In the ever-evolving realm of Digital ID and Cybersecurity, staying ahead requires not just adaptability, but visionary foresight. The "Trends and Innovation" session stream at EIC 2024 is dedicated to those on the frontier, those who see beyond the horizon, and those ready to sculpt the future. This stream delves into groundbreaking advancements and the transformative potential they hold for the intricate world of digital identity and cybersecurity.
Generative AI and Retrieval-Augmented Generation in Secure Enterprise Applications:
- End-to-End Security: Dive into how Generative AI and RAG can revolutionize the creation of secure enterprise applications, optimizing both functionality and protection. ining
- Automated Excellence: Discover the potential of AI-driven processes in generating secure application designs that address both present and predictive threats.
Multifactor Authentication (MFA) Trends:
- Beyond the Basics: Explore the evolving landscape of MFA, encompassing advanced methods, user-centric designs, and adaptive authentication mechanisms.
- The Balance Act: Address the perennial challenge of ensuring optimal user experience while maintaining the highest levels of security.
Phygital Convergence & Spatial Computing:
- Blurred Boundaries: Dive deep into the fusion of physical and digital realms, reshaping interactions, experiences, and security paradigms.
- Next-Gen Computing: Understand the transformative potential of spatial computing in redefining user engagement and security in a 3D space.
Sustainable Technology:
- Eco-Innovation: Discover how advancements in digital ID and cybersecurity are merging with the pressing need for sustainability, creating eco-friendly technological solutions.
- Green Security: Explore the strategies and initiatives pushing the boundaries of eco-efficient cybersecurity practices.
AI-Powered Cyber Resilience:
- Adaptive Defense: Understand how AI enables dynamic security solutions that not only counteract threats but evolve with them.
- Predict, Prevent, Prevail: Grasp the power of AI in forecasting threats, fortifying defenses, and ensuring organizational resilience against cyber-attacks.
Quantum Computing:
- Beyond Classical Computing: Delve into the world of qubits and superposition, understanding the immense potential and challenges quantum computing brings to digital ID and cybersecurity.
- Quantum-Safe Security: Address the need for cryptographic solutions resilient against the unparalleled processing power of quantum machines.
The "Trends and Innovation" session stream is a deep dive into the future, offering attendees a blend of expert insights, emerging technologies, and strategies to navigate the transformative landscape of digital ID and cybersecurity.
Trends & Innovations
Cross-Border Interoperability
June 05, 2024 11:00 - 12:00
Location: B 09
Multi-Stakeholder Cross-Border Reusable/Decentralized Identity
The continued growth in global trade and e-commerce, remote working and travel means that global interoperability is front of mind for public and private sector organisations looking to provide privacy and convenience to their citizens and customers. This session will examine the three major considerations for achieving this important cross-border interoperability.
The in-depth presentations are based on the findings and exploration of an international working group spear headed by DNP, the...
Open Finance
June 05, 2024 12:00 - 12:20
Location: B 09
Ready for any PSD with an Open Finance Architecture
After painfully figuring out, adopting and stabilizing PSD2, PSD3 is already right at the corner. It's going beyond forcing banks to provide access to Third Party Providers to customer transactions and payment initiations with the customer's consent. The main challenge for banks is not the implementation, but capturing business opportunities around those regulations rather than seeing them as constraints.
In this talk, I will describe an Open Finance architecture which allows:...
June 05, 2024 12:20 - 12:40
Location: B 09
Payment Solutions in the Decentralized ID Ecosystem
In the ever-evolving landscape of digital identities, the integration of secure and efficient payment solutions within Decentralized ID ecosystems represents a critical advancement. This talk delves into innovative methodologies for facilitating payments for issuing, presenting, and verifying digital credentials. Throughout the presentation a range of possibilities that enable both the payment and receipt of funds in the context of SSI will be covered. The discussion will focus on real-world...
June 05, 2024 12:40 - 13:00
Location: B 09
Unified Digital Banking - Unlocking the Promise of CIAM
Powered by CIAM platforms, Unified Digital Banking deployments are important enablers for the business. What do business executives need most from these investments? Are solutions delivering the value? What does this mean for CIAM looking ahead? Join John Horn from Datos Insights as he dives into results of new research involving 240 CIAM leaders from across the globe.
Trends & Innovations
Shadow Surge: Confronting the Rise of AI-Powered Security Threats
June 05, 2024 14:30 - 14:50
Location: B 09
Panel: Executive Alert: Navigating AI-Driven Security Threats for Boards and C-Suites
This panel explores strategies for constructing AI threat-resistant infrastructures that surpass traditional multi-factor authentication (MFA) measures. With a focus on the executive perspective, discussions will highlight advanced defense mechanisms, integrating AI-driven security solutions, and the importance of a comprehensive, forward-thinking approach to protect corporate assets against increasingly sophisticated AI phishing threats.
