Technology / Secure transaction system puts its trust in the customer
Secure transaction system puts its trust in the customer
2 June 2015 |
The Global Identity Foundation (GIF) is working with the security industry to develop a single, open source, globally accepted, digital ecosystem called Identity 3.0 which can be used in making secure and trusted online and offline transactions.
The idea behind Identity 3.0 is to be able to understand the context in which an entity – a person, device, code, agent, or organisation – is operating, to a known level of trust. The entity (typically a person) only shares the attributes and information that is essential to the transaction they want to undertake.
This allows the parties involved in the transaction to make a risk-based decision about whether to transact, or whether they require additional information before proceeding. All of this happens in the background, invisible to the user, or with minimal interaction. The goal for the development of Identity 3.0 is for it to become the overarching ecosystem that will be accepted by governments and corporations all over the world. It builds on the work of the Jericho Forum.
Paul Simmonds, CEO of the GIF and ex co-founder and board member of the Jericho Forum, says: “We are taking a bunch of work which was originally done by the Jericho Forum on identity before it disbanded. The Jericho Forum came to some very radical conclusions that authentication and identity is horribly broken and the bad guys are busy exploiting it.
“Online credit card fraud, phishing, and cyber-crime all succeed by fraudulently using someone else’s identity, and users are rightly concerned about access to their personal information. In 2014 alone, millions of user records were stolen through data breaches, including those at Sony, eBay, and JP Morgan. In a world where we shop and bank online, and share personal details on social media, we urgently need to move beyond passwords and basic web security.
“The question is, what are we going to do about it as an industry? If we do not do something radically different, the problem is only going to get worse. At the moment the bad guys are winning bigger and better than the good guys. What people want is a simple solution that will put them back in control of who they trust in their digital lives. Identity 3.0 has the potential to stop much of the cybercrime going on today.”
The GIF is looking for vendors, academics and security experts to contribute to the development of Identity 3.0 as research sponsors and partners. In the first project phase, the GIF will define practical use scenarios, future directions for development, and pilot projects to determine the viability for a global deployment of the solution.
Dr Steve Moyle, COO of the GIF, says: “Collaboration in a vendor-neutral environment is key to making this work globally. We need to be able to answer key questions such as ‘will the Chinese accept a US identity and vice versa’ and ‘can I verify that identity attributes are authoritative?’.
“Solving these and other identity problems is of benefit to all companies and governments
on the planet today.”