Diginotar: How to Launch a User centric E-Identity service - Are you Ready?

Organisations want to know the e-Identity of their users, but not be bothered with the management of all those e-Identities. These universal global needs have led to new techniques for User Centric e-Identity mechanisms resulting in a need for independent authentication services.

DigiNotar uses a SAML compliant Dutch open source standard providing an independent e-Identity Service. The Dutch government uses the same open source standard for millions of citizens that communicate with governmental web-applications. Organisations can "outsource" the e-Identity role to an independent and generic authentication service to enable quick online access to their e-businesses. DigiNotar e-Identities are cross-domain cross-application.

DigiNotar not only manages the systems but also provides a secure identification process to verify e-identities. By doing so, we take liabilities over from companies. On the other hand, we try to safeguard the privacy of the user. Users have the opportunity to access the applications anonymous.

Although the managed service is easy to setup and use, it is important that companies make a mind shift to start using a generic authentication service. Drs. de Bos will share his experience on e-Identity management by presenting examples from the financial, healthcare, legal and insurance sector. Different factors that influence success will be highlighted in the presentation:

• Legal issues: what is the minimum level of identity control, who will identify users and which legal status will that e-Identity have;
• Registration processes : what are their responsibilities of the organisations, their users and the independent authentication service provider;
• Management of the Identity: a user-centric model makes it possible for organisations to invite users to register their personal authentication mechanism themselves. The user manages his own data;
• Distribution of tokens: avoiding effort from the application provider that does not see it as it’s core and is not bothered with management of e-Identities.
• One e-Identity for multiple applications: an open standard and interoperability between applications and solutions enables the usage of a single universal e-identity or even authentication mechanism for multiple applications;
• Privacy: the ability to have anonymous authentication through an independent authentication provider.

The open structure of the technology makes it possible to extend the use to other e-Identity Providers. It is not a question more of technology, but the Trust Level of the e-Identity Provider.

Presentation deck

Diginotar: How to Launch a User centric E-Identity service - Are you Ready?

Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.