Category Archives: identity proofing

RSA Conference Recap

I’m back from the RSA conference and how exhausting. Understandable considering there were 17,000 people at the show—all focused on the security industry.

In case you didn’t see it, we made an announcement during RSA about our partnership with Upek, a biometrics company based in the Bay area. What I find exciting about this partnership is that it shows just how complimentary our solutions are with other authentication technologies. In a whitepaper we published over a year ago we showed a diagram of where identity verification fits in the puzzle and how it is central to other verification tools.

Verification Tools

Biometrics in an online environment falls into this sphere and requires a proofing solution because what good does it do to enroll someone’s fingerprints if the fingerprints aren’t those of the person he/she is claiming to be? This is why we decided to show the power of our two technologies working together through a joint demonstration.

Another observation from RSA is that there continues to be a lot of interest and discussion about age verification and social networks. If you recall, last year there was a panel session called Pandora’s Box discussing child safety and the Internet. Admittedly this year I didn’t attend the sessions as much since we were an exhibitor, but based on the questions and discussions on the show floor, it is clear people are concerned and also aware of the Internet Safety Technical Task Force.


Leave a comment

Filed under Age Verification, authentication, child safety, identity, identity proofing, Identity verification, Internet Security, security, social networking

Baby Steps Toward Identity 2.0

What a month. I’ve been back from DIDW for (almost) three weeks and I still haven’t had a chance to blog about the show (or anything else for that matter).

Overall I thought the show was good. I was very pleased to see that there are a lot of smart people at smart companies focused on the issues of identity and working together to take steps toward a solution. Granted Id 2.0 has some hurdles still to overcome (like finding the right economic model for everyone!) but it is good to see that progress is being made because the identity issues we are facing are not going to just go away.

It was nice to finally put a face with some of the names in the identity space too. I’ve added a new name to my suggested links –Doc Searls – who was one of the keynote speakers the first day and very good (both in content and in style).

Since I’ve been back, I’ve been buried with work so I’m keeping this blog post short. I hope to post again soon.

Leave a comment

Filed under Digital ID World, Digital identity, identity, Identity 2.0, identity management, identity proofing

San Fran or bust…

Digital ID World (DIDW) is next week in San Francisco and I’m really anxious to attend since I was unable to get there last year (gasp!). Different from the RSA show which is focused on security (with identity being a subset), this conference is completely centered on everything identity – from Identity Management (IdM) to Authentication to identity verification (IdV) to ID 2.0. With so much happening in identity these days, I’m looking forward to catching up with some of the best minds in the business to see and hear about all the progress.

First things first – if you want to see our identity proofing technology at work, visit the Symantec booth # 207. Like at RSA, we are again helping to power their Identity Service demonstration by incorporating our knowledge-based authentication process within their demo to show how Identity Providers are establishing trusted identities online. However, different from what was shown at RSA, this demo is more focused on the practical application of the developing identity 2.0 framework and what happens after a trusted identity has been established. Meaning, what is possible for consumers to do with their identity and how to share specific components with a Relying Party (business). Specifically the demo will focus on how to use Cardspace and Open ID technology through Symantec’s Identity Service to interact and conduct business with one of our wine merchant clients. In other words, how identity silos can be broken down.

Along the same ID 2.0 practical lines, I’m really looking forward to seeing and talking with Ping Identity who is partnering up with ACI Worldwide, the world leader in retail payments, to show how:

“Information Cards has applications beyond pure authentication. For example, Information Cards could be excellent for supplying payment data to an e-commerce merchant during a purchase.”

I’d say both these practical use demonstrations are starting to show how much closer we are to enabling Identity 2.0.


Leave a comment

Filed under Digital ID World, Digital identity, Identity 2.0, identity management, identity proofing, Identity verification, knowledge based authentication, Ping Identity, symantec

Misconceptions about Identity Proofing

It’s here! Our whitepaper pointing out the top 10 common misconceptions businesses have about identity proofing. Here’s a sneak peak.

If you are sitting on the fence wondering about the effectiveness of id verification technologies, then this really is a must read. I’m sure your concerns will be covered since these are the most common things we are hearing today. If not, well then, let me know what’s missing and I’ll get our marketing department cracking on a sequel.

Download the paper here (registration required) and see everything not covered in the sneak peak.

Leave a comment

Filed under identity proofing, Identity verification, knowledge based authentication, knowledge verification

Kudos to Second Life

I commend Second Life on their decision to offer a voluntary verification policy for their members. They are the first big social network to take a step toward adopting this technology.

The way I understand it, if you are a member that has chosen not to be verified you won’t be allowed access into any land that is flagged as restricted but you can stay in the PG-13 type of areas.

I’ve visited Second Life’s blog post where this announcement was made and read a bunch of the comments. One in particular makes me want to stress an important difference we think businesses must consider when selecting an identity provider and that is if the vendor is an independent 3rd party:

You say that “Linden Lab does not share Resident data for marketing or other purposes”, can someone from LindenLab state for the record that Integrity will do the same??

Many data providers offer identity verification solutions which makes sense given they collect, store and sell data as their primary business and data is a crucial part of verification. But being a seller of data and also capturing data for verification, could definitely create a conflict of interest in the minds of consumers about how their data will be used. And it also has the potential to limit match rates because the data being used is limited to the sources of that particular vendor.

Back in February we released a whitepaper about identity verification which included some questions to consider when selecting an id verification vendor. Two come to mind right now and are worth pointing out here:

Does the vendor promote the responsible use of data?
The right solution will have strict protocols for using and sharing data and will access data on a real-time basis, not collect and store it for any other purpose. Additionally, the system should provide different permission levels to limit how much and what type of data is shared within your business.


What data sources are used?
Find a vendor that works with multiple providers and does not restrict its data to any single data provider. The system should be designed with the ability to access multiple independent data sources including foreign data.



Filed under Age Verification, identity proofing, Identity verification, Second Life, social networking

Spotting a Fake ID with Identity Proofing

A reporter at the Arizona Republic recently wrote a great article about the booming fake document market in Arizona, illegal immigrants, identity theft and how business is about to get even bigger. 

The State’s new employer-sanctions law requires verification of worker eligibility through a federal system called the Basic Pilot Program.  The system works to weed out made-up social security numbers but it won’t detect when someone is using a stolen identity. 

This program makes it kind of hard to comply with the new law I blogged about last week and how employers risk prosecution if they don’t fire workers whose names and social security numbers don’t match.  The agency that manages the program is rolling out a new feature soon which will match photos on green cards with photos stored in a government database. 

It sounds cumbersome especially when there is a much easier way for employers (and the government!) to spot a fake id that won’t break the bank or slow down the process.

Leave a comment

Filed under e-verify, employment fraud, id theft and illigal immigrants, identity, identity proofing, identity theft, social security numbers

Identity Verification Countdown

According to this article employers have 120 days to determine (and resolve) discrepancies over Social Security Numbers of employees and matching government records or else face a possible criminal investigation and a 25% increase in fines. The effort is to help crack down on employing illegal immigrants.

DHS issued a regulation that will take effect in 30 days and will give employers 90 days to resolve any discrepancy between the Social Security number provided by an employee and government records. Chertoff said the SSA will be sending out about 15,000 “no match” letters a week over a two-month period.

Now seems a really good time to point out that our identity verification is so easy to implement and start using that a business could be up and running with it before the end of the day. Leaving you the remaining 119 days to hire and train new employees if needed.

Leave a comment

Filed under id theft and illigal immigrants, identity proofing, Identity verification, social security numbers, stolen identity