Event Recording

The Human Impact of Identity – Women in Identity Code of Conduct

Show description
Speakers
Melissa Carvalho
Global Cyber Security Vice President
Royal Bank of Canada
Melissa Carvalho
Melissa Carvalho, RBC Global Cyber Security Vice President, leads the Cyber security Planning office and the bank’s Global Identity and Access Management group, providing cyber solutions and services for RBC’s 86,000 employees and 17 million clients. Melissa is also the Vice Chair...
View profile
Thomas Davies
Partner, Cyber Security and Risk Consulting Managed Services National Lead
KPMG Canada
Thomas Davies
Thomas is a Partner in KPMG in Canada's Cyber Security practice and leads the Risk Consulting Managed Services. Over the past 20 years, Thomas has built cyber security practices and capabilities for some of the world’s largest consultancies, private equity firms, and global financial...
View profile
Emma Lindley
Managing Director, Co-Founder
Women in Identity, Caf
Emma Lindley
Emma Lindley is Managing Director of International Expansion for CAF a digital identity company located in Brazil, USA and UK. She is also co-founder and Chair of Women in Identity a not-for-profit organisation membership organisation focused on diversity and developing inclusive products in the...
View profile
Dr. Sarah Walton
Digital Consultant, Author, Coach
International ID Code of Conduct Programme Manager, Women in Identity
Dr. Sarah Walton
Dr. Sarah Walton is a digital consultant, author, coach, and public speaker. She founded Counterpoint in 2003 to support organisations to become digital, innovate and grow. Since 1994, Sarah has worked internationally across multiple industry sectors and governments. She has contributed to...
View profile
Playlist
European Identity and Cloud Conference 2023
Event Recording
Enforce a faster sign-in with Biometrics and Pin – even for legacy apps of a DAX company
May 11, 2023

Join this session if you want to learn how a globally operating science and technology company introduced a faster and phishing-resistant sign-in – driven by the open-industry standard FIDO.

Employees use Biometrics or Pin, instead of Password & SMS, Call or App.

A “Detached Authentication” feature enables apps without FIDO/WebAuthn support and allow us to globally enforce the phishing-resistant sign-in – without fallback to other MFA methods.

Identity Verification is required for the registration and recovery of Biometrics or Pin. SaaS or self-developed identity verification methods can be used and combined.

The infrastructure for authentication and registration of Biometrics and Pin runs in a self-hosted environment. It allows us to stay true to our principles: Own Identities, Credentials and Authentication.

# What makes it unique

Passwordless Sign-in
– Biometrics of device-in-use 

Biometrics sign-in available for all apps
Detached Authentication for apps without WebAuthn


Biometrics sign-in enforced for all users
No SMS, Call or Authentication Apps


Onboarding, Registration, Recovery, Password Reset
– Self-services secured with identity verification


Centrally stored FIDO-Credentials for multiple IdPs
Self-hosted infrastructure with IdP plugins

Event Recording
High-security & interoperable OAuth 2: What's the latest?
May 10, 2023

OAuth is a widely used authorization framework that enables third-party applications to access resources on behalf of a user. However, it has been historically difficult to meet very high security and interoperability requirements when using OAuth. Daniel and Joseph have spent much of the last five years working to improve the state of the art and will present the latest developments in the field.

There are challenges when trying to achieve high security and interoperability with OAuth 2: Many potential threats need to be addressed, some not part of the original OAuth threat model. To seamless authorizations, optionality must be minimized OAuth itself and also in any extensions
used.

Six years ago, the IETF OAuth working group started work on the Security Best Current Practice document and more recently on OAuth 2.1. Meanwhile, the OpenID Foundation has created FAPI1 and FAPI2 security profiles.

We will introduce these specifications and help you understand the focus of each document and when to use which. We show how to achieve on-the-wire interoperability and high security through the use of techniques like asymmetric client authentication and sender-constraining via DPoP and MTLS. We highlight the benefits for implementers and the role of conformance testing tools.

Event Recording
Challenges, Risks and Rewards of Energy Grid Smartification
May 09, 2023
Event Recording
The European Union Goes Decentralized - Standards and Technical Architecture Behind eIDAS V2
May 12, 2023

The European Union’s regulation on Digital Identity, eIDAS, is currently being overhauled to adopt decentralized identity principles. The goal is to provide all citizens and residents across the EU with highly secure and privacy preserving digital wallets that can be used to manage various digital credentials, from eIDs to diplomas to payment instruments. Decentralized identity principles aim at giving freedom of choice and control to the end-user. Ensuring security and interoperability, however, will be challenging — especially in the enormous scale in terms of users and use cases the EU is aiming at. The choices made in eIDAS will have a huge impact on digital identity in the EU and beyond.