June 05, 2024 14:50 - 15:10
Location: B 09
AI-Driven Identity Verification: Balancing Security and Privacy
In the rapidly evolving digital landscape, AI-driven identity verification has emerged as a pivotal tool in enhancing security protocols across various sectors. This presentation delves into the intricate balance between fortifying security measures and safeguarding individual privacy, a duality that is central to the ethical deployment of AI in identity verification. We will explore the latest advancements in AI technologies such as facial recognition, biometric analysis, and behavioral...
June 05, 2024 15:10 - 15:30
Location: B 09
Evolving Threats of Deepfakes and AI to Traditional ID Proofing and Verification Systems
Realistic simulations of human voice, video and text created by “Generative AI” systems have proliferated over the last few years. The simulations pose enhanced risks that Identity Proofing and Verification (IDPV) systems will be unable to distinguish real signals from fake ones. Organizations that rely on IDPV services to prevent fraud or impersonation are experiencing higher numbers and frequency of fraudulent attempts.For this reason, we have established a new Discussion Group...
Trust, Resilience, AI
June 05, 2024 15:30 - 16:10
Location: B 09
Panel: Building Trust in AI through Decentralized Identity
In this panel session we will discuss how decentralized identity techniques can help mitigate threats posed by LLMs such as deep fakes. Approaches relying on detection can result in an arms race; in contrast, decentralized identity techniques allow stronger infrastructure enabling trust by design, easy content authenticity detection, and more.
June 05, 2024 16:10 - 16:30
Location: B 09
Building Resilient Identity Systems: Lessons from the Wild West of Web3
In the midst of the crypto turmoil, identity pioneers are drawing out the real technological value from beneath the chaos. Web3’s unbounded exploration of digital identity and incentive systems, although often futile, offers invaluable insights into the dynamics of people and technology within complex systems. This talk will unpack the lessons learned from building within the decentralised identity layer, and the implications for constructing resilient systems in context of the eIDAS...
AI Application Security; Quantum Computing
June 05, 2024 17:30 - 17:50
Location: B 09
Generative AI Security — A Practical Guide to Securing Your AI Application
The pace of innovation in generative AI offers immense opportunities while also introducing new security challenges. Those include new threat vectors, explainability, governance, transparency, and privacy for large language models. As organizations seek to leverage generative AI for innovation, security leaders must take concrete steps to enable rapid experimentation without compromising security. We will begin our talk by understanding the scope of generative AI applications, based on their...
June 05, 2024 17:50 - 18:10
Location: B 09
Crunching the Numbers: The Reality of Quantum Algorithm Performance and Security
This is a unique session on Post-Quantum Cryptography (PQC) benchmarking in public key infrastructure (PKI) and Signing. Tomas will explore the differences in size and performance between classic and post-quantum algorithms, while focusing on key and certificate sizes and issuance speeds on software vs hardware security modules. He will evaluate the security levels of post-quantum algorithms and make fair comparisons, highlighting critical information useful as enterprises begin planning for...
June 05, 2024 18:10 - 18:30
Location: B 09
Post Quantum Security: Cryptography in Decentralized Identity
In this session you will learn what cryptography is currently being used in verifiable credentials and DIDComm, why the community has chosen these particular security approaches, and how it affects you. We will explore how digital security practices will change as new technologies emerge, specifically post quantum cryptography, and how you can be ready. As the world becomes more digital, authenticity and privacy, and technologies that ensure that authenticity and privacy by design are...
Trends & Innovations
Industry 4.0
June 06, 2024 11:00 - 11:20
Location: B 09
The Gap in the Current Identity World for Non-Human Identities Which Act as Humans!
Non-human identities are getting more and more important. IAM has the challenge to manage them with the same standards as human identities. Over the last years many tools and best practices have been developed to improve the situation. However, the more those identities mimic behavior of humans the harder current concepts work without reducing security and governance. An example is Robot Process Automation (RPA), which aims to automate processes done by humans, often for application which do...
June 06, 2024 11:20 - 11:40
Location: B 09
Insecure by Design – Improve Operational Efficiency and Reduce the Security Risks of Remote Access to OT
OT products and technologies are insecure by design. Do you need connect a third-party maintainer to a PLC or other Industrial Control Systems and wonder how to secure and track access? No problem. We have it covered. In this session we will explore how to seamlessly and efficiently secure Remote Access to OT while providing maximum autonomy to the operational teams. We will explain the complicating factors of OT risk management and how to counter them.
