Each episode features an in-depth conversation with a digital identity leader, focusing on industry hot topics and stories. Join Oscar Santolalla and his special guests as they discuss what’s current and what’s next for digital identity. Produced by Ubisecure.
Helsinki, Finland
Let's talk about digital identity with Craig Ramsay, Senior Solutions Architect at Omada. What is Identity Governance and Why is it important? Craig Ramsay, Senior Solutions Architect at Omada joins Oscar to explore all things Identity Governance including – the role of Identity Governance in compliance with regulations and standards, how it affects security and risk management for organisation, alongside some real-world examples of Identity Governance in use. [Transcript below] "We're still trying to shake off the thing that - security is a barrier to efficiency. There's an old adage that ‘efficiency is insecure, but security is inefficient'. But I don't think that's true anymore." Craig Ramsay, Senior Solution Architect at Omada, from Edinburgh, Scotland. I have worked at Omada for 3 years and have previously worked at RSA Security and different financial services organisations in the UK within their Identity functions. Outside of work my main interests are hiking and travelling. Connect with Craig on LinkedIn. We'll be continuing this conversation on LinkedIn using #LTADI – join us @ubisecure! Go to @Ubisecure on YouTube to watch the video transcript for episode 102. Podcast transcript Oscar Santolalla: This week I am joined by Craig Ramsay from Omada, here to discuss the importance of identity governance and how it is helping to solve problems in real-world. Stay tuned to find out more. Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar. Oscar: Hello, for today's episode about Identity Governance and Administration, mostly known as IGA, we have invited a super interesting guest who is Craig Ramsay. He is a Senior Solution Architect at Omada. He's from Edinburgh, Scotland. He has worked for Omada for three years and has previously worked at RSA Security and different financial services organisations in the United Kingdom within their identity functions. Outside of work, Craig's main interests are hiking and travelling. Hello, Craig. Craig Ramsay: Hey, Oscar. How are you doing? Oscar: Very good. Nice talking with you. Craig: Thank you, you too. Oscar: So, let's talk about digital identity. As usual, we want to hear more about our guests. Please tell us about yourself and your journey to this world of identity. Craig: Sure. So, I mean, thank you for the introduction. And I guess, in terms of my journey into identity, it was a little bit by fluke rather than by design. I studied Computer Science and when I graduated, I joined an operational IT graduate scheme. They had recently started a new IAM project, because I think back in 2008, identity and access management, identity governance wasn't as mature as it is now. It was still kind of seen as an operational IT project rather than an information security principle. So, the drivers there were more about the efficiency, automated provisioning and stuff. But yeah, they were looking for a graduate on that project. That was me. And apart from a few years where I decided to try what it was like being a policeman, I have worked in identity ever since either for, as you said, financial services organisations doing the work at the coalface or for vendors, either in project delivery or, and you know pre-sales in my solution architect role. Oscar: Excellent. So, let's go first with the basics. We have not talked about IGA yet in this podcast, have not focused on that. So, tell us, what is that? What is Identity Governance and Administration, IGA? What is important? Craig: Sure. So, I mean, identity governance, when you focus on it, at its core, it's a solution that will ensure the right individuals have the right access for the right reasons at the right time in your organisation. So, it's protecting the authorisations or the resource assignments within your organisation. And that's often policy-driven to ensure that all of, and I think the important distinction here when we talk...
Let's talk about digital identity with Jesse Kurtto, DPO and Data Scientist at Ubisecure. Is now the right time to invest into Identity and Access Management (IAM)? Join us for episode 101, as Oscar is exploring why now is the right time to invest into IAM with Jesse Kurtto, DPO and Data Scientist at Ubisecure – as they delve into the current economic situation and some of the key factors of investing into identity management. [Transcript below] "Digitalisation is ongoing, it's accelerating, it's unstoppable." Known as the guy who shortened the world and lived to tell the tale, Jesse's career is gradually arching from the Wild West world of finance to his current position as the DPO and Data Scientist at Ubisecure. Learning to program before learning to read Finnish and visiting 25 countries before 25, he's no stranger in exploring uncharted waters and discovering connections that others might miss. Surrounded by a delicate balance of the latest technology and dozens of carefully tended houseplants, his secret hobby is putting the hiking boots and RPGs aside for a moment in order to write to his beloved snail mail friends across the world. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Go to @Ubisecure on YouTube to watch the video transcript for episode 101. Podcast transcript Oscar: Is this the right time to invest in Identity and Access Management? This week Jesse Kurtto from Ubisecure has joined us to answer this question and discuss the current economic situation. Stay tuned to find out more. Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar: Today's guest is Jesse Kurtto. Jesse's career has gradually arched from the Wild West world of finance, to his current position as a Data Protection Officer and Data Scientist at Ubisecure. Learning Program before learning to read Finnish and visiting 25 countries before 25. He is no stranger to exploring unchartered waters and discovering connections that others might miss. Surrounded by a delicate balance of the latest technology and dozens of carefully tended houseplants, his secret hobby is writing to his beloved snail mail friends across the world. Welcome Jesse. Jesse: Thank you for the invite, Oscar. Nice to be here. Oscar: Great having you, Jesse, definitely. We're going to have a super interesting conversation about the market in Digital Identity and Identity and Access Management. First of all, we always want to hear more about our guests. So please tell us a bit about yourself and your journey to the world of digital identity. Jesse: All right. So, like many or even most of us in the digital identity field, I actually never really actively sought to be a specialist, IAM specialist, on purpose. And my personal background is actually nothing technology even, but in finance and investing more specifically. So, a chance encounter and I liked the people who interviewed me and decided to stay for a while, and that while has been over seven years now. And I'm still learning something new every day, checking out how we really the world of digital identity like and frankly haven't ever regretted decision. No two days have really been the same and the field continues to evolve and develop quite a bit every year. Oscar: Yeah, excellent and definitely hearing at Ubisecure, we definitely appreciate having this – well call it, like a blend of knowledge - the financial market, not lesser than what you bring with the security and digital identity knowledge, very practical knowledge you also had. So, it's always super interesting having those conversation with you. And for the first time here on the podcast, we are going to have that, a bit more financial touch on that - What is coming, especially in this well this year, and I think also the years to come. The previous year and the year to come I think,
Let's talk about digital identity with Heather Flanagan, Principal at Spherical Cow Consulting and David Birch, Principal at 15 Mb, author, advisor and commentator on digital financial services. This is the 100th episode of Let's Talk about Digital Identity – in this special episode two of our most popular guests, Heather Flanagan and David Birch, rejoined the podcast to explore what is exciting them in passwordless, identity wallets and digital money. [Transcript below] "Passwords have got to go. As we're moving to passkeys, I think there's always room for improvement on - even on them. If nothing else, focusing a little bit more on the user experience so that people will have a better understanding of what this means." Heather Flanagan, Principal at Spherical Cow Consulting and choreographer for Identity Flash Mob, comes from a position that the Internet is led by people, powered by words, and inspired by technology. She has been involved in leadership roles with some of the most technical, volunteer-driven organisations on the Internet, including IDPro as Principal Editor, the IETF, the IAB, and the IRTF as RFC Series Editor, ICANN as Technical Writer, and REFEDS as Coordinator, just to name a few. If there is work going on to develop new Internet standards, or discussions around the future of digital identity, she is interested in engaging in that work. Listen Episode 74, where Heather discusses Making Identity Easy for Everyone or connect with Heather on LinkedIn. “The thing that's broken in digital money at the moment, is identity, not the payment bit.” David G.W Birch is an author, advisor and commentator on digital financial services. Principal at 15Mb, his advisory company, he is Global Ambassador for the secure electronic transactions consultancy, Consult Hyperion, Fintech Ambassador for Digital Jersey and Non-Executive Chair at Digiseq Ltd. He is an internationally-recognised thought leader in digital identity and digital money. Ranked one of the top 100 fintech influencers for 2021, previously named one of the global top 15 favourite sources of business information by Wired magazine and one of the top ten most influential voices in banking by Financial Brand, he created one of the top 25 “must read” financial IT blogs and was found by PR Daily to be one of the top ten Twitter accounts followed by innovators (along with Bill Gates and Richard Branson). His latest book “The Currency Cold War—Cash and Cryptography, Hash Rates and Hegemony” (published in May 2020) “paints a fascinating and stimulating picture of the future of the world of digital payments and its possible impact on the wider global and economic orders” – Philip Middleton, OMFIF Digital Monetary Institute. His previous book “Before Babylon, Beyond Bitcoin: From money we understand to money that understands us” was published in June 2017 with a foreword by Andrew Haldane, Chief Economist at the Bank of England. The LSE Review of Books said the book should be “widely read by graduate students of finance, financial law and related topics as well as policy makers involved in financial regulation”. The London Review of Books called his earlier book “Identity is the New Money” fresh, original, wide-ranging and “the best book on general issues around new forms of money”. More information is available at dgwbirch.com and you can follow him @dgwbirch on X. Listen to Episode 75 with David discussing Digital Currencies or connect with David on LinkedIn. We'll be continuing this conversation on X using #LTADI – join us @ubisecure! Go to @Ubisecure on YouTube to watch the video transcript for episode 100. Podcast transcript Oscar Santolalla: This is episode number 100 of Let's Talk About Digital Identity. And for this special occasion, we have invited back Heather Flanagan, and David Birch. Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla.
Let's talk about digital identity with Gautam Hazari, mobile identity guru, technology enthusiast, AI expert and futurist & is the CTO of Sekura.id. Join this episode of Let's Talk About Digital Identity where Gautam Hazari, mobile identity guru, technology enthusiast, AI expert and futurist & is the CTO of Sekura.id joins Oscar to discuss the missing identity layer of the internet. Gautam shares details about what the missing identity layer is, more about mobile networks as well as discussing Gautam's TEDx talk. [Transcript below] "Internet did not have that identity layer. So what did we do? We created a trust-less model." Gautam Hazari is a mobile identity guru, technology enthusiast, AI expert and futurist & is the CTO of Sekura.id, the global leader in mobile identity services. He led the implementation of the mobile identity initiative – Mobile Connect - for around 60 mobile operators across 30 countries. Gautam had also been an advisor to start-ups in digital identity, healthcare, Internet of Things and Fraud and Security management. He is a thought leader for digital identity, advocating solving the identity crisis in the digital world and speaking on making the digital world a safer place. If you ask Gautam, “What is the best password?” you'll always get the same answer: “The best password is no password”. Connect with Gautam on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Go to @Ubisecure on YouTube to watch the video transcript for episode 99. Podcast transcript Oscar Santolalla: On this episode of Let's Talk About Digital Identity we are joined by Gautam Hazari, from Sekura.ID as we discuss what is the missing Identity layer of the Internet. Stay tuned to find out more. Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar: Hello and thank you for joining us, a new episode of Let's Talk About Digital Identity. Today's guest is Gautam Hazari. He is a mobile identity guru, a technology enthusiast, artificial intelligence expert and futurist. And he is the CTO of Sekura.id, the global leader in mobile identity services. Gautam led the implementation of the mobile identity initiative Mobile Connect for around 60 mobile operators across 30 countries. He has also been an advisor to startups in Digital Identity, healthcare, the Internet of Things and fraud and security management. Hello, Gautam. Gautam Hazari: Hi, Oscar. How are you? Oscar: Very good, happy to have you here in the show. Gautam: My pleasure. Thanks. Oscar: It's going to be super interesting. Now, we are focusing on mobile - mobile initiatives, like the one you are working with, can help us to solve the identity problems we usually discuss in this show. First of all, I would like to hear a bit more about yourself. So, if you can tell us your journey to this world of digital identity. Gautam: Sure. Thanks, Oscar. I have been in the identity space for quite some time now. And it started in the telecom world and that's why I talk about mobile identity a lot. So I spent many years of my life in the telecom, so I worked with the Vodafone group for nearly 14, 15 years. What I realised is that there is one thing that the mobile operators have done quite efficiently is solving what I call the identity crisis of the internet. I started to talk about it quite passionately in different forms. And in 2013, end of 2013, GSMA approached me. GSMA as you know is the GSM Association which is the trade organisation for the mobile operators. So the GSMA board was discussing that there were some assets within the mobile operators which can actually help in solving the identity crisis in the internet. Then they approached me that, “Hey, you were talking about this identity thing for quite some time, do you want to come and join?” And that's when I joined GSMA to do the initiative for mobile operators to solve the ...
Let's talk about digital identity with Russ Cohn, the (Go-To-Market) for IDVerse. In episode 98, Russ Cohn the Go-To-Marketing for IDVerse joins Oscar to explore Generative AI within Identity Verification - including what is generative AI and deepfakes, why deepfakes are a threat for consumers and businesses, and some of the biggest pain points in the identity industry and how generative AI can support this. [Transcript below] "It's very important that we understand these threats and start to mitigate and create ways of helping to support and stop these practices." Russ Cohn is the (Go-To-Market) for IDVerse, which provides online identity verification technology for businesses in the digital economy. Russ has spent more than 20 years scaling businesses of all sizes by delivering successful growth strategies across the UK, EMEA & US markets within fast-paced and high-growth online media, fraud, identity, SaaS, e-commerce, and data-driven technology solutions. His strong tech knowledge is coupled with deep operational and commercial experience building teams within SaaS, advertising and marketing technology-driven revenue models. Russ was previously a key early member of the Google UK leadership team who grew the team from 25 to 3,000 people and the revenue from £10m to £1billion during his tenure. He brings deep experience supporting international technology companies and has a passion for marketing development, startup growth and technology solutions. IDVerse empowers true identity globally. Our Zero Bias AI™ tested technology pioneered the use of generative AI to train deep neural network systems to protect against discrimination. Our fully-automated solution verifies users in seconds with just their face and smartphone—in over 220 countries and territories with any official ID document. Connect with Russ on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Go to @Ubisecure on YouTube to watch the video transcript for episode 98. Podcast transcript What is generative AI? This week Russ Cohn, from IDVerse has joined us to discuss generative AI and deepfakes and the threat this imposes on businesses and consumers for their digital identities. Stay tuned to find out more. Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thank you for joining a new episode of Let's Talk About Digital Identity. Artificial Intelligence, in particular, Generative Artificial Intelligence is a topic that has been, I believe on most of our radars in the last 12 months, particularly. And there are amazing things going on. But also, we know that the bad guys are also using those tools. And one of those is related to deepfakes that are being used to cheat the identity verification system having existing until now. So, to see how we are going to solve those problems in identity verification, these newer problems, we have a special guest today who is Russ Cohn. He is the go-to market for IDVerse, a company which provides online identification technology for businesses in the digital economy. Russ has spent more than 20 years scaling businesses of all sizes by delivering successful growth strategies across the UK, EMEA, and US markets, within fast-paced and high-growth online media, fraud, identity, SaaS, e-commerce, and data-driven technology solutions. His strong tech knowledge is coupled with deep operational and commercial experience building things with SaaS, advertising and marketing technology driven revenue models. Hello, Russ. Russ Cohn: Hello, Oscar. How are you? Oscar: Very good. Happy to have you here. Russ: Thank you. Very glad to be here. Oscar: Fantastic. It's great to have you here. And we'll talk about the deepfakes and how the newest practices in identity verification are solving these problems. So, let's start, let's talk about digital identity,
Let's talk about digital identity with Riley Hughes, Cofounder and CEO at Trinsic. This week, Oscar is joined by Riley Hughes, Cofounder and CEO at Trinsic and host of the Future of Identity podcast. They delve into Verifiable Credentials, including what verifiable credentials are, some examples and success stories of how these are being used and implemented, the connections between verifiable credentials and wallets and whether verifiable credentials will become interoperable. [Transcript below] "It seems like the future of identity will be much better than it is today." Riley Hughes is CEO and Co-founder of Trinsic, a reusable identity infrastructure provider. As a leader in the decentralized identity community, Riley has pioneered efforts on making emerging, privacy-preserving technologies such as identity wallets and verifiable credentials adoptable to the masses. He began his career in the decentralized identity space as the second employee hired at the Sovrin Foundation where he established and led several teams. Connect with Riley on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Go to @Ubisecure on YouTube to watch the video transcript for episode 97. Podcast transcript Oscar Santolalla: This week we are discussing verifiable credentials. I am joined by Riley Hughes, the host of The Future of Identity Podcast, to explore some of the most recent success stories of verifiable credentials and how we can work to improve adoption moving forward. Stay tuned to find out more. Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Hello, and thank you for joining a new episode over Let's Talk About Digital Identity. One term that has been in our radar for the last - I would say four or five years has been verifiable credentials. Which I will say personally, I'm feeling that is becoming in the last one, two years pretty crystallised. And we have not talked too much about this lately, so I have a very special guest who has a lot of insight - what's going on worldwide about verifiable credentials. Our guest today is Riley Hughes. He is the CEO and Co-founder of Trinsic, a reusable identity infrastructure provider. As a leader in the decentralised identity community, Riley has pioneered efforts on making emerging privacy preserving technologies - such as identity wallets and verifiable credentials - adoptable to the masses. He began his career in the decentralised identity space as the second employee hired at the Sovrin Foundation, where he established and led several teams. Hello, Riley. Riley Hughes: Hi, Oscar. Great to be here. Oscar: It's great to have this conversation with you. So very welcome. And let's talk about digital identity. And as usual, I want to hear more about our guests. So, if you can tell us about yourself, and especially your journey to this world of identity. Riley: Happy to do so. I am very fortunate to have totally fallen into this amazing industry. And it happened because while I was at college, I was seeing all those smart people around me going and getting jobs at elite places, you know, investment banks and management consulting firms, and so forth. And I thought that I wanted to kind of differentiate my resume enough that I could, maybe I could get an interview as well at one of these places. So, I thought, “What is the most, kind of, off the wall internship that I could get that would differentiate me from all of my peers?” And I ended up getting a job at the Sovrin Foundation, as you mentioned. Sovrin at that time was very early. I was, as mentioned, the second employee hired, and it was kind of a blockchain meets identity meets nonprofit, you know, meets early employee kind of a role. And so, it, sort of, fit my criteria for differentiating my resume. But it was also just really, really exciting to be part of an early organisation.
