Event Recording

AI Governance & Regulation - How to Prepare for the Inevitable

Show description
Speakers
Sray Agarwal
Senior Director
Fractal AI
Sray Agarwal
Sray Agarwal has applied AI and analytics from Financial Services to Hospitality and has led the development of Responsible AI framework for multiple banks in the UK and the US. after completing his Data scientist with merit (dean's list) he joined ecommerce company to spearhead their AI...
View profile
Dr. Scott David, LL.M.
Executive Director - Information Risk and Synthetic Intelligence Research...
University of Washington - APL
Dr. Scott David, LL.M.
Scott David, J.D., LL.M., is the Executive Director - Information Risk and Synthetic Intelligence Research Initiative (IRSIRI) at the University of Washington Applied Physics Laboratory and was formerly the Executive Director of the Law, Technology and Arts Group at UW School of Law. Scott...
View profile
Dr. Silvia Knittl
Director Cyber & Privacy
PwC GmbH WPG
Dr. Silvia Knittl
Dr. Silvia Knittl is Director at PwC Germany in the Cyber & Privacy domain with a strong focus on  Enterprise Security Architecture as well as Identity & Access Governance. She supports clients in enabling their cyber capabilities and manages security transformation projects. She...
View profile
Martin Kuppinger
Principal Analyst
KuppingerCole
Martin Kuppinger
Martin Kuppinger is Founder and Principal Analyst at KuppingerCole, a leading analyst company for identity focused information security, both in classical and in cloud environments. Prior to KuppingerCole, Martin wrote more than 50 IT-related books and is known  as a widely-read columnist...
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
Building a Secure Digital Experience Without Friction
May 10, 2023

As the number of digital touchpoints in the customer journey increases, IT teams rely on customer identity to optimize security and user experience. However, ensuring one doesn't overshadow the other often requires multiple integrations and custom development, creating internal friction and slowing innovation.

In this talk, Sadrick Widmann, CEO at cidaas, will explain how to remove barriers and improve cross-functional collaboration to bring seamless, secure customer experiences to market faster.

Event Recording
When will my Digital ID Wallet Work all Over the World?
May 11, 2023

When I travel aboard or do business with someone from outside my country, my payment cards and phone work across international boundaries. When will my Digital ID do the same?

This presentation will share how OIX’s work on Global Interoperability, part of the GAIN initiative, is defining how this will be possible through smart digital IDs or wallets that dynamically adapt to the policy rules of each new trust framework they encounter in a way that works seamlessly for the end user.

So, when I fly to the EU from the US my Digital ID from my US based wallet provider reads the rules of the EU trust framework and simply adapts. I don’t need to get a new local Digital ID for my visit to the EU. The EU trust framework policy rules will be described using a new globally applicable Open Policy Rules Exchange Framework that allows all frameworks to publish their policy characteristics in a standard machine-readable way.

My digital ID wallet contains key ‘golden credentials’ that should be accepted all over globe: passport, driving licence, bank account, telco account and my digital national ID card. Each trust framework will value these differently in its own Assurance Policy, which can also be published via the policy rule exchange framework. To make this work, new proofing and data content standards for some of the golden credentials will be required.

Technically, exchange of policy rules will be a decentralized approach, where policy rules are shared directly from each trust framework only to wallets they trust. The presentation will also outline the technical architecture to underpin this, and how the Open Policy Rules Exchange Framework will fit as a policy component as part of the Open Wallet Foundation architecture.

OIX is working with and analysing various trust frameworks around the global to create the Open Policy Rules framework, including the UK, Canada, EU, Australia, Singapore, MOSIP and Bank ID Sweden.

Come and find out more about how OIX’s vision of allowing us all to have a trusted Digital ID that can be accepted anywhere in the world can be achieved.

