST 800-63A identity standards enabled us to grade each method and the evidence in terms of their issuance, validation and security features” noted David Black, Director at ID Crowd.

All methods, the study determined, are credible identity verification alternatives to the traditional knowledge-based verification approach.

“The five methods selected are not as vulnerable to breaches as traditional methods such as the credit file as they rely on a spread of features including strong issuance processes, biometric comparisons and cryptographic protective measures,” said Gillan Ward, Director, ID Crowd.

About the Paper

The Information in this report is based on research funded by the U.S. Department of Homeland Security Science & Technology Directorate (DHS S&T). Any opinions contained herein are those of the performer and do not necessarily reflect those of DHS S&T.

This content of this white paper is developed under the governance of the DIACC International Applied Research program. The International Applied Research program connects innovators that align with the DIACC Digital Identity Ecosystem Principles with international applied research funding opportunities. The content of the paper was submitted by Digidentity and ID Crowd and does not necessarily reflect those of the DIACC membership.