Let's Talk About Digital Identity

Ubisecure

The podcast connecting identity and business. Each episode features an in-depth conversation with an identity management leader, focusing on industry hot topics and stories. Join Oscar Santolalla and his special guests as they discuss what’s current and what’s next for digital identity. Produced by Ubisecure.

Subscribe to Let’s Talk About Digital Identity – listen to the podcast trailer
Trailer 1 min 25 sec

All Episodes

Let's talk about digital identity with Linus Kvarnhammar, Cyber Security Consultant at Syneptic. Following his Swedish TV series, Hackad, professional hacker Linus discusses the biggest risks that insufficient identity management can create for individuals and organisations. Oscar and Linus explore the pitfalls of authentication, authorization (including MFA), and more – and how these lead to security incidents. [Transcript below] "We have a standard way of identifying a person in real life – passport, driver’s license, national identity card. But as far as I’m aware, we don’t have one that is universally accepted both by the individual and companies" Linus is an independent cyber security consultant and professional hacker. He is also one of the hackers in the TV series “Hackad” on SVT. He has more than 20 years of experience working in the IT industry where the last 10 years have been spent exclusively doing penetration tests of applications and networks with a few social engineering assignments every now and then. Find Linus on Twitter @lkvarnhammar and on LinkedIn. Watch Hackad at www.svtplay.se/hackad. You can also find the English subtitles at hackad-english.blogspot.com/2021/11/hackad-tv-2021-english-subtitles.html. We’ll be continuing this conversation on Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining. And today, we’ll hear insights from the world of hackers. Of course, ethical hacking is what we’re talking about. And we have a very special guest with Linus Kvarnhammar. Linus is an independent cybersecurity consultant and professional hacker. He’s also one of the hackers in the TV series Hackad on the Swedish TV SVT. He has more than 20 years of experience working in the IT industry, where the last 10 years have been spent exclusively doing penetration tests of applications and networks with a few social engineering assignments every now and then. Hello, Linus. Linus Kvarnhammar: Hello. Oscar: Very welcome. It’s nice being with you, Linus. And well, good to hear more about the interesting work you are doing there. So… Linus: Oh, thank you. Oscar: Please tell us a bit more about yourself and how was your journey to this world of cybersecurity and hackers. Linus: Yeah. I- the last 10 years or so, I’ve been doing penetration testing as a security consultant. And yeah, my interest in computers started when I got my Commodore 64, I think it was 1987. And then I had an Amiga. And then I started working with computers directly after school and I’ve been doing that since. I also spent some time, some years doing development work, being a .NET programmer. So a quick bit about my background. Oscar: You also worked as a developer at some point? Linus: Yeah, yeah. I think my background as a developer, and an IT pro back in the early days, was a good way of getting into security. Because I think, for me, cybersecurity is about knowing how a computer system works and trying to break it, right. So if you know how the application is built, and if you know how operating systems and networks work, then I think you have a good chance of being good at cybersecurity, I think. Oscar: Yeah. And I can imagine if you have had, since a child you had a computer at home, not many of the ones who are listening to this had that. And yeah, I’m sure you understand. You have time to understand quite well how the computer works exactly as you said and also in your perspective as a developer. So when you were, for instance, a developer, during time you were a developer, you had also this interest in trying to find the vulnerabilities or something that doesn’t work well, you had already this curiosity? Linus: No, I don’t… Nah, not really, actually. I think I was mostly focused on – focusing on like writing good cod...

Dec 1

31 min

Let's talk about digital identity with Kristofer von Beetzen, Chief Product Officer at Freja eID. In episode 55, Oscar speaks to Kristofer about Swedish verified identity provider, Freja eID. They discuss why Freja was created; how it works; where it can be used; how it compares with BankID; how it ties in with European identity schemes; the importance of organisation identity and Freja's plans for the future. [Scroll down for transcript] "Everything becomes related to your identity as things become digital." Kristofer von Beetzen is the Chief Product Officer at Freja eID. He joined the company in 2012 and was part of the transformation from a technology-centric IT security company to the cloud-based, user-oriented identity service that is offered with Freja eID today. Kristofer previously worked in media production and advertising and studied marketing at the University of Växjö. His interest, aside from bringing Freja to the world, is writing and he has published several books and columns, among them a crime novel and a book on poker strategy. Find Kristofer on LinkedIn and Twitter @KvonBeetzen. Find out more about Freja at frejaeid.com. We’ll be continuing this conversation on Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello, and thanks for joining for a new episode of Let’s Talk About Digital Identity. As you may have heard before that Sweden is one of the countries that has one of the best electronic identifications in the world. And we are going to hear specifically one of these systems, which is Freja eID. So our guest today is Kristofer von Beetzen. He is the Chief Product Officer at Freja eID. He joined the company in 2012 and was part of the transformation from a technology-centric IT security company to the cloud-based user-oriented identity service that is offered with Freja eID today. Kristofer was previously working with media production and advertising, and has studied marketing at the University of Vaxjo. His interest aside from bringing Freja to the world is writing, and he has published several books and columns - among them are a crime novel and a book on poker strategy. Hello, Kristofer. Kristofer von Beetzen: Hello. Thanks for inviting me. Oscar: It’s a pleasure, super interested in hearing about Freja eID, which a few years ago- Ubisecure started work more and more in Sweden, and then I start hearing this name Freja eID. So you will tell us for everybody how exactly this system works, this service. But please, first, we would like to hear from you a bit your personal side. Tell us about yourself, and how was your journey to this world of digital identity. Kristofer: Yes. So, I started out in the industry, actually, as I said, I came from media production and advertising. I was working with this company, back then was called Verisec. And I was working with their communication and PR and so on. And they were working a lot with the traditional digital identity things like hardware tokens for banks, establishing trust on a pretty high level so that banks could migrate from bank offices to online banking. So this company was actually started already in 2002. And then they also started with some initial product development with an authentication server, and had some plans of going international with this product. So I actually went from being a consultant to the company to joining them in 2012, as a part of their expansion. And along the way, we kind of figured out that the proprietary solutions, that was kind of the name of the game back then, where you had an authentication server placed in your server room, and then issuing identities from your own organisations to your customers. We saw that, particularly in Sweden, and in the Nordic countries, the use of these kind of communities,

Nov 17

26 min 55 sec

Let's talk about digital identity with Oscar Santolalla, Nat Sakimura and Petteri Stenius. In this week's special episode, Oscar explores the history of OpenID Connect and how it became so prevalent, with special guests Nat Sakimura, Chairman at the OpenID Foundation, and Petteri Stenius, Principal Scientist at Ubisecure. Listen to the episode wherever you get your podcasts, or read the transcript below. "New technology seldomly completely replaces the older technologies. They will form additional layers, and slowly start replacing it." Podcast transcript Oscar Santolalla: Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. It was February 2014, already hundreds of millions of people worldwide had a smartphone in their pockets, with dozens of apps installed, apps like: Snapchat, Spotify, Vine, Skype, and games like Angry Birds and Minecraft. Mobile apps had been booming for a few years, and users were eager to install every app that resonated with them out of a seemingly unlimited stream of new apps. Indeed, the Apple’s App Store had recently reached the 1 million mobile apps milestone. Not only mobile, but also in web services, for every new app I wanted to use, I needed to create a new user account, which was OK when I could count them with my own fingers. But what if I had 20, 30, 40 apps on my phone. This was becoming a headache for people, but especially it was clear to become a security concern. Identity professionals had seen this challenge even in their own lives. And there were combined efforts from big tech, mobile operators, identity software vendors, to architect a solution. An early effort was the OpenID standard, which gained promising interaction at the start of the 2010s. With my OpenID user account, I could log into Yahoo, Google MySpace, and dozens of thousands of web services. However, the lack of a uniform user experience didn’t help people and not a massive audience got hooked with the standard. So, what happened after the setback? A new solution had been cooked by identity professionals, and finally solved this long living problem. OpenID Connect not only solved that problem for the big tech and social networks, but created a modern way of user authentication, especially for mobile. Today, if you are listening to this podcast, you have definitely used OpenID Connect before, with or without knowing it. To hear a story from the brilliant minds that designed this standard, let’s hear from Nat Sakimura, one of the creators of the OpenID Connect 1.0 Standard, and today, Chairman of the OpenID Foundation. How was the world just before OpenID connect appeared? --- Nat Sakimura Nat Sakimura: So you know, the creation of OpenID Connect actually started in 2009. And contemplation on that was actually done from 2007. Even before OpenID 2.0 was published, right? There were things like XRI, XDI, SAML. And SAML was becoming pretty strong in the market, but at the same time, because of the XMLD Signature problems, people are starting to complain about that. And the OpenID Connect just started off with three people: Me, John Bradley, and Breno De Medeiros at the corner of the Internet Identity Workshop. And we were just sketching out a protocol, which is really dead simple to implement in the simple cases but at the same time, something that could be extended to a very high security, integrity protected federation protocol. And the years between 2010 and 2013 was spent on drafting it and implementing it. Actually, a lot of people started implementing OpenID Connect back in 2011 or something like that. And we had multiple rounds of interop tests as well as you know, they were actually deployed in the wild and was tested. So OpenID Connect was actually quite well-implemented by service providers like Google before it was published in 2014. Oscar: Yes, so that was my understanding that before the standard was published,

