Session at the European Identity & Cloud Conference 2013
May 15, 2013 15:30
KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Session at the European Identity & Cloud Conference 2013
May 15, 2013 15:30
Session at the European Identity & Cloud Conference 2013
May 15, 2013 15:30
Well, thank you very much. It's it's not to, to present today some more insights in what we call the key foundation and the independent trust framework we developed. And that is, this all started in 2005 within ideology. And that's why I started with the slide a saying of Gandhi, as you may know, that we really like to be part of this change. And that's why key is a foundation has not a commercial perspective and is funding actually framework where all parties here in this room can take part of. And it's very nice that that KA and Cole in 2012 already made this statement.
And in, in this same document, they put key on a, on a very nice and introducing actually the, the term life management platforms. And very recently, there's been written a report about key as a product with thanks to Alexa and his team, because this helps enormously to understand what's key all about. And I'm going to tell you a bit, and I mainly give you a very practical example of something which is life today, and to understand globally, what, what key is today.
This are some facts officially founded in 2006 and life since 2010, we, the first reference implementation we did ourselves to explain the world, what is this all about? Because all the theoretics were are very difficult to understand. And actually quite, quite recently, we opened up with a beta version on Firefox only for the first users who want to experiment with, with one of the things you can do with key users as an access manager. And that's a very poor thing, but it's very easy. So for five for users, it's, it's a, it's a nice thing. What were you proud of?
Is that what you see, what I will show you in a minute, it's running for two years and, and has in, in the Netherlands, the Nore price of approved certification, and that's the highest you can get. And guys of the, of baker air, the, the financial party was taken care of, of all of your financial doing in the Netherlands has this same privacy proof certificate. And also the DNA data bank has the, the same cert certificate. So this is quite quite something.
And well, as can see, we had several awards and this helps to bring the ideology on stage, actually in a few lines, is this, what, what key is the, the mission, the vision, and mainly the action because we learn every day by helping people implementing the trust framework. And that, that learns the most. Then you learn in the most fast ways is learning by doing and just doing. So when you look at, at the, the world today, then actually we talked about it.
We we've, we've visualize it like, like this, you see in the top, you see all the existing organizations, the bricks as we call them, they are sometimes a hundred years plus, and you see that we all experienced the same in the year 70, there was this internet protocol, and that was quite something because we started to interact with, with each other and we had nothing to do with it, but the companies were going crazy with all this possibilities and with the speed of information. So there, the information went, the, the, the quality of information went up.
And actually when we, when we think about this whole protocol, then it took us almost 25 years to get to the worldwide web. As we know it today. And actually in this 25 years, this was for the first time that we could look at our data on a distance.
So this, this was quite something, because until that time, we were used to, to have a lot of analog information. And before this time, this was a complete analog world. So this is, this goes very fast. So the discussions today are quite normal because we are in a rollercoaster and there's happening. The law of, of of more is, is doing his work today.
So we, we have to try to keep up with this speed. So what you see here is that actually the whole worldwide web and the, and the apps today are nothing more than a graphical layer on, on your data.
So no, nobody, when you ask people, what is data, are we talking about big data? What does it look like? And you get all kind of different explanations of what data is. But as the way we experience data, we perceive data is, is actually by this graphical layer.
And it's, it's really a graphical layer because it's, it's, it's, it's crazy today. I think that when you have a bank account on a, on a, on a, on a Porwal and you have here another savings account or whatever, we find it quite normal that we have to calculate ourselves. What we have. We are talking about data, you know, when I have a hundred euros here and thousand euros there, we, we have to put it in Excel.
And then, oh, it's 1100 crazy. It's we are living in the age of data, but then we can do anything with data. So when you, when you go to the bank for a loan, you have to, you, you find it quite normal that you go to the Porwal of your employer and you log in username password.
Oh, yes, this is my salary. Okay, wait a moment. I have to remember, I go to the other Porwal I could be from one flower to the other and I type it in. And then here, the organization thinks, okay, this is quite a nice salary. Is this the salary he should like to have? Or is this real? So in this transport, the value of the data is gone because here, when I go here to the Porwal of my employer, and there's 2000 euros, here is salary. This is true. This is a true certified thing.
