m Commerce using mobile identities TDL Student Pilot - Case Study of Innovation in Verizon Identity Management Bharadwaj Pulugundla, MBA Solution Architect – Consumer Mobile Identity Management Identity & Privacy Services, Verizon Enterprise Solutions May 27, 2013 PTEXXXXX XX/12 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. Verizon Identity Management • • Verizon is a worldwide leading Managed Security, Cloud and Identity Service provider and has been very active in seeking opportunities to collaborate with both Government and Private Sector organizations both in the US and in Europe to develop Identity Ecosystem and Frameworks. Verizon provides Identity Services in more than 50 countries and to more than 25 Governments Below are some examples of organization we participate in or have been a formal member. • EEMA • Trust in Digital Life (TDL) • Scoping the Single European Digital Identity Community (SSEDIC) • Open Identity Exchange (OIX) • NSTIC • OpenID Foundation (OIDF) • The World Economic Forum (WEF) – Tiger Team on Rethinking Personal Data Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 3 Background of the Project • Verizon is leading a pilot as part of the European Commission’s TDL (Trust in Digital Life) initiative together with International Student Identity Card (ISIC). • ISIC is a not for profit organization; Members of this association, (students, teachers and Youth) are issued with a ID card, with which they can obtain discounts from merchants. • ISIC has issued more than 100 million ID cards since 1953. • ISIC are planning to extend their current successful model to be available online. The Project Objectives This Student Pilot for e-Authentication aims to test the feasibility of a cross-country Identity Assurance ecosystem from the commercial, technical, legal and end user experience perspectives via an online and mobile Student Proposition. The pilot will aim to demonstrate three key attributes: 1. A functioning and effective technical solution 2. Attractive propositions to the Consumer, Relying Party, Identity and Attribute Providers 3. A commercially viable business case. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 4 Project Approach The pilot will work within the EU Commission sponsored Trust in Digital Life vision, objectives, and guiding principles. • It will take a fully commercial approach from the outset; • Target group: College and university students intially16+ * • Geographic reach: Initially UK and Netherlands, then up to four more markets by end 2013, likely to Sweden, Italy, Germany and Spain. • Employing a collaborative approach across all ecosystem participants such as Relying Parties, Identity and Attribute Providers; • Referenced to the TDL framework and contextualised for this pilot; • And building on existing work including NSTIC, TDL sprints and STORK, with EU alignment for consistency. The project will provide benefits for the students and relying parties to join the pilot and continue to use the service beyond the end point. Students • Discounts and promotions e.g. relevant call/text/data, software offers • Money in their pockets e.g. joining clinical trial, research • Saving time, and increasing self-awareness of their internet activity Relying Parties • Increased customer entanglement and a more targeted relationship • Reduced cost to add services • Reduced fraud through false identities • Know that students are genuine *Scope will be extended to under 16 age group in a further stage, allowing questions around access for parents/minors, parental control , mandate and delegation etc. to be addressed. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 5 Student User Proposition • Service exit must erase digital footprint • May stop using after given period of time, or in relation to specific services at eg graduation • Students, 16+ in tertiary or further education • Becoming self-reliant in lifestyle and financial affairs • UK, NL, S, I + DE, E? What • Online support free • Paid for telephone support via chargeable number • Could be paid for by relying party and free at point of consumption • Any upfront payment easily recovered through financial and lifestyle benefits • Value stored in wallet showing pay-back in terms of discounts • Effortless user experience , easy and always convenient • Must place the service at the heart of the student lifestyle • Must reinforce control, privacy, security and therefore engender trust • Must have range of interface options • Virtual Identity enabling access to the services and products they need at this point in their lives • Enables and enriches their lifestyle, with strong benefits • Saving money through partner discounts, faster, more secure access to online services, academic resources, campus networks etc Stop Find Get Get help Pay for Set up Use • Trigger points (Freshers week, University Admin, Travel, PC/Software purchase) • Local student unions (Issuers) promote locally • Relying Partners promote • Viral between students • Channel strategy via student touch points -local student unions, benefits providers, university admin, hotspot providers, cloud service providers • Leverage existing networks and providers wherever possible eg level –up from social networks • Painless online process, or from mobile • academic establishment act as AtPs to support verification • High LoA achieved by using real-world