Identity systems have become increasingly complex over the last 20 years and we are often unaware of the dependencies and new risk exposures that are created as a result. The Shared Signals model provides lightweight notifications that support authoritative identity risk and session management whilst maintaining individual privacy. Standards work in the Open ID Foundation and the IETF is creating well defined mechanisms for companies such as Google, Amazon, AOL, Facebook and many others to share digital identity alerts that reduce fraud and improve management of consumer identity interactions. This session describes the principles of shared identity signaling and the state of industry and standards engagement, with specific use cases drawn from the UK Verify project.