Let's talk about digital identity with Drummond Reed, Director of Trust Services at Gen and Andy Tobin, Commercial Director, Europe at Gen. In this series opener of Season 5, Drummond Reed and Andy Tobin join Oscar to explore vLEIs and Self Sovereign Identity (SSI). They explore what LEIs and vLEIs are, how SSI principles are used within vLEIs, the benefits of vLEIs, which sectors and industries will benefit the most, and some use cases of where the vLEI has been leveraged. [Transcript below] “If LEIs were digitised in a way that could be instantly verifiable, it could transform company onboarding.” Drummond has spent a quarter-century in Internet identity, security, privacy, and trust infrastructure. He is Director, Trust Services at Gen, previous Avast after their acquisition of Evernym, where he was Chief Trust Officer. He is co-author of the book, ‘Self-Sovereign Identity' (Manning Publications, 2021) and co-editor of the W3C Decentralized Identifiers (DID) 1.0 specification. At the Trust Over IP Foundation, Drummond is a member of the Steering Committee and co-chair of the Governance Stack Working Group and the Concepts and Terminology Working Group. At the Sovrin Foundation, he served as co-chair of the Sovrin Governance Framework Working Group for five years. From 2005-2015 he was co-chair of the OASIS XDI Technical Committee, a semantic data interchange protocol that implements Privacy by Design. Drummond also served as Executive Director for two industry foundations: the Information Card Foundation and the Open Identity Exchange, and as a founding board member of the OpenID Foundation, ISTPA, XDI.org, and Identity Commons. In 2002 he received the Digital Identity Pioneer Award from Digital ID World, and in 2013 he was cited as an OASIS Distinguished Contributor. Connect with Drummond on LinkedIn. Andy Tobin leads European and eIDAS strategy for Gen's Digital Trust Services business. He is one of the pioneers of self-sovereign identity and helped to establish Evernym as the world leader in this field. He is a well-known public speaker and writer on the topic of digital identity and has delivered some of the largest SSI projects to date. His career has spanned the three rapidly converging sectors of identity, mobile and payments. He has written code to control cash machines, built the world's first mCommerce server, run a £1.2bn mobile messaging network and been CTO for Europe's first fully mobile bank. He is a passionate technology strategist who believes that the identity ecosystem and the personal information economy is poised for massive change, enabled by the capabilities being built right now by Avast. Connect with Andy on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Go to @Ubisecure on YouTube to watch the video transcript for episode 96. Podcast transcript Oscar Santolalla: Welcome back to Season 5 of the Let's Talk about Digital Identity podcast. In this series opener I am joined by Drummond Reed and Andy Tobin, from Gen Digital, joining us to delve into vLEIs and Self-Sovereign Identity (SSI). Stay tuned to find out more. Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar: Today, we are very happy to have two expert guests, Drummond and Andy. And today, we are going to discuss vLEIs and what is the connection with self-sovereign identity. First of all, we have Drummond Reed. He is Director of Trust Services at Gen, previously Avast after their acquisition of Evernym, where he was the Chief Trust Officer. He is co-author of the book Self-Sovereign Identity, published by Manning Publication in 2021. And he's co-editor of the W3C Decentralised Identifiers, DID 1.0 Specification. At the Trust Over IP Foundation, Drummond is a member of the steering committee and co-chair of the Governance Stack Working Group and the Concepts and Terminology Working Gro...
Let's talk about digital identity with Elizabeth Garber and Mark Haine, co-editors of the Global Assured Identity Network paper. In episode 95, Elizabeth Garber and Mark Haine, who were editors on the Global Assured Identity Network (GAIN) paper, join Oscar to share the latest updates for GAIN, including recapping what GAIN is, the challenges that have been faced, alongside successful case studies and what developments we can expect to see for the future of GAIN. [Transcript below] "It's all interconnected with standards development and has a really big impact on how identity systems will work, interoperable, in years to come." You'll remember Elizabeth Garber, who was one of the lead editors of the GAIN paper - we interviewed her in episode 52 (back in October 2021). Elizabeth has a long background in Customer Strategy and Product Management. She has also led the Open Digital Trust Initiative at the Institute of International Finance and co-chairs the OpenID Foundation's GAIN technical proof-of-concept, which strives to create globally interoperable networks for exchanging high-assurance identity information. Since we last interviewed her, she co-founded IDPartner, a venture-backed startup that puts people in control of their digital identities. It will be a key player in any Global Assured Identity Network (GAIN) as interoperable networks begin to flourish. Elizabeth and Mark recently published a draft paper for the OpenID Foundation called “Human-Centric Design: a primer for government officials” which is all about how to design identity systems to sustain and promote human rights. It is open for public comment - and may feature on a future episode. You can find it on the OpenID Foundation website and blog, openid.net. Connect with Elizabeth on LinkedIn. Mark is an engineer and entrepreneur who has focussed his career on building solutions that enable business and mitigate risk in financial services. Through Considrd.Consulting Ltd. Mark and his team are providing strategic security consultancy to a range of clients. He has also taken on a leadership role in the OpenID Foundation as Co-Chair of the eKYC & Identity Assurance Working Group and is a co-author of OpenID Connect for Identity Assurance specification. Mark also is a board member of the Open Identity Exchange. Connect with Mark on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Go to @Ubisecure on YouTube to watch the video transcript for episode 95. Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello, everyone. You will remember Elizabeth Garber, who was one of the lead editors of the GAIN paper. We interviewed her in episode 52, late in 2021. Elizabeth has a long background in customer strategy and product management. She has also led the Open Digital Trust Initiative at the Institute of International Finance, and she co-chairs the OpenID Foundation's GAIN technical proof-of-concept. Since we last interviewed her, she co-founded IDPartner, a venture backed Start-Up that puts people in control of their digital identities. This will be a key player in any global assure identity network, as interoperable networks are beginning to flourish. We have a second guest. Our second guest today is Mark Haine. He is an engineer and entrepreneur who has focussed his career on building solutions that enable business and mitigate the risk in financial services through Considrd.Consulting Ltd. Mark and his team are providing strategic security consultancy to a range of clients. He has also taken on a leadership role on the OpenID Foundation as co-chair of the eKYC and Identity Assurance Working Group and is co-author of OpenID Connect for Identity Assurance Specification. Mark also is a board member of the Open Identity Exchange. Elizabeth and Mark recently published a draft pape...
Let's talk about digital identity with Keith Uber, VP Customer Success at Ubisecure. In episode 94, Keith joins Oscar to delve into Single Sign-On (SSO) best practises and how organisations can implement SSO – including technical aspects, how it used in practise and the advantages of SSO. [Transcript below] "The best type of single sign-on is where the user doesn't notice it." Keith is VP Customer Success at Ubisecure. As an Identity and Access Management product expert, he leads the Sales Engineering team and is involved in many stages in the planning and design of demanding customer implementation projects. Keith is active in various industry organisations and has a keen interest particularly in government mandated digital identity systems. He holds a bachelor's degree in I.T. and a master's degree in Economics, specialising in software business. Check out Keith's SSO video series. Connect with Keith on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Go to @Ubisecure on YouTube to watch the video transcript for episode 94. Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thank you for joining a new episode of Let's Talk About Digital Identity. Single Sign-On is one thing that, today we take it for granted. So, it's even hard for us to remember when was the first time we have used it. Today, we'll go a bit deeper into that and in which direction Single Sign-On is going. And for that we have a special guest, who is Keith Uber, VP at Ubisecure. Hello, Keith. Keith Uber: Hi, Oscar. Oscar: Thank you for joining us for the second time. So, you have been – two years ago. Two years ago, you've been here before talking about mergers and acquisitions. So happy to have you back here. Keith: It's a pleasure. Thank you for the invite to come back. Oscar: Yeah, nice to have you, Keith. And we'd like to hit a few things about yourself. So, you can tell us about your journey to the world of digital identity. Keith: Yeah. So, my entry into the world of identity probably began around the year 2000 when I had just moved to Finland from Australia. I was working for telco provider, who was in the – around the dot-com boom era had been acquiring lots of small businesses. Lots of startups, they had their own projects and all of these have many different types of identity systems and lobbying systems. And my introduction to that process was – my job was to evaluate different solutions to their problem and ultimately, take part in a commercial pilot to implement a product to solve that problem. Oscar: Excellent. And I already can imagine that a single sign-on had some role on that. Just guessing that yes, single sign-on is something that. I was really trying to remember when was the first time that I used it and it's quite difficult. Because it has been coming in different, in different flavours I would say. Probably the first time I used was in one of my first jobs when, you know, you go to the office - people used to go to the office every day, and today is not, not for everyone at least. And then you sit down, and you login to your computer. You login to the domain and then suddenly, you can access some of the internal applications without logging in again. So that is one of the ways. And then later it came, what we see more often today is the web single sign-on, right? So, several applications. So, in order to start with the basics, how you define single sign-on in a nutshell? Keith: Yeah. Single Sign-On is maybe a more technical term that the industry understands. But for the end users, they don't really understand what the single sign-on means. But they do understand that they don't want to have to sign in again and again to different parts of the same website or different sections of the same company.
Let's talk about digital identity with Kalev Pihl, CEO of SK ID Solutions. In episode 93, Oscar is joined by Kalev Pihl, to answer ‘What are the cultural aspects of digital identity?' They delve into the role of culture in shaping digital identity and how digital identity is being treated as a detached technology, without considering cultural differences. Alongside discussing the challenges in recognising these cultural aspects, as well as sharing some of the solutions at have successfully prioritised the human aspects of digital identity. [Transcript below] "We have to be designing mindfully those digital identity solutions for a specific culture, and I think that this is a value in the world." Kalev has worked with digital identity over 25 years. Started with the topic in governmental side preparing Estonia for electronic identity on national identity card. Has since worked in financial sector and in Microsoft. Last 15 years he has been CEO of SK ID Solutions – trust service provider that serves digital identities in Estonia, Latvia and Lithuania. Connect with Kalev on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Go to @Ubisecure on YouTube to watch the video transcript for episode 93. Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thank you for joining a new episode over Let's Talk About Digital Identity. What are the cultural aspects of digital identity? So that's definitely a good question and very relevant questions and this is one of the questions that our guest today is going to answer. Our guest today is Kalev Pihl. He has worked with digital identity over 25 years. He started with a topic in governmental side, preparing Estonia for electronic identity, or national identity cards. Since then, Kalev has worked in the financial sector and in Microsoft. During the last 15 years, he has been the CEO of SK ID Solutions, a trust service provider that serves digital identities in Estonia, Latvia, and Lithuania. Hello, Kalev. Kalev Pihl: Hi, Oscar. Oscar: It's nice talking with you, Kalev. Kalev: It's been a while. Oscar: Yes, Kalev. So, let's talk about digital identity. And the first thing we want to hear from our guest is something about yourself and especially your journey to this world of digital identity. Kalev: I think of the journey to digital identity for me went through this very physical, governmentally controlled national identity. So that was my starting point. And I guess that's where I'm a bit stuck with my mindset as well, sometimes. And this is my limit. But that's how it started. So, it started from the idea that in the world of physical human beings. Governments tend to have this role in society to name, number and identify the residents, they treat as their residents of the country, we are speaking about. And whilst we have probably different other nicknames in different other societies. And somehow, globally, these governmental-issued identities have become the norm of; How do we know each other across the world. How do we identify the people whom we don't know beforehand. So, I think from that angle, I've stuck with the idea that governments have the role of naming and identifying who we are. Oscar: Yeah, indeed. I think it's – I mean, in my view, probably in the constitution in most countries, I'm not a lawyer, but I'm sure it's written in some of the laws. So that's one of the functions of the government. And yeah, and that has been translated in our very, let's say, not very recent time. But talking, especially in the last maybe 20 years that we have such digital identifications, like Estonia is pioneering and in a few other countries as well. It's pretty digital, pretty well-established. Kalev: Yeah. I think that the – for the beginning of any country or state in the physical world,...
Let's talk about digital identity with Joni Brennan, President of the Digital ID & Authentication Council of Canada (DIACC). In episode 92 Joni Brennan joins Oscar to discuss how the Digital ID & Authentication Council of Canada (DIACC) are working to close the digital identity public trust gap – including the key findings from the DIACC's 2022 research and how this can inform future policies, the issues with poorly designed solutions and the importance of balancing accessibility and ease with privacy and security within these solutions. As well as discussing how education and awareness can help bridge the gaps and what can be done within governance and policy to support digital identities, transparency and data control. [Transcript below] "So, I think this is a call to action for us to continue to work together to provide people with the option so that they can do what they need to do in a safe and secure way." Joni Brennan is President of the Digital ID & Authentication Council of Canada (DIACC). Building on 15+ years of experience in Identity Access Management innovation, adoption, and industry standards development. Joni helps the DIACC to fulfil its vision delivering the resources needed to establish a digital identity ecosystem that accelerates the digital economy, grows Canada's GDP and benefits all Canadians. Joni builds diplomatic and impactful relationships and formalises strategic partnerships. She has participated in influential committees from organisations including: SCC Data Governance Initiative, OECD ITAC, ISOC, IEEE, OASIS, ISO, and ITU-T. Before joining DIACC Joni was Kantara Initiative's Executive Director driving programs for business, legal, and technology interoperability to connect entities and individuals in a more trustworthy environment. Joni lead Kantara Initiative as the United States premiere trust framework provider. Delivering value to multiple industry sectors. She helped to ensure that the Kantara Initiative program is aligned with multiple eGovernment strategies. From economic regions including: Canada, New Zealand, Sweden, and the United Kingdom. Joni Brennan previously served as the first-ever IEEE-SA Technology Evangelist for Internet Identity and Trust. Focusing on issues of governance, policy, and technology development that touch digital Identity, personally identifiable information, and trust services. When not connecting the digital identity world for the better Joni can be found skiing in beautiful British Columbia, Canada. She can also be found playing flute or synthesizers in future thinking musical collaborations. Connect with Joni on LinkedIn. Find out more about DIACC at diacc.ca or follow it on Twitter @mydiacc or on LinkedIn. Take a look at the Canadian Digital Identity Research 2022 Document, in English or French. Joni first joined Let's Talk About Digital Identity podcast in Season 1 Episode 6. Why not take a listen to the episode on Building Canada's Digital Identity Future. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Go to @Ubisecure on YouTube to watch the video transcript for episode 92. Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thank you for joining us on new episode of Let's Talk About Digital Identity and I'm super happy to bring a former guest back, she is joining for the second time. One reason is that there has been released, super interesting results on her research. Especially in a vast country like Canada. So, our guest today is Joni Brennan. She is the president of the Digital I.D. and Authentication Council of Canada, DIACC. Building on more than 15 years of experience in identity and access management, innovation adoption and industry standards development. Joni helps the DIACC to fulfil its vision by delivering the resources needed to establish a digital id...
Let's talk about digital identity with Michelle Beyo, CEO and Founder of FINAVATOR. In episode 91, Oscar is joined by Michelle Beyo, CEO and Founder of FINAVATOR. They discuss how Opening Banking and Open Finance is facilitating the future of finance and the role digital identity has within this. Join Michelle and Oscar as they explore what open banking and open finance are, benefits and potential privacy issues. Alongside sharing success stories from around the world and what we can except to see in the future. [Transcript below] "Open finance layered in with a digital identity can truly help us plan better, execute, have better offerings, save money, and be able to plan better for our future." Michelle Beyo is the CEO & founder of FINAVATOR, an award-winning Payments and Future of Finance Consultancy. She is also a strategic advisor to FinTechs, a Money 20/20 Rise Up alumni, a Global Council Member of Women in Payments, the Membership Chair at Canadian Prepaid Providers Organization, a Payment Advisor at National Crowdfunding and FinTech Association of Canada, and a Board Member at Open Banking Initiative Canada. Michelle started FINAVATOR as she is passionate about payments and financial inclusion. She has 20 years of extensive industry experience driving innovation across the retail and payments industry. Michelle Beyo was named the “Top 30 Best CEOs of 2021” by The Silicon Valley Review and FINAVATOR was awarded "Most Influential Leader in FinTech Consulting - Canada" in 2020. Find out more about FINAVATOR at www.finavator.com or Michelle Beyo at www.michellebeyo.com. Connect with Michelle and FINAVATOR on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Go to our YouTube to watch the video transcript for this episode. Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thank you for joining a new episode of Let's Talk About Digital Identity. And today, we'll hear some new ideas about open finance, open banking and definitely a bit more. For that, we have our special guest today who is Michelle Beyo. She is the CEO and Founder of FINAVATOR, an award-winning payments and future of finance consultancy. She's also a strategic adviser to FinTech's, a Money 20/20 Rise Up alumni, a Global Council Member of Women in Payments, the Membership Chair at Canadian Prepaid Providers Organisation, a Payment Advisor at the National Crowdfunding and FinTech Association of Canada and a Board Member at Open Banking Initiative Canada. Michelle started for FINAVATOR as she is passionate about payments and financial inclusion. She has 20 years of extensive industry experience, driving innovation across the retail and payments industry. Hello, Michelle. Michelle Beyo: Hi, Oscar. How are you? Oscar: Very good. I'm really happy to have you here in the show. Michelle: Happy to be here as well. Oscar: Excellent. So, Michelle, let's talk about digital identity. I want to start hearing a bit about yourself and your journey to the world of identity. Michelle: Yeah, I'm happy to share a little bit. I actually spent 20 years in the corporate space. Six years in telco and eight years in online shopping affiliate marketing. Ran Alaska, Lufthansa, Delta, United online shopping mall platforms. I really got to understand the relationship between customer and loyalty infrastructure. And then I moved into the payment space. Working for the largest prepaid company globally, called InComm, out of their international office for 30 countries. And was running sales and marketing, launched their B2B division, got to see what was happening in innovation across these 30 other countries, including Singapore, Australia, UK. Helped launch WeChat in North America at 711 through the Gift Card rail, QR payment system. And truly realised - a little fearful that my ki...
