[Dave Birch] There’s a lot going in the world of identity, as anyone following this weeks Internet Identity Workshop will attest to. A decade after the web went mass market, we still have no mass market identity infrastructure in place, despite all of the efforts made by a wide variety of suppliers, standards bodies, open source groups and governments. It’s not because there aren’t technologies that can help — there are plenty — but because the technology is only part of the problem. The key technologies, in fact, are pretty well understood and in “closed” systems such as the DoD they are already deployed on a large scale (and here there has already been some progress on interconnection).

For example, Northrop Grumman is preparing to issue its new OneBadge identification cards to thousands of employees. The OneBadge card design and policies meet federal and DOD standards, said Keith Ward, director of enterprise security and identity management at Northrop Grumman. The company expects to be one of the first federal contractors to use a centralized public-key infrastructure as part of its identity management program, Ward said. The company participates in CertiPath, an entity created by several defense contracting firms that is part of the federal government’s trust network through a bridge relationship with the Federal Bridge Certification Authority.

[From Contractors prep interoperable identity management systems]

Look at all of the technologies that are in place here: PKI, smart cards, certification, federation and so on. Nevertheless technology is an important part of the equation, and we need to pay attention to the emerging technologies, because it will take some real effort by a coordinated industry grouping in order to get worthwhile (ie, involving tamper-resistant hardware) authentication deployed and this will need to be linked to a framework (such as the new OpenID Connect) that can easily be adopted by web sites, mobile services and across other channels.

One such grouping is obviously banks and payment schemes. And here, I think, there is a growing recognition that identity and authentication need new thinking.

The Visa card with one-time code offers banks an innovative solution to authenticate consumers through an alpha-numeric display and a 12-button keypad built into a conventional credit, debit or prepaid card. It is a neat solution for consumers to use and also contains a battery designed to last three years. The product has been developed in conjunction with EMUE technologies.

[From Leading banks join pilots of the innovative Visa card with one-time code]

Over on the Digital Money blog, we’re always very interested in developments in identification and authentication. Why are these these so important in the payments world? I think that the dynamic is this: if there is an infrastructure in place to manage identity, and that infrastructure includes clear division of responsibilities and clear assignment of legal liabilities, then it takes a big chunk of the costs out of building and running a new payment system. A general trend in the next phase of electronic payment evolution will be the unbundling of the payment, the identification and other services (such as fraud management).

There are different opinions about how the unbundled identification part might be implemented. I’ve written before that I think that a mobile, SIM-based approach might be the best way forward. The SIM provides the tamper-resistant hardware that we need to store the keys, the mobile phone provides the connectivity and interfaces and mobile operator provides the business model. There has to be a business to make identity work.

So what is the business model? For the operator, it’s incremental messaging revenue; in the first deployment, with Turkcell, the identifications were charged at the same rate as text messaging. According to Turkcell, this resulted in an average of 21 extra messages a month for each user who signed up for Mobile Signature; as a typical user sent 95 messages a month, that amounts to a 20% boost to messaging ARPU.

[From Case Study: Mobile Signature solution approaches key growth milestone – Convergence Conversation]

There are plenty of other possibilities, and if anyone tells you they know how this will work out, they’re wrong. But if they tell you that identity and authentication technologies will shape future payment strategies, they’re right. As I heard someone remark in a meeting a few months ago, if I were a bank, I’d want to be part of the identity value chain rather than a commoditised and low-margin payments value chain.

As I mentioned last month, Consult Hyperion has joined forces with Identrust to sponsor a Digital Identity Forum track at this year’s European e-Identity Management conference in London on 9th-10th June 2010. The track will be called “Identity is the new money” and will focus on the potential co-operation between the banking, business and government sectors to actually do something about making peoples lives easier, safer and simpler through digital identity. John Bullard of Identrust will be chairing a number of speakers and then after tea I will be chairing a couple of expert panels looking at different aspects of the problem and potential solutions. I hope that we’ll be swapping and sharing practical ideas for products, services and new businesses: please come and join us on LInkedIn to learn more about the event in general and the Digital Identity Forum track in particular.

The line-up will be as follows

The Digital Identity Forum: Identity is the New Money
Sponsored by Consult Hyperion and Identrust

Session 1: Chaired by John Bullard, Identrust

13:15 John Skipper, PA Consulting
13:45 Vincent Jansen, Innopay
14:15 Sonia Rossetti, RBS
14:45 Giles Sargant, Touch2ID

15:15 Tea

Session 2: Chaired by David Birch, Consult Hyperion

15:45 Expert Panel on the Identity Business

Joe Norburn, Identrust
John Lunn, Paypal
Jan Dart, Bell ID
Todd Facemire, Barclays

16:45 Expert Panel on Identity and the Consumer

Peter Bradwell, DEMOS
Henry Potts, UCL
Marc Dautlich, Olswang
William Heath, MyDex

17:45 Close.

Look forward to seeing you there. By the way, the promotional code EID10DIF will give your delegates 20% OFF of one or two day passes.

These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]

1 comment

  1. @Erwin
    Symbiotic, synergistic, and one hand washes the other: write for Technorati – you win, we win. The more you write, the bigger the benefits. Find your niche and sign up for a recurring feature. And don’t forget to join our writers community for access to story ideas, press releases, promotional ideas, and moral support. Here’s more information about becoming a writer for Technorati or Blogcritics.
    Does anyone know where I can find really hardcore technical information about smart cards?. I’m doing a report for the company I’m working for so it’s kinda important.

Leave a Reply


Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.
%d bloggers like this: