Use cases target children to seniors
The almost $2 million Criterion pilot will attempt to demonstrate a multi-party attribute exchange network. The pilot will enable consumers to selectively share shopping and other preferences and information to both reduce fraud and enhance the user experience. The Criterion team includes ID DataWeb, AOL, LexisNexis Risk Solutions, Experian, Ping Identity, CA Technologies, PacificEast, Wave Systems, Internet2 Consortium/InCommon Federation and Fixmo.
It aims to enable convenient, secure and private online transactions for consumers, including:
- access to Web services from identity service providers,
- seller login to online auction services,
- access to financial services at Broadridge Financial Solutions,
- improved supply chain management at General Electric, and
- first-response management at various government agencies and health care service providers.
The basis for the Criterion pilot began in 2011. Members of the Open Identity Exchange created open-source software to support cloud-based Web services to test a global online system that is federated, interoperable and secure, says David Coxe, CEO of ID Dataweb and cofounder of Criterion Systems.
Criterion will use the open standards platform to simplify online identity verification by verifying identity attributes to validate businesses and consumers. The consumer is not charged to participate, online enterprises pay less than in the past and attribute providers and identity providers generate new sources of revenue.
One problem Criterion is attempting to solve is that most attribute providers charge a per user fee to verify consumer information. “Large enterprises like Google rallied around the idea to get these costs under control,” Coxe says. “We want to increase trust and thereby increase the number of transactions that occur online and make it easier for users, (but) we can’t pay for verification of every one of our hundreds of millions of users.”
The concept of the pilot is to simplify the transaction model and enable participants in the ecosystem to get to market and provide those services in a cost effective way for replying parties.
Criterion will operate pilots with numerous participants, including Broadridge Financial Solutions, PayPal and General Electric. Broadridge will be the first pilot and will also test preference management, Coxe says.
From an end user perspective the system is similar to federated identity systems in place now, such as Facebook Connect and Google. The difference is additional vetting will be done to enable issuance of high-assurance credentials, Coxe says.
Coxe cites the example of an individual who is logged into their Gmail account but goes to access their bank. The bank could offer the consumer the option to use the Gmail login for access if they are willing to undergo a bit of additional registration. The individual fills out the additional data, is verified and then receives a PIN number via text message on the mobile phone. The individual enters the PIN into the site and his identity is bound with the Gmail login.
“Next time you go to that site on that computer, it uses that credential and everything happens in the background,” Coxe says. “You don’t have to enter a password.”
Since the consumer has now been verified with that system, the same credential can be used at other sites for login and purchases, Coxe says. “Other participating sites will ask if you want to use that login and since the attributes have already been verified you can safely use that same account,” he adds.
The login and attribute data can also be transferred to different devices. “After you’ve gone through verification you can register trusted devices, cell phones, tablets and laptops on the network,” Coxe says.
Users are also able to control all the login data through an administrator’s console. The data is stored in an encrypted, Web-based vault that users can access to change privileges or turn them off.