FEDERATED IDENTITY: BUILDING TRUST IN AN UNTRUSTWORTHY WORLD ANDRE BOYSEN, CHIEF IDENTITY OFFICER, SECUREKEY
In today’s world where data breaches and identity theft flood the headlines, consumers remain hesitant to share and ultimately trust their personal information with online services. Further complicating matters is the need to remember multiple usernames and passwords to access and conduct business with these services. The concept of federated identity is often thrown around as a solution, but many people still don’t understand what it is and how it secures online transactions. Federated identity enables people to conduct transactions at will, and when done correctly, can be effortless for the end-user while improving visibility and control over what is shared. It also ensures destination services don’t receive information that users have not consented to share.
FEDERATED IDENTITY ENABLES PEOPLE TO CONDUCT TRANSACTIONS AT WILL, AND IT ALSO ENSURES DESTINATION SERVICES DON’T RECEIVE INFORMATION THAT USERS HAVE NOT CONSENTED TO SHARE
Before credit cards and debit cards were introduced, merchants were hesitant to accept paper checks unless they had a personal relationship with a customer for fear the check would bounce. This reticence was the result of a lack of trust and too much risk. However, once banks developed credit cards, merchants didn’t have to trust the customer per se, because the bank was standing behind the consumer to vouch for the transaction. For example, when a consumer uses their Bank of America debit card – or any bankcard – to extract money from an ATM in London, they’re able to do so with zero friction because there is established trust between the consumer’s bank and the bank ATM located in London. This is federated identity at its finest, enabling the user to easily access a service of their choosing in such a way that the service provider can trust they would get paid – and the user can trust they will not be overcharged. The same authentication concept can be applied to other services. If someone is using banking credentials to access an online service,
the online service can trust that the authorized individual is the one using the credential and there is no implication of identity. In turn, the consumer can trust that the information shared will be securely processed without oversharing personal information. Government agencies are applying this federated authentication model to their environments as well. SecureKey’s Concierge service, for example, is enabling Canadian citizens secure access to
more than 80 online government services by using their banking credentials to authenticate access. Partnering with the largest financial institutions in Canada – including BMO Financial Group, Choice Rewards MasterCard, Scotiabank, Tangerine, TD Canada Trust, Desjardins, Royal Bank of Canada, and more – consumers can use their login credentials to access many of the online services offered by the government, including those from Service Canada and the Canada Revenue Agency. Today, more than 4 million Canadian citizens are using the incredibly convenient, secure model and are free from having to remember yet another set of credentials. Canada’s successful federated network serves as a shining example that should inspire others to adopt the same model that can work at Internet scale. Done correctly, it can alleviate both the consumers’ headaches and the online services’ risk as well.