Let's talk about digital identity with Magnus Kardell, Product Owner for SignPort, Knowit. In episode 90, Oscar is joined by Magnus Kardell, Product Owner for SignPort at Knowit, to explore digital signatures in Sweden – including the main challenges that public and private organisations face when looking for a digital signature solution, how to solve these challenges and what regulations signatures solutions need to comply with in Sweden. [Transcript below] "It's demand for high availability, and demand for high level automation. That means you need to be able to validate the document electronically to the person who has signed it." Magnus Kardell is the Product Owner for SignPort, an IP product developed by Knowit enabling high-security e-identification and e-signatures. He is a specialist in identification and signing services, with a focus on IAM, and SSO federations. Magnus started his career in this field in 2013 and has since gained extensive experience in the public sector, catering to clients with high-security standards and needs. With a strong background in the industry, Magnus is dedicated to delivering innovative and secure solutions to his clients through SignPort. To continue the conversation or to find out more, visit SignPort - signature service, reach out to Magnus via email or connect with him on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Go to our YouTube to watch the video transcript for this episode. Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thank you for joining us. As the years have been passing, I have noticed actually that, digital signatures are becoming more and more common. At a time when we need to sign some agreements, electronically or Internet services. So, let's take some time today and hear what is going on, what the trends are, in the European Union, but particularly, in Sweden, where today's guest is coming from. So, our guest today is Magnus Kardell. He is the product owner of SignPort, a product developed by Knowit, enabling high security, e-identification and e-signatures. He is a specialist in identification and signing services, with a focus on IAM and SSO Federations. Magnus started his career in this field in 2013 and has since then gained extensive experience in the public sector, catering to clients with high security standards and needs. With a strong background in the industry, Magnus is dedicated to delivering innovative and secure solutions to his clients through SignPort. Hello, Magnus. Magnus Kardell: Yes, hello. Hello, Oscar. Oscar: Welcome. It's great having you. We are going to talk about signatures. But let's get started. Let's talk about digital identity. First of all, we want to hear about our guest, so we want to hear about you. Tell us a bit about your journey to this world of identity. Magnus: Thank you. Yeah, Magnus Kardell is my name, and I work at Knowit Secure Solutions, as Oscar mentioned, and I'm product owner for SignPort, which is an identification and signing service. I started roughly 10 years ago with IT security and at the time we were having, and working with, identity and access management. Providing single sign on and federations between different organisations, and soon after that, we were adding also signature services. In Sweden, there is a technical framework provided by the Swedish agency, DIGG, the agency for digital government. We have always complied to that standard, and that's where we built our services. It's mainly targeting public sector, but it's also good for private sector. And I think in 2016, we made the first signatures, doing it this way and according to this standard. So, we were first with that one. And I've been a project manager for establishing about 40 customers in Sweden, in different configurations,
Let's talk about digital identity with Oscar Santolalla, Ann Cavoukian and Katryna Dow. In this latest episode within the Identity Story Series, Ann Cavoukian, creator of Privacy by Design and Katryna Dow, CEO at Meeco, join Oscar to explore the road to becoming ISO 31700 for Privacy by Design. They discuss the importance of Privacy by Design and how it can help organisations protect their customers' personal data and comply with data protection regulations and the impact of Privacy by Design becoming an ISO Standard. [Transcript below] “If you don't have a strong foundation of security from end to end with full lifecycle protection, you're not going to have any privacy.” ~ Ann Cavoukian Dr Ann Cavoukian is recognised as one of the world's leading privacy experts. Dr Cavoukian served an unprecedented three terms as the Information & Privacy Commissioner of Ontario, Canada. There she created Privacy by Design, a framework that seeks to proactively embed privacy into the design specifications of information technologies, networked infrastructure and business practices, thereby achieving the strongest protection possible. In 2010, International Privacy Regulators unanimously passed a Resolution recognising Privacy by Design as an International Standard. Since then, PbD has been translated into 40 languages! In 2018, PbD was included in a sweeping new law in the EU: the General Data Protection Regulation. Dr Cavoukian is now the Executive Director of the Global Privacy & Security by Design Centre. She is also a Senior Fellow of the Ted Rogers Leadership Centre at Ryerson University, and a Faculty Fellow of the Centre for Law, Science & Innovation at the Sandra Day O'Connor College of Law at Arizona State University. Listen to Episode 73, where Ann joined the podcast to discuss Privacy by Design, and connect with Ann on LinkedIn. “One of the really challenging things about privacy and security is if you don't bake it in at the lower layers, if you don't build that foundation, it's really hard to go back and put it into a product or service afterwards.” ~ Katryna Dow Katryna Dow is the founder and CEO of Meeco; a personal data & distributed ledger platform that enables people to securely exchange data via the API-of-Me with the people and organisations they trust. Katryna has been pioneering personal data rights since 2002, when she envisioned a time when personal sovereignty, identity and contextual privacy would be as important as being connected. Now within the context of GDPR and Open Banking, distributed ledger, cloud, AI and IoT have converged to make Meeco both possible and necessary. Find out more about Meeco at meeco.me. For the past three years, Katryna has been named as one of the Top 100 Identity Influencers. She is the co-author of the blockchain identity paper ‘Immutable Me' and co-author/co-architect of Meeco's distributed ledger solution and technical White Paper on Zero Knowledge Proofs for Access, Control, Delegation and Consent of Identity and Personal Data. Katryna speaks globally on digital rights, privacy and data innovation. Listen to Episode 30, where Katryna joined the podcast to discuss Data minimisation, and connect with Katryna on LinkedIn. Go to our YouTube to watch the video transcript for episode 89. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Today we're happy to bring you a new episode of our Identity Stories Series. Privacy by Design has just become an ISO standard, which we want to celebrate, so let's go back in time and hear moments of this journey. Let's first hear from Privacy by Design's creator herself, Dr Ann Cavoukian. She is recognised as one of the world's leading privacy experts and she served an unprecedented three terms as the Information & ...
Let's talk about digital identity with Adrian Field, Director of Market Development at OneID. In episode 88, Adrian Field, Director of Market Development at OneID, joins Oscar to explore verifying digital identities with online banking, the importance of online banking-based identity verification alongside it's benefits for businesses and individuals. Join as they delve into the cross-border challenges that arise from individual country verified identities and how LEIs and UK Trust framework are supporting verified digital identities. [Transcript below] "LEIs have been born out of the financial sector, through regulation. But we do see business use, in all sectors, is useful to be able to enable less fraud within a country, or better and smoother cross-border use cases for companies." Adrian Field is Adrian Field, Director of Market Development at OneID. He leads OneID's market development, working with banks, industry groups, Government and regulators to enable the UK market for ID services to grow and succeed. Adrian is also engaged with the OpenID Foundation developing global open standards for identity, and global projects to connect identity schemes cross-border. Connect with Adrian on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Go to our YouTube to watch the video transcript for this episode. Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello, and thanks for joining to a new episode of Let's Talk About Digital Identity. And today we'll discuss a new perspective on verified digital identities. And for that, we have a special guest who is Adrian Field. He leads OneID's market development, working with banks, industry groups, governments and regulators to enable the UK market for identity services to grow and succeed. He's also engaged with OpenID Foundation developing global open standards for identity and global projects to connect identity schemes, cross-border. Hello, Adrian. Adrian Field: Morning. Hi, thank you for inviting me. Oscar: It's a pleasure having you. Thank you. Let's talk about digital identity but first, I'd like to hear a bit more about yourself. So, tell us, what was your journey into this world of identity? Adrian: Yeah. So, my background is banking and payments originally, so I spent a long time with one of the card schemes, doing all sorts of things, but learned about the concepts of authentication and authorisation through that process. And then spent a few years at one of the UK's large banks looking at lots of different innovation topics, but digital identity was one of those. And then I used my authentication knowledge to build on that to investigate more and more about, you know, what is identity? How do you prove that it's the right person, in a journey, at the right time? Oscar: And to start this conversation with common understanding, for ones who have not heard or is not completely clear. What is the concept of verified digital identity? So, what are we talking about when you use this term and why is it important? Adrian: I normally explain this by going back to the question of, “what is identity?” without the digital part. And for us at OneID this is your, it's the legal concept of your personhood. So, you are a person which is either a natural person, which is a human, or a kind of legal person, which is an organisation. And if you're a person in UK law, that gives you certain rights, so you can own things, I can sign documents, I can own property. I have certain rights that non-persons, i.e., objects and things don't have those rights. So, you get your legal identity by – as a person you're entered into a birth register, or if you're an organisation, you get entered into a company's register or charities register as a legal organisation. And that's how you get the identity part.
Let's talk about digital identity with Henk Marsman, Public Speaker, and Principal Consultant at SonicBee. In episode 87, Oscar is joined by Henk Marsman, specialist and public speaker around ethics of digital identity and Principal Consultant of Identity and Access Management at SonicBee. Henk and Oscar explore why local municipalities may need their own digital identity schemes – including how these local schemes differ from national schemes and how they help people missed by national schemes, alongside some examples of live local identity schemes. They also discuss some disadvantages of local identity schemes and how they could be incorporated into wallet-based identification, like eIDAS 2.0. [Transcript below] "Put the human at the centre, what the individual's needs, what the individuals want to achieve … and that is basically the ethical perspective, or the value perspective on digital identity solutions that we have in the world today." Henk Marsman combines deep knowledge on digital identity with an ethical view on the impact on individuals and society of digitalisation of identity. His research on the ‘ethics of digital identity' is still ongoing. Henk is involved in initiatives related to national digital identity (including eIDAS2.0), municipal digital identity and specifically for undocumented persons. Next to that he's supporting organisations through his work at SonicBee, a Dutch IAM boutique firm, in digital identity projects. He has worked for 5 years at a top-three Dutch bank (Rabobank) as the global service owner for the Identity and Access Management services, and prior to that was senior manager with Deloitte, leading the Dutch IAM practice. Connect with Henk on LinkedIn. Find his personal blog at ThroughIdentity and other blogs and articles at SonicBee. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Go to our YouTube to watch the video transcript for this episode. Learn about the commercial and technical aspects of Customer Identity & Access Management, at IAM Academy, Ubisecure's partner training program. Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thank you for joining us to this episode of Let's Talk about Digital identity. And something that we have not talked before is, digital identities in local governments. For that very interesting topic, we have a special guest who is, Henk Marsman. He combines deep knowledge on digital identity with an ethical view on the impact of digitalisation of identity, on individuals and society. His research on the ethics of digital identity is still ongoing. Henk is involved in initiatives related to national digital identity, including eIDAS 2.0, municipal digital identity, and specifically for undocumented persons. Next to that, he is supporting organisations through his work at SonicBee, a Dutch IAM boutique firm in digital identity projects. He has worked for five years at a top three Dutch bank, Rabobank, as a global service owner for the Identity and Access Management Services. And prior to that, he was senior manager with Deloitte, leading the Dutch IAM practice. Hello Henk. Henk Marsman: Good morning, Oscar. Nice to be here. Oscar: It's great having you, Henk. So, Henk, let's talk about identity. But very first, I want to hear a bit about yourself and especially your journey to the world of digital identity. Henk: Yes, that's a good start Oscar, thank you for that. I've had several occasions looking back at how I ended up in this world, because there no formal training for becoming an Identity and Access Management expert. For me, it started actually when I was doing a half year of exchange study in Finland. Where a professor, in Turku, with a lot of abbreviations on a slide, and we were supposed to pick one and write an essay on it. And I chose the TTP one,
Let's talk about digital identity with John Jellema, VP of Product Management at Ubisecure. This is a special, bonus episode on Hybrid IAM, in the lead up to the Gartner Identity and Access Management Summit 2023. Oscar is joined by John Jellema, VP of Product Management at Ubisecure to explore the hot topic of Hybrid IAM including what is meant by hybrid IAM, why and when to consider hybrid IAM, benefits and drawbacks and considerations for orchestration between different clouds. [Transcript below] "Where I think identity access management is going, growing, and continuing is around the areas of security." For more from John take a look at his blogs or contact the team. Find more information and resources on our Hybrid IAM page. Join us at the Gartner Identity and Access Management Summit, on the 6-7th March in London. Find the booth and session details or book a demo with the Ubisecure team. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Go to our YouTube to watch the video transcript for this episode. Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: In the lead up to Gardner Identity and Access Management Summit 2023 in London. The Let's talk about digital identity team have released this special episode to discuss Hybrid IAM. A trending topic in the identity management industry, IAM stakeholders are increasingly interested in understanding what Hybrid IAM really means, how we can solve modern ID challenges, and how to evaluate whether Hybrid IAM is a suitable business choice for their current identity projects. For today's episode and to help answer those questions, I am joined by John Jellema, Vice President of Product Management at Ubisecure. Hello, John. John Jellema: Hi Oscar. Thanks for having me on the podcast. Oscar: Very welcome. So, John, let's talk about digital identity and as usual we want to hear a bit more about our guest. So please tell us about yourself and your journey to this world of identity. John: Sure, absolutely. I started in a very old Internet company back in the United States in 1997. Moved over to Amsterdam, where I became a product owner on several security services for Verizon, the global telco. The last of which was operating an anti DDOS platform, so to ensure availability of circuits all over the globe through some of the largest DDOS attacks. Ran that platform for about 15 years and then I came over here to Ubisecure about five years ago. I'm intensely interested in the personal access, the capabilities and the dynamic future of identity management. As we move from employee identity management into true global functioning personal identity management. That's why I'm here at Ubisecure. Oscar: Excellent. So, John, to get started with talking about Hybrid IAM. What do we mean when we talk about Hybrid IAM? John: It's a good question. It's confusing a lot of times. There's a lot of material out there if you search for the term hybrid IAM, what different folks are referring to or meaning. In practical terms, it's using two dissimilar services or two dissimilar location areas to have a service deployed at the same time. So, a lot of organisations - I mean we're 20 - 25 years into this thing called ‘the internet' with user accounts, and there are lots of legacy systems. That's a term that is widely used for employee identity and access management, or your log on service that you do, or your access when you sign into your laptop or an internal machine. It's functionally - a legacy IAM is functionally, a server or a private cloud, at this point in time that a corporation or an organisation runs for themselves and hybrid IAM is linking that legacy service with a cloud-based service. So, something that is on a public cloud like Azure from Microsoft or AWS, Amazon Web Services,
Let's talk about digital identity with Petri Heinälä, Security Offering Architect at Fujitsu. In episode 85, Oscar is joined by Petri Heinälä who's aim is 'bringing digital identities closer to businesses and real life'. In this episode Oscar and Petri explore the importance of organisations understanding and embracing digital identities and identity solutions, including what needs to be considered when investing in identity solutions, how a lack of understanding can put the project and company at risk, as well as discussing how to get businesspeople more interested in identity. [Transcript below] "Because people are part of the business, so are identities." Petri Heinälä works in global Fujitsu as Security Offering Architect and his area of specialisation is Digital Identities. His aim is to bring Digital Identities closer to real life and businesses with common sense thinking and talking less technology language. He noticed throughout his long career that the only permanent thing is change and understanding that has helped Petri keep up with the development and changes of life, business and technology. Connect with Petri on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Go to our YouTube to watch the video transcript for this episode. Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Come and meet the Ubisecure team at the Gartner Identity and Access Management Summit, in London, on the 6th and 7th of March. To find out more, take a look at the Ubisecure events page - https://www.ubisecure.com/events/. Oscar Santolalla: As our slogan says, the podcast Connecting Identity and Business. We know very well the importance of putting ourselves in business people's own shoes when we discuss both the challenges and solutions in this identity world. So, today's discussion is going on deep dive about that. And we have a very special guest who is Petri Heinälä. He's working in Global Fujitsu, a security offering architect, and his area of specialisation is data identities. He's trying to bring other identities closer to real life and businesses with common sense thinking and talking less technology language. Petri has noticed in his long career that the only permanent thing is change and understanding that has helped him to keep up with development and changes of life, business and technology. Hello, Petri. Petri Heinälä: Hello. Oscar: Great having you here. So, let's talk about digital identity. Let's start hearing about yourself - about yourself and what was your journey to this world of digital identity? Petri: Yes, I've been quite a long time in the IT industry, over 25 years in Fujitsu and I have helped multiple other industries with technology solutions during that time. And I started as a software developer and architect and then step by step, moved to service and offering development. And also, during that time moved from the local level to the regional and now global level. The meaning of security and identities has raised dramatically during that time. And in early days in my career I, when I developed banking ATM software, I learnt that the user experience is everything and there is a strong relation in security and user experience and users, and their digital identities have a centric role there. So, step by step, identities had a bigger a role in my work and I have learnt more and trying to share my learnings to others now. Oscar: Yeah, excellent. So, starting from developer, so a very technical role of course. And now we are going to discuss about business, the business side of this world of identity. So, I imagine a big shift through, through the to these years. Petri: Yes, yes, yes. Very big shift. And when I talk about learning – so, there have been the failures also, more than the successes. Oscar: Oh, yeah, I'm sure. Definitely.
Let's talk about digital identity with Jenny Radcliffe, The People Hacker. In episode 84, ethical burglar for hire, Jenny Radcliffe, joins Oscar to discuss the importance of educating your staff to help protect your company against social engineering attacks - including the main vulnerabilities that social engineers exploit, how individuals and businesses can protect themselves online and how user authentication technologies can help, as well as how ransomware links to social engineering. [Transcript below] "Two factor or multi-factor, in any form, is always going to be a good thing. It's better than, like you say, one thing, which can be found out or hacked like a password." Jenny Radcliffe is a world-renowned Social Engineer, hired to bypass security systems through a mixture of psychology, con-artistry, cunning and guile. A "burglar" for hire and entertaining educator, she has spent a lifetime talking her way into secure locations, protecting clients from scammers, and leading simulated criminal attacks on organisations of all sizes in order to help secure money, data and information from malicious attacks. Jenny has received many industry awards and was most recently inducted into the prestigious InfoSec Hall of Fame in 2022. She has also been named as one of the top 30 female cyber security leaders in 2022 by SC Magazine, one of the top 25 Women in Cyber by IT Security Guru, and as a Top 50 Women of Influence in Cyber in 2019. She was nominated in seven categories for the 2021 Security Serious Awards in 2021 including the prestigious “Godmother of Security” award in 2020 winning the “Most Educational Security Blog" for her show The Human Factor podcast interviewing industry leaders, bloggers, experts, fellow social engineers and con artists about all elements of security and preventing people from becoming victims of malicious social engineering. Jenny is a sought-after global keynote speaker at major conferences and corporate events and is a multiple TEDx contributor. A go-to guest expert on the human element of security, scams, cons and hacks, she has appeared on numerous television and radio shows, as well as online media and traditional press outlets, and helps create unique content for international brands and organisations. An experienced podcast host, panel chair and interviewer she hosted the live weekly cyber talkshow "Teiss Talk" for two years and is frequently asked to chair live events for clients both virtually and in-person. Jenny's upcoming book People Hacker - Confessions of a Burglar for Hire will be released in February 2023, published by Simon and Schuster. Connect with Jenny on LinkedIn or Twitter. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Go to our YouTube to watch the video transcript for this episode. Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Come and meet the Ubisecure team at the Gartner Identity and Access Management Summit, in London, on the 6th and 7th of March. To find out more, take a look at the Ubisecure events page - https://www.ubisecure.com/events/. Oscar Santolalla: Hello and thank you for joining a new episode of Let's Talk about digital identity, particularly for us, myself, working on companies that are building technology products to protect, secure people on Internet. It's always surprising when we hear stories, when there are people, they just get tricked by other humans and voila, the result is - the company is hacked. Today we'll hear fascinating stories about social engineering, and for that we have, special guest Jenny Radcliffe. She's a world-renowned social engineer who is hired to bypass security systems through a mixture of psychology, con artistry, cunning and guile. Jenny has received many industry awards and was most recently inducted into the prestigious InfoSec Hall of Fame 2022.
