With the constant emergence of new technologies, it can be difficult to determine which trends will truly shape our future. Fortunately, the Gartner Hype Cycle provides a helpful tool for assessing the maturity and potential impact of various emerging technologies. In our first article of this series, we have already delved into OAuth 2.0 and OpenID Connect. Next, we will discuss the potential of Document Centric Identity Proofing and Bring Your Own Identity to revolutionize CIAM. Read on to explore the latest developments in this fast-moving field.
Redefining Document Centric Identity Proofing for Seamless Application Integration
Document Centric Identity Proofing (DCIP) is a trend that is being redefined by recent developments. Previously, DCIP was implemented directly into business applications, which meant that identity data could not be easily reused by other applications. This resulted in additional costs for the enterprise and added friction for the user. As a result, organizations are integrating DCIP into their CIAM systems to provide robust identity proofing for all applications. However, the challenge lies in providing data to other applications due to multiple different approaches to validate documents and multiple different documents available.
To address this challenge, the OpenID Connect Foundation has established a dedicated working group to handle proofing scenarios. The group aims to provide detailed specifications and regulate how to share verified data with applications through its project, OpenID Connect for Identity Assurance 1.0 (OCIA). This specification thoroughly describes the required information and provides guidelines for validation rules, trust frameworks, and methods for proofing. The approach tracks timestamps, dates, and document expirations, making the validation even more secure. While the specification is not yet final, the first implementer’s draft is available, and it is expected to provide a significant improvement for enterprises that implement DCIP into their CIAM systems.
Bring Your Own Identity: The Pros and Cons of Social Login for Identity Proofing
One of the most convenient ways to log into a website or app nowadays is through social login, also known as Bring Your Own Identity (BYOI), which allows users to sign in using their Google, Apple, Facebook, or other social media accounts. While this feature is certainly convenient, there are also some challenges that must be considered when designing a BYOI journey.
Two important considerations are Identity Assurance and Authentication Assurance. While Google and other large platforms provide a great level of security in terms of authentication, they may not always provide self-asserted data, such as a user’s name or email address. Additionally, matching accounts when a user has already registered for a service using a password, but then decides to login with a social media account, can also be complicated.
Despite these challenges, BYOI is a major trend that is here to stay. Companies like Apple and Google offer strong authentication options, and Apple even forces all users to use strong multi-factor authentication. While there are some potential pitfalls to consider, many CIAM solutions already support the capability to match accounts and provide a seamless customer experience. As with any new trend or technology, BYOI requires diligence and attention to ensure that both businesses and customers can reap the benefits.
Staying Ahead of Identity Proofing Trends
In conclusion, the trends in identity proofing are constantly evolving, and organizations should stay abreast of these trends to ensure that their identity proofing solutions are up-to-date and secure. The OpenID Connect Foundation’s OCIA project and BYOI are two trends that organizations should pay attention to, as they offer exciting new opportunities for improving identity proofing processes.
Stay tuned for the third and final part of this article series, which will focus on MFA, password-less authentication, FIDO2 and decentralized identity management.