Nov 3

24 min 8 sec

Let's talk about digital identity with Keith Uber, VP Customer Success at Ubisecure. In episode 53, Oscar and Keith explore the role of Identity and Access Management (IAM) in Mergers and Acquisitions (M&A). With the importance of customer experience at the centre, Keith and Oscar discuss standards considerations, available options and practical steps for successful consolidation of IAM systems. [Scroll down for transcript] "The most important part of mergers and acquisitions is that the customer is the value of the company." "Take advantage of the opportunities that moving to a new identity and access management system can provide for customers." Keith is VP Customer Success at Ubisecure. As an Identity and Access Management product expert, he leads the Sales Engineering team and is involved in many stages in the planning and design of demanding customer implementation projects. Keith is active in various industry organisations and has a keen interest particularly in government mandated digital identity systems. He holds a bachelor's degree in I.T. and a master's degree in Economics, specialising in software business. Check out Keith's blog and comprehensive white paper on the topic of IAM in M&A: Blog - The critical role of Customer IAM in M&A White Paper - Mergers & Acquisitions: Enabling identity integration and opportunities with IAM Connect with Keith on LinkedIn and follow him on Twitter @keithuber. We’ll be continuing this conversation on Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining today. After some time we are having a guest from the house, from Ubisecure, and he is a guest who has been in Ubisecure for 12 years. So let me introduce to you, Keith Uber. He is the VP Customer Success at Ubisecure. As an identity and access management product expert, he leads the Sales Engineering team and is involved in many stages in the planning and design of demanding customer implementation projects. Keith is active in various industry organisations, and has a keen interest particularly in government mandated digital identity systems. Having been involved in dozens of IAM implementation projects, he is quick to identify organisation’s needs, and provide suitable configuration, integration and roadmap guidance. Hello Keith and welcome. Keith Uber: Hello, Oscar. And thank you very much for having me. It’s a pleasure to be here. Oscar: It is really great talking with you. You had really long experience in Ubisecure and in the industry so have super interesting things to tell us. We will talk about mergers and acquisitions today. But before that, we'd like to hear a bit more about yourself, so please tell us your journey to this world of digital identity. Keith: For me, digital identity became part of my career when I moved to Finland in 2000. So this was the height of the .com boom. I got a job working for Sonera, which is now Telia, one of the largest Telco operators in the Nordic countries. As part of that role, one of my jobs was to help Telia to combine the login systems for various small start-up companies, various small projects that they had acquired during the .com phase. They acted as a kind of a technology incubator for many small companies too so they had a huge portfolio of disparate services, all with different ways to sign in and authenticate. That’s where my journey started. So I have a background as a software engineer. I have a Bachelor of IT and previously worked in logistics field as a software developer. But after moving to Finland, I later studied software business then continued after graduation joined Ubisecure and I’ve been working with identity and access management, particularly customer identity and access management ever since then.

Oct 20

19 min 22 sec

Let's talk about digital identity with Elizabeth Garber, Editor of GAIN. In episode 52, Elizabeth explores the recently announced Global Assured Identity Network (GAIN) initiative. She fills us in on what the GAIN project is, explaining how it's different from other trust networks and why GAIN is good for financial institutions. She also discusses the role of the Global Legal Entity Identifier Foundation (GLEIF) in the project, and what's next for GAIN. "This is really going to unleash creativity and expand access to individuals and communities and sellers all around the world." Elizabeth Garber is a customer and product strategist who started her career in telecommunications and honed her craft in six different industries before joining one of the world’s largest retail banks. She is an expert in designing experiences and delivering transformational change based on a deep understanding of people. This interest has underpinned her graduate studies of the psychology of cross functional teams as well as how customers define value in relation to services they use. In 2015, she was named one of the top 3 marketers under 30 by the UK Marketing Society and was recognised by Energy UK and EY for her work building Trust across the UK energy industry. In 2017 she won the Financial Times/30% club ‘Women in Leadership’ award. Find Elizabeth on LinkedIn. Elizabeth recently played a leading role editing the paper published by more than 150 Identity experts - GAIN: How Financial Institutions are taking a leadership role in the Digital Economy by establishing a Global Assured Identity Network. It was announced at the European Identity and Cloud Conference on 13 September by Nat Sakimura, chairman of the OpenID Foundation, and Gottfried Leibbrandt, former CEO of Swift, and then published by, among others, the Institute of International Finance. To get involved, email digitaltrust@iif.com or join the LinkedIn group. We’ll be continuing this conversation on Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello, and thanks for joining. Our guest today played a leading role editing a paper published by more than 150 identity experts. The paper is called GAIN: How Financial Institutions are taking a leadership role in the Digital Economy by establishing a Global Assured Identity Network. It was announced at the European Identity and Cloud Conference last 13th of September by Nat Sakimura, who is the Chairman of the OpenID Foundation, and Gottfried Leibbrandt, former CEO of Swift, and then was published by, among others, the Institute of International Finance. Our guest today is Elizabeth Garber. She is a customer and product strategist who started her career in telecommunications and honed her craft in six different industries before joining one of the world’s largest retail banks. She is an expert in designing experiences and delivering transformational change based on a deep understanding of people. This interest has underpinned her graduate studies of the psychology of cross functional teams, as well as how customers define value in relation to the services they use. In 2015, she was named one of the top three marketers under 30 by the UK Marketing Society, and was recognised by Energy UK and EY for her work building trust across the UK energy industry. In 2017, she won the Financial Times 30% club Women in Leadership Award. Hello, Elizabeth. Elizabeth Garber: Hello, thanks for having me. Oscar: It’s a pleasure. Welcome to our show. And let’s talk about digital identity. And certainly, we always like to start hearing a little bit more about our guest, especially how was your journey into this world of digital identity. Please tell us a bit about yourself. Elizabeth: Sure. So my name is Elizabeth Garber. As you said, I’m a customer strategist,