Event Recording
Digital Trust in the Metaverse & Decentralized Internet of Everything
May 11, 2023

Phishing, hacking, threats, fraud, and malicious behavior online of all types all share a common root: verification. In this session we’ll go beyond identity and explain how decentralized identity and verifiable credentials can provide a complete, secure system for exchanging different types of information between multiple parties. Learn how Trusted Data Ecosystems can connect people, machines, companies or any two entities to multiple businesses and jurisdictions without sharing private information. In this conversation, long-time community contributor at Hyperledger, working group leader at Decentralized Identity Foundation, and Indicio Senior Engineer Sam Curren will share more about digital trust and describe the critical importance of digital verification to decentralized healthcare, finance, the metaverse, and to the interaction of digital objects and non-digital objects in the spatial web—the “Internet of Everything.”

Event Recording
Open Banking and Open Data - Global State of Play. Current Trends and Recent Developments
May 10, 2023

Open Banking is a true global movement that has already been implemented in many countries and being implemented in many others in the next few years. While the overall objective of Open Banking is the same, every implementation is different. This session will provide an overview of analysis of different ecosystems, different approaches to implementation, industry standards used, best (and worst) practices and potential future developments.

Identity and API security are key building blocks for any trust ecosystem supporting Open Banking. We will explore why every Open Data project becomes an identity initiative.

Event Recording
Privileged Access Management – Moving from Cost to Service Centre
May 11, 2023

A standardized approach to control privileged accounts can be valued as a profitable internal service.
While implementing Privileged Access Management (PAM) DKB concentrates on what kind of service delivery a PAM implementation can provide to its customers (our employees) to connect benefits for end-users and address identity security at the same time.
We call that Privileged Access Security Service.
From a technical and IAM point of view identity security can only be achieved by securing the respective digital identities and the assigned user accounts in the corresponding target systems.
In the area of IAM/PAM a comprehensive compliance level automatically results in a higher maturity of our information security management. Therefore, we reduce the non-financial risks not only by complying with regulatory requirements but also by adding effective security concepts – such as zero trust or least privilege – to our IAM/PAM ecosystem.
In this session the DKB approach to handle identities and accounts in the context of a Privileged Access Security Service will be presented.

Event Recording
Avoiding Accidental Architecture - Implementing Graph-Based IAM & CIAM goes Beyond Better Access Control
May 11, 2023

Graph is having its moment and rightfully so. Regulatory challenges, overly complex authorization scenarios and retrofitting legacy programs to meet new business needs are squeezing businesses. Implementing a graph-based approach can remove these obstacles and reduce risk. 

But for many businesses, this is where graph-based implementations start and stop. 

In this session, we will discuss how to turnidentity data into identity knowledge and what that can deliver. We will dive into data models that drive contextual and real-time decisions - data models which are foundational for enabling complex authorization use cases and beyond. 

Finally, we will explore the benefits of graph-based deployments in your existing environments, including the value of a holistic and visually simplified data model and avoiding the accidental architecture challenge

Event Recording
Decentralized Identity Ecosystem for Southeast Asia: A journey from MVP to Production
May 12, 2023

Decentralized identity has made its waves in the EU with European Blockchain Services Infrastructure (EBSI) and in the US with various funded projects. A vast market in south-east Asia stays untapped. We have enabled our partner organization ZADA to build a decentralized identity ecosystem that connects various southeast Asian countries with numerous cases like 'Decentralized Vaccination TravelPass', 'Employment IDs', and 'Government issued Educational Credentials'. The journey of a decentralized identity platform from ideation to MVP and to a scalable production system can bring tremendous insights. We were able to successfully enable the public sector in Myanmar to engage with self-sovereign identity and bring value to its citizens by issuing over more than a quarter million digital credentials. Monetization of these credentials was an essential factor for us. These self-sovereign identity credentials varied in use cases and were verified by Singapore immigration, Public sector hospitals, the Education Ministry of Myanmar, the Health Ministry of Myanmar, and various other private sector vendors. Our journey covers various use cases in EdTech, HealthTech, IAM, and KYC. Explored right, these cases can help us dive into how enterprises can engage with the southeast Asian identity market.

Event Recording
The eID Threat Landscape – Stay Ahead of the Fraudsters
May 10, 2023

Cash grab-robberies are out, online fraud is in. When multinational hacker groups target senior and vulnerable citizens as a business model.

Learn how BankID is fighting fraud and helps you stay on top by identifying, preventing and notifying you of fraudulent usage in real time, while preserving top user experience.

