The OpenID Foundation was pleased to be a part of the 2022 Authenticate Conference on Tuesday, November 18, 2022 and the FIDO Alliance Member Plenary on Wednesday, November 19, 2022 in Seattle.
Session details with links to presentations are below.
2022 Authenticate Conference
The OpenID Foundation Strategy & a Deep Dive on FAPI and the Global Open Banking, Open Data Movement – download presentation
Presenters: Gail Hodges, OpenID Foundation Executive Director and Anoop Saxena, OIDF Member (Intuit) & FAPI Working Group Co-Chair
The OpenID Foundation standards are used today for consumer and enterprise login, open banking, open health, digital identity issuance and acceptance, and other federated identity use cases. We will give a brief overview of the OpenID Foundation’s strategy to serve the global community with its standards and certification capabilities. Then we will do a deep dive on the FAPI security profile in the context of Open Banking and Open Data implementations that are cascading around the world. The FAPI Security profile has been selected by public and private networks in the US, UK, Brazil, Australia, Norway and beyond. They are also a leading contender to enable cross border use cases. Background on FAPI and the global Open Banking, Open Data movement can be found in two OIDF whitepapers published this year:
- A Primer on the global movement behind Consent-Based movement of Data “Open Banking and Open Data and the Financial Grade API.” (final) https://openid.net/wordpress-content/uploads/2022/03/OIDF-Whitepaper_Open-Banking-Open-Data-and-Financial-Grade-APIs_2022-03-16.pdf
- A first Editor’s draft on how open banking implementations in different markets can interoperate, and the leading use cases to enable them: “Open Banking and Open Data: Ready to Cross Borders?” – https://openid.net/wordpress-content/uploads/2022/07/OIDF-Whitepaper_Open-Banking-Open-Data_1st-Editors-Draft_2022-07-29.pdf
2022 FIDO Member Plenary
OIDF Sessions at FIDO Member Plenary – download presentations
Welcome & Opening Remarks
Presenter: Gail Hodges – OpenID Foundation Executive Director
Shared Signals & Events: A Secure Webhooks Framework
Presenter: Atul Tulshibagwale – SGNL
Lack of interoperability between products from different vendors hampers customer adoption and results in poorer security outcomes. Interoperable standards such as the Continuous Access Evaluation Profile (CAEP) of the Shared Signals and Events (SSE) Framework provide a great way to communicate session assurance changes and other ways in which account and session related information can be conveyed interoperably and asynchronously between parties that share users. Featured by Gartner as an innovation trigger in their 2022 Digital Identity Hype Cycle, CAEP and the SSE framework it relies on is growing in adoption. Learn more about the standard and how to adopt it in your environments in this talk.
OpenID for Verifiable Credentials (OpenID4VC): Addressing Self-Sovereign Identity, Decentralized Identity, or User-Centric Identity
Presenter: Kristina Yasuda – Microsoft
The OpenID Connect for Verifiable Credentials (OpenID4VC) protocol family is facilitating significant adoption of Verifiable Credentials, empowering individuals to take control of their own identity. By using OAuth 2.0 and OpenID Connect, a cornerstone of modern Identity systems as the foundation, OpenID4VC ensures that Verifiable Credentials applications are trusted, secure, interoperable, and easy to deploy. For that reason, OpenID4VC specifications are already being adopted and deployed in a number of implementations, rapidly becoming the foundation of many Verifiable Credentials solutions. OpenID4VC consists of three specifications: Self-Issued OpenID Provider v2 (SIOP v2), OpenID Connect for Verifiable Presentations (OIDC4VP), and OpenID Connect for Verifiable Credential Issuance (OIDC4VCI). They enable existing OAuth 2.0/OpenID Connect Relying Parties to receive Verifiable Presentations and existing OAuth 2.0 Authorization Servers/OpenID Connect OpenID Providers to issue Verifiable Credentials in any credential format including W3C Verifiable Credentials and ISO/IEC 18013-5 mdocs. In this session, we will discuss use cases motivating the work, how these protocols solve the problems, what challenges remain, and how they have come together to weave a web of trust.
“A Review of the Global Assured Identity Network (GAIN): One Year On”
Presenter: Elizabeth Garber – Co-Chair GAIN Proof of Concept
This session will provide a one-year update on the Global Assured Identity Network (GAIN) initiative including what’s next including seeking your input and contributions as GAIN transitions to focusing on how interoperability in enabled globally.
- What is GAIN
- GAIN progress since 13th September 2021
- GAIN MOU and supporting signatories
- OIDF GAIN PoC
- OIX Global Interoperability WG
- Planned updates to GAIN Paper
- Outlook for the next 6 months
- Wrap up and Call to action
OIDF Government Whitepaper Listening Session: “Citizen-Centric Identity Systems” (view session recording)
Presenter: Elizabeth Garber – Whitepaper Co-Author
The OpenID Foundation is developing a whitepaper for governments and their associated stakeholders with the goal of supporting them in making good decisions when implementing citizen-centric digital identity systems – and to help them understand where OIDC and its extensions fit in. This session will be a facilitated discussion about the key concerns of government when thinking about digital identity:
- The Role of Government
- Key Stakeholders
- Balancing privacy/security/trust
- Economic Benefits
- Technology and Interoperability
- How existing standards fit in
OIDF Privacy Whitepaper Listening Session: “Help Design a Scalable Future for Personal Privacy” (view session recording)
Presenter: Heather Flanagan – Principal at Spherical Cow Consulting
Government-issued digital IDs have the potential for amazing societal impact but getting there from here means bridging the gaps in identity validation, verification, privacy, and control. In this session, we offer an open conversation to gather different perspectives on how policies and protocols need to evolve to help government-issued IDs fill their role in a global privacy-preserving infrastructure. Come join us to be a part of thinking outside the box of today so we can achieve tomorrow’s promise of government-issued IDs as a benefit to all.
Closing Remarks, Open Q&A and Networking
Presenter: Gail Hodges – OpenID Foundation Executive Director