Oct 6

24 min 50 sec

Let's talk about digital identity with Amit Sharma, Founder and CEO at FinClusive. In episode 51, Amit discusses how to address financial inclusion for individuals and organisations – and how identity can both prohibit and enable this. He explores the solutions that are available to facilitate secure Know Your Customer (KYC) and Know Your Business (KYB) processes whilst enabling economic empowerment globally – such as the Legal Entity Identifier (LEI). [Scroll down for transcript] "Legal entity digital identities are equally as important as the individual identities because they form the gateway to be able to access essential and critical financial services." Amit Sharma has engaged in a myriad of roles that intersect financial markets, risk management, regulatory compliance, and international development. He is the Founder and CEO of FinClusive, a hybrid FinTech and RegTech company dedicated to financial inclusion. FinClusive serves the growing fintech, virtual asset/crypto and other non-bank/alternative financial services sector by providing them the ability to establish insured accounts for themselves and their clients through its growing U.S. based bank partners and conduct cross border transactions over crypto/blockchain and traditional bank payment rails—with an embedded full-stack global-standard financial crimes compliance (FCC) platform. Prior to FinClusive, Amit worked in both the public and private sectors, including with Empowerment Capital, Mitsubishi UFJ, and at the US Treasury Department, first at the inception of the Office of Terrorism and Financial Intelligence (TFI), and later as COS to the Deputy Secretary and Advisor to Treasury’s senior team under Secretary Henry Paulson. Connect with Amit on Twitter @ASharma_VT and on LinkedIn. Find out more about FinClusive at finclusive.com. FinClusive is a Ubisecure/RapidLEI partner. Read more about the partnership in our press release: www.ubisecure.com/news-events/finclusive-validation-agent-gleis/ We’ll be continuing this conversation on Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello, and thanks for joining. Today, we talk about the role of identity in financial inclusion. And for that our special guest is Amit Sharma. He has engaged in a myriad of roles that intersect financial markets, risk management, regulatory compliance, and international development. He is the Founder and CEO of FinClusive, a hybrid financial technology and regulatory technology FinTech, RegTech company dedicated to financial inclusion. Prior to FinClusive, Amit worked on both the public and the private sectors, including the empowerment capital, Mitsubishi UFJ, and at the US Treasury Department first, at the inception of the Office of Terrorism and Financial Intelligence, TFI, and later as a Chief of Staff to the Deputy Secretary and advisor to Treasury’s Senior Team Under Secretary Henry Paulson. Hello, Amit. Amit Sharma: Hello, how are you today? Oscar: Very good. It’s a pleasure talking with you, Amit. Amit: It’s great to be here. Thank you for having me. Oscar: Great. So Amit, let’s talk about digital identity. And of course, the first thing we want to hear from our guests is the journey. Please tell us your journey to this world of digital identity and also FinTech. Amit: Sure. Thank you for that. You listed a little bit on the intro of my bio. I have had the good fortune of being in the development sector. I was a Peace Corps volunteer in Asia. I did development work in Asia as well as in South America. After the tragic events of September 2001, I had the opportunity to join the US Treasury Department, at the time at the inception of what became really a third of the department’s efforts to combat illicit finance, both the US and the global anti-money laundering financial c...

Sep 22

30 min 15 sec

Let's talk about digital identity with Margus Pala, Founder and CEO at eID Easy, and Johan Nyman, Project Coordinator at Åbo Akademi University. In our 50th episode, Margus and Johan discuss eSignatures. Coming from Estonia and Finland, they explore the use (and potential future use) of simple, advanced and qualified eSignatures in two of the world's most digitally advanced countries. They also delve into how we can standardise the use of eSignatures in Europe, and advice for business owners on what to ask from an eSignature provider. [Scroll down for transcript] Margus Pala Margus is from the world's most digitally advanced country, Estonia, and has seen the future many years ahead of most other countries. He started his professional career as a programming teacher before being part of multiple start-ups, including one unicorn - Playtech. He is also an officer in the Estonian army's National Guard Cyber Unit and has a master's degree in Cyber Security. For the last 5 years he has been running eID Easy, whose mission is to help everyone benefit from the future of digital identity and electronic signatures - not by breeding faster horses, but going to a whole new level. Find Margus on Twitter @MargusPala @e_id_easy and on LinkedIn. Johan Nyman Johan's interest in digital identity, and specifically electronic signatures, is manifested in two areas: 1) the citizens’ perspective; how citizens can take advantage of national PKI (public key infrastructure) available on their ID cards to produce and use qualified electronic signatures, and 2) the public sector; how organisations working within the public realm, e.g. universities, can use national PKI for issuing e-signed documents, and also how they can raise their awareness and knowledge to handle qualified e-signatures in incoming correspondence from persons using e-signatures. He works as a project manager in university administration at Åbo Akademi, in Turku/Åbo, Finland. Find Johan on Twitter @Johan_Nym or email johan.nyman@abo.fi. Margus refers to the Finnish Trust Network. Find out more about the FTN here - https://www.ubisecure.com/authentication/finnish-trust-network-ftn/ We’ll be continuing this conversation on Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining into a new episode of Let’s Talk About Digital Identity. And today, we are coming back with a fireside chat format in which we have two guests. And this time, two guests are going to talk about electronic signatures. For that, let me introduce them. We will have Johan Nyman, who is Project Coordinator, Research and Education Services at Abo Academy University in Turku. His interest in digital identity and specifically electronic signatures is manifested in two areas. First, the citizens’ perspective, how citizens can take advantage of national PKI, public key infrastructure, available on their ID cards to produce and use qualified electronic signatures. And the second is the public sector, how organisations working within the public realm such as universities can use PKI for issuing electronic signed documents and also how they can raise their awareness and knowledge to handle qualified eSignatures in incoming correspondence from persons using electronic signatures. And our second guest is Margus Pala, who is founder and CEO of eID Easy. Margus come from Estonia. He proudly says that it is the world’s most digitally advanced country, country which has seen the futures many years ahead of most other countries. He started his professional career as a programming teacher before being part of multiple start-ups, including one unicorn, Playtech. He’s also an officer in Estonian army, the National Guard Cyber Unit and has a master’s degree in Cyber Security.

Sep 8

37 min 25 sec

Let's talk about digital identity with Kay Chopard, Executive Director at Kantara Initiative. In this first episode of series 3, we put your burning questions to Kantara's newly appointed Executive Director, Kay Chopard. Kay explores why identity is so critical in so many applications; her hope for more promotion of Kantara's great work and to advance opportunities for collaboration; Kantara's new mobile drivers licenses (mDLs) work group; Women in Identity and the problem of lack of diversity in standards working groups; and why access and inclusion is one of the biggest challenges facing identity today. [Scroll down for transcript] "Digital identity is going to be one of the most critical issues going forward, for the world." Kay Chopard is the newly appointed Executive Director of the Kantara Initiative, a non-profit corporation. She is the former President and CEO of Chopard Consulting based in the Washington, DC metro area and is the founder of the Women’s Leadership Institute. Kay has more than 30 years’ experience in executive leadership in government, non-profit, and business organisations, with leadership positions in several organisations including: Identity Ecosystem Steering Group (IDESG), National District Attorneys Association (NDAA), National Criminal Justice Association (NCJA) and the National Highway Traffic Safety Administration (NHTSA). She is an attorney and has served as a prosecutor and maintained a private practice. Ms. Chopard also serves on the Board of Directors of Women in Identity US and volunteers in the leadership of the Women in Identity UK. Find Kay on Twitter @KayChopardCohen and on LinkedIn. The Kantara Initiative is a unique global ‘commons’ that operates conformity assessment, assurance and grant of Trust Marks against de-jure standards under its Trust Framework programme, while at the same time nurturing ‘beyond-the-state-of-the-art’ ideas and developing specifications to transform the state of digital identity and personal data agency domains. Find out more about Kantara at kantarainitiative.org. We’ll be continuing this conversation on Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining today. We are after our summer break in 2021. We are coming back with amazing conversations, episodes talking about digital identity from many aspects. And now we have a great pleasure to start this new third season with a person who is the leader of an organisation in the identity industry that is very close to my heart. So let’s introduce her. Mrs. Kay Chopard is the newly appointed Executive Director of the Kantara Initiative, a non-profit organisation. The Kantara Initiative is a unique global ‘commons’ that operates conformity assessment assurance and grant of Trust Marks against de-jure standards under its Trust Framework programme, while at the same time nurturing beyond the state-of-the-art ideas and developing specifications to transform the state of digital identity and personal data agency domains. Kay has more than 30 years' experience in executive leadership in government, non-profit, and business organisations in the DC area. She has led several organisations but in identity especially, I would like to mention she was Executive Director of the Identity Ecosystem Steering Group, IDESG, a non-profit organisation developed in a public-private partnership to implement the national strategy for trusted identities in cyberspace, in partnership with the National Institute of Standards and Technology, NIST. She is an attorney and has served as a prosecutor and maintains a private practice. Kay also serves on the Board of Directors of the Women in Identity US and volunteers in the leadership of the Women in Identity UK. She lectures internationally and has authored several articles an...