The dream of tomorrows digitalized society is already a reality. Sweden is one of the world’s most digital and innovative societies. The fast and secure digital identification provided by BankID is a corner stone in this, to many, futuristic ecosystems. Many shops and stores do not accept cash and the amount of cash is low, something that inflicts digital threat. Studies shows a steep growth curve of digital fraud in several markets. In some places, fraud has surpassed drugs in turnover and profitability and fraud factories are popping up globally. Talented social engineering fraudsters and patterns with efficient crime-as-a service software, modus and tools. Fraud schemes including native and international fraud clusters targeting Swedish bank customers.

Learn more around the Risk and Anti-fraud toolset in the BankID Identity Platform. Digital identity is an area where the need for innovation is extensive. Whatever future eID scenario you discuss, security is always at the core.

Event Recording
Navigate the DR (Detection & Response) Jungle: EDR, EPDR, XDR, NDR, MDR, ITDR
May 11, 2023

ITDR: Is this really something new, given that around 80% of the cyberattacks are identity-related, from password phishing to bypassing MFA? Is it a separate discipline or just a part of XDR (Extended Detection and Response)? Or a new name for what Access Management and FRIP already do?

As always, there is something new and relevant in this. The fundamental question for many organizations will be on how to address the identity threat challenge best. Does it require new or different tools, or just a different use of what is already there? What to look for specifically? And how to reduce the risk of identity-based attacks? Is ITDR the core, or better identity protection? These questions will be answered in this session to help you navigating through the buzzword jungle.

Event Recording
Utilizing Verifiable Credentials for Vendors and Contractor Access
May 10, 2023

The W3C Verifiable Credential standard is getting traction in many circles. How can you use this today to help contractors and partners access your systems? It's easier than you think. See how this is an amazing alternative to federated authentication.

Event Recording
Graph-Based Access Control: What, Why and How ?
May 11, 2023

“Graph-Based Access Control'' (GBAC) is a generic term that refers to the use of graphs and networked data to solve Identity and Access Control problems. You may have seen this before through the disguise of acronyms such as ReBAC (relationship-based), KBAC (knowledge-based), PBAC (policy-based), NGAC (Next-Generation), FGA (fine-grained), and even some implementations of ABAC (attribute-based). All of these terms refer to techniques that use graphs to enforce access-control for any level of coarseness.

In this session you will learn why all the latest Dynamic Authorization offerings on the market use GBAC in a way or another, and how you can successfully adopt the technique yourself. Graphs are becoming ubiquitous - one can just look at the rise of the GraphQL API model to witness their popularity first-hand. Through concrete, real-life examples we will showcase the use of graphs to solve common access problems using the same modern and future-proof techniques that you see in the current authorization market.

As a result, storing all identity data in graphs truly unlocks its full potential. Graphs are data-science and analytics enablers, and have the potential to transform the IAM practice from a cost centre to a true revenue generator. We’ll explore how this can happen for you too…

Event Recording
The Decentralized Identity Journey has Begun in Financial Services
May 11, 2023

Learn how Raiffeisen Bank International heads toward decentralized identity to empower their customers across Europe and set the gold standard for privacy protection.

The increased mobility of users and their demand for personalized, unified omnichannel access experiences has stretched federated IAM beyond its limits. Meanwhile, the need for organizations to collaborate more to compete, and build communities of trust and value for those same users affordably and securely, cannot be met by existing federated IAM solutions. Learn how Raiffeisen Bank International (RBI) will embrace the new paradigm of decentralized identity to improve existing experiences and create the opportunity for new, valuable user experiences and increased levels of engagement and collaboration withbusiness partners across multiple jurisdictions, without the need to replace their infrastructure. Simultaneously, understand why starting their journey now, enables RBI to future-proof their ecosystem to rapidly support the EU Digital Wallet and official digital credentials that will become available. Get a glimpse into the solution architecture being deployed at RBI and an understanding of the benefits and how they can be communicated to executive leadership and business partners. Yes, decentralized identity may be great for web3 someday; however, learn from RBI how it can also solve today’sproblems in a practical way and work in harmony with existing IAM systems enhancing existing federationplatforms.