EEMA Intelligence Report: Will Distributed Identity Ever Be Intelligible to the Average Citizen?

EEMA has published its first EEMA Intelligence Report, providing new research findings and world-leading expert commentary on the issue – Will Distributed Identity Ever Be Intelligible to the Average Citizen?

Distributed Identity is the new buzz-phrase for the identity industry and is focused on the premise that citizens should be give more control over their identity an how much information is shared and with whom. As Identity experts grapple with the philosophical, technological, logistical and legal aspects regarding if and how Distributed Identity becomes a reality, there is a question mark over whether those it aims to empower will fully comprehend and embrace the concept.

The EEMA Intelligence Report asks the question – Will Distributed Identity Ever Be Intelligible to the Average Citizen? And the results reveal that  43% believe that it needs to be invisible to the average person; 32% say that it is easy to understand with some public education, whilst  25% of the 92 respondents think it’s  too complicated and will not succeed.

The new paper includes insights from John Erik Setsaas, VP of Identity and Innovation at Signicat in Norway; Marc Sel, Founder and director of Trust Warp, based in Belgium and Arkadiy Kremer from RANS in Russia. Marc Sel comments: “One can but hope that some Distributed Identity solutions will prove their value in practice, while respecting the law including the protection of its users privacy. After all, many people are capable of driving a car without understanding the details of its inner working.”

Chair of EEMA, Jon Shamah, states: “The key for distributed identity is to offer functionality that can require no additional effort (or thought) by the consumer. Therefore, an almost plug-and-play changeover must be offered. Not easy if the paradigm is so different, and Distributed Identity is indeed different.”

Shamah adds: “We are proud to start 2021 with the launch of this exciting new initiative.” The EEMA Intelligence Report takes advantage of EEMA’s privileged position, having unfettered access to an extensive global network of world-leading experts, working at the highest levels in corporate organisations, national governments, EU departments and academic institutions. Each report provides high-level vendor neutral insights into current and future trends and technologies that could impact society, commerce and governance.  

The first EEMA Intelligence Report is available to EEMA members and non-members as a free download available at: eema-intelligence-first-edition.pdf

GLASS to Place EU Citizens in Control of Their Personal Information and Streamline Access to eGovernment Services Across Member States

GLASS – SinGLe Sign-on eGovernAnce paradigm based on a distributed file exchange network for Security, transparency, cost effectiveness and truSt – is a new EU funded Horizon 2020 project (H2020-EU.3.6.2.2.), which runs from 1st January 2021 until 31st December 2023. The initiative will use blockchain technology to deliver a distributed framework for sharing common services of public administration across the EU, for the benefit of citizens, businesses and governments.

The rapid growth of information and communication technology and its ubiquitous presence in everyday life has significantly affected the way government services are delivered today. This poses constant challenges to safeguard the data confidentiality and integrity of eGovernment services, while increasing its adoption and usage by citizens and businesses. GLASS caters for a ‘European Common Services Web’, bringing closer together citizens, businesses and European governments.

GLASS will introduce novel governance services that facilitates free movement for citizens and businesses. In doing so it will create a strong social, societal, economic, technological and scientific impact, leading to an advanced eGovernment solution that is fully aligned with the EU eGovernment Action Plan 2016-2020 and the EU Digital Single Market Strategy. These new services will be demonstrated by three real case scenarios concerning paperless cross-border bureaucratic processes.

GLASS is a citizen-centric project that will deliver a streamlined process for EU citizens to quickly and easily share evidences, such as a birth certificate or driving licence, with third-parties in other Member States, in order to access the eGovernment services they require. All consortium participants believe that the project will create a new paradigm for the friction-free sharing and transfer of evidences, where the citizen remains in full control.

The GLASS project consortium, led by Uni Systems Information Technology Systems Commercial SMSA, brings together 12 interdisciplinary partners from eight countries to deliver a novel eGovernance model and address the challenges that governance structures in the EU are currently facing – from divergent and legal groundwork to physical and technological limitations – towards the democratization and openness of the public administration services.

The GLASS consortium partners are:

Universities / Research Organisations

  • Uni Systems Information Technology Systems (Greece) [Coordinator]
  • Edinburgh Napier University (United Kingdom)
  • Fraunhofer Gesellschaft Zue Foerderun Der Angewandten Forschung E.V. (Germany)
  • Unisystems Luxembourg SARL (Luxembourg)
  • University of Patras (Greece)

Public Authorities

  • Istanbul Metropolitan Municipality (Turkey)
  • Ministério da Justiça (Portugal)
  • Ministry of Digital Governance (Greece)

Technology Providers / Domain Specialists

  • European Electronic Messaging Association AISBL (Belgium)
  • PDM E FC Projecto Desenvolvimento Manutencao Formacao E Consultadorialda (Portugal)
  • Suite5 Data Intelligence Solutions Limited (Cyprus)
  • Teknoloji Arastirma Gelistirme Endustriyel Urunler Bilisim Teknolojileri Sanayi Ve Ticaret Anonim Ticaret (Turkey)
  • Ubitech Limited (Cyprus)

This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 959879.