Aug 25

29 min 45 sec

The wait is almost over... series three of the Let's Talk About Digital Identity podcast will return on 25th August - and we've got more fantastic guests lined up! We're on all the major podcast platforms, so please like/rate (to help others like you find the podcast) and subscribe to get notified of new episodes.   Podcast trailer transcript and links to episodes: [René Seifert, Co-Founder & Co-Head at TrueProfile.io] Please let me just add, I think it's really interesting because I listened to some 80% of your podcast and I think what you're doing - you're doing a great service of building this industry of digital identity. [Oscar Santolalla] Hi, this is Oscar Santolalla, host of Let's Talk About Digital Identity - a podcast brought to you by Ubisecure. In each episode, I interview bright minds in the digital identity space, focusing on hot topics and stories from the industry. [Katryna Dow, Founder and CEO of Meeco] It was the film minority report and I don't know if you remember that, or you know super futuristic technologies... I just remember being in the cinema and staring at the screen and thinking "is this really the future?" And in some ways it may look like a marketer's dream. [Bengt Berg, Head of Compliance Management Services at Cybercom] The most common system or platform to get hacked is the system you didn’t even know that you had. [Lisa Forte, Partner at Red Goat Cyber Security] Researchers had discovered that goats were able to identify intruders into their herd, just hearing their voice. [Oscar Santolalla] Subscribe on your favourite podcast platform, to join me and my special guests as we discuss what's current and what's next for digital identity.

Aug 11

1 min 25 sec

Let's talk about digital identity with Jim Pasquale, EVP Interoperability at digi.me. In the final episode of series 2, Oscar and Jim discuss the problem of "digital exhaust" – the data trail (including identity data) that consumers leave as they go about life online, which they often have little control over. Jim fills us in on why this data needs to be better managed – and how. He also explores the importance of interoperability, given his role as Chair of Kantara's Information Sharing Interoperability working group. [Scroll down for transcript] "Businesses need to use mechanisms to give data back to the individual - because if you give data, you’ll get better data back" Jim Pasquale is a veteran innovator with a passion for disruption. He has deployed large and complex software systems with the world’s largest telcos and communications companies to improve engagement, conversion and customer experience. Jim is currently EVP Interoperability at digi.me. Find Jim on LinkedIn and Twitter @jpasquale. Find out more about the organisations Jim's involved with: digi.me, kantarainitiative.org/groups/isi-work-group and me2ba.org. We’ll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! That's a wrap on series 2, but don't worry - we'll be back soon with series 3 of Let's Talk About Digital Identity, the podcast connecting identity and business. Subscribe to get new episodes in your feed, wherever you get your podcasts.     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining this episode at the end of the season for Let’s Talk About Digital Identity. And one of the things we haven’t talked too much is about sharing data - particularly there are scenarios when it’s a definitely a good idea to share data. And for that, we are going to have a special guest who is Jim Pasquale. He is a veteran innovator with a passion for disruption. Jim has deployed large and complex software systems with the world’s largest telcos and communication companies to improve engagement, conversion and customer experience. Jim is also Executive Vice President Interoperability at digi.me. Hello, Jim. Jim Pasquale: Good morning, Oscar. And thank you for the opportunity to have this conversation this morning about the importance of providing real-time or near real-time data and being able to share. Oscar: Yeah, thank you. It’s a pleasure talking with you, Jim. So, I would like to hear more, we would like to hear more about how life led you to this world, working at digi.me and in digital identity. Jim: Sure. So, I’ve been in the computer industry for over 35 years, predominantly in software and mostly in data communication software infrastructure. What really led me to much of the digital identity work that we do today was my 15-year experience at a company called Novell who had deployed probably one of the very first PC-based or LAN-based X.500 identity programme. And really, when we talk about the idea of identity it goes beyond a person, so it includes people, places and things. And not only how to identify them but how to structurally place them in a directory so that they’re easily accessible and able to be found. Oscar: Excellent. So from the time at Novell, you were working already on the very early days of identity as we know it today. We have been discussing because we have been collaborating for a couple of years at least in Kantara Initiative in the workgroup related to information sharing. So, we know that today in this fast-paced digital world we are living, there is a lot of what is called the digital exhaust, everywhere, everything we do we are – some data is leaking. Well, we are letting some data, personal data go and of course some companies are taking that advantage. So, tell me from your perspective why this is a serious problem and why we...

Jun 23

39 min 56 sec

Let's talk about digital identity with Vinay Sawarkar, Founder and CEO at Claidroid. In episode 47, Oscar talks to Vinay about digital identity in India, and its key role in the country's digital transformation and privacy regulation evolution (with the upcoming Personal Data Protection Bill). They also discuss identity in a wider regulatory compliance, security and user experience context, noting Identity and Access Management (IAM) – and particularly Customer IAM (CIAM) – as a core component of success in all three areas. [Scroll down for transcript] "India is on a very exciting journey of digitalisation." Vinay has over 35 years of varied experience. Over the years, he successfully held numerous roles with increasing responsibilities. He established and managed the global practices in e-Security and Service Management in partnership with global technology leaders. Vinay also led software development centre and corporate IT group earlier. The Oracle E-Business Suite R12 was deployed globally under him, as were set up various quality systems such as ISO 27001 (for IT security), ISO 20000 (for IT services), and CMMi Level 5 (for Software Maturity). Vinay started his career with VLSI R&D and technology transfer of 68000 based workstations and servers in the initial days of his career. Vinay holds a Bachelor of Engineering from Jabalpur Engineering College and Master of Technology from Indian Institute of Technology, Banaras Hindu University. He is also a Senior Member of Institute of Electrical and Electronics Engineers (IEEE). Find Vinay on LinkedIn, and find out more about Claidroid at www.claidroid.com. Claidroid is a Ubisecure partner. Read more about the partnership at www.ubisecure.com/news-events/claidroid-partnership-pr/. We’ll be continuing this conversation on Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, a podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello, and thanks for joining a new episode of Let’s Talk About Digital Identity. And today, we are going to have an imaginary trip to India and we are going to hear about digital transformation and identity compliance, among other things. And for that, we are inviting here one guest from our partners who is Vinay Sawarkar. He is the founder and CEO of Claidroid Technologies. With over 35 years of experience, Vinay has successfully held numerous roles with increasing responsibilities. He established and managed the global practices in e-Security and Service Management in partnership with global technology leaders. Vinay also led software development centre and corporate IT groups earlier. The Oracle E-Business Suite Release 12 was developed globally under him as well as setting up various quality systems such ISO 27001, ISO 20000 and CMMi Level 5 for Software Maturity. Vinay started his career with VLSI, a very large scale integrated circuits research and development and technology transfer of Motorola 68000 based workstations and servers in the initial days of his career. Vinay holds a Bachelor of Engineering from Jabalpur Engineering College and a Master of Technology from Indian Institute of Technology, Banaras Hindu University. He is also a senior member of the Institute of Electrical and Electronic Engineers, IEEE. Hello, Vinay. Vinay Sawarkar: Hi, Oscar. It’s an absolute pleasure and privilege to be with you in this podcast. Oscar: Thank you. It’s great having you. I’m really happy to have this conversation with you. And as always, we want to hear a bit more about the guest we talk. So please tell us about yourself and your journey to this world of digital identity. Vinay: Of course. Very interestingly, I have had the passion for technologies from the early days, so after completing my course and specialisation in Integrated Circuits, I joined a company who was a pioneer in the semiconductor field in India...

