Frequently Asked Questions (FAQ)
Who is invited to join the GAIN Technical POC?
We invite any and all to join this initiative, whether as an organization that can feed high-trust identity information into the network (an Identity Information Provider) or as an organization that needs to verify identity information in order to provide services to end users (a Relying Party). Individuals and Observers are also welcome to join. The only prerequisites are that stakeholders use existing open standards and sign a Participation Agreement.
Is there a cost to join or any kind of ongoing fees?
No.
Do I need to be a member of OIDF to join the technical POC?
No. Participants will need to sign a Participation Agreement that enables interoperability testing (vs. working groups that create/update standards). The basic OIDF principles of openness and sharing continue to apply. A hardcopy of the Participation Agreement can be found here if digital signature does not work for you.
Is GAIN just for banks?
No. All are welcome. Although the GAIN white paper called upon the world’s Financial Institutions to step into the role of Identity Information Provider and catalyze the creation of this network, the co-authors are united in envisioning a network that is inclusive of other high-trust IIPs.
Why does GAIN use the term IIP instead of IDP?
The editors of the GAIN white paper took on feedback that the term “Identity Provider” (or IDP) can conflate roles in identity ecosystems. In some cases, institutions who provision digital identities will connect to GAIN. In other cases, the institution that has verified identity information did not provide the identity itself. Instead, they are the custodians of private information – and they have invested in identity proofing and authentication capabilities. “Identity Information Provider” is a term (defined in ISO/IEC 24760 1) that better reflects the business role within the network.
Who or what can be an Identity Information Provider (IIP)?
Any highly trusted (usually regulated or government) entity can be an IIP if they have invested in identity proofing and the ability to authenticate a user in-session.
Does GAIN prefer or presume a technical approach or architecture?
No. GAIN’s central goal is interoperability – across borders and across technological approaches. The Community Group will allow for various technical interfaces and protocols and demonstrate, within the POC, the use of OpenID connect in both a classic server-based architecture and within the Self-Issued alternative. The group also hopes to demonstrate other standardized interfaces, e.g. those based on the work of the W3C DID Working Group and other SSI and decentralized solutions.
Is GAIN just another federated model?
Not really. GAIN’s central goal is interoperability. It is a network of networks, which does not prefer or presume a particular technical architecture. The Community Group will allow for various technical interfaces and protocols and demonstrate, within the POC, the use of OpenID connect in both a classic server-based architecture and within the Self-Issued alternative. The group also hopes to demonstrate other standardized interfaces, e.g. those based on the work of the W3C DID Working Group and other SSI and decentralized solutions.
Use of the word ‘federated’, though accurate in some respects, may obscure the breadth of the GAIN vision.
Is GAIN (or will GAIN be) a new legal entity or commercial initiative?
No. The GAIN Technical POC is a collaboration between like-minded stakeholders who seek to collaborate to test for global technical interoperability in a safe, open space. Meanwhile, the Open Identity Exchange (OIX) will continue to explore the non-technical requirements to make the GAIN concept work across borders, including the required contents of a Global Interoperability Framework. With that said, the GAIN concept may enable new commercial services or organizations to enter the marketplace.