But when I am the transformer of this attribute or whatever you like to call it, then the value is gone besides the fact that it's crazy that we are going on an analog way with our digital data. So where are we in this picture?
Well, we are here at the end of this push, and this is very logical that it happened because here was that he was, he was, and is still the money to make this happen, this digital evolution, but now almost 50 years later, we are here to be part of this system, but how can we be part of this system? So everybody thinks it's quite normal that we are on this side of the screen and try to keep in touch and keep up with the speed of everything going on in this digital world that we can't.
So you get a lot of trouble with security, but also with people losing track on the financial insights, because things go faster and faster. You get all, all kind of crazy health things here where people even themselves can get access to their own health and their own health data.
So it's, it's a crazy world. And we try to figure out all kinds of solutions, where we take this picture as the starting point of our thinking, and there something goes wrong because all the solutions lead to not solutions. And this is also the case. And this morning, I told you something about it with the existence of what we call social media. This is no social media. This is a social media.
This is, this is, this has nothing to do with social. It has to do with the, the, the technique that, and it, it, and it, you can admire it. 1 billion users.
It's, it's, it's quite an, it's quite something, but it's crazy that, and, and we have no other choice than putting all our stuff into some big data center. And then we think, oh, we can be social. Yeah.
Well, there was a, there was a gap here in what we wanted. We want to be social.
Yes, but we don't want to be the product. And slowly, we start to understand that this is not social what's happening. We should be in the center of our own data, but how can you do that?
Well, you can only do this by creating a paradigm shift. And this paradigm shift is what I show you here. And I show you an example. And this paradigm shift is the visualization of a framework where you are a node in the system. So don't mess this up with some safe or something, because we don't need more data. There's data enough there's data on all kind of places. And they take care about my data, my salary data, as I mentioned, well, a company like ADP, for instance, they have to secure this for seven years. So this is, this is arranged. So why should I need it?
What I need is the access to the data. And when I have the access and I, I, I can choose from my virtual service point, the different accesses, I get a very rich data set on my own place. And then there's happening something very nice because instead of being used to get information, I am the, I'm the one today, crazy to translate back information into data. I have to type in who I am or what I'm earning, and I'm translating it back. So I give data to some knowledge system here. And those knowledge systems, sometimes they call it CRM systems.
Consumer relation management systems are exploding here because we get faster and faster. So is this still true? So we bring this information, this data to the knowledge and what's happening here is that when I have the data, this companies can bring the knowledge to my data. And that's a hundred percent the other way around. So companies can help me with certified apps or certified trust. What environments do reason about my data without knowing anything about me. And this is a crazy thing.
So you can be a hundred percent relevant for your customer or your employer or whatever, without knowing anything this looks or this here's like a miracle, but this is true. And I will give you an example. And this example is based actually on something today we call is one of the implementations.
We did, we did a few implementations already, but one of the implementations we did is, is actually something you can find on the, on the, on the web that that's doors and doors today is, is an application running on the framework using your personal domain. And what doors does today when you use Firefox. But that's only a matter of choice. And time is that doors remembers your passwords. It's just easy thing to let people experience slowly, oh, this is nice and easy. But today we provide people here. We don't market this, but we provide you with doors.
And when you look at doors, then this is not something we should do because we are a foundation working on a framework. And it's the market who Schutze and enable you to get in touch with a personal domain to use an example.
It's a, it's, it's some parts are Dutch and parts are English or help you through this. This is an example of ICS. This is a credit card company, international card services operating in Germany, in Belgium, in the Netherlands. And what you can do there is you can register your domain. So what you and you can, of course, you can ask for the well known credit card. So let's say we go here to the credit card and then we can choose which card do you want.
And actually, as you want to, to have a credit card like this, you, you know, maybe from your own experience that you need to fill in a lot of information. So this is a process they know. And the first thing they asked you is your email address. And what we do is we immediately check the email address in the framework with a routine to your own email address. So when this is correct, then you can go for the next one. And that's your number because they need to know this number. And the number is checked by a code and you fill in the code and then your number is checked.