Jun 9

26 min 42 sec

Let's talk about digital identity with Richard Bird, Chief Customer Information Officer at Ping Identity. In episode 46, Oscar and Richard discuss how the Decentralized Identity Foundation is helping people gain control of their online identities and why an open-standards based approach to identity management is the key to better privacy, lower fraud, and a more ethical user experience. [Scroll down for the transcript] "Decentralised identity will create an empowerment framework for people to have a part to play in their digital identity." Richard Bird is the Chief Customer Information Officer for Ping Identity, a leading identity solution and access management platform. An internationally recognised data privacy and identity-centric security expert, Richard leverages his diverse experiences as a strategic advisor, solutions provider and former global head of identity for JP Morgan Chase’s consumer businesses to challenge current notions about cybersecurity. He is a Forbes Tech council member and has been interviewed by the Wall Street Journal, Bloomberg, The Financial Times, Business Insider, and the NYSE on topics ranging from data protection regulations to cybersecurity enabled consumer protection. The Decentralized Identity Foundation aims to develop an open ecosystem for decentralised management of digital identities and ensure interoperability between all participants. Find out more at identity.foundation. We’ll be continuing this conversation on Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for listening. Today we are going to have a discussion about a group of companies, individuals and organisations who are joining forces for solving very important problems today and particularly we’re going to talk about the Decentralized Identity Foundation and for that we have a guest who is from one of these members. The guest today is Richard Bird who is Chief Customer Information Officer at Ping Identity. An internationally recognised data privacy and identity-centric security expert, Richard leverages his diverse experiences as a strategic advisor and solutions provider to challenge current notions about cybersecurity and identity. He is a Forbes Tech council member and has been interviewed by the Wall Street Journal, Bloomberg, The Financial Times, Business Insider, and the New York Stock Exchange on topics ranging from data protection regulations to cybersecurity-enabled consumer protection. Hello Richard. Richard Bird: Oscar, how are you? Oscar: Very good. It's great having you. Richard: I appreciate the opportunity to be with you. Oscar: Yeah, fantastic. It’s great having this conversation. I’m really intrigued to hear more about the Decentralized Identity Foundation. But before that, I would like to hear a little bit about you. So please tell us about yourself and how you joined this world of digital identity. Richard: Absolutely. It’s a – I think it’s really interesting. It’s always strange to hear anybody read my bio. I feel like, you know, a bit of imposter syndrome. All these opportunities in the last couple of years to talk with all of these different media outlets and one thing that’s interesting, the consistent theme there is just – it’s all business side media outlets. You know, the journal and CNBC and all of those different organisations and I think a lot of that is because my experience and background has given me the opportunity to be able to translate the complexities, the challenges, the issues in digital identity in a way that the business side of the house can consume and understand. I spent 20 plus years in corporate and I worked at companies like JP Morgan Chase for many years, Accenture, smaller banks in the Midwest. I also held a Chief Information Officer position and gravitated i...

May 26

35 min 22 sec

Let's talk about digital identity with David Doret, Deputy CISO and IAM Manager at BNP Paribas and Founder of Open-Measure. In episode 45, Oscar talks to David Doret about Open-Measure – the comprehensive, open-source Identity and Access Management (IAM) resource that he created as a not-for-profit initiative. The conversation explores how and why Open Measure came to be – and how anyone working with IAM, in any capacity, can get involved. [Scroll down for the transcript] "IAM is so transversal within the organisation – we need to work with HR, IT, security, the full workforce, top management, customers – with everyone, basically." David Doret is a cybersecurity and IAM veteran. He worked in advisory services helping numerous organisations strengthen their security posture, held twice the position of CISO and specialised in IAM and risk management. He founded and runs the Open-Measure wiki for IAM professionals. He holds an MSc in Information Security, is certified GRCP, PMP, Lean 6 Sigma Green Belt, CISSP, ISO 27001 Lead Auditor and loves studying MOOCs as a hobby. He is currently Deputy CISO and IAM Manager at BNP Paribas. Find David on LinkedIn and on Twitter @DavidDoret. Contribute or provide feedback to Open-Measure at www.open-measure.org, or follow the LinkedIn feed at www.linkedin.com/company/open-measure/. The Open-Measure wiki can be found at open-measure.atlassian.net/wiki. We’ll be continuing this conversation on Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello. Today’s guest is going to tell us about I would say to me is the most comprehensive IAM, so identity and access management, resource I’ve ever seen and the good thing of this is that it’s open source. So my guest today is David Doret. David is a cybersecurity and IAM, identity and access management, veteran. He worked in advisory services helping numerous organisations strengthen their security posture. He held twice the position of CISO and specialised in IAM and risk management. David founded and runs the Open-Measure wiki for IAM professionals. He holds a masters in Information Security, is certified GRCP, PMP, Lean 6 Sigma Green Belt, CISSP, ISO 27001 Lead Auditor and he loves studying MOOCs as a hobby. He is currently Deputy CISO and IAM Manager at BNP Paribas. Hello David. David Doret: Hi Oscar. Thank you very much for having me here. Oscar: You are very welcome. It’s really interesting to hear about Open-Measure and of course about yourself. You have quite a long, comprehensive experience in cybersecurity and especially in IAM. That’s going to be the main discussion point today. So we would like to hear, before hearing about Open-Measure, a bit more about yourself and how life led you to the world of digital identity. David: Yes. I think my initial experience with IAM comes back to the early 1990s. So that’s too far away for me to properly collect my memories unfortunately. But yeah, I’m in the business for ages. I’m a dinosaur I would say. Oscar: OK, OK. So it has been for – probably since the beginning of your career, I guess. David: Yeah. During quite a long period of time, software development. Also I more or less held nearly all possible positions within an IT department that are possible to hold. My first job was in support. I was doing help desk support. Then I moved into system engineering. But that was decades ago. From there, I moved into software development and then into cybersecurity. Then I specialised into IAM eventually. Oscar: Excellent. So now that you are very into IAM, so I’m thinking – as far as I know, less than two years ago you created Open-Measure. So please tell us, what is Open-Measure? David: The Open-Measure is a wiki. Actually it is first to fall a non-profit association that owns the content that is...

May 12

29 min 5 sec

Let's talk about digital identity with Colin Wallis, Executive Director of Kantara Initiative, and Charlie Harry Smith, Political Theorist at the Oxford Internet Institute. In episode 44, we shake things up with a fireside chat format. Colin and Charlie begin by discussing: "Is digital identity for citizens a commodity?". From their different backgrounds in identity – Colin's tenure as Kantara's Executive Director, and Charlie's work as a political theorist – they explore multiple considerations, including user experience, the role of private organisations in shaping citizen (or resident) identity and how to ensure adoption. As both are currently UK-based, they use the UK government's historical and future plans around digital identity for context, as well as examples from other countries like New Zealand and the US. [Scroll down for transcript] "[Digital identity] can be delivered effectively, securely, and in a way that's lovely to look at as well. That's an exciting thing and it's an exciting time to be in this industry." Colin Wallis Colin Wallis is the Executive Director of the Kantara Initiative – the international industry association globally acknowledged for its ethos of no barriers to participation. Kantara is most recognised as a Trust Framework Operator of conformity assessment and Trust Marked schemes for digital Identity, Credential and Consent Management Service Providers. Colin develops and executes the Kantara Initiative’s strategic plan in concert with the Board and Leadership Council, driving the organisation forward on a broad front with the financial support of private, public sector and individual members from every region of the world and the assistance of a dedicated band of expert volunteers. Colin’s work has been recognised by being named one of the Top 100 Influencers in Identity by independent research company One World Identity. Find Colin on LinkedIn and on Twitter @KantaraColin. Find out more about Kantara at kantarainitiative.org and www.kantarainitiative.eu. This is Colin's second appearance on LTADI – find his first episode at www.ubisecure.com/podcast/kantara-colin-wallis/. Charlie Harry Smith Charlie Harry Smith is a political theorist pursuing a doctoral degree at the Oxford Internet Institute, part of the University of Oxford. In particular, his research considers the normative and theoretical issues surrounding digital governments and the ongoing development of federated identity systems in the UK. Alongside his research, Charlie regularly consults on digital identity projects. He handles social media monitoring for the Open Identity Exchange and, most recently, has worked with the Digital Equity Association to bring the SMART Africa Trust Alliance – an ambitious cross-continental federated identity scheme – to the pilot project stage. Find Charlie on LinkedIn, Twitter @charliehrysmith, and on his website - www.chsmith.co.uk. We’ll be continuing this conversation on Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello, and thanks for joining this episode which is going to be quite a different format. First of all, we’ll have two guests. Both are based in the UK, but also the format is going to be more free, so there’s going to be a sort of fireside chat. And so, let me introduce you my guests today. My first guest today is coming for the second time - Colin Wallis. He is the Executive Director of the Kantara Initiative – the international industry association globally acknowledged for its ethos of no barriers to participation. Kantara is most recognised as a Trust Framework Operator of conformity assessment, and Trust Marked schemes for digital Identity, credential, and Consent Management Service Providers. Colin develops and executes the Kantara Initiative’s strategic plan in concert w...