Let's talk about digital identity with Dr Mark van Rijmenam, Founder and Future Tech Strategist at The Digital Futures Institute. Dr Mark van Rijmenam joins Oscar to discuss the importance of Self-Sovereign Identity in the Open Metaverse - including his definition of metaverse, derived from his interviews with entrepreneurs for his latest book, the motivations for entrepreneurs to be building assets in the metaverse, the role of identity and its importance in the open metaverse. [Transcript below] "I think it's crucial that we own and control our own data, that we control our own digital assets, and that we control our own identity and reputation." Dr Mark van Rijmenam is The Digital Speaker. He is a leading strategic futurist who thinks about how emerging technologies change organizations, society and the metaverse. He is the founder of the Digital Futures Institute, with a mission to ensure a thriving digital future for business and society. Van Rijmenam is an international keynote speaker, and 5x author. His latest book is Future Visions, which was written in five days in collaboration with AI. Find his articles and books at The Digital Speaker. Connect with Mark on LinkedIn or Twitter. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Go to our YouTube to watch the video transcript for this episode. Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Come and meet the Ubisecure team at the Gartner Identity and Access Management Summit, in London, on the 6th and 7th of March. To find out more, take a look at the Ubisecure events page, www.ubisecure.com/events/. Oscar Santolalla: Hello and thank you for joining us to this first episode of Let's Talk About Digital Identity in this New Year, 2023. And we want to start hearing very futuristic things about a future, very futuristic. We have a really amazing guest to start this year. Let me introduce you, Dr Mark van Rijmenam. He is the digital speaker, he is a leading strategic futurist who thinks about how emerging technologies change organisations, society and the metaverse. He is the founder of the Digital Futures Institute with a mission to ensure a thriving digital future for businesses and society. Van Rijmenam is an international keynote speaker. He is five times author, and his latest book is Future Visions, which was written in five days in collaboration with artificial intelligence. I definitely want to hear more about that. Hey, Mark, welcome. Dr Mark van Rijmenam: Thank you very much Oscar for having me on the show. It's great to be here. Oscar: Yes, definitely our pleasure. Well, happy New Year. Mark: Happy New Year to you, too. Oscar: Yes, we are still in the beginning of 2023. Please tell us about yourself and how - what was your journey to this world of identity, metaverse and everything that you are doing today. Mark: I'm sure it sounds good. Well, obviously you already gave a very nice introduction, but I'll add some things to it. So, I've been a keynote speaker for over a decade. I am a strategic futurist, so it means I really think about emerging technologies, and I try to understand what these technologies, these emerging cutting-edge technologies mean for you and me, for organisations, for society, and how we can benefit from them. Because these technologies are constantly evolving. So, I've been doing this for over a decade. I've been speaking all around the world about that. I've been, as you said, five books. And I really try to always practise what I preach. And so that means that I - when the pandemic hit, I created myself an avatar, created myself as a hologram to deliver keynotes as such. I'm currently working on building a digital twin of myself to understand - what are the consequences of creating a digital twin of yourself? A synthetic human, so to say.
Let's talk about digital identity with Chris Southworth, Secretary General at the ICC United Kingdom and Oswald Kuyler, Global Head of Strategy at MonetaGo. Join Oscar as he explores the Electronic Trade Documents Bill with Chris Southworth and Oscar Kuyler – including what the electronic trade documents bill is, its aims, benefits and how this is expected to be adopted globally to improve trade processes. [Transcript below] "The reality is that if you don't solve identity, a lot of the inefficiencies generally won't go away." Chris Southworth is Secretary General at the ICC United Kingdom. Prior to joining ICC he was Executive Director for Global Partnerships, at the British Chambers of Commerce (BCC), Head of the International Chambers of Commerce Unit at UK Trade and Investment (UKTI) and a Senior Policy Advisor to Lord Heseltine for his independent review of UK competitiveness. In 2011 he helped set up the mid-size business export programme at UKTI and was a Senior Policy Advisor for the 2011 Government Review of Mid-Size Businesses. Former roles have encompassed deregulatory policy at Better Regulation Executive, social enterprise policy at the Department for Business and stints in a local strategic partnership and the charity sector. Connect with Chris on LinkedIn. Oswald Kuyler is currently the Global Head of Strategy for MonetaGo, a fintech focused on global fraud prevention. Oswald is also a Digital standards advisor to the international chamber of commerce UK and is also the former Managing Director of the DSI. Oswald is the former Global Head of Data Strategy of BHP, the world's largest diversified mining company. He has worked on initiatives covering blockchain, electronic documentation in trade, data and analytics, and automation. Connect with Oswald on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Go to our YouTube to watch the video transcript for this episode. Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello, and thank you for joining this new episode. We often talk about digital transformation in this podcast. Actually one aspect that still needs to become more digital is commercial trade documents, in which there's still a lot of paper. Today, our guests will tell us more about a game changing piece of legislation. So let's welcome our guests, we have two guests today. First of all, Chris Southworth, he is Secretary General at the International Chamber of Commerce, ICC, in the United Kingdom. Prior to joining ICC he was Executive Director for Global Partnerships at the British Chambers of Commerce, BCC, Head of the International Chamber of Commerce unit at the UK Trade and Investment, UKTI, and a Senior Policy Advisor to Lord Heseltine for his independent review of UK Competitiveness. Hello, Chris. Chris Southworth: Good morning. Oscar: Good morning. And our second guest is Oswald Kuyler. He's currently the Global Head of Strategy for MonetaGo, a FinTech focused on global fraud prevention. Oswald is also a Digital Standards Adviser to the International Chamber of Commerce, UK. And he's also the former Management Director of the ICC Digital Standards Initiative, DSI. He has worked on initiatives covering blockchain, electronic documentation in trade, data and analytics, and automation. Hello, Oswald. Oswald Kuyler: Hi, how are you? Oscar: Very good, happy to have you both in this conversation. Oswald: Thank you for the invite. I really appreciate it. Oscar: My pleasure. So, Chris and Oswald, let's talk about digital identity. I would like to hear first from you, from both of you, tell us about yourself and your journey to this world of identity. Chris: Sure, I mean, I should say that in the class of this conversation, I'm the co-chair of the Legal Reform Advisory Board and part of the leadership...
Let's Talk About Digital Identity with Oscar Santolalla and Clare Rowley, Head of Business Operations at GLEIF. Episode 81 is an identity stories special, where Oscar and Clare discuss the history of identities for businesses and how and why the LEI was created and introduced – including how the LEI has been adopted globally, the challenges is has helped to solve and what the future of LEI might be. "We see there an emerging dialogue and focus coming from the trade, the supply chain community on the importance of LEI for trade participants." [Transcript below] Connect with Oscar and Clare on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! To find out more about LEIs go to the RapidLEI Knowledge Base or contact the RapidLEI team. Go to our YouTube to watch the video transcript for this episode. Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: More than 2000 years ago in Persia, Egypt, ancient China and their contemporary civilisations, the first versions of what we now know as the passport were used to travel from one region to another. As the world became more populated and connected through roads and by the sea, passports became a vital piece of paper for people to enter from one country to another. But only in the late 21st century the passport became as standardised and globally acknowledged as we know it today. But what has been the ultimate motivation for humans to travel the world? Trade, and it's still today. Companies have also existed for centuries. Some of the oldest businesses existing today were established in Japan, like Nishiyama Onsen Keiunkan a hot spring hotel founded in 705. However, the need for business registries came much later in history. The United Kingdom's Companies House was created in 1844. The goal of British lawmakers at that time was that having a list of registered companies publicly available would help reduce fraud. On the other side of the Atlantic, Dun & Bradstreet, a company that was founded in 1841 provided credit reports about businesses through several decades with a similar goal of helping businesspeople know the companies they were planning to trade with. In 1963 Dun & Bradstreet created the Data Universal Numbering System (DUNS) a unique nine-digit identifier for businesses. A few other similar business identifiers appeared but, as with the passports, the time for a global standardisation was still to come. Let's hear now the history of the Legal Entity Identifier, LEI, the 20-digit identifier for businesses and other types of organisations. Oscar: Today we have with us Clare Rowley. The head of business operations at the Global Legal Entity Identifier Foundation, the GLEIF. Clare, what were the reasons why the LEI was created? Clare Rowley: I will go all the way back to September of 2008. For participants in financial markets, financial institutions, this is a very memorable month because during this time there was what is now referred to as the Lehman weekend. And of course, that led to a failure of an extremely important market institution, market player and the subsequent impact across the world. So, at this time, there were supervisors within financial markets, financial institutions, asking a very simple question to their regulated entities. That is, what is your exposure to Lehman Brothers? And the scary answer was - that was not really an easy thing to know and to determine, and it will probably take weeks and maybe even months to get that answer. And the root of the problem was not that there was no data on the positions that were held, etc. Rather, it was the problem in identifying those several thousand legal entities associated with Lehman Brothers. So, at the time there was no design in data systems that made it easy to aggregate information across the entities and th...
Let's talk about digital identity with Bianca Lopes, Identity Advocate, Investor. Join Bianca Lopes and Oscar as they discuss the top challenges, solutions and achievements for digital identity within the financial industry – the connection to regenerative finance (Refi) and how this is changing identity in finance. [Transcript below] "I think a lot of the microservices architectures that some of the banks and financial services companies have implemented in their movement to the cloud, or just in their change inside and internally, have opened up their minds to rethink identity across the organisation. " Bianca Lopes is an investor, business builder, economist, and identity expert, who focusing on driving meaningful impact through technology and regulation. Leading many significant identity projects and having helped transform how data can unlock financial and social worth. With a central focus on how we can rewire finance using the power of digital identity, ethics, and Web3. Bianca is driven by how we negotiate competing values with data and information technologies. In her work I have supported over 40 financial institutions and 8 governments to reshape their approach to technology, rethink the role of identity, and leverage their innovation agendas. She manages an international speaking calendar to help business leaders, governments, and consumers understand the impact that data, privacy, and finance will continue to have on our lives. Bianca's journey and lived experience have informed her worldview. Born in Brazil, educated in Canada, based in Denmark and multilingual, she has encountered both sides of economic and digital development. Her mission is to build bridges and create value. She is honoured to work with UNESCO's International Research Center on Artificial Intelligence. Here we facilitate cooperation in developing artificial intelligence with special emphasis on supporting the development of a vibrant AI ecosystem Globally. Connect with Bianca on LinkedIn, Twitter or Instagram - @biasmlopes. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining a new episode of Let's Talk About Digital Identity. And today, we'll hear how the financial industry is redefining itself. And of course, what is the role of identity on this. For that, we a have special guest who is Bianca Lopes. As an investor, business builder, economist and identity expert, Bianca Lopes focuses on driving meaningful impact through technology and regulation. Leading many significant identity projects, she has helped transform how data can unlock financial and social worth. Bianca's central focus is on how we can rewire finance using the power of digital identity, ethics, and Web 3.0. Hello, Bianca. Bianca Lopes: Hello, Oscar, thank you for having me. Oscar: First, tell us about yourself and what was your journey to this world of identity? Bianca: All right. Well, I guess I'll start where my sort of journey on this Earth started. I'm from Brazil, originally. I'm an economist, as you mentioned, and my journey started in data centres. I was actually putting biometric hardware in physical parameter security. And I got into this after working at the bank for few years, I worked as a trader, and I worked in commercial banking. And then I worked in risk management and came to work with my client. And he was building this business. And this business was in the biometric space. And back in the day, it was kind of like, you know, minority report, when you told people you worked in biometrics. And little did I know that that's where my journey in identity was meant to start. And that was about over 13 years ago. It's been incredible. It's been a journey of purpose and a journey of understanding what an i...
Let's talk about digital identity with Viky Manaila, Trust Services Director at Intesi Group. In episode 79 Oscar and Viky discuss eIDAS 2.0 and EU digital identity wallets – what eIDAS 2.0 is and why it was created, what lessons were learnt from eIDAS and how have these helped to build eIDAS 2.0, and how the EU digital wallets relate to eIDAS 2.0. [Transcript below] "So, the aim of eIDAS 2.0 is to achieve the targets set in Europe's path to digital decade. Eighty percent of EU citizens being able to use a digital ID by 2030…" Viky Manaila is an international expert in the field of electronic signatures, digital identity and digital transformation processes, who has successfully promoted the electronic business globally. She has been technical expert to the European Commission for instituting Regulation 910/2014 (eIDAS) on electronic identity assurance and the design and roll-out of European, cross-nation e-procurement platforms and operations. She is member of different high level working groups set up by the European Commission, ETSI and the US Government aimed at aligning policy and operations around trust identity, digital signatures and cross-recognition. Viky has successfully contributed to standardisation work for the global acceptance of European Trust Services, as an expert in ETSI ESI Specialist Task Force 560. Global Acceptance of EU Trust Services is a study of existing trust services that operate in different regions of the world and their possible mutual recognition or global acceptance. The eIDAS Regulation and corresponding standards go beyond EU boundaries, proving that interoperability and cross-border legal recognition are the keys for global electronic commerce and transactions. Viky is also President of Cloud Signature Consortium. Find out more about Intesi Group. Connect with Viky on LinkedIn or Twitter. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thank you for joining us in a new episode of Let's Talk About Digital Identity. And we are going to hear more about eIDAS 2.0 that is being evolving a lot getting ready and ready. So, for that we have a special guest who is Viky Manaila. She is an international expert in the field of electronic signatures, digital identity and digital transformation processes, who has successfully promoted the electronic business globally. She has been technical expert to the European Commission for instituting Regulation 910/2014 (eIDAS) on electronic identity assurance and the design and roll-out of European cross-nation e-procurement platforms and operations. Viky is a member of different high level working groups set up by the European Commission, the ETSI, and the US government aimed at aligning policy and operations around trust identity, digital signatures, and cross-recognition. She's also president of Cloud Signature Consortium. Hello, Viky. Viky Manaila: Hello, Oscar. Hello, everyone. And welcome to Let's Talk About Digital Identity in Europe this time. Oscar: Exactly. We're talking about what is happening in Europe. Yeah, fantastic. Nice hearing you. Nice meeting you, Viky. So, let's get started. Viky: Thank you for inviting me to your show. Oscar: My pleasure. So, Viky, let's talk about digital identity. So, let's start by hearing a bit more about yourself in your journey to this world of identity. Viky: Well, my journey into digital services and identity space started back in 2002 when I was preparing my master's thesis in electronic signatures and cryptography. That time I came across the famous cartoon of New Yorker drawn by Peter Steiner with the two dogs in front of the computer, the old one telling to the smallest one, "On the internet, nobody knows you're a dog." So,
Let's talk about digital identity with Dr Salah Rustum, founder of CIELTECH. Oscar is joined by Dr. Salah Rustum, founder of CIEL and CIELtech to discuss digital identity in the middle east – what digital identity challenges the organisations in this region are facing, what solutions could be introduced to help these challenges and what cyber laws are in this region and his role in introducing these laws. [Transcript below] "Everybody wants to be on the internet, everybody wants to apply in new technologies. The danger is that sometimes they get wrong advice." Dr Salah A. Rustum is a Ph. D. in Aerodynamics and has occupied very high positions in this field including vice presidency at Boeing. Dr Rustum is also the founder of CIEL a Lebanese Company dealing in Cyber Security ever since 1990 and the founder of CIELTECH of Qatar which has the same concept and has set his mission to support and develop the integrity of information technology and information sent on the Internet. Connect with Salah on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thank you for joining this new episode of Let's Talk About Digital Identity. And today, we'll have a geographical focus perspective in which today we'll focus on the Middle East. And for that we have very special guests who is Dr Salah Rustum. He is a PhD in Aerodynamics, and has occupied very high positions in this field, including a vice presidency at Boeing. Dr Rustum is also the founder of CIEL, a Lebanese company dealing in cybersecurity ever since 1990. And he is the founder of CIELTECH of Qatar, which has the same concept and has set its mission to support and develop the integrity of information technology and information sent on the internet. Hello, Dr Salah. Dr Salah Rustum: Hi. How are you? Oscar: Very good. It's a pleasure having this conversation with you. Salah: It's my pleasure as well to be online with you. And I hope our meeting would be a good one and successful. Oscar: Absolutely, I'm sure it's going to be. So, let's get started, let's talk about digital identity. And as always, I want to hear something about our guest. So please tell us about yourself and your journey to the world of digital identity. Salah: Well, as you said, I had my PhD from MIT, I worked with Lockheed Martin to begin with. And then I had an offer from Boeing which I couldn't refuse. And later on, I was moved to, transferred actually to the Middle East, and started Boeing Middle East. It didn't work there due to political reasons. And after that returned to the States continued my aviational career. During which I became the Chairman of the Introductory Commission of the Jumbo Jet in the world. I was the chairman of the Future Planning Commission of Rome Airport, and other different positions that I held throughout the time I served in aviation. But the most outstanding of my career is my absolute transfer from aviation to technology, which I am intruding on it as my real study is concentrated on aviation and the effect of wind on any object. But the transition was easy as everything based on physics is easy. And it is easy comprehensible. I started with introducing the electronic digital signature as early as 1996. And from there on, it became – the scope became wider and wider. And we got to the extent that we started dealing with cybersecurity, and what it meant at that time and what it means now. Of course, we did a lot of work on bridging the digital divide, which was very important between the Middle East and the West. And of course, it was very painful in the start, it was a very, very dark tunnel, which I entered. But luckily speaking, I managed to really introduce the sense of the electronic digital signature authentication,
Let's talk about digital identity with Michael Palage, co-founder of InfoNetworks. In episode 77 Michael and Oscar discuss what DNS can bring to identity – what identity problems DNS can help to solve and how DNS fits with TRAIN. Michael also covers how LEIs are part of this solution. [Transcript below] "I see the DNS being in an optimal infrastructure to facilitate identity discovery and look up, and one that can seamlessly integrate with the various identity technology stacks that are in the market today." Michael Palage is an intellectual property attorney and an information technology consultant. He has been actively involved in Internet Governance and ICT issues over the last twenty years. During this time, he has been intimately involved in ICANN operational and policy matters since its formation in both an individual and leadership role, including a three-year term on the ICANN Board of Directors. Currently, Michael is President and CEO of Pharos Global, Inc. which provides consulting and management services to domain name registration authorities and other technology related companies in connection with Internet governance issues. He is also the co-founder of InfoNetworks LLC, an information technology company focused on solutions for building online trusted ecosystems incorporating the federation verified data. He has testified before the United States Congress multiple times and as an expert witness in both Federal and State Court in numerous legal proceedings. Connect with Michael on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Related links: FinCEN / FDIC Digital Identity Tech Sprint: Team DNS presentation InfoNetworks/Microsoft/DigiCert – Domain Name Credential Use Case: ICANN BC Presentation ICANN72 ICANN BC Presentation ICANN75 Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thank you for joining to this episode. The DNS is something you might have heard or seen and is an important component of internet. And today, we are going to hear what DNS can bring us about identity. And for that we have a special guest who is Michael Palage. He is an intellectual property attorney and an information technology consultant. He has been actively involved in ICANN which is the Internet Corporation for Assigned Names and Numbers for operational and policy matters since its formation, and that includes a three-year term on the ICANN Board of Directors. Palage is President and CEO of Pharos Global, a company that provides consulting and management services to domain name registration authorities and other technology-related companies. Also, he is co-founder of InfoNetworks, which is an information technology company focused on solutions for building online trusted ecosystems incorporating the federation verified data. Hello, Michael. Michael Palage: Thank you, Oscar. Long-time listener of your podcast, and I really welcome the opportunity to speak with you today. Oscar: Oh, thank you. It's great having you. And Michael, let's talk about digital identity. And as usual, I want to hear a bit about our guest, so please tell us a bit about yourself and your journey to this world of identity. Michael: Sure. My journey to identity actually started from the world of identifiers, or as you alluded to, more specifically, the world of internet domain name identifiers. In that journey, I still remember that rather specifically occurred in October of 1994. I had already finished up my engineering degree and I was pursuing my law degree at night at Temple University in Philadelphia while I worked during the day at an intellectual property firm as a law clerk. And in 1994, I read this article by Joshua Quittner in WIRED magazine entitled Billions Registered. And in this article,
Let's talk about digital identity with Roberth Lundin, Senior Security Consultant at Knowit. In episode 76, Senior Security Consultant at Knowit, Roberth Lundin, discusses identification services in Sweden alongside Smart Cards – what identification services are available in Sweden and why should someone have a BankID or Freja e-ID as well as what smart cards are and what is interesting about these. [Transcript below] "But if you take a smart card, for example, well, you can't copy a smart card. That's very important." Roberth Lundin is Senior Security Consultant at Knowit. For the last years he has been working with Bankgirot as an IT-security specialist, in which one of his most important duties is to coordinate all security audits using risk-based approach, also worked with SOC/SIEM system, identity governance and administration (IGA). In his vast experience he has seen and contributed to the evolution of eIDs in Sweden including smart cards. Connect with Roberth on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Come to meet us in person. Ubisecure are attending Security Leadership Belgium on October the 5th and 6th in Brussels. Come and meet us to find out how Ubisecure can help with your business challenges in cyber security and CIAM. To find out more, take a look at the Ubisecure events page, www.ubisecure.com/events. See you in Brussels. Oscar Santolalla: Thank you for joining a new episode of Let's Talk About Digital Identity. I was thinking, personally, I have been using for accessing many online services, I use many authentication methods, identification services that we have been discussing in this podcast, three years. But one that I have not used is a smart cards. For instance, even though hereby being a citizen of Finland, I have one, but I have not used it before. So that's one of the things we're going to discuss today, how to use a smart card for identification. And also, what are the other identification services in Europe and especially from Sweden that is from where our guest today is coming. Our guest today is Roberth Lundin. He is a Senior Security Consultant at Knowit. For the last years, he has been working with Bankgirot as an IT Security Specialist in which one of his most important duties is to coordinate all security audits using risk-based approach. He also works with SOC SCM systems, Identity Governance and Administration, IGA among all the roles in his vast experience he has seen and contributed to the evolution of eIDs in Sweden, including smart cards. Hello, Roberth. Roberth Lundin: Hello. Oscar: OK, Roberth. So, let's talk about data identity. But first of course, we want to hear a bit more about yourself. So please, you can tell us, yeah, your journey to this world of the that identity. Roberth: I started in 1989 at a company named Bull. The first project I got was to finish a secure login and file transfer tool for UNIX, which use smart cards, high security smart cards, actually. Then I have been working for the next 20 years at Bull, Integris, Steria with personalisation systems for smart cards, issue system for electronic IDs and so on. 2009, I started work at Cybercom, which is now named Knowit. 2014, I started the first signing service using DIGGs framework, which I still work with part-time and been working for since 2015 to 2018 with electronic medical certificate and signing of them as a security specialist. And then for 2019, I worked at Bankgirot to secure their operations. That's my background basically, very shortly. Oscar: Fantastic. We're going to talk about smart cards and also the eIDs in Sweden and Europe. But first, I know something interesting is to think of in a broader aspect all the authentication methods and ways of verifying identi...
