How can trusted identities be accepted by governments and industries?

From IIW

How Can Trusted Identities Be Accepted By Governments and Industries?


Tuesday 4D

Convener: Scott Perry

Notes-taker(s): Thomas Berry


Tags for the session - technology discussed/ideas considered:


Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:


  • Collecting identities to add trust is too much work
  • Australia: trusted digital identity framework (everything must be registered/imported)
  • What would it take for a country to accept fingerprints obtained from another (identity proofing)
  • Credential is issued for a service and used for someone nefarious; who is liable?
  • Credit unions are getting exciting self-sovereign credentials to its customers; works within a single credit union (issuer and relying party); uses credential with another institution (bank) what is going to happen?
  • The issuer can’t be responsible for how the extended identity has been used.
  • The elements of consent has to be trusted (i.e., donor label on driver’s license)
  • What is needed to trust the identification
    • Issuer of identity
    • Who is the auditor of the issuer
  • what does the relying party have to care about the issuer
    • The relying party only cares about making money; more money, more risk (accepted)
  • User experience is the biggest driver; more cases of use is a driver for acceptance
  • Business: identity proofing shop, issue digital credential that proves identification
    • Issue: acceptance (government, medical, etc.)
    • Australia: MyGov and Medical; not interchangeable