channels, eg uni registration, receipt of first household bills Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 6 Relying Party Proposition The student “ecosystem” i.e. • Commercial product or service providers • Academic institutions • Public Sector • UK, NL, S, I + DE, E? • At cessation of service there must be no residual footprint or data retained • The Relying Party must be able to cease the service or switch providers easily • Support requirements may vary e.g. a small retailer may only require basic support in office hours, whereas a large enterprise may require (and pay for) 24/7/365 support What Stop Find Get help Get Pay for Set up Use • Options exist for the commercial model and provide flexibility • Payment per transaction • Annual fee for providing the service • Existing customers given short ‘upgrade’ path from existing ID (so pre-populating) • Must integrate with existing infrastructure and processes • Must fit with the relying party’s channels whether online, call centre or face-to-face • Relatively easy and painless to set up e.g. it must be within the expertise of a small business (such as pizza delivery) while straightforward to integrate with the systems of a larger enterprise (such as a bank) • A service to provide trusted digital identity, authentication and authorisation in order to be sure that the correct people can access student services and products • Commercial needs are tactical (sales promotion) or strategic (long term relationship) • Academic institutions need to ensure the security and integrity of internal resources • Public sector need to prove eligibility for provision of healthcare, welfare etc. • Reduce cost to acquire and securely transact with their consumers in student market • Marketing and awareness created by local student unions and cross-border organisations e.g. ISIC • Targeted marketing to companies and organisations (clearing houses, student loans) serving the student market, academic networks etc. • PR, case studies published with clear benefits for the target market • Identity service can be obtained via both direct and indirect channels e.g. a rebranded (white label) service partner such as ISIC or enterprises reselling a white label solution Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 7 Relying Parties: Developing Strategy • Relying Parties at launch to be large, international benefits providers through ISIC – Targeting minimum 5 major Relying Parties – Seeking to leverage existing ISIC relationships e.g.. with Microsoft, Logitech, MasterCard • High profile strategic partners, motivated by long term value in relationship with students – Leveraging existing networks of Relying Parties, Attribute Providers – Initial discussions with GSMA and high-profile MNOs • Exploit opportunities within TDL – Microsoft potential for including online Office for students, xBox Live and Skype being investigated – Inclusion of TDL Academic Institutions where appropriate – Verizon relationship with UK OIX (Cabinet Office) initiative for UK based partners • Developing commercial model for Relying Parties – Proposal to be free initially, becoming chargeable • Full EMEA Identity Services Strategy under development Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 8 Partner roles in the Trust Framework Glossary Identity Provider IdP Attribute Provider AtP Claims Provider idP or AtP User Identity Agent Provider UIdAP Relying Party RP Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 9 Functional Requirements User 1. Request for UIS credentials through website 2. Manage shopping preferences (app/website) 3. Manage privacy settings (app/website) 4. Manage UIS account (website) 5. View the deals based on the preferences (app/Website) 6. Select the interesting deals(app/Website) 7. Checkout (app/Website) 8. Make payment (app/Website) Merchant 1. Manage campaign information (e-commerce platform) 2. Contextual adverts based on location info from the user, preference settings (e-commerce platform) ISIC 1. Provisioning credentials 2. Authentication of user 3. Reports on UIS authentication/Usage 4. Other analytics 3. Capture transaction information (e-commerce platform) 4. Reports on transaction(ecommerce platform) Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 10 Solution Overview • ISIC Profile Database Merchant • m-commerce platform Payment Gateway UIS (Credential issuance and Authentication) Users • Verizon is providing the solution, with the UIS cloud based identity management system, and m-commerce platform from Alcatel Lucent. Students use their e-ID to obtain discounts and promotions, as well as easy login, security, privacy and more control of their data. This saves money and time, while increasing self-awareness of their internet activity Benefits Providers (Relying Parties) get increased customer entanglement and a more targeted relationship , a reduced cost to add services, and reduced fraud through false identities, knowing that students are genuine Mobile App Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 11 m Commerce using mobile identities TDL Student Pilot - Case Study of Innovation in Verizon Identity Management Bharadwaj Pulugundla, MBA Solution Architect – Consumer Mobile Identity Management Identity & Privacy Services, Verizon Enterprise Solutions May 27, 2013 PTEXXXXX XX/12 Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.