Let's talk about digital identity with David Birch, Principal at 15 Mb and author, advisor and commentator on digital financial services. In episode 75 David Birch discusses digital currencies – the differences between digital currency and cryptocurrency, the role in which identity plays in digital currency and the importance on identity verification within digital currencies. [Transcript below] "Digital currency needs some form of digital identity, that might actually drive digital identity forward and help digital identity to develop into the mass market." David G.W Birch is an author, advisor and commentator on digital financial services. Principal at 15Mb, his advisory company, he is Global Ambassador for the secure electronic transactions consultancy, Consult Hyperion, Fintech Ambassador for Digital Jersey and Non-Executive Chair at Digiseq Ltd. He is an internationally-recognised thought leader in digital identity and digital money. Ranked one of the top 100 fintech influencers for 2021, previously named one of the global top 15 favourite sources of business information by Wired magazine and one of the top ten most influential voices in banking by Financial Brand, he created one of the top 25 “must read” financial IT blogs and was found by PR Daily to be one of the top ten Twitter accounts followed by innovators (along with Bill Gates and Richard Branson). His latest book “The Currency Cold War—Cash and Cryptography, Hash Rates and Hegemony” (published in May 2020) “paints a fascinating and stimulating picture of the future of the world of digital payments and its possible impact on the wider global and economic orders” – Philip Middleton, OMFIF Digital Monetary Institute. His previous book “Before Babylon, Beyond Bitcoin: From money we understand to money that understands us” was published in June 2017 with a foreword by Andrew Haldane, Chief Economist at the Bank of England. The LSE Review of Books said the book should be “widely read by graduate students of finance, financial law and related topics as well as policy makers involved in financial regulation”. The London Review of Books called his earlier book “Identity is the New Money'' fresh, original, wide-ranging and “the best book on general issues around new forms of money”. More information is available at www.dgwbirch.com and you can follow him @dgwbirch on Twitter. Connect with David on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and welcome to a new episode of Let's Talk About Digital Identity. Today, we'll talk about digital money, especially a type of digital money that I see that not many people are discussing today. Except, of course, our special guest who is David G. W. Birch. He is an author, advisor and commentator on digital financial services, Principal at 15 Mb, his advisory company. He is Global Ambassador for the secure electronic transaction's consultancy, Consult Hyperion. He is Fintech Ambassador for Digital Jersey and Non-Executive Chair at DIGISEQ Limited. He is an internationally recognised thought leader in digital identity and digital money. Also, author of several books including his latest book, The Currency Cold War: Cash and Cryptography, Hash Rates, and Hegemony. Hello, David. David Birch: Hello, Oscar. Thank you so much for inviting me. Oscar: It's a real pleasure talking with you and super interesting topic we're going to discuss today about digital money. So yeah, let's start a conversation. Let's talk about digital identity. I would like to hear first, a bit about yourself and your journey to the world of identity. David: Oh, sure. OK. Well, my background originally was in secure communications, and originally for military and government purposes. And then, of course,
Let's talk about digital identity with Heather Flanagan, Principal at Spherical Cow Consulting. In episode 74, Heather Flanagan discusses making identity easy for everyone – how to explain digital identity to people outside of the identity industry, why is it important for everyone to understand, and what the industry can do to improve the understanding of identity for everyone. [Transcript below] "If you talk to any identity professional, they will agree that passwords are one of the biggest, possibly the biggest challenge facing the industry. So how are we solving it?" Heather Flanagan, Principal at Spherical Cow Consulting and choreographer for Identity Flash Mob, comes from a position that the Internet is led by people, powered by words, and inspired by technology. She has been involved in leadership roles with some of the most technical, volunteer-driven organisations on the Internet, including IDPro as Principal Editor, the IETF, the IAB, and the IRTF as RFC Series Editor, ICANN as Technical Writer, and REFEDS as Coordinator, just to name a few. If there is work going on to develop new Internet standards, or discussions around the future of digital identity, she is interested in engaging in that work. Connect with Heather on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thank you for joining us. Today, we are going to hear from an expert in identity about - how from the perspective of, let's say regular people, most of the people, who are not involved in the identity industry, how much they understand the identity, the methods, the technology and everything that we in this industry are building. So, we're going to talk about how we can make identity easy for everyone. For that, our guest is Heather Flanagan. She is Principal at Spherical Cow Consulting, and Choreographer for Identity Flash Mob. She comes from a position that the Internet is led by people powered by words and inspired by technology. She has been involved in leadership roles with some of the most technical, volunteer-driven organisations on the internet, including IDPro as Principal Editor, the IETF, the IAB as RFC Series Editor, ICANN as Technical Writer just to name a few. Hello, Heather. Heather Flanagan: Hello, Oscar. Oscar: Nice having you. Heather: Thank you. It's great to be here. Oscar: Excellent. This is going to be super fun talking about how to make identity easy for everyone. Let's see how our conversation goes. So yeah, let's get started, let's talk about digital identity. First, I would like to hear a bit more about yourself, please tell us your journey to this world of identity. Heather: Oh, you know, very few people actually decide that "You know, digital identity, that's going to be my career." In my case, I have a liberal arts degree as a history major, and a library science degree for my master's degree. I mean, I was supposed to be a librarian when I grew up. But as is often the case, once the person falls into tech, everything ends up touching on digital identity. So immediately after university, I ended up working for the public research division of a newspaper that was just starting up an ISP. So, this was the mid '90s, there weren't a lot of experienced tech people to hire. And that ISP started hiring people who, you know, are you smart? Are you logical? Can you learn from a book? And there, as a sysadmin, I had to worry about creating user accounts and making sure that those users were able to access what they were allowed to on a system and only what they were allowed to on a system. When I left the ISP, I went to work for a large software company where again, the fundamental reason for even having an infrastructure IT team was to make sure that people could access wh...
Let's talk about digital identity with Ann Cavoukian, Executive Director of the Global Privacy and Security by Design Centre. In our series opener, Ann Cavoukian discusses Privacy by Design – the 7 foundational principles, the issues that it aims to solve and how Privacy by Design has evolved and is being used in today's tech products. [Transcript below] "You want to prevent the privacy harms from arising, not just resolve them after the fact, you want to prevent them." Dr. Ann Cavoukian is recognised as one of the world's leading privacy experts. Dr. Cavoukian served an unprecedented three terms as the Information & Privacy Commissioner of Ontario, Canada. There she created Privacy by Design, a framework that seeks to proactively embed privacy into the design specifications of information technologies, networked infrastructure and business practices, thereby achieving the strongest protection possible. In 2010, International Privacy Regulators unanimously passed a Resolution recognising Privacy by Design as an International Standard. Since then, PbD has been translated into 40 languages! In 2018, PbD was included in a sweeping new law in the EU: the General Data Protection Regulation. Dr. Cavoukian is now the Executive Director of the Global Privacy & Security by Design Centre. She is also a Senior Fellow of the Ted Rogers Leadership Centre at Ryerson University, and a Faculty Fellow of the Center for Law, Science & Innovation at the Sandra Day O'Connor College of Law at Arizona State University. Connect with Ann on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and welcome to join us a new episode of Let's Talk About Digital Identity. And you might have heard about Privacy by Design before all the influence that has had in products and regulations, et cetera. And today, we'll hear about that from its own creator. So, our guest today is Dr. Ann Cavoukian. She is recognised as one of the world's leading privacy experts. Dr. Cavoukian served an unprecedented three terms as the Information and Privacy Commissioner of Ontario, Canada. There she created Privacy by Design, a framework that seeks to proactively embed privacy into the design specifications of information technologies, network infrastructure, and business practices, thereby achieving the strongest protection possible. Today, Dr. Cavoukian is the Executive Director of the Global Privacy and Security by Design Centre. Good morning. Dr. Ann Cavoukian: Good morning, Oscar. Oscar: Good morning. And it's fantastic having the pleasure of having this conversation with you. Ann: Thank you. It's my pleasure. Oscar: Please tell us shortly how, yeah, your journey to this word of privacy and digital identity? Ann: Well, you know, it's interesting. When I became Privacy Commissioner, for the first term in '97, I think, I joined the office and it was full of brilliant lawyers who wanted to apply the law to data breach or privacy infraction and get a good resolution, which is great. But I wanted something earlier than that. I wanted something that was proactive. That by design could be embedded into the operations that you have, bake it into the code, make it a presence, so that you could prevent the privacy harms from arising. I wanted a model of proactive protection. And it took a while to sell this to my staff, to my lawyers. But I literally created Privacy by Design at my kitchen table over three nights. It was all about being proactive. That's how it came about. Oscar: OK, super interesting. If you can tell us, what is that concept for the ones who are not so completely familiar. Ann: So, Privacy by Design is all about being proactive. You want to prevent the privacy harms from arising,
Let's talk about digital identity with Simon Moffatt, CEO and Analyst at The Cyber Hut. In episode 72, Simon Moffatt from The Cyber Hut discusses what is next for identity and access management – what his recent research has shown regarding passwordless authentication and next generation authorisation, alongside what trends are emerging in IAM and how he sees the IAM landscape evolving in the future. [Transcript below] "I think the technology is there today, I think there are numerous different solutions, whether it's based on sort of biometrics, or perhaps standards, like FIDO and WebAuthn that provide us with the tools and techniques to rid ourselves of passwords." Simon is Founder and Analyst at The Cyber Hut - a leading boutique industry research, analysis and advisory firm focused on identity, access and cyber security technology. He has a 20+ year career within the identity and access management space having worked for consultancies, startups and global software vendors. He is a published author and contributor to identity standards at the likes of NIST and the IETF. He is also a Fellow of the Chartered Institute of Information Security. His long running research is focused upon next generation authorisation and emerging authentication technologies as well as having an interest in the history of code breaking, signals intelligence and cyber warfare operations. Find Simon on LinkedIn. Find out more about The Cyber Hut. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Let's Talk About Digital Identity will be returning for Series 4 on Wednesday 17th August 2022. Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thank you for joining. Today, we are going to hear now what is next for identity and access management. And we have a guest who really does a lot of research and training and consultancy about specifically identity and access management. Our guest today is Simon Moffatt. He is Founder and Analyst at The Cyber Hut, a leading boutique industry research, analysis, and advisory firm focused on identity, access, and cybersecurity technology. He has more than 20-year career experience within the identity and access management space, having worked for consultancies, start-ups, and global software vendors. He is a published author and contributor to identity standards as the likes of NIST and the IETF. He's also fellow of the Chartered Institute of Information Security. His long running research is focused upon next generation authorisation and emerging authentication technologies, as well as having an interest in the history of code breaking, signals intelligence, and cyber warfare operations. Hello, Simon. Simon Moffatt: Hi, Oscar. How are we doing? It's great to be here today. Oscar: Pretty good. It's a pleasure talking with you, Simon. So definitely, we want to hear what's coming in identity and access management. So yeah, let's get started. Let's talk about digital identity. And first, we would like to hear a bit more about yourself, especially what was your journey to the world of identity. Simon: Yeah, thanks. It's such a fascinating area, identity. I've been fortunate to have been in it for just over 20 years, which is a little bit scary when I say that out loud. But I guess like any technology in any sort of technology trend, 20 years is an absolute lifetime. And there's been so many changes in actual products that are available, the standards, how technology is used, it seems an absolute world away. But I started my career back in 2001, working in industry, like most people probably do when they when they start their careers. And I was working for a large insurance company in the UK for three or four years. And I was essentially doing identity by hand. I was creating accounts on RACF mainframe,
Let's talk about digital identity with John Wunderlich, Information Privacy and Security Expert. Join Oscar and John Wunderlich in this week's podcast episode, 71, as they discuss mobile credentials – what are the challenges and solutions surrounding mobile credentials, what is IAM's role in this and how systems need to be developed around trust. [Transcript below] "So, you have different levels of assurance in the physical world, just as you do in the digital world. So, anybody can issue a credential, the question is what level of authority you give to the credential." John Wunderlich is an information privacy & security expert with extensive experience in information privacy, identity management and data security. He has designed, built, operated and assess systems for operations and compliance in the private and public sectors for over 25 years. This included working or consulting for Fortune 500 corporations, government ministries, small companies, volunteer organisations, regulators and health system organisations of all sizes. Connect with John on LinkedIn and Twitter or email him at john@wunderlich.ca. This is the Report on mobile Driving License Privacy: kantarainitiative.org/download/pimdl-v1-final/ We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: In the recent years, there have been organisations across the world creating, for instance, mobile credentials, and specifically mobile driving licenses. So, we're going to discuss about this topic, and also the privacy side of this super interesting system that has been around. So, for that, we have an expert who is joining us today. My guest today is John Wunderlich. He is an information privacy and security expert with extensive experience in information privacy, identity management, and data security. He has designed, built, operated, and assessed system for operations and compliance in the private and public sectors for over 25 years. These includes working or consulting for Fortune 500 corporations, government ministries, small companies, volunteer organisations, regulators, and health system organisations of all sizes. Hello, John. John Wunderlich: Hi, Oscar, how are you doing? Oscar: Very good. It's a pleasure talking with you. John: Likewise. Oscar: Fantastic. That's a super interesting topic we're going to discuss today about mobile credentials, so yeah, let's talk about digital identity. But first, of course, we want to hear something a bit more about you as a guest. So please tell us your journey to the world of digital identity. John: Long story short, I used to be Corporate Systems Administrator, Network Administrator, Operations Manager, and the Federal Privacy Law in Canada was introduced, I took that as a project at my company, and it turned into a career. When I moved from the corporate side to working for a regulator, I first met Kim Cameron, a name that most of your listeners will know, working with the Privacy Commissioner of Ontario, shortly after he introduced the Seven Laws of Identity. And around the same time, my former boss introduced the idea of Privacy by Design. So, for me going back 15, 16 years privacy and identity have been in lockstep. There's a very large Venn diagram overlap between the two. And I've been consulting and working on standards and volunteer areas in that joint area since then. Oscar: Excellent. Yes, just a few years ago, maybe almost two, a bit more than two years ago, we met in Kantara Initiative, in one of the working groups, and you are super involved there. And I know that recently, you and other authors have released one document called Privacy and Identity Protection in Mobile Driving License Ecosystem. So first of all, kudos for that very good report. John: Gracias!
