How can trusted identities be accepted by governments and industries?
From IIW
How Can Trusted Identities Be Accepted By Governments and Industries?
Tuesday 4D
Convener: Scott Perry
Notes-taker(s): Thomas Berry
Tags for the session - technology discussed/ideas considered:
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
- Collecting identities to add trust is too much work
- Australia: trusted digital identity framework (everything must be registered/imported)
- What would it take for a country to accept fingerprints obtained from another (identity proofing)
- Credential is issued for a service and used for someone nefarious; who is liable?
- Credit unions are getting exciting self-sovereign credentials to its customers; works within a single credit union (issuer and relying party); uses credential with another institution (bank) what is going to happen?
- The issuer can’t be responsible for how the extended identity has been used.
- The elements of consent has to be trusted (i.e., donor label on driver’s license)
- What is needed to trust the identification
- Issuer of identity
- Who is the auditor of the issuer
- what does the relying party have to care about the issuer
- The relying party only cares about making money; more money, more risk (accepted)
- User experience is the biggest driver; more cases of use is a driver for acceptance
- Business: identity proofing shop, issue digital credential that proves identification
- Issue: acceptance (government, medical, etc.)
- Australia: MyGov and Medical; not interchangeable