The so-called “Architecture and Reference Framework” (ARF) defines the technical underpinnings of eIDAS v2. Many experts from the member states and the Commission have been working on this framework over the last year, trying to select the best combination of technologies and standards out of the enormous number available in the market today. This talk will introduce the ARF and explain what architectural patterns and technical standards are adopted and how the challenges mentioned above are addressed in order to leverage on the vision of the eIDAS v2 regulation.

Event Recording
Real-time Fraud Detection - Challenges and Solutions
May 12, 2023

Fraud can be considerably reduced via speed, scalability, and stability. Investigating fraudulent activities, using fraud detection machine learning is crucial where decisions need to be made in microseconds, not seconds or even milliseconds. This becomes more challenging when things get demanding and scaling real-time fraud detection becomes a bottleneck. The talk will address these issues and provide solutions using the Hazelcast Open Source platform.

Event Recording
Lessons Learned from Implementing PBAC Solutions with OPA
May 10, 2023

During the last 3 years we have seen a significant uptake on decoupled authorizations solutions, the main drivers behind this is a move to the cloud, micros services and ZT implementations. In this speech Gustaf Kaijser will walk you through the feedback he has been getting from the organisations that have implemented OPA based solutions the last years, and the significant gains that they have seen in:

  • Automation of policy checks
  • Application development
  • Consistent policies across applications and infrastructure
  • Troubleshooting / Time to repairs
  • Cost of change
  • and audit
Event Recording
CIAM, Wallets, Decentralized - Where is "Traditional" CIAM Heading?
May 12, 2023
Event Recording
Lessons Learnt Rolling Out a B2B CIAM Program
May 12, 2023

Holcim is the Global leader in innovation and sustainable and building solutions and we are offering different digital solutions to the partners (Customers, suppliers, carriers...) making business with us. The identity among those solutions definitely need to be centralized under a CIAM solution mainly focused in the Business to Business setup in order to improve management, customer experience and compliance with regulations. During this session, it will be shared the main pain points and the lessons learnt after more than one year rolling out a CIAM program.

Event Recording
Avoiding Accidental Architecture - Implementing Graph-Based IAM & CIAM goes Beyond Better Access Control
May 11, 2023

Graph is having its moment and rightfully so. Regulatory challenges, overly complex authorization scenarios and retrofitting legacy programs to meet new business needs are squeezing businesses. Implementing a graph-based approach can remove these obstacles and reduce risk. 

But for many businesses, this is where graph-based implementations start and stop. 

In this session, we will discuss how to turnidentity data into identity knowledge and what that can deliver. We will dive into data models that drive contextual and real-time decisions - data models which are foundational for enabling complex authorization use cases and beyond. 

Finally, we will explore the benefits of graph-based deployments in your existing environments, including the value of a holistic and visually simplified data model and avoiding the accidental architecture challenge

Event Recording
Pros & Cons of Anonymity and ZKP - Do we Know Them?
May 12, 2023

Within the digital identity wallet-movement (and especially SSI), there is a lot of focus on proving something about yourself, without revealing anything else, also known as ZKP (Zero-Knowledge Proof). It is important to realize that if we build this into the future identity systems, we will also grant any criminal the right to full anonymity.
While there are some marginal use cases (buying beer and adult materials) where we might want this, using ZKP also excludes accountability, unless there is a way to reveal the identity behind the proof. This would then be pseudonymity, and the challenge here, is who is authorized to reveal this, and how to prevent mis-use.

Event Recording
Disruption Time? How to Approach and Embrace Decentralized Identity Inside the Enterprise
May 11, 2023

Decentralized Identity is about to change the way we do IAM in enterprises. It is not just about the C-identities (consumers, customers, citizens). This raises two questions: What do to differently in IAM, to leverage the potential of decentralized identities? And what not to do anymore, because it is becoming legacy? IAM, without any doubt, will change fundamentally. But is it about rip-and-replace of IAM and in particular IGA, or about complementing it? In this panel,  we dive into this decentralized lake of innovation, new standards, products, vendors and start-ups in order to find out how to benefit from DIDs in the enterprise.

Are there interoperability models and how could a longer-term migration scenario look like? What about Identity Workflow Orchestration? Join this great panel session to discuss the way forward for workforce identity.

Event Recording
FIDO 2: Zero Trust in Action with Passwordless Phishing Resistant Authentication
May 10, 2023

By now, organizations are well aware of the need for better protecting data and application with modern access management and authentication.
Thales and Microsoft partner to help organizations going passwordless to fight against phishing attacks. Thales and Microsoft experts Sarah Lefavrais and Thomas Detzner will talk about the role of Fido and other phishing resistant authentication methods like CBA in achieving Zero Trust approach.