OIDF Sessions at 2022 Authenticate Conference & FIDO Member Plenary — October 2022

Published October 19, 2022

The OpenID Foundation was pleased to be a part of the 2022 Authenticate Conference on Tuesday, November 18, 2022 and the FIDO Alliance Member Plenary on Wednesday, November 19, 2022 in Seattle.

Session details with links to presentations are below.

2022 Authenticate Conference

The OpenID Foundation Strategy & a Deep Dive on FAPI and the Global Open Banking, Open Data Movement – download presentation

Presenters: Gail Hodges, OpenID Foundation Executive Director and Anoop Saxena, OIDF Member (Intuit) & FAPI Working Group Co-Chair

Session abstract:

The OpenID Foundation standards are used today for consumer and enterprise login, open banking, open health, digital identity issuance and acceptance, and other federated identity use cases. We will give a brief overview of the OpenID Foundation’s strategy to serve the global community with its standards and certification capabilities. Then we will do a deep dive on the FAPI security profile in the context of Open Banking and Open Data implementations that are cascading around the world. The FAPI Security profile has been selected by public and private networks in the US, UK, Brazil, Australia, Norway and beyond. They are also a leading contender to enable cross border use cases. Background on FAPI and the global Open Banking, Open Data movement can be found in two OIDF whitepapers published this year:

  1. A Primer on the global movement behind Consent-Based movement of Data “Open Banking and Open Data and the Financial Grade API.” (final) https://openid.net/wordpress-content/uploads/2022/03/OIDF-Whitepaper_Open-Banking-Open-Data-and-Financial-Grade-APIs_2022-03-16.pdf
  2. A first Editor’s draft on how open banking implementations in different markets can interoperate, and the leading use cases to enable them: “Open Banking and Open Data: Ready to Cross Borders?” – https://openid.net/wordpress-content/uploads/2022/07/OIDF-Whitepaper_Open-Banking-Open-Data_1st-Editors-Draft_2022-07-29.pdf

2022 FIDO Member Plenary

OIDF Sessions at FIDO Member Plenary – download presentations

Welcome & Opening Remarks
Presenter: Gail Hodges – OpenID Foundation Executive Director

Shared Signals & Events: A Secure Webhooks Framework
Presenter:  Atul Tulshibagwale – SGNL

Lack of interoperability between products from different vendors hampers customer adoption and results in poorer security outcomes. Interoperable standards such as the Continuous Access Evaluation Profile (CAEP) of the Shared Signals and Events (SSE) Framework provide a great way to communicate session assurance changes and other ways in which account and session related information can be conveyed interoperably and asynchronously between parties that share users. Featured by Gartner as an innovation trigger in their 2022 Digital Identity Hype Cycle, CAEP and the SSE framework it relies on is growing in adoption. Learn more about the standard and how to adopt it in your environments in this talk. 

OpenID for Verifiable Credentials (OpenID4VC): Addressing Self-Sovereign Identity, Decentralized Identity, or User-Centric Identity
Presenter: Kristina Yasuda – Microsoft

The OpenID Connect for Verifiable Credentials (OpenID4VC) protocol family is facilitating significant adoption of Verifiable Credentials, empowering individuals to take control of their own identity. By using OAuth 2.0 and OpenID Connect, a cornerstone of modern Identity systems as the foundation, OpenID4VC ensures that Verifiable Credentials applications are trusted, secure, interoperable, and easy to deploy. For that reason, OpenID4VC specifications are already being adopted and deployed in a number of implementations, rapidly becoming the foundation of many Verifiable Credentials solutions. OpenID4VC consists of three specifications: Self-Issued OpenID Provider v2 (SIOP v2), OpenID Connect for Verifiable Presentations (OIDC4VP), and OpenID Connect for Verifiable Credential Issuance (OIDC4VCI). They enable existing OAuth 2.0/OpenID Connect Relying Parties to receive Verifiable Presentations and existing OAuth 2.0 Authorization Servers/OpenID Connect OpenID Providers to issue Verifiable Credentials in any credential format including W3C Verifiable Credentials and ISO/IEC 18013-5 mdocs. In this session, we will discuss use cases motivating the work, how these protocols solve the problems, what challenges remain, and how they have come together to weave a web of trust.

“A Review of the Global Assured Identity Network (GAIN): One Year On”
Presenter:  Elizabeth Garber – Co-Chair GAIN Proof of Concept

This session will provide a one-year update on the Global Assured Identity Network (GAIN) initiative including what’s next including seeking your input and contributions as GAIN transitions to focusing on how interoperability in enabled globally.

  • What is GAIN
  • GAIN progress since 13th September 2021
  • GAIN MOU and supporting signatories
  • OIX Global Interoperability WG
  • Planned updates to GAIN Paper
  • Outlook for the next 6 months
  • Wrap up and Call to action

OIDF Government Whitepaper Listening Session: “Citizen-Centric Identity Systems” (view session recording)
Presenter: Elizabeth Garber – Whitepaper Co-Author

The OpenID Foundation is developing a whitepaper for governments and their associated stakeholders with the goal of supporting them in making good decisions when implementing citizen-centric digital identity systems – and to help them understand where OIDC and its extensions fit in. This session will be a facilitated discussion about the key concerns of government when thinking about digital identity:

  • The Role of Government
  • Key Stakeholders
  • Adoption
  • Balancing privacy/security/trust
  • Resilience
  • Economic Benefits
  • Technology and Interoperability
  • How existing standards fit in

OIDF Privacy Whitepaper Listening Session: “Help Design a Scalable Future for Personal Privacy” (view session recording)
Presenter: Heather Flanagan – Principal at Spherical Cow Consulting

Government-issued digital IDs have the potential for amazing societal impact but getting there from here means bridging the gaps in identity validation, verification, privacy, and control. In this session, we offer an open conversation to gather different perspectives on how policies and protocols need to evolve to help government-issued IDs fill their role in a global privacy-preserving infrastructure. Come join us to be a part of thinking outside the box of today so we can achieve tomorrow’s promise of government-issued IDs as a benefit to all. 

Closing Remarks, Open Q&A and Networking
Presenter: Gail Hodges – OpenID Foundation Executive Director