For example, Northrop Grumman is preparing to issue its new OneBadge identification cards to thousands of employees. The OneBadge card design and policies meet federal and DOD standards, said Keith Ward, director of enterprise security and identity management at Northrop Grumman. The company expects to be one of the first federal contractors to use a centralized public-key infrastructure as part of its identity management program, Ward said. The company participates in CertiPath, an entity created by several defense contracting firms that is part of the federal government’s trust network through a bridge relationship with the Federal Bridge Certification Authority.[From Contractors prep interoperable identity management systems]
Look at all of the technologies that are in place here: PKI, smart cards, certification, federation and so on. Nevertheless technology is an important part of the equation, and we need to pay attention to the emerging technologies, because it will take some real effort by a coordinated industry grouping in order to get worthwhile (ie, involving tamper-resistant hardware) authentication deployed and this will need to be linked to a framework (such as the new OpenID Connect) that can easily be adopted by web sites, mobile services and across other channels.
One such grouping is obviously banks and payment schemes. And here, I think, there is a growing recognition that identity and authentication need new thinking.
The Visa card with one-time code offers banks an innovative solution to authenticate consumers through an alpha-numeric display and a 12-button keypad built into a conventional credit, debit or prepaid card. It is a neat solution for consumers to use and also contains a battery designed to last three years. The product has been developed in conjunction with EMUE technologies.[From Leading banks join pilots of the innovative Visa card with one-time code]
Over on the Digital Money blog, we’re always very interested in developments in identification and authentication. Why are these these so important in the payments world? I think that the dynamic is this: if there is an infrastructure in place to manage identity, and that infrastructure includes clear division of responsibilities and clear assignment of legal liabilities, then it takes a big chunk of the costs out of building and running a new payment system. A general trend in the next phase of electronic payment evolution will be the unbundling of the payment, the identification and other services (such as fraud management).
There are different opinions about how the unbundled identification part might be implemented. I’ve written before that I think that a mobile, SIM-based approach might be the best way forward. The SIM provides the tamper-resistant hardware that we need to store the keys, the mobile phone provides the connectivity and interfaces and mobile operator provides the business model. There has to be a business to make identity work.
So what is the business model? For the operator, it’s incremental messaging revenue; in the first deployment, with Turkcell, the identifications were charged at the same rate as text messaging. According to Turkcell, this resulted in an average of 21 extra messages a month for each user who signed up for Mobile Signature; as a typical user sent 95 messages a month, that amounts to a 20% boost to messaging ARPU.[From Case Study: Mobile Signature solution approaches key growth milestone – Convergence Conversation]
There are plenty of other possibilities, and if anyone tells you they know how this will work out, they’re wrong. But if they tell you that identity and authentication technologies will shape future payment strategies, they’re right. As I heard someone remark in a meeting a few months ago, if I were a bank, I’d want to be part of the identity value chain rather than a commoditised and low-margin payments value chain.
As I mentioned last month, Consult Hyperion has joined forces with Identrust to sponsor a Digital Identity Forum track at this year’s European e-Identity Management conference in London on 9th-10th June 2010. The track will be called “Identity is the new money” and will focus on the potential co-operation between the banking, business and government sectors to actually do something about making peoples lives easier, safer and simpler through digital identity. John Bullard of Identrust will be chairing a number of speakers and then after tea I will be chairing a couple of expert panels looking at different aspects of the problem and potential solutions. I hope that we’ll be swapping and sharing practical ideas for products, services and new businesses: please come and join us on LInkedIn to learn more about the event in general and the Digital Identity Forum track in particular.
The line-up will be as follows
The Digital Identity Forum: Identity is the New Money
Sponsored by Consult Hyperion and Identrust
Session 1: Chaired by John Bullard, Identrust
13:15 John Skipper, PA Consulting
13:45 Vincent Jansen, Innopay
14:15 Sonia Rossetti, RBS
14:45 Giles Sargant, Touch2ID
Session 2: Chaired by David Birch, Consult Hyperion
15:45 Expert Panel on the Identity Business
Joe Norburn, Identrust
John Lunn, Paypal
Jan Dart, Bell ID
Todd Facemire, Barclays
16:45 Expert Panel on Identity and the Consumer
Peter Bradwell, DEMOS
Henry Potts, UCL
Marc Dautlich, Olswang
William Heath, MyDex
Look forward to seeing you there. By the way, the promotional code EID10DIF will give your delegates 20% OFF of one or two day passes.
These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]