June 06, 2024 11:40 - 12:00
Location: B 09
Challenges in the Deployment of Digital Certificates and Identities in Mechanical and Plant Engineering
The protection of new value chains and the implementation of regulations such as NIS2 or the Machinery Directive presents challenges for suppliers in the machinery and plant engineering sector. The use of identities and X.509 certificates plays a significant role and is a fundamental building block for a long-term security architecture. But how are X.509 identities and public key infrastructure (PKI) connected? Why can X.509 certificates also be created without a PKI and what dangers are...
Women in Identity
June 06, 2024 12:00 - 12:10
Location: B 09
Women in Identity - Introduction
June 06, 2024 12:10 - 12:30
Location: B 09
Digital ID/Decentralized ID
News and Trends in the SSI World: Use Cases, Tech Stacks, and where did Blockchain go?
How can Wallets help achieve SSI goals
Where is Germany headed and how does eIDAS 2.0 impact the implementation of private sector eID solutions?
June 06, 2024 12:30 - 12:50
Location: B 09
Security, Identity, and Industry 4.0
Background, regulatory requirements, e.g., NIS2, Cybersecurity Act
Challenges: Much data, less information; technological barriers, legacy systems, siloed operations
Approaches to address those challenges with e.g., standardization and automation, education, and more
Building Interoperable Ecosystems
Global Interoperability
June 06, 2024 14:30 - 14:50
Location: B 09
The DNA of Digital ID – Enabling Roaming Wallets
OIX has analysed eight Digital ID trust frameworks: US, Canada, EU, UK, Singapore, Thailand, MOSIP and Bank ID Sweden. The goal was to see if their policies could be expressed in a consistent way to enable interoperability of IDs across these eco-systems. The analysis found they share 75 common policy rule characteristics with 283 possible values. This is the DNA of Digital ID: trust frameworks are the same species but address the policy issues using a varied characteristics to meet local...
June 06, 2024 14:50 - 15:10
Location: B 09
The Global Interoperability of Digital Identity
As more governments promote online access and issue digital identity credentials for their populations, questions arise regarding just how portable those credentials are from one country to the next. While the EU has the benefit of eIDAS 2.0, other countries and regions still struggle with how to take advantage of digital identity credentials issued outside their borders. The challenges go beyond technical standards: it's not just about the structure of the data, it's also about how that data...
June 06, 2024 15:10 - 15:30
Location: B 09
Multilateral Federation: The Solution to the Problem that Identity Wallets Don’t yet Understand They Have
SAML and OpenID started with a simple model of bilateral trust. Relying Parties register with Identity Providers and exchange trust information so that the RP can know that they are talking to Microsoft, Google, Facebook etc. We have also had Smart Cards (PIV/CAC) for authentication based on a certificate signed by someone that chains back to a known trusted root. The smart card approach avoids the RP needing to register but has significant user privacy issues. The research and education...
Common Schemas; SIDI Hub
June 06, 2024 15:30 - 16:00
Location: B 09
Panel: Reusable Identity and Bootstrapping Decentralized Identity Ecosystems
This Panel Session will discuss approaches to “reusable identity”, the catchphrase for streamlining onboarding, using Decentralized Identity standards. Discussion will cover the goals and requirements, production deployments, and work in the OASIS “Lightweight Verifiable Credential Schema and Process” Technical Committee to develop common schemas.
June 06, 2024 16:00 - 16:30
Location: B 09
Prepare for G20 with this Digital Identity Sprint & Interactive Survey by SIDI Hub
UN Strategic Development Goal 16.9 is to bring identity to 8 Billion people… what about enabling 8 billion people to have access to Digital Identity? How can we ensure digital identities are interoperable across borders? What do we need the G20 to do to help accelerate the work already underway? This MasterClass is will engage in these questions and more in the context of the Sustainable & Interoperable Digital Identity (SIDI Hub) effort “to define what we need to achieve...
Dynamic Trust - Globally
June 06, 2024 17:30 - 17:50
Location: B 09
Federation Bubbles
Traditional federation agreements are relatively static. It takes some effort to onboard an IdP and RP to each other, but once that trust is established, it's good until some exceptional event breaks the federation. But what about a more dynamic world, one where trust comes and goes based on context? What if users could be provisioned dynamically into a space based on trust from elsewhere? What if an isolated space could still function in a disconnected state and still have powerful security...
June 06, 2024 17:50 - 18:10
Location: B 09
The Italian National Federation: Design, Deployment, and Lessons Learned
Deploying national federations is a complex task, requiring the integration of various protocols to build a secure, reliable, scalable, and interoperable ecosystem. This session will focus on the Italian experience in the design and deployment of national digital identity systems, SPID and CIE id, using OpenID Federation and OpenID Connect.