Apr 28

34 min 54 sec

Let's talk about digital identity with Erdoo Yongo, Policy and Advocacy Manager at GSMA. In episode 43, Oscar and Erdoo explore the importance of mobile technology to digital identity, and what that means for inclusion in schemes that rely on identification of individuals. From her background in policy and advocacy at GSMA, Erdoo gives specific examples of mobile playing a role in the development of identity – identity enrolment in Nigeria, birth registration in Pakistan, health records in Kenya, and cash value assistance in Zambia. She also explores the challenges preventing mobile from playing a role in the development of digital identity ecosystems. [Scroll down for transcript] "There are a range of opportunities for mobile technology and mobile operators to play a pivotal role in the development of digital identity ecosystems." Erdoo joined GSMA in 2017. She is a Policy and Advocacy Manager across the Digital Identity (DI) and Mobile for Humanitarian Innovation (M4H) teams. As part of the advocacy and policy team, she is working to create an enabling policy environment for mobile operators to ensure that mobile can be used to support identification of underserved populations and as a platform to deliver humanitarian assistance. Erdoo is thus working with mobile operators, development partners and humanitarian organisations to uncover and resolve policy and regulatory barriers they face in providing mobile services to users. She also leads GSMA’s research on mandatory SIM registration, exploring its relation to other key indicators in order to establish key trends that inform the work of the DI and M4H advocacy and policy streams. Erdoo delivers the ‘Digital identity for the underserved and the role of mobile’ Capacity Building course to regulators and policymakers and represents GSMA at a broad range of events. Find Erdoo on LinkedIn and Twitter @YErdoo. Find out more about GSMA's Mobile for Development team at www.gsma.com/mobilefordevelopment. Find the reports that Erdoo refers to at the end of the episode at www.gsma.com/mobilefordevelopment/resources/access-to-mobile-services-and-proof-of-identity-2021/, www.gsma.com/mobilefordevelopment/resources/digital-identity-accelerating-financial-inclusion-during-a-crisis/ and www.gsma.com/mobilefordevelopment/resources/commercially-sustainable-roles-for-mobile-operators-in-digital-id-ecosystems/. We’ll be continuing this conversation on Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thank you for joining. Today, we are going to talk about the world of mobile. And for that we have for the second time a guest from the GSMA. So let me introduce you today to Erdoo Yongo. She is a Policy and Advocate Manager across the Digital Identity and Mobile for Humanitarian Innovation teams. As part of the advocacy and policy team, she’s working to create an enabling policy environment for mobile operators to ensure that mobile can be used to support identification of underserved populations and as a platform to deliver humanitarian assistance. Erdoo is thus working with mobile operators, development partners and humanitarian organisations to uncover and resolve policy and regulatory barriers that they face in providing mobile services to users. Erdoo delivers the digital identity for the underserved and the role of mobile capacity building course to regulators and policymakers, and represents GSMA at a broad range of events. Hello, Erdoo. Erdoo Yongo: Hi, Oscar. How are you doing? Oscar: Very good. It’s a pleasure talking with you Erdoo and I’m very intrigued to hear what GSMA is doing, in particular your work. Erdoo: It’s a pleasure to be a guest on this show. Thank you for having me, Oscar, as well as Francesca. Oscar: Thank you. So please,

Apr 14

27 min

Let's talk about digital identity with Mei Ngan, Scientist at the National Institute of Standards and Technology (NIST). In episode 42, we explore Mei's work at NIST evaluating face recognition biometrics with the Face Recognition Vendor Test (FRVT), how accurate facial recognition actually is, and the effects of different variables on the FRVT – face masks (motivated by the pandemic), face morphing as a current FR vulnerability for identity credentials, demographic differentials, and twins – “the forgotten demographic”. [Scroll down for transcript] "[Face recognition] technology really has come a long way, especially when you only have half the face available to do recognition with. But with that said though, there still remains certain limitations to the technology – such as being able to differentiate between identical twins, demographic differentials and extremely poor-quality photos." Mei Ngan is a scientist at the National Institute of Standards and Technology (NIST).  Her research focus includes evaluation of face recognition and tattoo recognition technologies.  Mei has authored and co-authored a number of technical publications, including the accuracy of face recognition with face masks, evaluation of face morphing detection algorithms, demographic effects in face recognition, performance of facial age and gender estimation algorithms, and publication of a seminal open tattoo database for developing tattoo recognition research, which she received the Special Contribution Award for at the 2015 IEEE International Conference on Identity, Security and Behavior Analysis (ISBA). Mei was awarded the Department of Commerce Gold Medal Award in 2020 and was a recipient of the 2020 Women in Biometrics Award, a globally recognised award honouring innovative women in the biometrics field. Find out more about Mei's work at nist.gov/programs-projects/face-recognition-vendor-test-frvt Find the FRVT leaderboards at pages.nist.gov/frvt/html/frvt11.html (1:1) and pages.nist.gov/frvt/html/frvt1N.html (1:N). View Women in Identity's webinar with Mei exploring demographic effects in facial recognition here: https://youtu.be/Lni4Pe8dYuk We’ll be continuing this conversation on Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello, and thanks for joining to this episode of Let’s Talk about Digital Identity. And one aspect that is connected to identity and has been like that for many years is face recognition. You have heard a lot in the past years. But also there are new challenges in these recent years, for instance, by the use of face masks, as you can imagine. And for having a deeper conversation about face recognition biometrics, we’ll have a special guest today who is Mei Ngan. Mei is a scientist at the National Institute of Standards and Technology, NIST. Her research focus includes evaluation of face recognition and tattoo recognition technologies. Mei have authored and co-authored a number of technical publications, including the accuracy of face recognition with face masks, evaluation of face morphing detection algorithms, demographic effects in face recognition, performance of facial age, and gender estimation algorithms and publication of a seminal open tattoo database for developing tattoo recognition research. And for this, she received a Special Contribution Award at the 2015 IEEE International Conference on Identity, Security and Behavior Analysis. Mei was awarded the Department of Commerce Gold Medal Award in 2020, and was the recipient of the 2020 Women in Biometrics Award. Hello, Mei. Mei Ngan: Hello, Oscar. How are you? Oscar: Oh, very good and really pleased to have you on this conversation with you. Mei: Yeah, I’m quite happy to be here. Thanks for having me. Oscar: Fantastic.

Mar 31

34 min 34 sec

Let's Talk About Digital Identity with Schehrezade Davidson, CEO of Tricerion. In episode 41, Oscar and Schehrezade explore Tricerion's immunity passport – ImmucheX. They discuss the challenges that immunity passports present – including privacy, trust and regulatory compliance - and how Tricerion is responding to those challenges. [Scroll down for transcript] "Fundamentally it's about trust, it's about accuracy. It's complicated but there is a way forward." Schehrezade Davidson is the CEO of Tricerion Limited, a company that owns novel patented mutual authentication software using image passwords. Find Schehrezade on LinkedIn. This is Schehrezade's second LTADI podcast appearance. Listen to her previous episode (26), describing Tricerion's neurographic passwords solution, here - www.ubisecure.com/podcast/neurographic-passwords-tricerion-schehrezade-davidson/ Find out more about Tricerion's ImmucheX solution at www.tricerion.com/immuchex. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining another episode of Let’s Talk About Digital Identity and in these days, if one goes to a newspaper or in some other media, we hear, we read about vaccination passports, immunity passports and similar terms and things that are already coming. But today we’re going to have a discussion specifically about these with one of our partners, a company that has been before here in the podcast and they are working on that, an immunity passport. We’re going to hear what has been their experience and what type of solutions they are bringing. So let me welcome back again to Schehrezade Davidson. She is the CEO of Tricerion Limited, a company that owns novel patented mutual authentication software using image passwords. Hi Schehrezade. Schehrezade Davidson: Hi Oscar. Lovely to be back again. Oscar: Yes. A few months ago, a bit more than one year ago, we were having a conversation. We talked about a very innovative product, original product you have had for the last years that are neurographic passwords. So that’s a super interesting conversation we had. So we would like to hear first what happened on Tricerion, on the team, on the labs that you have there and since this month – since the last time we talked. So tell us a bit. Schehrezade: Yeah, yeah. So really, I think for all of us who are working remotely, it’s about making connections with potential partners and end users. It’s about refining our message and positioning the company to leverage hopefully what will be a better 2021 compared to 2020. So yeah, we’re feeling very positive about our solution and obviously our other exciting projects, which we’re going to talk about today. Oscar: Yeah, exactly. Then I didn’t know too much at that time when we talked last year but now I know that you have been working on this immunity passport even before that conversation. So that’s one of the main things we talk today. Please to make it go – start from the very, very basic. So what is an immunity passport? Schehrezade: Yes. I think immunity passports, as people probably know, have been around for a long time whether it was to prove that you'd a disease and recovered from it, for example like smallpox, or whether you can prove that you’ve had a vaccine. So for example like yellow fever. So the idea and concept of an immunity passport is not really new as we know. Where I think the stakes are slightly different to do with COVID is because we’re looking at something that is a global pandemic. So yeah, very happy to sort of talk a little bit about what we’ve been doing at Tricerion in this area. But just to make it perfectly clear, I think the world is only just beginning to talk about how an immunity passport for COVID would really ...