SecureDrives offers new GateKeeper Proximity passwordless authentication

SecureDrives has launched the latest version of the GateKeeper Proximity passwordless authentication solution, which uses a wireless key to help companies automate password management and lock PCs when unattended.

This new launch extends SecureDrives’ partnership with product developer Untethered Labs, and enables organisations in the UK, mainland Europe and the US to benefit from a range of new features which increase ease of use while maintaining the highest levels of security.

Demand for passwordless authentication is growing rapidly. According to Microsoft, more than 150 million people use passwordless authentication every month, and analysts Gartner predict that by 2022 60% of large and global enterprises and 90% of midsize enterprises will implement passwordless methods in more than 50% of use cases.

The updated GateKeeper Enterprise platform, available in both cloud and on-premise versions, adds three key features:

  • a desktop password manager/vault which allows users to save passwords for all their desktop applications in their GateKeeper profile. This speeds up access to applications such as VPN clients, electronic health records etc. while maintaining security.
  • a backup login method which enables users to log in securely even if they do not have their GateKeeper token with them. Users scan a QR code using Google Authenticator or a similar app and use it to generate a One Time Passcode (OTP) on their phone. They can then log in to their computer using their email address and the OTP code.
  • the ability for users to share passwords from their GateKeeper profile to other users registered on the GateKeeper enterprise system, reducing the need to make passwords public by insecurely writing them on paper.

GateKeeper includes continuous two-factor authentication and uses AES256 encryption. It is compatible with both Windows and Mac and integrates with Active Directory. For enterprises or multiple installations of 5 to 5,000 workstations, GateKeeper is provided as a subscription service, with price dependent on features and number of users. It is also available as a single-user version.

“What makes GateKeeper so attractive is that it’s designed to provide security based on how people actually work, such as leaving their desk without logging out, and sharing computers in sectors such as healthcare and manufacturing,” explains SecureDrives CEO Paul Norbury. “These new features will save users even more time and further improve their security. No-one can possibly remember all their passwords – a survey by Accenture found that in healthcare, an astounding 21% of employees write down their usernames and passwords on paper – so this is the ideal solution for the way we work today.”

CEO of Untethered Labs, Dr Sid Potbhare, shares his experience with clients preferring stronger security measures: “A study by Google and several universities testing 2FA methods against automated bots and bulk phishing attacks found that only hardware tokens were 100% effective against these attacks. So, if you’re looking for security, hardware tokens are the way to go. If you misplace your token, admins can disable them instantly. Passwords are not stored on the key itself.”

GateKeeper is already used at hospitals, law enforcement agencies, and offices of all kinds, saving users both time and money. At Iron Country Medical Center, for example, each department of 20 people is gaining 75 to 95 minutes every day by using continuous proximity login and logout.

Digital Identity Expert Steve Pannifer Joins EEMA Board of Management

EEMA has announced the appointment of Steve Pannifer  – Chief Operations Officer at Consult Hyperion – to  its Board of Management. A well-respected expert in the field of digital identity, he has worked on leading initiatives for card schemes, banks and governments around the world.

Steve Pannifer joined Consult Hyperion in 1999, a company that is highly regarded for its expertise in the areas of digital identity, payments and smart ticketing. “Through my work at Consult Hyperion I am fortunate to be involved in many interesting developments around the world, especially in identity and payments,” comments Pannifer. “My hope is that this will enable me to bring ideas and connections that will help to shape and guide EEMA’s future activities.”

Pannifer has been part of the EEMA community for many years, including collaborating on the Horizon 2020 project, FutureTrust, as an advisory board member. Recently, he has chaired panel sessions with ENISA and EEMA Board of Management members – Kim Cameron and Dave Birch – during the EEMA Annual Conference in June 2020, and EEMA’s ISSE 2020 webinar ‘The European Single Identity System’ in November 2020.

He adds: “EEMA presents a fantastic way to connect into the many digital identity and related developments across Europe and beyond. The combination of conferences, fireside sessions and projects is unique. As well as meeting people EEMA offers the chance to work with those people on forward looking projects.”

Chair of EEMA, Jon Shamah, comments on the appointment: “I am delighted to welcome Steve to the EEMA Board of Management. He is very well respected in the field of digital identity and has long been a generous contributor to our community, sharing his wealth of experience and expertise.”