And then the next page is the regular page of ICS. They want to know everything about you, because otherwise you don't get a credit card. That's what we do today. You can discuss the credit card in itself. I think it's very nice discussion with you because I'm fully on your line, but okay, today they transform. This is a big step already for them. They ask this, all these things they ask, someone's got to make the beginning. It's like this roll of tape somewhere. You have to start pulling and they start pulling this way.
So they ask you everything, your name and, and your, your salary and whatever. So, and what you see here, okay, go one page back is that this is what you fill in and you can change, but this is already checked by the routine in the system. So they are sure that this is your email address, because otherwise you couldn't get on this page. And this is your telephone number, cuz otherwise you couldn't get on the page either. So the next step is more information and more information. You believe it. And at the end of this, you fill in all this information.
When you want to have a credit card today, you fill in this information, nothing new. And that's the nice thing because the next step, the last step ICS today, and all kind of credit card issuers today ask you, okay, create your personal, my ICS space. This goes wrong at the first word. It's not yours. So what you do here is you create your own space. And when you finish this up, you see here, okay, you can look at your own data in your own domain. And what happens then is that you log in to the, the, the webpage now today of, of key.
And you see here that, that they are the issuer actually of your key domain. And your key is, is in this example on the web. And it's connected with trust framework by that extension there in the browser. So there's a connection between the worldwide web and the trust framework. And what you do is you, you just fell in what you just create and security you get and SMS code. It can be anything. It can be all kind of tokens or whatever you want to pull in the, in the, in the system. And the system is in, in this way, it's, it's a framework which is open to things like open idea out.
You, you, you, you name some whatever you want. So in this, in this case, is it it's a for patient as a code. And what you see here is that when I go to this page, I see this data validated by ICS. So what I get in, in European terms, I have here a level one, historic level one, you want identity. And this is not a strong identity because I I'm, I can be here.
Someone, someone completely different than who I really who I really am. But that doesn't matter because as long as I can find myself back for, for some simple services, it's okay. But when I want to have this higher level or use this higher level, then there are happening things I will, I will show you the, the, the thing, what is working today is what, what is here in, in the, in the downside is doors. And when you use doors, then you see here, actually, the, the username and passwords, you don't, you don't experience it yourself. You don't create it here.
You just go on the web and you enter your Twitter account. And the doors asked, oh, well, shall I remember it? And it connects it to your personal virtual space in a encrypted way, of course, but what's happening is, and the need there by matrix.
You see, there's a, there's a message coming in here. And this message tells you, okay, you did request for a credit card.
Well, this is a pending and I can go to my, my wallet here. And I see that, indeed, this is pending. Normally I won't do this because this is a bit silly. But just to show you that there is some communication thing and there is some financial thing, and it's very nice to talk about that kind of movements and what you see here is that again, there is a message. So I go back and I see, Hey, my data is verified by ICS. And this is nice because I get here a level two historic account. And for ICS, it's a normal routine.
So nothing, the matter, the only thing is they gave me back a validated, a higher validated self attributes. And that's very nice. I can view my profile and what you see is, okay, this is validated so I can work with it. And what I can do with it, we experience later, again, a message, right? Messages. And then you see that your card is really available in your wallet. And when I go to my wallet, I see the number of my card and I see everything. Okay. And where does this lead to?
I go back to this page, this page, and this, I have to tell this because last time this went wrong, people, people use doors today. And I said, okay, with this, it's not about this poor man's single sign on thing. It's about key connect. And people thought that they could find in the better version, what I show now. So don't look at this at home because you can find this at home key connect. So what's happening here is that there are companies already who understand what's the benefit of key connect.
And I think there are a few people in, in this room who should I like to discuss with about this mechanism what's happening here is that for instance, shops is, is key connected in this example. And what I can do is I can create an anonymous account at Han it's. It's a retailer. Han is a big retailer. So what I can do with one push of the button, I can create an anonymous account at Han what's happening here. My personal domain creates of identity and makes an account at ahe. Okay. What's the worth of death.