Let's talk about digital identity with Rachel O'Connell, Founder & CEO, and Nicky Hickman, Product Innovation Manager, at TrustElevate. In episode 70, Nicky Hickman and Rachel O'Connell of TrustElevate discuss children's digital identity – why this is so important, what challenges are currently being faced and what solutions need to be put in place to help protect children within the digital landscape. [Transcript below] "There is a clear and present need for regulatory drivers to enhance children's safety online to ensure the companies are held accountable and are transparent in terms of the measures that they take to keep kids safe online. And critical and central to that is digital identity." Nicky Hickman Nicky Hickman is a freelance product & innovation manager based in the UK with international experience in APAC, Europe and Africa. With a background in telecoms she has worked with digital identity and personal data markets for ~20 years researching, designing and delivering multi-channel large scale CIAM services and strategies for clients including Vodafone, O2, GSMA, Barclays, Sky and Verizon. In the last 5 years she has been a contributor to open-source communities at the Sovrin Foundation, where she served as a Trustee and Chair of the Identity for All Council, and at Trust over IP Foundation where she is a co-chair of the Human Experience Working Group. Nicky is also an active researcher and is an industry contributor and guest lecturer at the University of Jyväskylä's Blockchain & Digital Identity Start-Up Lab in Finland. Find Nicky on LinkedIn. Dr. Rachel O'Connell Dr Rachel O'Connell is a leading expert on online child safety. Her PhD examined paedophile activity online and the implications for investigative strategies. Rachel set up the first UK Internet safety centre in 2000; she was Chief Security office for Bebo a social networking platform 2006-2010. Rachel is the founder of TrustElevate, author of a technical standard published by the British Standards Institution that describes how to verify the age band a person belongs in a privacy-preserving, secure manner. Find Rachel on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and welcome to this new episode. And today, we'll talk about enabling and protecting children's digital identity. And for that, we have two guests who are working together in this very important issue. Let me introduce my first guest, it's Nicky Hickman. She is a Freelance Product and Innovation Manager based in the UK with international experience in the Asia Pacific, Europe and Africa. With a background in telecoms, she has worked with digital identity and personal data markets for 20 years researching, designing and delivering multichannel, large-scale CIAM services and strategies for clients including Vodafone, O2, the GSMA, Barclays, Sky, and Verizon. All of Nicky's recent work focuses on using digital identity to promote socio-economic inclusion, and impact against the United Nations Sustainable Development Goals with an underlying commercial business model that is sustainable for the long-term. For the last year, Nicky has focused on youth and child identity through work with a UNICEF YOMA programme, and with TrustElevate as a Product and Innovation Manager. Our second guest is Dr. Rachel O'Connell. She is a leading expert on online child safety. Her PhD examined paedophile activity online and the implications for investigative strategies. Rachel set up the first UK Internet Safety Centre in 2000. She was Chief Security Officer for Bebo, a social networking platform between 2006 and 2010. Rachel is the founder of TrustElevate. She's an author of a technical standard published by the British Standards Institution that describes...
Let's talk about digital identity with Aaron Painter, CEO at Nametag. In episode 69, Oscar and Aaron discuss identity in the metaverse - including Aaron's vision for how both people and organisations can prove their identity in the metaverse, and what virtual platforms can do to make their communities safer/more trustworthy. [Transcript below] "I'm deeply optimistic that we can create this metaverse environment, or the next generation of the internet or Web 3.0, with a greater sense of authenticity behind people to create safer and more trusted spaces." Aaron Painter is the CEO of Nametag Inc, the company who invented "Sign in with ID" as a more secure alternative to passwords. He is the former Vice President and General Manager of Microsoft China, Hong Kong, and Brazil as well as best-selling author of LOYAL, where he describes his key to leadership: fostering a culture of listening. Find Aaron on LinkedIn. Nametag is the fast, safe, everywhere ID with a mission to bring authenticity to the internet and enable people to build more trusted relationships. Through sophisticated, proprietary AI-technology, Nametag verifies people, not passwords, creating the next generation of digital security. The app uses multi-factor authentication, government ID verification, and biometric recognition to ensure only users have access to their own data. Nametag never stores, sells, or mines a user's data. By putting privacy first, Nametag gives the consumer control over sharing your personal information, and the power to choose when it's shared, where it's shared, and for how long. Find out more about Nametag at www.getnametag.com. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello. And today, our guest is a very special guest - it's Aaron Painter, and he is the CEO of Nametag, the company who invented "Sign in with ID" as a more secure alternative to passwords. He is the former Vice President and General Manager of Microsoft China, Hong Kong, and Brazil as well as best-selling author of LOYAL, where he describes his key to leadership: fostering a culture of listening. Hello, Aaron. Aaron Painter: Hello, Oscar. Oscar: Welcome. It's a pleasure talking with you. Aaron: Thank you. It's an honour to be here. I love the show. I learn so much from each episode so it's really a privilege to be on. Oscar: Fantastic. Definitely, super interesting, the conversation we're going to have actually about a topic we have not talked before in this show is the metaverse. So, let's get started. Let's talk about digital identity. And of course, we first want to hear about our guest, so what was your journey to come to this world of identity? Aaron: My journey was really growing up in technology. I spent about 14 years at Microsoft, started in Redmond near Seattle. And then the rest of my career was outside the US. I spent four years in France, two-and-a-half years in Brazil, five-and-a-half years in China, mostly doing international development, working with large customers of Microsoft's, partnerships, helping Microsoft expand into new geographies. I loved it. I got to experience so many different people and cultures around the world. I left and then went to run a cloud computing consultancy firm based in the UK called Cloudreach for a couple of years. And I left in December of 2019, just before the pandemic. That's where it all started. Oscar: Since when you started in identity, already in your work in Microsoft, you start entering, immersing yourself in this world of identity, or it came much, much more recently? Aaron: Identity came to me much more recently. And it was because so many customers that I was working with at Microsoft and later at Cloudreach were fascinated with security. Increasingly,
Let's talk about digital identity with Bo Harald, Founding Member at MyData Global Network. In episode 68, Bo discusses all things eIDAS 2.0 – what eIDAS 2.0 is and how it differs from eIDAS 1.0; the opportunities with Self-Sovereign Identity (SSI) and eReceipts; public and private sector involvement; what the world can learn from the Nordics for projects like eIDAS and GAIN; and how smaller players can influence the Commission's decisions. [Transcript below] "Some people say that this is more important than the Internet, I agree… During 40 years of digital work, I've seen a lot of important things, but this is the biggest by far." Bo Harald has been named as one of the most influential technologists of the 20th century by Institutional Investor, and has been awarded for advancing the Information Society by the Finnish Ministry of Transport and Communications. He currently works as an independent advisor at Findy.fi, a Senior Advisor at the Finnish Council of Regulatory Impact Analysis, a Founder and Steering Committee member at MyData.org, and with the publicly funded Real Time Economy programme. He also has an active role in the Finnish eIDAS 2.0 workgroups. Connect with Bo on LinkedIn. Find Bo's open letter to the EU Commission posted in Finextra -https://www.finextra.com/blogposting/22017/open-letter-to-the-eu-commission We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: You might have heard of eIDAS before, especially if you are in the payment industry. But now in the recent years, the European Commission is working on a new version, eIDAS 2.0. We're going to talk about that and especially from the perspective of Finland. We have a special guest who has been working in Finland. And our special guest today is Bo Harald. He started his career in banking in the 1970s by promoting and building electronic banking, payments, and e-business services. He developed Nordea's Electronic Banking and payments operation for 30 years, after which he started working with TietoEvry as the Head of Executive Advisors. He has also served as the Chairman of the EU Expert Group on Electronic Invoicing, the Chairman of Mobey, Mobile Financial Services Forum, and has held and holds directorships in various companies and associations. He has been named as one of the most influential technologists of the 20th century by Institutional Investor, and has been awarded for advancing the Information Society by the Finnish Ministry of Transport and Communications. Bo currently works as an independent advisor at Findy.fi, a Senior Advisor at the Finnish Council of Regulatory Impact Analysis, a Founder and Steering Committee member at MyData.org, and with the publicly funded, Real Time Economy programme. Hello, Bo. Bo Harald: Hello, and thank you for having me. Oscar: It's a pleasure, Bo. Thanks for joining us. And definitely, I want to hear all these very interesting things about eIDAS 2.0. So let's start, let's get started. Let's talk about digital identity. We'd like to hear from your very extensive and varied background in banking and technology. Please tell us a bit more about your career journey - how everything until today working in the Finnish eIDAS 2.0 workgroups. Bo: Yeah, it's a long ladder, and I want to call it a ladder. It started back in the late '70s, when we developed the first versions of home banking, the PC banking in the very early 1980s for private customers at Union Bank of Finland, and nowadays Nordea. And also for SMEs long before internet. And the first step was obviously with payments, invoice payments, typically, bill payments. And then we moved on to put all banking services actually into e-banking before internet already. And so that was the first phase.
Let's talk about digital identity with Schehrezade Davidson, CEO of Tricerion, Sarah Walton, Code of Conduct Programme Manager at Women in Identity, and Amit Sharma, Founder and CEO at FinClusive. Episode 67 explores inclusive identity. Making identity solutions inclusive for everyone wanting (or needing) to use them is a topic that's coming more and more to the forefront of the identity industry. From logging into apps, to accessing essential services; to how barriers to organisation identity is impacting individuals - in this episode, we speak to three guests from the identity industry on what they're doing to help solve these issues. [Transcript below] Schehrezade Davidson Schehrezade Davidson is the CEO of Tricerion Limited, a company that owns novel patented mutual authentication software using image passwords. Find Schehrezade on LinkedIn. Find out more about Tricerion at tricerion.com. Schehrezade has appeared on the podcast twice before, talking about: neurographic passwords (episode 26) and immunity passports (episode 41). "If the onus is on the individual to authenticate themselves, those in the industry need to make it truly inclusive with alternative ways, depending on a customer's needs." Sarah Walton Dr Sarah Walton is a digital consultant, author, coach and public speaker. She founded Counterpoint in 2003 to support organisations become digital, innovate and grow. Most recently she led the UK Open Finance programme and is Women in Identity's ID Code of Conduct Programme Manager, as well as being commissioned by the Open Identity Exchange to author ID Inclusion reports. Find Sarah on Twitter @sarahlwalton and on LinkedIn. Find out more about Women in Identity at www.womeninidentity.org. "This is very much something that is very commercially important but it's also extremely important to people's lives and livelihoods on an individual basis." Amit Sharma Amit Sharma has engaged in a myriad of roles that intersect financial markets, risk management, regulatory compliance, and international development. He is the Founder and CEO of FinClusive, a hybrid FinTech and RegTech company dedicated to financial inclusion. Connect with Amit on Twitter @ASharma_VT and on LinkedIn. Find out more about FinClusive at finclusive.com. Amit has featured on the podcast before, discussing the role of identity in financial inclusion (episode 51). "From a macroeconomic perspective, it's important to note that identity challenges are often seen as just at the individual level, but these at the institutional or entity level are equally important." We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Welcome to the Let's Talk About Digital Identity podcast. I'm Francesca Hobson and I'll be guest hosting this episode of the podcast all around inclusive identity. Francesca: When I say I work in Identity, my friends and family usually don't know what I'm talking about. To explain, I'll often give the example of signing up to an app and logging in – which really doesn't begin to cover the myriad of use cases that identity enables (some of which we've explored on this podcast), but it's such a common experience that it's often the easiest for them to relate to. They're touching our industry several times a day, many of them without really thinking of Identity as the key to so many processes. Of course, that's not the case for everyone. Some people, often the more vulnerable in society, are only too aware of how important identity is to accessing and using services. Security is clearly high priority for service providers when it comes to identity, as is regulatory compliance. But when these aspects aren't correctly balanced with user experience - or when users with varying abilities, technical proficiency, or access to resources are not fully catered for – there is a very real risk that the intended users will be excluded from, or have trouble,
Let's talk about digital identity with Keiron Dalton, VP and UK Country Manager at Prove. In episode 66, Keiron talks to Oscar about mobile/phone-centric identity, and what it offers to users and organisations that other types of identity/security measures can't. They also explore the key challenges when it comes to mobile identity and how to mitigate against those, particularly when it comes vulnerable people. [Transcript below] "Mobile is obviously the most relevant future-proofed method of verification." Keiron Dalton is currently UK Country Manager and VP for International market development at Prove. Prior to Prove, Keiron has had roles within the GSMA's mobile connect programme, BT's mobile identity division and successfully helped to establish the UK mobile identity eco system as it stands today. Connect with Keiron on LinkedIn. Find out more about Prove at prove.com. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Welcome to a new episode of Let's Talk About Digital Identity. And as you know pretty well, from experience and hearing from others, mobile phones are super important for identity, already they are having a leading role into that. So that's what we're going to discuss today. And our guest today is Keiron Dalton. He's currently UK Country Manager, and VP for International Market Development at Prove. Prior to Prove, Keiron has had roles within the GSMA's Mobile Connect programme, BT's mobile identity division, and has successfully helped to establish the UK mobile identity ecosystem as it stands today. Hello, Keiron. Welcome. Keiron Dalton: Hi, thanks for having me. Oscar: It's a pleasure talking with you, Keiron. Definitely, it's going to be a super interesting conversation. And of course, we first would like to hear more about you, our guest today, and how you came to this world of digital identity. Keiron: Yeah, sure. So, it's probably been about a 10-year journey now. So prior to that I was kind of in a product management role working in a number of different areas. But then I joined a start-up that was based in the north of the UK. And what we did was we recognised the opportunity around mobile, when it comes to identity, authentication, and fundamentally verifying who the user is. And what we did was we accessed, at that time, data from mobile networks to establish account takeovers, things like that. So that was, like I say, probably about 10 years ago. So over the last 10 years, it's been really a focus of mine to get that concept to be kind of recognised more legitimately. So working with a number of the, in particular, banks, working with telcos and that's globally. And that led me to joining, for example, the GSMA, working with their Mobile Connect programme, helping BT with their mobile identity proposition. And then now I'm in Prove, where really, it's taking that kind of 10 years of insight and 10 years of kind of understanding of value, and helping Prove bring that to market, both in the UK and anywhere really outside of the US. So it's been an interesting ride. But yeah, I think it's probably, in terms of momentum, it's probably as fast paced as it's ever been. So yeah, it's quite an exciting time. Oscar: Excellent. So if you can tell us very shortly what Prove does, if it's more into the mobile authentication or to identity verification, what would you say? Keiron: And so we have a very kind of short sentence to explain what we do, which is it's phone-centric identity. So what we do is, if you think of it as being - and obviously, it can get more complicated than this - but it's basic as leveraging the phone number as a mechanism to understand if you can trust the device, the number, the person, et cetera at the other end.
Let's talk about digital identity with Ubisecure IAM Academy hosts and Vinay Sawarkar. In this shorter bonus episode, Oscar discusses IAM Academy – Ubisecure's free training on Identity and Access Management (IAM) and our Identity Platform for our partners and customers. Listen to the episode to find out why we launched the courses, how they've evolved over the years, a clip from the training, and why it's so important to keep up to date on IAM. [Transcript below] "Understanding IAM well is crucial for professionals across companies, not only for the IT folks as it used to be in the beginning of the century." We'll be back to the usual schedule next week! In the meantime, catch up on episodes with guests featured in this episode: Creating an open-source IAM wiki with Open-Measure Founder, David Doret – Podcast Episode 45 Digital transformation and identity compliance in India with Vinay Sawarkar, Claidroid – Podcast Episode 47 Identity management in Mergers & Acquisitions with Keith Uber, Ubisecure – Podcast Episode 53 We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: It was the early 1960s when Identity was introduced to the digital world, way before computers became an essential part of our everyday life. Computer scientist, Fernando Corbató, introduced passwords into the computing world as a method to secure access to files. Yes, identity is much older than what we normally think. David Doret: I think my oldest bibliographic reference in IAM dates back to 1967. That sounds absolutely amazing, no? Oscar: Indeed! That was David Doret who created Open Measure, a wiki that has built and maintains a dictionary of accurate definitions of Identity and Access Management terms. Another word that is in everyone's vocabulary today, the Internet, only appeared in the late 80s. The 90s saw how Internet became commercial and global. The original Internet's Identity and Access Management infrastructure was based on RADIUS, a protocol that did authentication, authorisation, and accounting. As more and more companies built web applications that allowed access to outside users, companies opted for developing their own identity solutions to handle their own needs. Such in-house solutions were easy at first, (such as a web form plus a SQL database) but later they became complex, and expensive and difficult to maintain. Later, in the 2000s, a massive number of people got online, reaching the billion mark. However, the world was not yet familiar with the term Identity and Access Management. What did IAM really mean? What were the business benefits? During those years, Finland was one of the pioneering countries building the IAM that the Internet needed. That's how Ubisecure was founded in 2002. After years solving problems and developing a mature IAM platform, one thing was noticed: the lack of knowledge and understanding of the key concepts around the Identity and Access Management world. Let's hear Keith Uber, who experienced those days working for Ubisecure. Keith Uber: When I joined the company in 2009 a training system was in place for our partners and for our customers, and we would use that for providing custom training together with the implementation projects on a one-one basis. Around that time, we started to think about productising that training and making it more generic. What we found in the sales process was many of the buyers, or even partners at that stage, were unfamiliar with many of the new concepts in this rapidly changing Identity and Access Management world. A lot of the terms were unfamiliar, a lot of the ideas and concepts were new. Around that time, the then CEO, Juha Remmes, had the idea to productise the training and create a separate brand around the training called ...