Mar 17

32 min 19 sec

Let's Talk About Digital Identity with Roland Adrian, Managing Director at Verimi. In episode 40, Roland fills us in on how Verimi works and its privacy-by-design cornerstones, including data minimisation. Oscar and Roland also discuss the digital identity landscape in Germany and how it's been affected by the pandemic, plus the future of identity in Germany and what needs to happen next. [Scroll down for transcript] "Customer experience is king at digital identity. And really, technology, security, privacy, whatever it is - it's important, but in a sense it’s a commodity." Roland Adrian has been Managing Director and Spokesman of the Management Board at Verimi since January 2019. Previously, he was Managing Director and Spokesman of the Executive Board at Lufthansa Miles & More GmbH for four years. The business degree holder started his career in 1996 at Roland Berger Strategy Consultants in Munich. After holding leading positions in the KarstadtQuelle Group, he built up the HappyDigits bonus programme from 2002 as a joint venture between Arcandor AG and of Deutsche Telekom AG. In 2009, he moved to PAYBACK in Munich and from 2010 focused on the launch of the programme in India. As Vice President, he led PAYBACK's expansion into various markets worldwide. Find Roland on LinkedIn or email him at roland.adrian@verimi.com. Verimi is the European cross industry identity and trusted platform. Verimi combines a convenient central login (Single Sign On), the highest data security and protection standards in line with European law and the self-determination of users regarding the use of their personal data. Verimi was founded in spring of 2017. The identity and trusted platform is supported by a network of thirteen international corporations. The shareholder network includes Allianz, Axel Springer, Bundesdruckerei, Core, Daimler, Deutsche Bahn, Deutsche Bank and Postbank, Deutsche Telekom, Giesecke+Devrient, Here Technologies, Lufthansa, Samsung and Volkswagen. Verimi is a Ubisecure partner. Read more about the partnership in the press release: https://www.ubisecure.com/news-events/verimi-partnership/ We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hi, and thanks for joining. Today, we are going to hear about the digital landscape in Germany. And for that our special guest is Roland Adrian. He is Managing Director and Spokesman of the Management Board at Verimi since January 2019. Previously, he was Managing Director and Spokesman of the Executive Board at Lufthansa Miles and More for four years. He built up the HappyDigits bonus programme from 2002 as a joint venture of Deutsche Telekom. In 2009, he moved to PAYBACK. And as Vice President, he led PAYBACK’s expansion into various markets worldwide. Hi, Roland. Roland Adrian: Hi Oscar. Oscar: Nice talking with you Roland and really happy to hear what is going on in Germany in terms of digital identity and everything related to that. And happy to know more about Verimi. I’ve been hearing 'Verimi' already for the last years and definitely need to hear more details. What are the products you are building and offering today? So please, tell us a bit of your journey how you became the managing director at Verimi. Roland: Yes. Thank you, Oscar. And many thanks for the invitation. Glad to be here and talk to you a little bit about the market in Germany. So yeah, what was my journey becoming Managing Director of Verimi. Actually, my journey, professional journey, started 25 years ago when I started my career in consulting. Then some stations at Karstadt which is a department store group. And then I founded multi partner loyalty scheme together with Deutsche Telekom. And from there, I moved to PAYBACK which actually is Germany’s leading multi par...

Mar 3

33 min 13 sec

Let's Talk About Digital Identity with Ben Cronin, Managing Director at UBO Service. In episode 39 of LTADI, Oscar talks to Ben about UBO Service and the challenges it solves around verifying Ultimate Beneficiary Owners, how UBO Service is leveraging Legal Entity Identifiers (LEIs) for KYC and enhanced CDD, and the Global LEI Foundation's validation agent (VA) framework. [Scroll down for transcript] "It was very obvious to us that adding the LEI to that identification piece was very powerful because you're really identifying and verifying the entity to a very high standard. By using data that we get from official government registries – adding that to an LEI just makes complete perfect sense to us." Serial entrepreneur Ben Cronin founded GBR (Global Business Register) in 2008. GBR morphed into Kyckr over the following years and Kyckr listed on the Sydney Stock Exchange in 2016, providing commercially proven products for the authentication of businesses globally. His roles at Kyckr included Managing Director and Chief Data Officer. Ben is a supporter of Max Schrem’s organisation, NOYB - European Centre for Digital Rights; the fight for data privacy is important for all citizens. Ben played professional rugby with Munster and Ireland in the 90’s. His other interests include tennis, whisky, science and family! Find Ben on LinkedIn and on Twitter @Ben_Cronin. Ben Cronin is currently Managing Director at UBO Service. UBO Service offers an innovative new solution for obliged entities to capture accurate Ultimate Beneficial Owner (UBO) declarations in real-time. Find out more about UBO Service at www.uboservice.com. UBO Service is in partnership with Ubisecure's Legal Entity Identifier service, RapidLEI. Read more about the partnership in the press release: https://www.ubisecure.com/news-events/ubo-service-lei-validation-agent/ We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining today. We have been in the last months talking once about the LEI, the Legal Entity Identifiers. And today, we’re going to hear very innovative business models that combine some of the solutions to the challenges with LEIs. And for that, we have a very interesting guest today who is Ben Cronin. Ben is Managing Director at UBO Service. Serial entrepreneur Ben Cronin founded Global Business Register in 2008. Global Business Register morphed into Kyckr over the following years and Kyckr listed on the Sydney Stock Exchange in 2016. Kyckr provided award-winning, commercially proven products for the authentication of businesses globally. Kyckr developed APIs and cloud-based decision engines for best-in-class KYC (Know Your Customer), due diligence and customer on-boarding. Ben is a supporter of Max Schrem’s organisation, NOYB – European Center for Digital Rights; the fight for data privacy is important for all citizens. Ben has played professional rugby with Munster and Ireland in the ‘90s. Other of his personal interests include tennis, whisky, science and family! Hi Ben. Ben Cronin: Hello, Oscar. How are you? Oscar: Very good. It’s a pleasure having you today to hear about very innovative services and business models that UBO Service is offering today. So, before talking on that, I would like to hear even a bit more about you. Please tell us how your career led you to this world of digital identity. Ben: Thank you Oscar. And as you mentioned, I was fortunate enough to play professional rugby. So in the ‘90s, the game rugby went professional in 1995 and I was fortunate enough to be I suppose playing at a level that I played. It came when I was amateur and then when it went professional I started getting paid to something that I loved which was fantastic.

