vision 2014: identity as a service for life cycle management

© 2014 Experian Information Solutions, Inc. All rights reserved. Experian and the marks used herein are service marks or registered trademarks of Experian Information Solutions, Inc.

Other product and company names mentioned herein are the trademarks of their respective owners. No part of this copyrighted work may be reproduced, modified, or distributed in

any form or manner without the prior written permission of Experian. Experian Public.

Identity as a Service for life cycle management

Joni Brennan Kantara Initiative

Kolin Whitley Experian

#vision2014

2 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.

1. Introduction to session – Kolin Whitley

► Business cases around Identity Proofing and Verification (IDPV)

► Customer demand

► Value proposition

2. “State of the IdM space” – Joni Brennan

► Credential Service Providers

► Components (IDPV, CM)

► Certifications / approvals

3. Introduction to Identity Relationship Management (IRM) – Joni Brennan

► Why is it important to you?

4. How Experian enables IRM

5. Q&A’s

Agenda

Source: Wikimedia Commons

//upload.wikimedia.org/wikipedia/commons/6/64/Strip_las_vegas.jpg


What is Identity as a Service (IDaaS)?

Represents the umbrella of activities and solutions supporting the identity management lifecycle

► Password reset

► Attribute verification

► Identity proofing

► Multi-factored authentication and credential management

► Any activity involving a trusted identity relationship between a consumer and a business

Introduction to IRM


Trusted identities

► National Standard for Trusted Identities in Cyberspace

Credential exchange

► Federal Cloud Credential Exchange

Attribute verification

► Ongoing verification of attributes to confirm identity relationship

► Identify changes to identity attributes

Business case for IDPV


Trusting an identity before initiating or completing a transaction

► During initial account registration

► During each login attempt

► When performing high-risk transactions

► Changing profile information

Each consumer interaction carries a level of risk to an organization

Consumers trust that their personal or account information is being protected from unauthorized access

Customer demand


Manage risk by establishing a trusted relationship between our customers and their end users

Ongoing verification of that trusted relationship over time

Identifying changes or events that may represent a level of risk for our customers

Monetization of credentials

Value proposition


Identity Relationship

Management

Joni Brenna

Executive Director Kantara Initiative


Founded in 2009 as a 501c6. 60+ organizations, 100’s of participants

Trustees:

Trustees At-Large:

► Government of Canada

► Trans-European Research

► Education Networking Association

Kantara Initiative – leadership and values

Trust: Operating Accreditation, Approval and Certification programs

Privacy: Developing privacy respecting solutions

Security: Developing high security solutions and practices

Community: Bridging technology and policy requirements

Kantara Initiative members value:


CSP

IDPV

CM AM

IDESG (Liaison) (Liaison)

High-level key activities


Employees

Employees and

partners

Things

Consumers

Relationships

Evolution of identity

Perimeter-less

federation

Cloud

SaaS

Mobility

Perimeter-less

federation

Cloud / SaaS

Perimeter

federation Perimeter

Attributes

Context

Stateless


Credential service provider

Identity proofing / verification

Organizational trust Credential

issuance / management

Kantara Initiative industry leader members innovate component service recognition

Component services:

► Identity proofing / verification

► Credential issuance and management

Agile component services

See Anil John’s most popular blog post of 2013: http://blog.aniljohn.com/2013/12/popular-2013-blog-posts.html


Norton Credential Service Provider

MITREid (LoA 1)

Verizon Universal Identity Service (VUIS)

Multiple organizations in pipeline

Kantara Accredited LoA 1-4 Kantara Approved to LoA 1-3 non-crpyto

Accredited and approved

Registered Applicant

IDPV Component Recognition


Evolution of identity

Employees

Employees and

partners

Things

Consumers

Relationships

Perimeter-less

federation

Cloud

SaaS

Mobility

Perimeter-less

federation

Cloud / SaaS

Perimeter

federation Perimeter

Attributes

Context

Stateless


Today businesses must implement a dynamic IAM solution that securely serves employees and customers, partners and devices, and all those in between, regardless of location

This is the evolution of IAM to Identity Relationship Management (IRM)

IRM evolves IAM by focusing on:

► Business values of consumers and things, adaptability, top line revenue and velocity; and

► Technical values of internet scale, dynamic intelligence, borderless, and modular

Introduction to Identity Relationship Management


IRM shifts focus to innovation around the value of relationships that are represented by identities and not the identities themselves

This shift enables a dynamic hyper-connected world, bringing with it the complexities of IAM, including:

► Privacy for personal data

► Appropriate security; and

► Access control and attributes information sharing policies (where attributes are pieces of data about a person, entity or thing)

Identity management drives revenue

Help desk Biz dev


However, complexities conversely represent growing opportunities for IRM deploying organizations

There are vendors with a core focus on making IAM, and now IRM, easy and secure for business and their consumers

When deployments innovate while balancing usability, privacy, and security markets grow

Identity management drives revenue

Help desk Biz dev


Experian’s expertise in information and data analytics provides companies with insight to manage fraud and compliance challenges across the customer life cycle, from prospecting and acquisition to customer management and collections

Experian fraud and identity solutions What we do

Fraud loss mitigation

Compliance

Customer experience

Cost control


IDaaS

► Identity proofing at the time of registration

► Enabling a trusted credential to be bound to the identity

► Managing the ongoing attribute verification throughout the identity lifecycle

► Flexible decisioning strategies suited to your environment

► Establishes a continuity of trust between consumer and business

► Proven ability to deliver within both the public and private sector

How Experian enables IRM


Closing

Life is like a bicycle – whenever you

stop pedaling you’ll fall off “ ” – Claude Pepper

As the identity management landscape expands into a borderless

environment, customers will continue to look for additional secure

and convenient ways to engage with businesses. Developing an

effective Identity Relationship Management strategy will enable

businesses to manage trust relationships with their customers

throughout the identity lifecycle.


For additional information, please contact:

[email protected]

Hear the latest from Vision 2014

in the Daily Roundup:

www.experian.com/vision/blog

@ExperianVision | #vision2014

Follow us on Twitter


Visit the Experian Expert Bar to learn more about

the topics and products covered in this presentation.

vision 2014: identity as a service for life cycle management

Economy & Finance