Early-bird Discount
expires in
Register Now

Agenda

Wallets, Authentication, OIDC

Wallets, Authentication, OIDC

Combined Session
Friday, June 07, 2024 11:30—12:30
Location: A 03-04
Log in to download presentations

Digital Wallet Holder Binding
11:30—11:50

Watch the video

 

Digital wallets are applications used to receive, store, and share identity attributes in a standards-based [preferably], secure, privacy enhancing fashion. To prove that the legitimate, natural person is receiving, in possession of, or sharing these identity attributes a means to bind them to the natural person is needed.
In 1995, for example, the International Civil Aviation Organization (ICAO) clearly recognized the desirability of pursuing the use of biometrics in travel documents as the single best way to link the document and its rightful “owner.”
In this example the issuing authority binds the identity attributes to the authorized holder by including biometric data in the cryptographically signed logical data structure. When the holder makes an identity claim the relying party (verifier) can determine the authenticity and integrity of the identity attributes and, through biometric recognition, determine if the authorized holder is presenting the information. This works well for the intended use case: in-person identity verification by government authorities for cross border travel.
The EU, for another example, specifies three assurance levels for electronic identification (low, superior, and high) which involve different levels of rigor in the identity proofing process and in the binding process itself, from:
The binding has been established on the basis of nationally recognised procedures.
to
The binding has been verified on the basis of a unique identifier representing the legal person used in the national context; and on the basis of information uniquely representing the natural person from an authoritative source.
Here the EU defines authoritative source as:
any source irrespective of its form that can be relied upon to provide accurate data, information and/or evidence that can be used to prove identity;
The goal of digital wallets in general, and the EU digital wallet in particular, is to be able to prove identity claims to a certain level of assurance both in-person (like an ICAO ePassport or ISO 18013-5 mDL) and on-line (like an ISO 18013-7 mDL).

This session will discuss how authentication may rely on the digital wallet to bind the holder to identity claims and what the associated challenges as influenced by varying levels of assurance.

Daniel Bachenheimer
Digital Identity Innovations Technical Lead
Accenture
Daniel Bachenheimer, an Electrical Engineer by training, is Accenture’s Digital Identity Innovations technical lead and has been designing and delivering solutions for various clients for...
Perspectives from 10 years of OpenID Connect
11:50—12:10

Watch the video

 

OpenID Connect became final in February 2014 and has since become ubiquitous.  Establishing new ecosystems is hard, and yet we achieved it with OpenID Connect.  This panel will explore how we created OpenID Connect, what we’ve achieved together, and lessons learned that are applicable to new identity systems and ecosystems under development today.

Come join us and celebrate ten years of OpenID Connect!

John Bradley
Distinguished Architect
Yubico
Mr. Bradley is an Identity Management subject matter expert and IT professional with a diverse background. Mr. Bradley has over 15 years experience in the information technology and identity...
Dr. Michael B. Jones
Building the Internet’s Missing Identity Layer
Self-Issued Consulting
Michael B. Jones is on a quest to build the Internet's missing identity layer. He is an editor of the OpenID Connect specifications, IETF OAuth specifications, including JSON Web Token (JWT) and...
Dr. Torsten Lodderstedt
Lead Architect for Germany’s EU Digital Identity Wallet
SPRIND - German Federal Agency for Disruptive Innovation
Dr.-Ing. Torsten Lodderstedt is a Digital Identity Architect with more than 15 years experience in developing and running large scale consumer identity services. He currently works for the German...
Nat Sakimura
Chairman
OpenID Foundation
Nat Sakimura is a well-known identity and privacy standardization architect and the Chairman of the OpenID Foundation. He is a co-author of many frequently used international standards such as...
Embracing Diverse Specifications – Abstracting for a Plurality of Markets With Multi Stack Solutions
12:10—12:30

Watch the video

 

Providing a product or service across markets internationally can come with significant technical and regulatory overhead. The challenge of such overhead might seem to reduce itself in the current market development in Europe with the soon to be standardized eIDAS architecture and unified wallet interaction protocols that seem to streamline identity integration requirements across 27 countries. In practice though, moving beyond the EU context will still require significant adaptation and often parallel implementation of identity standards and protocols, this is true for the Swiss market as much as it is true for the US or even Japanese market. While all these markets move towards the digital identity wallet paradigm as a new identity model, their technical approach differs significantly.

Abstracting this complexity for companies that simply want to provide their product or service across markets is a tough challenge. Solution providers need to consistently monitor changing specifications, requirements, and regulation, while making sure that their own technological platform is ready to support the variety at hand. Many incumbent solutions and platforms do not handle such diversity well since they were developed for a concrete market environment and then updated on a sub optimal path of evolution towards ever more complexity.

As a Swiss provider of digital identity core technologies, Procivis had to naturally tackle the challenge of a future proof technology solution that is capable of handling complexity since day one. Our home market is too small to justify a solution built for only that environment, so we had to get creative and build a product that can naturally handle complexity and interoperability without compromise.

This presentation will tell the story of our journey to rethink product development in times of uncertainty. It will describe how we learned to radically build for adaptability and extensibility. After the initial instinct to resist uncertainty, we learned to embrace it and I will talk about our company's journey to this new state of consciousness.  

Kai Wagner
Head of Products & Partners
Procivis AG
Kai Wagner is Head of Products & Partners at Procivis in Zürich Switzerland. He has been actively involved in the international Decentralized Identity and Self-Sovereign Identity ecosystem...
Almost Ready to Join EIC 2024?
Reach out to our team with any remaining questions
Get in touch