Let's talk about digital identity with Jessica Figueras, Founder at Hither Strategy. In episode 64, Oscar and Jessica explore the ethical issues surrounding digital identity, and what's happening to ensure ethical use of identity in the UK and globally. Plus, how organisations can continue to protect themselves while staying on the right side of this ethical minefield. [Transcript below] "These issues are just too important to leave to business as usual. These issues are everyone's responsibility to fix." Jessica is a strategist specialising in trust and security, governance, and the role of tech in civil society. She works with start-ups and scale-ups on commercial strategy, and advises UK Government on technology and policy issues relating to cyber crime and online harms. Previously Jessica led multi-million pound research and data programmes for companies including Dods, GlobalData and Ovum, and has advised senior executives in large established tech companies as well as many VC-backed scaleups. She is currently Vice Chair of the UK Cyber Security Council, and was previously Chair of the Board at NCT, the UK's largest charity for parents. She is a sought-after speaker and commentator, and has published extensive research on the application of emerging technologies across government, telecoms and other regulated industries. Find Jessica online at jessicafigueras.com, on Twitter @JessicaFigueras and on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: The emerging ethics of digital identity is what we're going to discuss today. And our guest today is Jessica Figueras, founder at Hither Strategy. Jessica is a strategist specialising in trust and security governance, and the role of tech in civil society. She works with start-ups and scale-ups on commercial strategy, and advises the UK Government on technology and policy issues relating to cybercrime in online harms. Previously, Jessica led multimillion pound research and data programmes for companies including Dods, GlobalData and Ovum, and has advised senior executives in large established tech companies, as well as many venture capital-backed scale-ups. She is currently Vice Chair of the UK Cyber Security Council, and was previously Chair of the Board at NCT, the UK is largest charity for parents. She is a sought-after speaker and commentator and has published extensive research on the application of emerging technologies across government, telecoms, and other regulated industries. Hello, Jessica. Jessica Figueras: Hi, thank you so much for inviting me. Oscar: It's great having you, Jessica. It's super interesting, the conversation that we're going to have now. So let's talk about digital identity. And first of all, I would like to hear a bit more about yourself, if you can tell us about yourself and your journey to the world of identity. Jessica: Sure. So in fact, I mean many people I found to work in the field of digital identity, it's interesting, actually how many have a background in the telecoms industry, which is my background as well, originally. So around 20 years ago, I worked at a company called Ovum, which was at that time, the leading European tech analyst firm. And I was really focusing on how you had, for the first time, the telecoms industry converging with the mainstream IT industry. And as mobile telecoms operators started to get to grips with the consumer web, it was really clear that one interesting asset they had, mobile telcos had, was identity. And so you know, I became very interested in ways in which telcos might be able to use their knowledge of the identity of the user in different ways. And in those kinds of use case. So after that, I moved away from telecoms and for the past eight years,
Let's talk about digital identity with Richard Slater, Head of Managed Services at Amido. In episode 63, Richard fills us in on the latest developments in the UK Government's Identity strategy; how the public sector should be approaching IAM in 2022; how organisations can ensure IAM implementations are successful/top mistakes to avoid; and creating a successful identity user experience (UX). [Transcript below] "There is absolutely no reason in 2022 to be looking at on-prem environments for hosting IAM." Richard Slater started writing code on a second hand ZX Spectrum before he was 10. Today, Richard works as Head of Managed Services at Amido, a London-based start-up working on identity and microservices projects for some of the largest companies in the UK. He lives and breathes DevOps which means he is a vocal proponent of best practices for their software development teams, focusing on continuous-deployment, systems thinking, reducing feedback cycles, configuration-management, infrastructure-as-a-code and cybersecurity. Find Richard on Twitter @richardslater and LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and today, in this episode, we're going to talk about identity and also identity and access management, what is happening in the UK government and also in the public sector of this part of the world. So, for that, we have a very special guest. Richard Slater started writing code on a second hand ZX Spectrum before he was 10. Today, Richard works as Head of Managed Services at Amido, a London-based start-up working on identity and microservices projects for some of the largest companies in the UK. He lives and breathes DevOps, which means he is a vocal proponent of best practices for software development teams focusing on continuous-deployment, systems thinking, reducing feedback cycles, configuration-management, infrastructure-as-a-code and of course, cyber security. Hello, Richard. Richard Slater: Hello, Oscar. Thank you for inviting me on. Oscar: It's a pleasure having you Richard and well, let's start talking about, let's talk about digital identity. So first of all, I would like to hear a bit more about yourself, if you can tell us about yourself, and especially your journey to this world of identity. Richard: Sure, yeah. So, over the course of the last, I don't know, 20 odd years in the IT industry, I've kind of written my fair share of login pages. At one point in time, I was a dotnet developer, before that, I was a systems administrator. So that kind of gave me interaction with enterprise IdAM solutions, like Active Directory. But then also, as a developer, you know, consumer IdAM, from the point of view of login pages are required for the vast majority of applications that I've ever written in my time. And then about 10 years ago, I joined Amido, and had the opportunity to deliver over that time, about half a dozen identity platforms for kind of big and small companies, both public and private sector. And then I started to move my career over time much more towards the cybersecurity side, and really enjoy the kind of IdAM side of it. And that kind of led me into cybersecurity. However, I then really realised that cybersecurity was the thing that kind of got left behind in DevOps. And actually, that's the area where the innovation needs to happen to really kind of change the world, change the way that we approach IT, including IdAM, including cybersecurity in general, and kind of shift left on that thinking. And IdAM is a huge part of that. Oscar: Yeah, absolutely, absolutely. Yes, as I read from your bio I found on Stack Overflow, yeah, you said, you live and breathe DevOps. And of course, yes, security, cybersecurity is something that is super important t...
Let's talk about digital identity with Olly Brough, Managing Director of EMEA at Trusona. In episode 62, Olly discusses all things WebAuthN – including what it is exactly, when and why you would use it, cost savings enabled by WebAuthN, how secure it is compared to other standards, and how easy it is to use and deploy. [Transcript below] "WebAuthN is the most exciting development that I've seen over the last four and a half years working with Trusona" Olly Brough is Managing Director of EMEA at Trusona Inc. Olly has built his career delivering best in class payments, anti-fraud and identity solutions to leading retail, financial services and public sector clients working with a variety of high growth technology companies in Europe and overseas. Prior to joining Trusona Olly led European sales and marketing functions of privately-owned technology businesses through to successful exit including QAS; an identity and data quality business, Eiger Systems; a consumer payment collection platform, Cambridge Global Payments and cross border bank payments service and 41st Parameter; the online device intelligence platform where Olly previously worked with Ori Eisen. Find Olly on LinkedIn. Find out more about Trusona at trusona.com. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Authentication without passwords is the goal that many businesses have already set, but very few have delivered. Now, WebAuthN is one of the standards that we hear the most lately. So today we'll have a critical assessment of WebAuthN. And we'll see, is it ready to deliver its promise? And for that we have a special guest who is Olly Brough. He's Managing Director of EMEA at Trusona. Olly has built his career delivering best in class payments, anti-fraud, and identity solutions to leading retail, financial services and public sector clients working with a variety of high growth technology companies in Europe and overseas. Prior to joining Trusona, Olly led European sales and marketing functions of privately-owned technology businesses to successful exit including QAS; an identity and data quality business, Eiger Systems; a consumer payment collection platform, Cambridge Global Payments; a cross border bank payments service, and 41st Parameter; the online device intelligence platform. Hello, Olly. Olly Brough: Hello, Oscar. Good morning to you. Oscar: Good morning. And welcome, let's talk about data identity. But as always, I want to hear more about our guests. So please, Olly, tell us a bit more about yourself and how was your journey to this world of identity. Olly: Thank you, Oscar. So yeah, my name is Olly. I'm based here in the UK. My focus is, as you said, has been very much around growing technology companies across Europe. I think I somewhat stumbled into the world of identity. I first joined, over 25 years ago, a data verification business that was at the time flexed on helping organisations increase the integrity of their name and address data for old style mailing campaigns, just before the internet was a big thing. But of course, that morphed into identity verification, because once you have names and addresses and date of birth, you can then start to verify identities. And that business was acquired by Experian, the big PLC. Then really through that, my experience sort of morphed into identity verification. And then I got into the whole area of online security, which is where I am now initially through 41st Parameter, but now focusing on Trusona. And then finally I dipped into payments along the way. But then payments, as you know, is also very heavily associated with the world of online authentication because payments can't happen unless they've been authenticated in the right way. So yeah,
Let's talk about digital identity with Aran Khanna, Co-Founder & CEO of Archera. In episode 61, Oscar talks to Aran about how social media companies handle identity management and data privacy, and considerations for businesses offering social media identity providers for login to their online services. [Transcript below] "Identity plays a different role in different places around the social ecosystem today that is really dependent on what the goal of that underlying social platform is and sort of what regulatory regime it operates under." Aran Khanna has been labelled many things. Thought leader. Innovator. And (at times) troublemaker. Now, in his search to give technological control back to developers and business leaders, he's added cloud management entrepreneur to that list as the Co-Founder & CEO of Archera, a company that helps organisations find cloud solutions that fit their companies. Find Aran on Twitter @arankhanna. Find out more about Archera at archera.ai. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello, and thank you for joining. Today, we'll have now a conversation with an entrepreneur in the tech industry that is not directly connected in the identity industry, but they are very innovative company and the CEO has a very interesting story to tell us. So let's welcome Aran Khanna. He has been labelled many things. A thought leader, an innovator and at times, a troublemaker. Now, in his search to give technological control back to the developers and business leaders, he has added cloud management entrepreneur to that list, as being the co-founder and CEO of Archera, a company that helps organisations find cloud solutions that fit their companies. Hello, Aran. Aran Khanna: Hi, Oscar. Thanks so much for having me. Oscar: Welcome to the show. Let's talk about digital identity. But of course, first of all, we want to hear your story, a bit of your journey, how, since the beginning of your career, you end up in this world of – you tell us about your company, and also about identity, please tell us. Aran: I can tell the short version here, I don't want to bore you guys with a 30-minute background. But in short, I was born and raised in Seattle, I've really grown up all my life around technology. Both my folks worked at Amazon and Microsoft in the early days. And my first foray into technology was actually working at, funnily enough full circle, at the cloud provider that was soon to become Azure, it was called something different back then. But essentially started in that world. Really, from there, I started to get really interested in digital privacy as myself and all of my friends at college and high school were migrating all of our communications, all of our financial activity on to platforms like Facebook, Venmo, Twitter, etc., Instagram, right? And I started to think a little bit about particularly the data leakage that was coming out of that sort of migration of really society, and started my journey as a privacy researcher in college working with the former FTC CTO Latanya Sweeney on a number of projects, including one very well-known one that actually got me fired from Facebook for revealing some pretty invasive defaults that they had in their platform around location sharing. From there, I actually went into machine learning research, there was very interesting story behind that, but really started working on fundamental deep learning research, and actually then got pulled right back into the cloud world when AWS acquired that team that was working on to become their internal deep learning team. We launched a number of products at Amazon. And I started again, to start seeing this disconnect between platform users and the platforms themselves and the rules they wer...
Let's talk about digital identity with Nick Mothershaw, Chief Identity Strategist at the Open Identity Exchange. In episode 61, Oscar speaks to Nick about the Open Identity Exchange (OIX)'s role in the Global Assured Identity Network (GAIN), plus the OIX Trust Framework 2022. Nick discusses what makes a trust framework work for its intended users, and how to make it interoperable with other frameworks. [Transcript below] "When things work for users, they get adopted." Nick is Chief Identity Strategist at the Open Identity Exchange, a community for all those involved in the ID sector to connect and collaborate. Together they develop the guidance needed for interoperable, trusted identities on a global basis. Through OIX's definition of, and education on, Trust Frameworks it creates the rules, tools, and confidence to allow every individual a trusted, universally accepted, identity. Find out more about the Open Identity Exchange at openidentityexchange.org. Nick has expert knowledge of Identity and Fraud techniques, solutions, and standards across a wide variety of different sectors and jurisdictions. He was previously Director of ID and Fraud at Experian where he was responsible for the development of Experian's fraud and identity solutions for both the public and private sectors. Nick led Experian's development, launch and operation of a full “Identity as a Service” solution which was the first live example of a Digital ID being seamlessly interoperable across public and private sector. Find Nick on Twitter @OIX_Nick and on LinkedIn. Follow OIX on Twitter @OpenIDExchange. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello, and welcome to a new episode of Let's Talk About Digital Identity in this new year, 2022. And we have, after some time, again, our friends of the Open Identity Exchange. And today, our guest is Nick Mothershaw. He is the Chief Identity Strategist at the Open Identity Exchange, a community for all those involved in the identity sector to connect and collaborate. Nick has expert knowledge of Identity and Fraud techniques, solutions and standards across a wide variety of different sectors and jurisdictions. Nick was previously Director of Identity and Fraud at Experian, where he was responsible for the development of Experian's fraud and identity solutions for both the public and private sectors. Nick led Experian's development, launch and operation of a full "Identity as a Service" solution, which was the first live example of a digital identity being seamlessly interoperable across public and private sector. Hello, Nick. Nick Mothershaw: Hello, Oscar. Hello. Oscar: Welcome. It's great having you, Nick. Nick: It's a pleasure to be here. And yeah, Happy New Year to you and all your listeners, very exciting to be at the start of 2022, which I think it's going to be an amazing and transformational year for digital identity. So this is a really timely conversation. Oscar: Yeah. And I know you have new things to tell us. So yeah, Nick, let's talk about digital identity. But I'd like to start hearing a bit more about yourself, so please tell us about your journey to the world of digital identity. Nick: Yeah, it's been a long journey now. So I was originally involved in, I guess, in identity when I worked with law enforcement, providing crime management and intelligence management systems. And after that, we started looking at biometrics. So around the year 2000, we were using biometrics to help identify criminals from group photographs and also using facial mapping to look at, where we used to use these E-FITs, these faces that were being drawn by computer that were put out on things like crime watch programmes, so we're using facial biometrics to match those two datab...
Let's talk about digital identity with Nat Sakimura, Chairman at the OpenID Foundation. In episode 59, Nat returns to the podcast to explore Financial-Grade API (FAPI), the base security protocol for UK Open Banking, Australian Consumer Data Standard, and Brazil's Open Banking. He discusses why and how FAPI was formed; what exactly FAPI is – including technical characteristics; how FAPI is used today; and future plans for the specification - as well as how it connects to GAIN. [Transcript below] "The data economy needs a secure and interoperable data network. And we are finally getting there with FAPI and eKYC standards. So, you guys need to get ready for the ride. It's the time. You need to start acting, start preparing for that." Nat Sakimura is a well-known identity and privacy standardisation architect and the representative partner of NAT Consulting. Besides being an author/editor of such widely used standards as OpenID Connect, FAPI, JWT (RFC7519), JWS (RFC7515), OAuth PKCE (RFC7636) ISO/IEC 29184, ISO/IEC 29100 Amd.1, he helps communities to organise themselves to realise the ideas around identity and privacy. As the chairman of the board of the OpenID Foundation, he streamlined the process, bolstered the IPR management, and greatly expanded the breadth of the Foundation spanning over 10 working groups whose members include large internet services, mobile operators, financial institutions, governments, etc. He is also active in the public policy space. He has been serving in various committees in the Japanese government, including the Study Group on the Platform Services of the Ministry of Internal Affairs and Communications and the Study Group on the competition in Digital Market of the Fair Trade Commission of Japan. Find Nat on Twitter @_nat_en and LinkedIn. Nat also appeared in episode 54 of Let's Talk About Digital Identity, discussing how OpenID Connect took over the world. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and welcome to the first episode of Let's Talk About Digital Identity for this New Year 2022. And we have a very special guest who has been in very short clips in an episode we had in October, very recently in October. A very special episode, a storytelling episode called How OpenID Connect took over the World, and today's guest was there. We are talking about our super special guest called Nat Sakimura, one of the creators of the OpenID Connect standard. Nat Sakimura is a well-known identity and privacy standardisation architect and a representative partner of NAT Consulting. Besides being an author and editor of such widely standards such as the OpenID Connect, FAPI, JWT, OAuth PKCE among others, he helps communities to organise themselves to realise the ideas around identity and privacy. As the chairman of the board of the OpenID Foundation, he streamlined the process, bolstered the IPR management, and greatly expanded the breadth of the Foundation spanning over 10 working groups whose members included large internet services, mobile operators, financial institutions, government, etc. He has been serving in various committees in the Japanese government, including a Study Group on the Platform Services of the Ministry of Internal Affairs and Communications and a Study Group on the competition in Digital Market of the Fair-Trade Commission of Japan. Hello, Nat. Nat Sakimura: Hi, Oscar. Thanks for inviting me. Oscar: Welcome. It's a great pleasure talking with you, Nat. And well, Happy New Year. And let's talk about digital identity. Nat: Likewise, yeah. Oscar: Fantastic. And I think we know a lot of your involvement, of course, you are leading one of the most important standardisation organisations in the digital space.
