By Kenneth Dagg, Chair Identity Assurance Work Group, Kantara Initiative
With more and more online purchases, consumers and businesses are rapidly moving into the digital economy. There is also a demand from citizens and businesses that governments digitally deliver more and more of their services.
Work is ongoing in federations such as the Digital Identification and Authentication Council of Canada (DIACC), the National Strategy for Trusted Identities in Cyberspace (NSTIC), the United Kingdom Identity Assurance Program (UK IDAP) and the European Union Electronic identification and trust services (eIDAS) to address these demands. As well, the Organisation for Economic Co-operation and Development (OECD) has established “Trust in the Digital Economy” as one of their four themes that will improve the economic and social well-being of people around the world.
Reports from these groups – Moving Canada into the Digital Age, A Digital Single Market Strategy for Europe, Building Canada’s Digital Future and Enhancing Online Choice, Efficiency, Security, and Privacy – indicate that national governments realize that there are significant economic growth opportunities when economies move into the digital age. As stated in Moving Canada into the Digital Age1, the case is compelling: “separate research has shown that savings for large enterprises under a digital payments system are estimated at $5 billion per year in Canada with small- and medium-sized enterprises and financial institutions capturing $700 and $600 million, respectively.” Realizing savings such as these will enable businesses to innovate the new socially responsible solutions they require to remain competitive and deliver more and better services to their clients. However, these studies identified that a critical requirement to make this growth possible was an ability to undertake digital identification and authentication.
The Kantara Initiative was established in June 2009, as a program of IEEE-ISTO, to foster identity community harmonization, interoperability, innovation, and broad adoption through the development criteria for operational trust frameworks and deployment / usage best practices for privacy-respecting, secure access to trusted online services.
A key component of the Kantara Initiative is its Identity Assurance Framework (IAF). This framework specifies the criteria against which Credential Service Providers (CSPs) are assessed to become approved by the Kantara Initiative. Enterprises, governments, verticals, and communities can trust credentials proofed and issued by Kantara Initiative approved CSPs as if they had performed the approval themselves.
As an example, the United States Government’s Federal Identity, Credential and Access Management (FICAM) Program approved the Kantara Initiative as a Trust Framework Supplier. With that approval federal agencies in the government of the United States are able to trust CSPs that Kantara Initiative approves for credentials at Levels of Assurance 1, 2, and 3 (non-PKI).
As national economies require this trust, the global economy requires inter-jurisdictional trust. A soon to be released study conducted by Kantara Initiative for the Cabinet Office of the United Kingdom indicated, identified that, with a few enhancements to both frameworks, the UK could trust US FICAM approved CSPs. This study indicates that inter-jurisdictional trust of identification is feasible and should provide an impetus to international fora to begin the work needed to make this possible. To aid in this effort Kantara Initiative will be undertaking work to evolve its IAF to more easily enable the mapping of other trust frameworks.
This work, along with the efforts underway in many nations, is moving the world along the roadway to having a viable digital economy that can be trusted by governments, consumers and businesses.
Kantara Initiative is a participating Member of the OECD-ITAC. If you would like to learn more about its IAF and how your organization can use it or contribute to its growth please contact us using https://kantarainitiative.org/contact-us/