Steve  joins EEMA’s strong Board, whose members are world class experts in their fields and together form a strong, knowledgeable and vibrant body. The EEMA Board of Management are:

  • Kim Cameron, Contributor and Advisor on Digital Identity
  • Jon Shamah, EJ Consultants
  • Rick Chandler, Advanced Office Systems
  • Lorraine Spector, LS Consultants
  • Dave Birch, Global Author and Advisor on Digital Financial Services
  • Ronny Bjones, Microsoft
  • Robert Garskamp, IDentity.Next
  • Steve Glagow, DeveloperProgram.Com
  • Alessandro Guarino, StAG
  • Hugo Kerschot, IS-practice
  • Arkadiy Kremer, RANS
  • Arthur Leijtens, FLIGHTMAP.com
  • Herbert Leitold, A-SIT
  • Ulf Linnarsson, Volvo Group
  • Prof Bart Preneel, KU Leuven
  • John Erik Setsaas, Signicat AS
  • Dr George Sharkov, European Software Institute
  • Hans Graux, Timelex
  • Steve Pannifer, Consult Hyperion

ARTICLE: The Path to Digital-First Begins With Identity Management, CEO of Ubisecure, Simon Wood

The COVID-19 crisis has dramatically affected organisations across every industry. It has become clear that business survival in such unprecedented times is dependent on adapting to a new future where everything is digital.

This transition to digital-first is driven by three fundamental areas: operating remotely and securely; increasing operational efficiency and reducing costs; and protecting or salvaging revenue. A successful outcome for each area relies on managing digital identities effectively and securely.

Identity management, or becoming identity-centric, is a fundamental starting point in the process to become what many CEOs are describing as “digital to the core”.

Securing remote operations

Every company has had to move rapidly to keep operations running remotely. Even the simplest business processes now need to be digital, which has had a major impact on employees, customers, partners and suppliers, and led to a wave of new security challenges.

Under normal circumstances, employees would be managed by workforce Identity and Access Management (IAM). Yet, with remote working as the new norm, internal users (employees) start to behave like external users (partners, contractors, or customers). For the first time, employees do not have easy access to IT help desks or the security of the office. Their privileged access rights to sensitive resources need to be made available through the public Internet.

Remote working has meant cyberattacks are dramatically increasing. As one example, hackers have launched a new range of phishing attacks which attempt to steal the credentials of Cisco Webex users through fake certificate error warnings. 47% of security professionals have been redeployed from their frontline security duties to assist with other aspects of IT, compounding the issue of risk.

Additionally, with physical stores and face to face services now out of bounds, customers require a digital experience for every interaction. More accounts are being registered than ever before, and where users have old accounts, they will be revisited, often requiring a reset of old identity credentials – creating another opportunity for attackers.

When it comes to partners and suppliers, to keep supply chains functioning, services need to be available remotely. As an increasingly attractive target to hackers, supply chains will continue to be under threat as they are further digitised.

Increasing efficiency and controlling costs

Revenue growth is currently a common challenge, so many businesses are protecting their bottom line through other measures, like controlling costs and increasing operational efficiency. Remote working, however, has generated challenges around support desks and admin processes.

By automating manual workflows, companies can gain productivity or cost efficiencies. The current acceleration to digital has provided a unique opportunity for organisations looking to automate existing workflows.

Optimising experience to protect revenue

User experience will also play a key role for businesses aiming to gain a competitive advantage while transitioning towards digital-first offerings.

With digital services now accelerating across every industry, customer expectations are on the rise. They expect user-friendly, streamlined and efficient services when using apps – and if businesses fail to match these demands, customers can easily turns to a company’s competitors.

Ultimately, if businesses wish to retain and engage with existing customers, while also attracting new customers, providing a seamless and safe user experience is vital.

The critical role of identity

The blurring lines between internal and external users has rendered many legacy IAM systems for internal users unsuitable. Businesses have had to reassess current identity management practices and turn to modern Customer IAM (CIAM) solutions instead.

Single Sign-On (SSO), designed for external user (remote employees and customers) usage, is a good example of a CIAM capability that offers important value to a digital-first, identity-centric enterprise. As new services launch, it allows users to use a single set of identity credentials and one digital identity as they move through connected services. With fewer credentials to manage, it decreases the risk of compromise and lowers the costs for the support desk.

Multi-Factor Authentication (MFA) is another good example of how the CIAM approach differs from the legacy IAM approach. Whereas office workers have little choice and have IT helpdesk support to deal with clunky MFA devices, external users need simple, difficult-to-lose MFA solutions, including phone-based apps and passwordless login.

Lastly, CIAM solutions help reduce OPEX costs and deliver a ROI. With self-service identity management embedded into every function, CIAM decreases manual workloads. Moreover, as our culture shifts and we look to reduce face-to-face interactions, digital alternatives must replace traditional ways to validate an identity or delegate authority to third parties, which CIAM can also provide.

Digital to the core

During this time, businesses everywhere should not just be looking to optimise operations in response to the pandemic, but laying the foundation of a digital-first enterprise. Ultimately, getting digital identity right during COVID-19 will not only ensure business continuity, but also set businesses up for success long into the future.

CEO Simon WoodUbisecure

Author: Simon Wood, CEO of Ubisecure