Let's talk about digital identity with Ian Yoxall, CEO at Intragen. In episode 58, Oscar talks to Ian about how far a tighter budget can get you on your Identity and Access Management (IAM) journey. Ian discusses the best approaches to steps prioritisation, avoiding scope creep when it comes to time constraints, how to preserve budget whilst maximising time-to-value, and considerations for a gated funding approach. [Transcript below] "It can't be words. It's got to be metrics." Originally from New Zealand, Ian started Intragen in 2006 after working for several companies in the US and London. As Principal Consultant of Intragen, Ian has worked on many of the largest projects in the Netherlands and throughout Western Europe. With a broad experience with small and large-scale implementations, both in the private and public sector, he brings a pragmatic approach to problems that arise around identity & access management projects. Prior to joining Intragen, Ian worked for global infrastructure and security vendors and consultancies. Connect with Ian on LinkedIn. Find out more about Intragen at www.intragen.com. Intragen is a Ubisecure partner. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello, and thank you for [joining] the last episode of this year 2021 for Let's Talk About Digital Identity. We are now talking about how to budget projects, identity and access management projects, and we have very a interesting guest for that. Originally from New Zealand, Ian Yoxall started Intragen in 2006 after working for several companies in the US and in London. As Principal Consultant and CEO of Intragen, Ian has worked on many of the largest projects in the Netherlands and throughout Western Europe. With a broad experience with small and large scale implementations, both in the private and public sector, he brings a pragmatic approach to problems that arise around identity and access management projects. Prior to joining Intragen, Ian worked for global infrastructure and security vendors and consultancies. Hello, Ian. Ian Yoxall: Good morning. Hello. And how are you Oscar? Oscar: Very good. Nice having you here, Ian. Ian: It's great to be here. Thank you for the invitation. Oscar: Our pleasure. And please tell us a bit more how your career, your life led you to this world of digital identity. Ian: Right. Well, yeah, that's a long train wreck of a story. So let's start off. Originally, I started in consulting as a DBA working for the various database vendors in infrastructure, and then moved across into business consulting, still with an infrastructural angle and infrastructural projects. And one day I arrived in London and sort of fell into banking security. And after that, I dropped into the gravity well that became identity and access management. And once you start down the career of identity and access management, you can't escape. That's it. That's the end. Yeah, you can't go anywhere else. I think one of the things that attracts people to stay in it is it's got a high failure rate. I have a personal hobby of flying, and when you fly a plane, nobody expects you to do everything perfectly, but it's about making fewer mistakes and reducing your risks. And with the rapidly evolving industry that we're in, it attracts plenty of bad actors. We've seen just recently the Log4j issues that have come up. And already that's been weaponised and deployed very, very quickly. So when you've got bad actors who are so willing to try and make a profit here and attract businesses it's an interesting field to work in. Oscar: Yeah, it is definitely. It's an exciting place to be working in these days, right? There are so many things happening, good and bad, of course,
Let's talk about digital identity with Titi Akinsanmi. In episode 57, Oscar talks to Titi about the various trust frameworks being developed across the world. Titi also explores how the frameworks could interact with each other across borders, how important the frameworks are to ensuring data privacy is upheld, and about the Good ID movement. [Transcript below] "Digital identity is very much at the core of a lot of the adoption of technology that's happening." Titi Akinsanmi is a Public Policy thought leader on the digital economy focused on shaping an enabling environment for innovation. A thought leader, coach and mentor, Titi has served as a Berkman Klein Fellow (Faculty of Law, Harvard University from 2018 – 2020); an advisory and steering committee Board member at GoodID, with the World Economic Forum's Global Future Council on the Digital Economy and on the strategy and advisory team on Digital Identity. Titi is a member of the Technical Advisory Group (TAG) on the 4th Industrial Revolution of the UNDP (Africa) and serves on the Presidential Advisory Committee on the Digital Economy (StartUpBill.NG) for Nigeria. She sits on the board of nonprofits like the Alliance for Affordable Internet, Yemi Shyllon Museum of Arts and Junior Achievement amongst others. She has spent the last two decades – globally – advising, speaking and delivering on laws and policies connecting the public, civil and private sectors. Her expertise is discerning which, where, and how regulations and policies help harness digital opportunities while mediating its emerging tensions, addressing gaps and building sustainable allies. She is the Global Policy team lead for Google Assistant and Hardware having previously led the cluster for the global tech giant as the Government affairs and Public policy lead for West & Francophone Africa. She holds a master's degree in Law specialising in Privacy and Cybersecurity (Osgoode Law) and a master's in Public Policy & Development Management (Uni. of Witwatersrand). Find out more about Titi at www.titiakinsanmi.com. Connect with Titi on Twitter @titiakinsanmi and LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and welcome to a new episode of Let's Talk About Digital Identity and the focus of today, this conversation, is going to be about trust frameworks. For that we have an amazing guest who knows a lot about this, who is Titi Akinsanmi. She is a Public Policy thought leader on the digital economy focused on shaping an enabling environment for innovation. A thought leader, coach and mentor, Titi has served as a Berkman Klein Fellow, the Faculty of Law at Harvard University from 2018 to 2020; an advisory and a steering committee Board member at GoodID, with the World Economic Forum's Global Future Council on the Digital Economy and on the strategy and advisory team on Digital Identity. Titi is a member of the Technical Advisory Group (TAG) on the 4th Industrial Revolution of the UNDP (Africa) and serves on the Presidential Advisory Committee on the Digital Economy (StartUpBill.NG) for Nigeria. She has spent the last two decades globally advising, speaking and delivering on laws and policies connecting the public, civil and private sectors. Her expertise is discerning which, where, and how regulations and policies help harness digital opportunities while mediating its emerging tensions, addressing gaps and building sustainable allies. She is the Global Policy team lead for Google Assistant and Hardware and having previously led the cluster for the global tech giant as the Government Affairs and Public Policy Lead for West & Francophone Africa. She is a Mama of three and a wifey to one. Hello Titi. Titi Akinsanmi: Hello. Oscar: Very welcome.
Let's talk about digital identity with Linus Kvarnhammar, Cyber Security Consultant at Syneptic. Following his Swedish TV series, Hackad, professional hacker Linus discusses the biggest risks that insufficient identity management can create for individuals and organisations. Oscar and Linus explore the pitfalls of authentication, authorization (including MFA), and more – and how these lead to security incidents. [Transcript below] "We have a standard way of identifying a person in real life – passport, driver's license, national identity card. But as far as I'm aware, we don't have one that is universally accepted both by the individual and companies" Linus is an independent cyber security consultant and professional hacker. He is also one of the hackers in the TV series “Hackad” on SVT. He has more than 20 years of experience working in the IT industry where the last 10 years have been spent exclusively doing penetration tests of applications and networks with a few social engineering assignments every now and then. Find Linus on Twitter @lkvarnhammar and on LinkedIn. Watch Hackad at www.svtplay.se/hackad. You can also find the English subtitles at hackad-english.blogspot.com/2021/11/hackad-tv-2021-english-subtitles.html. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining. And today, we'll hear insights from the world of hackers. Of course, ethical hacking is what we're talking about. And we have a very special guest with Linus Kvarnhammar. Linus is an independent cybersecurity consultant and professional hacker. He's also one of the hackers in the TV series Hackad on the Swedish TV SVT. He has more than 20 years of experience working in the IT industry, where the last 10 years have been spent exclusively doing penetration tests of applications and networks with a few social engineering assignments every now and then. Hello, Linus. Linus Kvarnhammar: Hello. Oscar: Very welcome. It's nice being with you, Linus. And well, good to hear more about the interesting work you are doing there. So… Linus: Oh, thank you. Oscar: Please tell us a bit more about yourself and how was your journey to this world of cybersecurity and hackers. Linus: Yeah. I- the last 10 years or so, I've been doing penetration testing as a security consultant. And yeah, my interest in computers started when I got my Commodore 64, I think it was 1987. And then I had an Amiga. And then I started working with computers directly after school and I've been doing that since. I also spent some time, some years doing development work, being a .NET programmer. So a quick bit about my background. Oscar: You also worked as a developer at some point? Linus: Yeah, yeah. I think my background as a developer, and an IT pro back in the early days, was a good way of getting into security. Because I think, for me, cybersecurity is about knowing how a computer system works and trying to break it, right. So if you know how the application is built, and if you know how operating systems and networks work, then I think you have a good chance of being good at cybersecurity, I think. Oscar: Yeah. And I can imagine if you have had, since a child you had a computer at home, not many of the ones who are listening to this had that. And yeah, I'm sure you understand. You have time to understand quite well how the computer works exactly as you said and also in your perspective as a developer. So when you were, for instance, a developer, during time you were a developer, you had also this interest in trying to find the vulnerabilities or something that doesn't work well, you had already this curiosity? Linus: No, I don't… Nah, not really, actually. I think I was mostly focused on – focusing on like writing good cod...
Let's talk about digital identity with Kristofer von Beetzen, Chief Product Officer at Freja eID. In episode 55, Oscar speaks to Kristofer about Swedish verified identity provider, Freja eID. They discuss why Freja was created; how it works; where it can be used; how it compares with BankID; how it ties in with European identity schemes; the importance of organisation identity and Freja's plans for the future. [Scroll down for transcript] "Everything becomes related to your identity as things become digital." Kristofer von Beetzen is the Chief Product Officer at Freja eID. He joined the company in 2012 and was part of the transformation from a technology-centric IT security company to the cloud-based, user-oriented identity service that is offered with Freja eID today. Kristofer previously worked in media production and advertising and studied marketing at the University of Växjö. His interest, aside from bringing Freja to the world, is writing and he has published several books and columns, among them a crime novel and a book on poker strategy. Find Kristofer on LinkedIn and Twitter @KvonBeetzen. Find out more about Freja at frejaeid.com. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello, and thanks for joining for a new episode of Let's Talk About Digital Identity. As you may have heard before that Sweden is one of the countries that has one of the best electronic identifications in the world. And we are going to hear specifically one of these systems, which is Freja eID. So our guest today is Kristofer von Beetzen. He is the Chief Product Officer at Freja eID. He joined the company in 2012 and was part of the transformation from a technology-centric IT security company to the cloud-based user-oriented identity service that is offered with Freja eID today. Kristofer was previously working with media production and advertising, and has studied marketing at the University of Vaxjo. His interest aside from bringing Freja to the world is writing, and he has published several books and columns - among them are a crime novel and a book on poker strategy. Hello, Kristofer. Kristofer von Beetzen: Hello. Thanks for inviting me. Oscar: It's a pleasure, super interested in hearing about Freja eID, which a few years ago- Ubisecure started work more and more in Sweden, and then I start hearing this name Freja eID. So you will tell us for everybody how exactly this system works, this service. But please, first, we would like to hear from you a bit your personal side. Tell us about yourself, and how was your journey to this world of digital identity. Kristofer: Yes. So, I started out in the industry, actually, as I said, I came from media production and advertising. I was working with this company, back then was called Verisec. And I was working with their communication and PR and so on. And they were working a lot with the traditional digital identity things like hardware tokens for banks, establishing trust on a pretty high level so that banks could migrate from bank offices to online banking. So this company was actually started already in 2002. And then they also started with some initial product development with an authentication server, and had some plans of going international with this product. So I actually went from being a consultant to the company to joining them in 2012, as a part of their expansion. And along the way, we kind of figured out that the proprietary solutions, that was kind of the name of the game back then, where you had an authentication server placed in your server room, and then issuing identities from your own organisations to your customers. We saw that, particularly in Sweden, and in the Nordic countries, the use of these kind of communities,
Let's talk about digital identity with Oscar Santolalla, Nat Sakimura and Petteri Stenius. In this week's special episode, Oscar explores the history of OpenID Connect and how it became so prevalent, with special guests Nat Sakimura, Chairman at the OpenID Foundation, and Petteri Stenius, Principal Scientist at Ubisecure. Listen to the episode wherever you get your podcasts, or read the transcript below. "New technology seldomly completely replaces the older technologies. They will form additional layers, and slowly start replacing it." Podcast transcript Oscar Santolalla: Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. It was February 2014, already hundreds of millions of people worldwide had a smartphone in their pockets, with dozens of apps installed, apps like: Snapchat, Spotify, Vine, Skype, and games like Angry Birds and Minecraft. Mobile apps had been booming for a few years, and users were eager to install every app that resonated with them out of a seemingly unlimited stream of new apps. Indeed, the Apple's App Store had recently reached the 1 million mobile apps milestone. Not only mobile, but also in web services, for every new app I wanted to use, I needed to create a new user account, which was OK when I could count them with my own fingers. But what if I had 20, 30, 40 apps on my phone. This was becoming a headache for people, but especially it was clear to become a security concern. Identity professionals had seen this challenge even in their own lives. And there were combined efforts from big tech, mobile operators, identity software vendors, to architect a solution. An early effort was the OpenID standard, which gained promising interaction at the start of the 2010s. With my OpenID user account, I could log into Yahoo, Google MySpace, and dozens of thousands of web services. However, the lack of a uniform user experience didn't help people and not a massive audience got hooked with the standard. So, what happened after the setback? A new solution had been cooked by identity professionals, and finally solved this long living problem. OpenID Connect not only solved that problem for the big tech and social networks, but created a modern way of user authentication, especially for mobile. Today, if you are listening to this podcast, you have definitely used OpenID Connect before, with or without knowing it. To hear a story from the brilliant minds that designed this standard, let's hear from Nat Sakimura, one of the creators of the OpenID Connect 1.0 Standard, and today, Chairman of the OpenID Foundation. How was the world just before OpenID connect appeared? --- Nat Sakimura Nat Sakimura: So you know, the creation of OpenID Connect actually started in 2009. And contemplation on that was actually done from 2007. Even before OpenID 2.0 was published, right? There were things like XRI, XDI, SAML. And SAML was becoming pretty strong in the market, but at the same time, because of the XMLD Signature problems, people are starting to complain about that. And the OpenID Connect just started off with three people: Me, John Bradley, and Breno De Medeiros at the corner of the Internet Identity Workshop. And we were just sketching out a protocol, which is really dead simple to implement in the simple cases but at the same time, something that could be extended to a very high security, integrity protected federation protocol. And the years between 2010 and 2013 was spent on drafting it and implementing it. Actually, a lot of people started implementing OpenID Connect back in 2011 or something like that. And we had multiple rounds of interop tests as well as you know, they were actually deployed in the wild and was tested. So OpenID Connect was actually quite well-implemented by service providers like Google before it was published in 2014. Oscar: Yes, so that was my understanding that before the standard was published,
Let's talk about digital identity with Keith Uber, VP Customer Success at Ubisecure. In episode 53, Oscar and Keith explore the role of Identity and Access Management (IAM) in Mergers and Acquisitions (M&A). With the importance of customer experience at the centre, Keith and Oscar discuss standards considerations, available options and practical steps for successful consolidation of IAM systems. [Scroll down for transcript] "The most important part of mergers and acquisitions is that the customer is the value of the company." "Take advantage of the opportunities that moving to a new identity and access management system can provide for customers." Keith is VP Customer Success at Ubisecure. As an Identity and Access Management product expert, he leads the Sales Engineering team and is involved in many stages in the planning and design of demanding customer implementation projects. Keith is active in various industry organisations and has a keen interest particularly in government mandated digital identity systems. He holds a bachelor's degree in I.T. and a master's degree in Economics, specialising in software business. Check out Keith's blog and comprehensive white paper on the topic of IAM in M&A: Blog - The critical role of Customer IAM in M&A White Paper - Mergers & Acquisitions: Enabling identity integration and opportunities with IAM Connect with Keith on LinkedIn and follow him on Twitter @keithuber. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining today. After some time we are having a guest from the house, from Ubisecure, and he is a guest who has been in Ubisecure for 12 years. So let me introduce to you, Keith Uber. He is the VP Customer Success at Ubisecure. As an identity and access management product expert, he leads the Sales Engineering team and is involved in many stages in the planning and design of demanding customer implementation projects. Keith is active in various industry organisations, and has a keen interest particularly in government mandated digital identity systems. Having been involved in dozens of IAM implementation projects, he is quick to identify organisation's needs, and provide suitable configuration, integration and roadmap guidance. Hello Keith and welcome. Keith Uber: Hello, Oscar. And thank you very much for having me. It's a pleasure to be here. Oscar: It is really great talking with you. You had really long experience in Ubisecure and in the industry so have super interesting things to tell us. We will talk about mergers and acquisitions today. But before that, we'd like to hear a bit more about yourself, so please tell us your journey to this world of digital identity. Keith: For me, digital identity became part of my career when I moved to Finland in 2000. So this was the height of the .com boom. I got a job working for Sonera, which is now Telia, one of the largest Telco operators in the Nordic countries. As part of that role, one of my jobs was to help Telia to combine the login systems for various small start-up companies, various small projects that they had acquired during the .com phase. They acted as a kind of a technology incubator for many small companies too so they had a huge portfolio of disparate services, all with different ways to sign in and authenticate. That's where my journey started. So I have a background as a software engineer. I have a Bachelor of IT and previously worked in logistics field as a software developer. But after moving to Finland, I later studied software business then continued after graduation joined Ubisecure and I've been working with identity and access management, particularly customer identity and access management ever since then.
Let's talk about digital identity with Elizabeth Garber, Editor of GAIN. In episode 52, Elizabeth explores the recently announced Global Assured Identity Network (GAIN) initiative. She fills us in on what the GAIN project is, explaining how it's different from other trust networks and why GAIN is good for financial institutions. She also discusses the role of the Global Legal Entity Identifier Foundation (GLEIF) in the project, and what's next for GAIN. "This is really going to unleash creativity and expand access to individuals and communities and sellers all around the world." Elizabeth Garber is a customer and product strategist who started her career in telecommunications and honed her craft in six different industries before joining one of the world's largest retail banks. She is an expert in designing experiences and delivering transformational change based on a deep understanding of people. This interest has underpinned her graduate studies of the psychology of cross functional teams as well as how customers define value in relation to services they use. In 2015, she was named one of the top 3 marketers under 30 by the UK Marketing Society and was recognised by Energy UK and EY for her work building Trust across the UK energy industry. In 2017 she won the Financial Times/30% club ‘Women in Leadership' award. Find Elizabeth on LinkedIn. Elizabeth recently played a leading role editing the paper published by more than 150 Identity experts - GAIN: How Financial Institutions are taking a leadership role in the Digital Economy by establishing a Global Assured Identity Network. It was announced at the European Identity and Cloud Conference on 13 September by Nat Sakimura, chairman of the OpenID Foundation, and Gottfried Leibbrandt, former CEO of Swift, and then published by, among others, the Institute of International Finance. To get involved, email digitaltrust@iif.com or join the LinkedIn group. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello, and thanks for joining. Our guest today played a leading role editing a paper published by more than 150 identity experts. The paper is called GAIN: How Financial Institutions are taking a leadership role in the Digital Economy by establishing a Global Assured Identity Network. It was announced at the European Identity and Cloud Conference last 13th of September by Nat Sakimura, who is the Chairman of the OpenID Foundation, and Gottfried Leibbrandt, former CEO of Swift, and then was published by, among others, the Institute of International Finance. Our guest today is Elizabeth Garber. She is a customer and product strategist who started her career in telecommunications and honed her craft in six different industries before joining one of the world's largest retail banks. She is an expert in designing experiences and delivering transformational change based on a deep understanding of people. This interest has underpinned her graduate studies of the psychology of cross functional teams, as well as how customers define value in relation to the services they use. In 2015, she was named one of the top three marketers under 30 by the UK Marketing Society, and was recognised by Energy UK and EY for her work building trust across the UK energy industry. In 2017, she won the Financial Times 30% club Women in Leadership Award. Hello, Elizabeth. Elizabeth Garber: Hello, thanks for having me. Oscar: It's a pleasure. Welcome to our show. And let's talk about digital identity. And certainly, we always like to start hearing a little bit more about our guest, especially how was your journey into this world of digital identity. Please tell us a bit about yourself. Elizabeth: Sure. So my name is Elizabeth Garber. As you said, I'm a customer strategist,