The discussion will delve into the Italian implementation profile of OpenID Federation and the onboarding system highlighting the challenges encountered...
June 06, 2024 18:10 - 18:30
Location: B 09
High-security & Interoperable OAuth 2: What’s the Latest?
OAuth is a widely used authorization framework that enables third-party applications to access resources on behalf of a user. However, it has historically been difficult to meet very high security and interoperability requirements when using OAuth. Daniel and Joseph have spent much of the last six years working to improve the state of the art and will present the latest developments in the field. There are challenges when trying to achieve high security and interoperability with OAuth 2:...
Trends & Innovations
AI in Cybersecurity
June 07, 2024 10:30 - 10:50
Location: B 09
Explainable AI for Internal Threat Detection in a Mixed Identity Landscape
Did a John Doe make a sudden quick transaction of the entire procurement cycle from purchase requisition to purchase order to payment, very quickly than typical transactions? Did "John Doe" create the purchase requisition, while "J Doe" made the final invoice payment? The problem of finding and matching John Doe versus J.Doe is attempted in an end-to-end procurement process to detect internal fraud, based on data from ERP systems. We present an explainable AI (XAI) approach that attempts to...
June 07, 2024 10:50 - 11:10
Location: B 09
The Double-Edged Sword of AI: Committing and Preventing Fraud
June 07, 2024 11:10 - 11:30
Location: B 09
The Rise of the Bots: How to Reduce Fraud and Friction to Drive Higher Customer Loyalty
With the rapid increase in online commerce, it is imperative that organisations deliver great, friction free online experiences to customers to drive brand loyalty and grow business. However malicious actors are taking advantage of this to commit fraud in many ways; from leveraging BOTs to buy up inventory, to utlizing generative AI to conduct advanced phishing campaigns to perform account takeovers - all of which erode customer satisfaction and erode brand loyalty. In this session we will...
Privacy & Guardianship Trends
June 07, 2024 11:30 - 11:50
Location: B 09
Digital Age Assurance has Come of Age
30% of people online around the world are under 18 and societies are judged by how they look after their kids. Germany is quite unique in the fact that its regulatory body, the KJM, has reviewed and approved over 100 methods for age assurance. Many other countries around the world are grappling with this issue. This session will look at the development of this industry - from KYC, AML for the gaming industry, through the range of document based and non document based approaches to assess age...
June 07, 2024 11:50 - 12:10
Location: B 09
E-signing and How to Avoid Placebo Solutions?
E-signing is becoming an integral part of many processes for improved customer service and shorter processing time. However, many businesses fail to properly evaluate their risk exposure due to the use of e-signing instead of wet signatures. Many e-signing services look and work smoothly, though fail to ensure sufficient legal evidence to the business. This talk will highlight fundamental cryptographic principles used to identity-protect legal evidence in the advanced and qualified electronic...
June 07, 2024 12:10 - 12:30
Location: B 09
Organisation Authentication as an Anti-Scam Measure
Existing trust models are one sided: as customers and citizens we are expected to authenticate ourselves to organisations, but these organisations make little or no effort to prove who they are to us.Proving what rights and capabilities we have, proving who we are to a necessary level of authentication, is half of what we need for a trustworthy relationship - the other half is knowing that we're dealing with the right organisation.Receiving communication that cannot be authenticated means...
Internet Trust Layer
June 07, 2024 13:30 - 14:30
Location: B 09
Panel: The Emerging Trust Layer for the Internet: Using Minimum Viable Protocols to Achieve Maximum Interoperability
The Trust Over IP Foundation (ToIP), which just had its fourth birthday, has long held the conviction that technical trust alone is insufficient for enabling human trust in digital interactions. Thus, ToIP has been developing a dual stack that pairs technical architecture with governance architecture. To maximize technical interoperability, ToIP believes there must be a minimum viable “trust spanning” protocol that enables ubiquitous secure, private data exchange. Then every...
Identity Standards and Foundations
June 07, 2024 14:30 - 15:30
Location: B 09
Panel: Executive Directors Speak: Why We Need More Collaboration
The puzzle of identity. How do we solve it? Collaboration! This panel of Executive Directors from the major identity foundations will discuss how each of our foundations are solving key pieces of the puzzle to make the vision of trusted, secure, privacy-respecting identity a reality.We all have a common vision! To obtain and share trusted identity credentials to prove who we are to instantly, securely and seamlessly access services, both online and face-to-face, anywhere around the globe....
