The Global Assured Identities Network (GAIN) proposes an identity network that would allow any global organization to utilize verified identity attributes. This work both calls for and lays the groundwork for global interoperability, and this Leadership Brief is an explainer to help you understand what GAIN is, what use cases it serves, and who may be interested.
1 Executive Summary
GAIN stands for the Global Assured Identities Network, and the collaboration was formally proposed in September 2021 at the European Identity Conference (EIC). It is an international collaboration to leverage the high-trust identity information that has been verified by financial institutions, national frameworks, government-provided identity services, telecommunications, and other regulated industries for reuse in any industry or sector. Users can, for example, access their verified identity from financial institutions and bring it to other organizations that they interact with: to government entities, employers, service providers, health providers and more. It is a network to provide trust in identity transactions; to ensure that individuals have the credentials they claim while interacting digitally and to ensure that the origin and destination of the identity attributes are trustworthy.
In the words of one of GAIN's coauthors Nat Sakimura, "GAIN is an overlay network over the internet that consists of accountable participants only".[^1] Creating a space where only accountable participants interact is a security dream; instead of working with self-attested information from consumers, with varying levels of identity and authentication assurance, and needing to weed out fraudulent attempts in their midst, organizations would establish relationships with consumers, employees, partners, contractors and suppliers using verified identity information.
Banks, financial institutions, and other regulated industries like telecommunication must ensure adequate identity proofing, verification, and KYC measures when individuals open an account. High assurance identity attributes are collected, validated, and verified to belong to the individual in question. Furthermore, they must verify that it is the same individual an any given digital session. Usually this information is siloed, static, and stored for use in each individual bank. GAIN makes these high assurance identity attributes sharable between parties so that other organizations in addition to financial institutions can benefit from working with trusted identities. The attributes can be shared directly with consuming organizations or, indirectly, via a wallet where the data is kept as verifiable credentials and later shared with the consuming organizations. The later approach enhances privacy since the user may utilize identity attributes without involvement of the issuer and it also allows the user to combine credentials from different issuers at his or her discretion.
This is your introduction to GAIN: how it can be applied, what types of organizations could be positively impacted, how it functions, as well as our recommendations at this point in time.