The worth of that is that when I look at my settings, I see here, my account type is anonymous. I see here, the things I will explain you with anonymous means in this case that I can let aha know that I am female. I can out, let know that I'm in the age of 35, 49, and that I have a relation. And this is, this is this. These are validated attributes. And they don't tell anything about my identifying profile. It's just for Han for instance, very important that they know, okay, this lady is older than 18. So we can send this bottle of wine or whiskey.
So you can imagine a lot of things that it's very important to have validated attributes. So here she chooses what to share with all the time. But why does she share this with all time? There is a benefit for her to share this. She can choose for, for sharing personal things. There are situations where you have to share personal things. When you do some business on this way with your bank or insurance company or government or whatever you use the personal thing, but here what's here. This does is she wants a newsletter. This is controlled pool.
So what she does should I like a newsletter and I like it on Friday, 12 o'clock every week. And then you say, okay, how does know where to send the newsletter to ahe? Doesn't need to know because I created a link with absurd identity with ahe, and I give ahe the permission on, on my, to send me a newsletter. So this is completely privacy by design proof. So what you see here, that this is a nice thing for a newsletter, but think about your pension or a payment slip or whatever this is, this is guaranteed digital post or mail as you want.
So the next thing actually is, is also very nice is that we created a sort of environment when companies can help you profiling yourself. This is the other way around, because I will, I will pick this up later. I can select here. And then I go to what's called web choices and then companies help me to create an anonymous account. Okay.
I put, I switch this on and I explain you in one minute, what this looked like, but another important thing, and that's, that's interesting with the, the, the speaker in front of me is that this payment service is, is also a crazy thing today because this is a lot of effort. And I have to try to guarantee that I am the one who I am, and here I am already who I am, but then in the virtual shape. So when I say, okay, I want my payments in my relation with Albert, he handled by ICS. Then you will see what's happening when I have to pay. Okay.
I, I promised you to go back to web choices. Well, web choices is a nice thing because what you can read here builds your profile with the help of brands who respect your privacy. What's happening here. Like for instance, I take an advantage mobility. That's a nice example. Here is done by and WB.
They say, okay, we want to help you. So what we do, oh, sorry. This one. Yeah. What we do is we help you and drag in the right order, how you transport yourself with a bike or buzz or whatever. And how often do you go on holiday in your own country and where do you prefer to sleep on holiday? So tell yourself, so it's, it's Avy bay who has four and half million members in the Netherlands who helps you profiling yourself a bay, doesn't know anything about you.
Now, when you do this, it's only yourself profile. And another example is our hang can help you profiling yourself around food. Do you enjoy cooking? How much time you spend is biological important for you? And well say Ellen says, okay. Yes. I like cooking. And biological is very important for me. Remember this one, she tells herself, okay. Then we go to the website of Han. First thing you see is that a is logged in anonymously. Han also can be an issuer of personal domain. So you can go here and with the help of ICS, you can issue a domain here also. So this is the ecosystem working.
And then the next thing is that I say, okay, wait a moment. When I go here and I am here for the first time I get this message. What the fuck is this, this our hang, can I hand subscribe to your web choices? So this is the world upside down. I hand subscribes to me.
Okay, now we're talking and I can choose, okay. My supermarket profile that is privacy proof certified. And my health profile, I find, and based on this, of course, our time may send me more specialized content or advertisement or whatever we were. We were at a media company a few weeks ago and they, they said, okay, this is crazy because you can help consumers monetize on their own data. Because what they did was a media company.
They, they, you could hire a movie three Euro 99 for a movie. And he said, well, I do what I can do now as a big media company, I can say, you can hire a movie for free and as a return for giving you this movie for free, may I use this set of web choices, which you know, which you start to understand. This is really anonymous, but it's my profile.
So this, this movie guys says, okay, when I may use your wet choices, you can have your video for free. So I monetize on my data, but he said, and of course I'm happy because I can go with this anonymous set of data, to a media agent. And I can show advertisements, which gives me more than 3 99, probably 80 year olds. And you are happy because you have seen the best content and advertising in that five minutes ever. So everybody is happy.
