vision 2014: identity as a service for life cycle management
DESCRIPTION
This session will highlight Identity as a Service identity life cycle management and its impact on the evolution of initiatives such as the National Strategy for Trusted Identities in Cyberspace (NSTIC) and the Federal Cloud Credential Exchange (FCCX), profiling Experian’s role in this ecosystem and how we are contributing to shape industry requirements.TRANSCRIPT
© 2014 Experian Information Solutions, Inc. All rights reserved. Experian and the marks used herein are service marks or registered trademarks of Experian Information Solutions, Inc.
Other product and company names mentioned herein are the trademarks of their respective owners. No part of this copyrighted work may be reproduced, modified, or distributed in
any form or manner without the prior written permission of Experian. Experian Public.
Identity as a Service for life cycle management
Joni Brennan Kantara Initiative
Kolin Whitley Experian
#vision2014
2 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.
1. Introduction to session – Kolin Whitley
► Business cases around Identity Proofing and Verification (IDPV)
► Customer demand
► Value proposition
2. “State of the IdM space” – Joni Brennan
► Credential Service Providers
► Components (IDPV, CM)
► Certifications / approvals
3. Introduction to Identity Relationship Management (IRM) – Joni Brennan
► Why is it important to you?
4. How Experian enables IRM
5. Q&A’s
Agenda
Source: Wikimedia Commons
4 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.
What is Identity as a Service (IDaaS)?
Represents the umbrella of activities and solutions supporting the identity management lifecycle
► Password reset
► Attribute verification
► Identity proofing
► Multi-factored authentication and credential management
► Any activity involving a trusted identity relationship between a consumer and a business
Introduction to IRM
5 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.
Trusted identities
► National Standard for Trusted Identities in Cyberspace
Credential exchange
► Federal Cloud Credential Exchange
Attribute verification
► Ongoing verification of attributes to confirm identity relationship
► Identify changes to identity attributes
Business case for IDPV
6 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.
Trusting an identity before initiating or completing a transaction
► During initial account registration
► During each login attempt
► When performing high-risk transactions
► Changing profile information
Each consumer interaction carries a level of risk to an organization
Consumers trust that their personal or account information is being protected from unauthorized access
Customer demand
7 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.
Manage risk by establishing a trusted relationship between our customers and their end users
Ongoing verification of that trusted relationship over time
Identifying changes or events that may represent a level of risk for our customers
Monetization of credentials
Value proposition
8 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.
Identity Relationship
Management
Joni Brenna
Executive Director Kantara Initiative
9 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.
Founded in 2009 as a 501c6. 60+ organizations, 100’s of participants
Trustees:
Trustees At-Large:
► Government of Canada
► Trans-European Research
► Education Networking Association
Kantara Initiative – leadership and values
Trust: Operating Accreditation, Approval and Certification programs
Privacy: Developing privacy respecting solutions
Security: Developing high security solutions and practices
Community: Bridging technology and policy requirements
Kantara Initiative members value:
10 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.
CSP
IDPV
CM AM
IDESG (Liaison) (Liaison)
High-level key activities
11 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.
Employees
Employees and
partners
Things
Consumers
Relationships
Evolution of identity
Perimeter-less
federation
Cloud
SaaS
Mobility
Perimeter-less
federation
Cloud / SaaS
Perimeter
federation Perimeter
Attributes
Context
Stateless
12 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.
Credential service provider
Identity proofing / verification
Organizational trust Credential
issuance / management
Kantara Initiative industry leader members innovate component service recognition
Component services:
► Identity proofing / verification
► Credential issuance and management
Agile component services
See Anil John’s most popular blog post of 2013: http://blog.aniljohn.com/2013/12/popular-2013-blog-posts.html
13 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.
Norton Credential Service Provider
MITREid (LoA 1)
Verizon Universal Identity Service (VUIS)
Multiple organizations in pipeline
Kantara Accredited LoA 1-4 Kantara Approved to LoA 1-3 non-crpyto
Accredited and approved
Registered Applicant
IDPV Component Recognition
14 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.
Evolution of identity
Employees
Employees and
partners
Things
Consumers
Relationships
Perimeter-less
federation
Cloud
SaaS
Mobility
Perimeter-less
federation
Cloud / SaaS
Perimeter
federation Perimeter
Attributes
Context
Stateless
15 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.
Today businesses must implement a dynamic IAM solution that securely serves employees and customers, partners and devices, and all those in between, regardless of location
This is the evolution of IAM to Identity Relationship Management (IRM)
IRM evolves IAM by focusing on:
► Business values of consumers and things, adaptability, top line revenue and velocity; and
► Technical values of internet scale, dynamic intelligence, borderless, and modular
Introduction to Identity Relationship Management
16 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.
IRM shifts focus to innovation around the value of relationships that are represented by identities and not the identities themselves
This shift enables a dynamic hyper-connected world, bringing with it the complexities of IAM, including:
► Privacy for personal data
► Appropriate security; and
► Access control and attributes information sharing policies (where attributes are pieces of data about a person, entity or thing)
Identity management drives revenue
Help desk Biz dev
17 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.
However, complexities conversely represent growing opportunities for IRM deploying organizations
There are vendors with a core focus on making IAM, and now IRM, easy and secure for business and their consumers
When deployments innovate while balancing usability, privacy, and security markets grow
Identity management drives revenue
Help desk Biz dev
18 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.
Experian’s expertise in information and data analytics provides companies with insight to manage fraud and compliance challenges across the customer life cycle, from prospecting and acquisition to customer management and collections
Experian fraud and identity solutions What we do
Fraud loss mitigation
Compliance
Customer experience
Cost control
19 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.
IDaaS
► Identity proofing at the time of registration
► Enabling a trusted credential to be bound to the identity
► Managing the ongoing attribute verification throughout the identity lifecycle
► Flexible decisioning strategies suited to your environment
► Establishes a continuity of trust between consumer and business
► Proven ability to deliver within both the public and private sector
How Experian enables IRM
20 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.
Closing
Life is like a bicycle – whenever you
stop pedaling you’ll fall off “ ” – Claude Pepper
As the identity management landscape expands into a borderless
environment, customers will continue to look for additional secure
and convenient ways to engage with businesses. Developing an
effective Identity Relationship Management strategy will enable
businesses to manage trust relationships with their customers
throughout the identity lifecycle.
21 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.
For additional information, please contact:
Hear the latest from Vision 2014
in the Daily Roundup:
www.experian.com/vision/blog
@ExperianVision | #vision2014
Follow us on Twitter
22 © 2014 Experian Information Solutions, Inc. All rights reserved. Experian Public.
Visit the Experian Expert Bar to learn more about
the topics and products covered in this presentation.