KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Zero-trust security relies heavily on the ability for independently owned and operated services to dynamically adjust users’ account and access parameters. These adjustments are based on related changes at other network services, such as identity providers, device management services or others. A set of standards from the OpenID Foundation enable independent services to provide and obtain such dynamic information in order to better protect organizations that rely on zero-trust network access. These standards are being used today in some of the largest cloud-based services from Microsoft and Google to dynamically adjust users’ account and access properties.
This talk gets into the details of the Shared Signals and Events (SSE) Framework, which is the foundational standard for secure webhooks. We also explain two standards based on the SSE Framework: The Continuous Access Evaluation Profile (CAEP), which provides dynamic session information, and the Risk Information and Account Compromise (RISC) Profile, which provides account compromise information
This is a new development in the world and touches on mDL, Verifiable Credentials, decentralized identity, and personal data topics. A forward-looking presentation about what the world might look like, the foundational changes represented by this change, and some current and potential innovations that are now possible because of this.
The Kantara Initiative is developing a standard and requirements so that organizations can demonstrate to their stakeholders that their commitments to privacy and data protection go beyond transactional and technical trust. At the end of the day people trust, or don't trust, organizations - not the technologies that the organizations use. This session will provide you with an up-to-date report on the development of these standards and requirements and also provide you with an opportunity to provide input into their development.
The presentation to be made by Stéphane Mouy (SGM Consulting - France) and Michael Adams (Quali-Sign - UK) will focus on the forthcoming eIDAS 2.0 digital identity wallets (DIWs) and the payment use case. DIWs will allow users to share high LoA identity and status credentials to various relying parties, including financial institutions, as well as meet applicable strong customer authentication requirements for payments.
The payment use case is of critical importance to eIDAS 2.0 digital identity wallets and promises to be transformational for EU payment service providers as it offers a level-playing field for payment means, whether account-to-account or card based. DIWs are also likely to play a key role for the deployment of CBDCs supporting offline interactions with embedded AML/CFT verifications.
The presentation will draw on the work of the eWallet Network presented in the Developing a digital identity solution for use by the financial sector based around eIDAS trust services report published by the EU commission in October 2021 and authored by Stéphane Mouy. It will include a live presentation of an eIDAS 2.0/ISO 23220-1 digital identity wallet offering online/offline connectivity that can be used in a variety of contexts, including for payment authorisation purposes.
The session should be of interest to anyone interested in eIDAS 2.0 developments for digital identities as well as its regulatory implications for the financial sector but also to digital payment experts. A specific focus will be made on the offline connectivity requirement for DIWs that has clear technology implications.
The world of modern urban mobility is full of - unused - opportunities. To get to their destination, people can use public transportation, take a cab or rent an e-scooter. But many options also means many providers. Anyone who uses more than one of the aforementioned forms of transportation to get from A to B will inevitably be confronted with a fragmentation of their journey. This is anything but smooth and user-friendly. A simple example makes this particularly clear: If Erika Mustermann has to go to London for a business meeting, she first takes the suburban train to the airport, then gets on a plane, and then has a cab take her to the hotel. That's three different booking processes with three different mobility providers. Decentralized technologies, on the other hand, enable a new kind of efficiency and effectiveness in the back-end networking of different providers. But how can such a seamless customer journey be implemented so that both mobility service providers and customers benefit equally? Sophia Rödiger, CEO of bloXmove, is happy to tackle this challenge in a talk on IT Trans. In doing so, she explores the question of how, for example, the individual players in local public transport can cooperate with each other while remaining independent and what role blockchain technology plays in this. She also explains how providers can save resources through the decentralized concept while gaining more customers. In addition, she puts a special focus on how the cooperation between the public and private sectors can be changed by the approach in the long term.
Long theorized as the solution to the verification problem on the internet, decentralized identity has now achieved lift-off in the marketplace. In this workshop, we’ll explain who’s interested, why, and what we learned building a series of solutions for global enterprises in the finance, health, and travel sectors. We’ll explain how we implement decentralized identity through the concept of a Trusted Data Ecosystem, and what the near future looks like for businesses who adopt this technology now, including the critical importance of verifiable digital identity to decentralized finance, the metaverse, and to the interaction of digital objects and non-digital objects in the spatial web—the “Internet of Everything.”
As customer identity programs mature, they bring new opportunities and risks. In the rush to launch new customer experiences, personal data is over-exposed and over-replicated. The default is to ship all identity attributes, to all systems, on every request in order to make access decisioning easier for application developers.
This approach disperses identity information across the application stack; which increases risks of data breach, data loss, and compromised identities. As a result, consumers lose trust and new business opportunities falter; or worse, customers like the new experience, but its success creates security and compliance liabilities that expand exponentially. To remediate the risk, data teams enter a never-ending cycle of costly data analysis and audits.
Identity architects and developers need to address privacy requirements earlier - not in post-collection data management, but instead in the application development process. While Privacy by Design and Privacy by Default principles are a helpful framework, they offer little practical guidance for developers to actually build privacy-preserving applications.
We will discuss how to use identity data at run-time, in the context of the application; how to retrofit existing applications with privacy requirements; and how to easily evolve applications over time.