And this, because you respect human values, stop with this cookie shit. This has nothing to do with human values. This is not me. This is my browser, maybe, but it's without respect. And this is respect. I can choose. I can choose to pay 3 99. That's a fair deal because it's a good movie. So when I go back to ahe, I did my thing. Then I go to products. So now you understand why I see biological food, because this is that's me. So I like biological food. So also forhe, this place is worth a lot because I see this and I want this. So the conversion on this kind of content is higher.
So you kinda use this with content, with advertising, with them. And then last bit, not least I'm going to pay. Of course. So I choose some products here. You see here. So I have to push this, this button underneath. And of course, how do I want to pay?
Well, this is your story. So we should talk because yeah, I want to use my wallet. Okay. This one. Yeah. Okay.
Well, payment done. So this is different and this is what I want to explain you. And I can't talk for hours, but Marcel, what I, so, so you built this, this kind of Porwal and you basically bring all this information together. So what I would like to understand how you explain to your users that you are not a bad guy, that you're not basically profiling all these users. Yeah. Because you, you Have all the connections. That's what I, what I show you is, is one thing to, to, to really understand what's what it's all about.
And that's actually, that's, that's, that's this picture because what we are doing here is, is being a foundation, we creating a framework and what we are creating is an ecosystem. And, and what we have to explain in the future is that you, you, for yourself choose your, your, the issuer you are comfortable with, and maybe this is your telco, or maybe this is your retailer, or this is ICS or whatever.
So, and for the rest. And that sounds simple, and that that's real difficult.
It, it is, this is a matter of building the trust. And as we all know, trust comes by feet and goes by, by horse, as a tile wisdom.
Again, one yesterday, we did the whole day tile wisdom. That's very nice. And so this, this, so this, this is a very secure thing. And this morning I was in a meeting with, with doc sales and, and what this is, trust is very sensitive. So how do I convince the, the consumer by communication? This is communication, and this is proof and, and more proof. And what we do today to be, to, to show this, this green area is all key today.
Well, not completely, but, and, and the, the next step for us is, is, is this step to make, to get this out of our hands, because what we are, what we, today, we are funded completely independent by ministry of economical affairs. I have the luck that I sold a former company and got a lot of money and could start. And there are a lot of bond holders without legal connections, helping this movement, that our companies. And so we, we don't do projects. We do ask people to fund in the foundation, and then we do a project together. So this is our way of working.
And the nice thing is for this bond holders, when we make a new legal structure by selling parts of what we created to, to telcos or service providers, or whatever, that, that creates a chance for, for people investing here to be stakeholder here. And then the model is around because when you're stakeholder here, this stakeholder has to, has to comply to the, to the rules and regulations. So this is a slow process of, of going, Okay, just one more question.
And then I would like to ask you to just have a short break and then come back and then we can continue the discussion, because I'm pretty sure that some of you would like to have a drink or refresh. Just a quick question. What I think should be one of the functionalities of life management platform is to reuse data. Yeah. So that's why thought your, your examples very good with filling informs. So maybe the next hour, I also like to apply for MasterCard. So am I the master master? Yeah. Do I have the record of the data I sent to visa and adjust the button? Sure.
This was completely completely because this was the first time. So we come from the old world to go to the new one, but then from that time on, I have a link with my data it's and it's validated. So the next time I can give another party connected in the framework. I can give validated attributes, so I don't have to fill in. So next time, when I go to the, to the bank, which is connected, I give my salary and they know it's true, and I can choose, do I want to get an offer of them anonymously?
Then my salary attribute is only the, the amount without me, so I can have a very good offer without making myself known. I can.
It's it's, it's like key is actually, it's all about how should you do it in the real world? And, well, let's, let's the technique and, and innovation power can facilitate this in the digital world.
And again, we, we, we are not inventing a product. We are trying to inspire you with a movement and we need all your help because otherwise it won't fly.
And we, we are lucky because we have a lot of first movers as we call it. And we, we cannot talk about everything because some people want to, to adjust and to test and to whatever fine, but they understand that respecting an individual and empowering an individual is the start of a new era in digital, in the digital world.