Feb 17

25 min 35 sec

Let's Talk About Digital Identity with Lisa LeVasseur, Executive Director at Me2B Alliance. In episode 38, Lisa and Oscar discuss the Me2B Alliance and how it aims to make technology better for humans, plus the businesses (B-s) which are shining a light on privacy issues and giving the Me-s more control. [Scroll down for transcript] "We used to call ourselves something like the 'organic food label'. But that's actually not right. We're more like independent automobile crash testing." Lisa LeVasseur is Executive Director at Me2B Alliance, a non-profit organisation that is setting the standard for respectful technology. An MBA technologist with a background in Computer Science and Philosophy, Lisa began strategic work in cellular telecom industry standards in the late ‘90s while at Motorola. Since then, she has participated in 3GPP, 3GPP2, MEIF, WAP Forum, IETF, W3C, IEEE and Kantara Initiative. Find out more about Me2B Alliance at me2ba.org. Join as a 'Me' or a 'B' at me2ba.org/membership. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining today. We are going to discuss today something pretty different about the ethical aspects of technology. A lot of technology we are already using. We are using a lot of technologies brought by big tech, by many organisations around the world and we are going to hear what could be a better vision for how the technology treats people in a more respectful way. For that, I have a very special guest who is Lisa LeVasseur. She is the Executive Director at Me2B Alliance, a non-profit organisation that is setting the standard for respectful technology. An MBA technologist with a background in Computer Science and Philosophy, Lisa began strategic work in cellular telecom industry standards in the late ‘90s while working at Motorola. Since then, she has participated in several other standards organisations such as 3GPP, 3GPP2, MEIF, WAP Forum, IETF, W3C, IEEE and Kantara Initiative. Hi Lisa. Lisa LeVasseur: Morning. Or evening! Oscar: Yes, exactly. We’re in the opposite. Quite early for you. The night is falling here in Helsinki. So it’s a pleasure talking with you Lisa. Welcome and let’s talk about digital identity and this very interesting concept and project you are embarking on, Me2B. But I would like to hear more about your beginnings and how things led to the world of digital identity and this latest project you have. Lisa: Sure. Thanks Oscar. Thanks for having me. I’m really honoured to be here talking with you. So how I got involved in this world was back in 2009, I started working on a product that was designed to put families really in control of their information and the services that they use, whether those services were in the brick-and-mortar world or online services. And it was through research in that project where I really became aware of – I think it was initially Doc Searls and I maybe became aware of some trust framework stuff and then I sort of unlocked the door to this whole world of people working on identity management and identity standards and realised that there was a whole world of people sort of on the leading edge of this work. That’s how I kind of stumbled in. It was probably around 2012 or so. Oscar: At that time you were the product manager, building software, building product? That was your role at the time? Lisa: That’s right. Oscar: And how did that evolve to today, Me2B, which is relatively new, right? Lisa: Yeah. Well, interestingly enough, having this sort of long experience in industry standards and being one of four people on the planet who actually like industry standards work, as back – as far as 2009, I actually had this idea when I started to define this product because I had...

Feb 3

30 min 8 sec

Let's Talk About Digital Identity with René Seifert, Co-Founder & Co-Head at TrueProfile.io. In episode 37, René Seifert talks about the current status of identity in the UK; the government's recent call for evidence and DIU (digital identity unit); the resultant six guiding principles – including privacy and inclusivity; the potential of self-sovereign identity to solve some of these issues; TrueProfile.io and the importance of verified credentials in an HR context; plus the ethical, political and technical challenges of ‘immunity passports’. [Scroll down for transcript] "I think it's interesting if we overlay this utopia of a self-sovereign identity that sounds maybe like science fiction today, and where these UK digital initiatives are geared, and my best guess is we can and will land somewhere in the middle." René Seifert is a serial entrepreneur and co-head of TrueProfile.io, a credential verification solution provider. Powered by the DataFlow Group, TrueProfile.io provides these services in a modern environment via the adoption of Ethereum blockchain. Prior to this, René was the co-founder and co-CEO of Venturate AG, a crowdfunding platform allowing regular people to invest side-by- side with experienced business angels. In addition, he has been involved in founding several internet, tech and media companies, among the Holtzbrinck eLab. René, half German and half Croatian, began his career hosting radio shows and running an advertising agency parallel to his studies. He was head of marketing and presenter at the radio station Bayern 3. During the "new economy" he headed the entertainment department at Lycos Europe. Find René on Twitter @reneseifert and on LinkedIn. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thank you for joining today, an episode in this New Year 2021 and we are going to discuss, especially now, the digital identity in the UK for this New Year 2021. I have a super special guest today who is René Seifert. He is a serial entrepreneur and co-head of TrueProfile.io, the industry leader in document verification. Powered by the DataFlow Group, TrueProfile.io provides these services in a modern environment via the adoption of Ethereum blockchain. Prior to this, René was the co-founder and co-CEO of Venturate AG, a crowdfunding platform allowing regular people to invest side-by-side with experienced business angels. In addition, he has been involved in founding several internet, tech and media companies among the Holtzbrinck eLab. René, half German and half Croatian, began his career hosting radio shows and running an advertising agency parallel to his studies. He was head of marketing and presenter at the radio station Bayern 3. During the “new economy” he headed the entertainment department at Lycos Europe. Hello René. Welcome. René Seifert: Hi, Oscar. And Happy New Year! My pleasure for this podcast. Oscar: It’s great talking with you. Thank you. Hope you are having a great start of the New Year 2021. First, we would like to hear more about you particularly, how you have been doing in media and other very interesting things about technology, how your life ended in this world of digital identity? René: If I knew that myself… I think it’s a quite unlikely scenario that panned out. And maybe you also heard that famous commencement speech from Steve Jobs in Harvard that you only can connect the dots in hindsight, you can’t connect them living your life forward. And let me maybe try to connect these dots. And you mentioned a couple of already things how they evolved in my life. Indeed, in my first life, as I tend to say, I was sitting on the other side of our conversation, I was a radio presenter, I was a journalist,

Jan 20

39 min 27 sec

Let's Talk About Digital Identity with Kaliya Young – consultant, conference organiser, author, activist. In episode 36, Kaliya and Oscar discuss the long-running Internet Identity Workshop (IIW) that she co-founded, the effects of moving to virtual identity conferences in 2020, insights from Kaliya's books - 'The Domains of Identity', newly published in 2020, and 'A Comprehensive Guide to Self Sovereign Identity' – plus some great tips for all business leaders on how to view the role of identity in their organisation. [Scroll down for transcript] "I think we may be selling self-sovereign identity all wrong. It should be infinitely scalable, low-cost federation. That's really powerful!" Kaliya Young is the author of two books “The Domains of Identity” and “A Comprehensive Guide to Self Sovereign Identity”. For the past 15 years, she has been working to catalyse the creation of a layer of identity for people based on open standards. She co-founded the Internet Identity Workshop (IIW) in 2005 to bring together technologists who want to see decentralised identity come into being. In the fifteen years their community has been meeting, they have created standards being used all over the internet, like OpenID Connect and OAuth. In 2012 she was recognised as a Young Global Leader by the World Economic Forum. The next IIW is in April. Sign up on Eventbrite. Kaliya is widely recognised for her community leadership. She travels to Africa and Asia at least once a year to ensure the development of person-centric identity is truly global and inclusive. Most recently, she co-founded HumanFirst.Tech with Shireen Mitchell, a project focused on creating space for diverse voices and building a more inclusive industry. In 2009, she was named one of Fast Company’s Most Influential Women in Technology. Find Kaliya on Twitter @IdentityWoman and LinkedIn. Check out Kaliya's website at identitywoman.net and her podcast with Seth Goldstein, PSA Today (Privacy, Surveillance, Anonymity). Regular listeners of Let's Talk About Digital Identity will know that Oscar asks every guest for their top tips on how to protect our digital identities. For 2021, Oscar has a new burning question for all LTADI guests – "for all business leaders listening to us now, what is the one actionable idea that they should write on their agendas today?" We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining another episode of Let’s Talk About Digital Identity. Now, that we are starting the New Year 2021 and we are very excited to present a fantastic guest today. She has many interesting things. She’s an author, a speaker, of course an identity expert and she has done so many interesting projects. You are going to hear more about that. So let me introduce you Kaliya Young. She is the author of two books: The Domains of Identity and A Comprehensive Guide to Self-Sovereign Identity. For the past 15 years, she has been working to catalyse the creation of a layer of identity for people based on open standards. She co-founded the Internet Identity Workshop in 2005 to bring together technologists who want to see decentralised identity come into being. In the 15 years, their community has been meeting, they have created standards being used all over the internet like OpenID Connect and OAuth. In 2012, she was recognised as a young Global Leader by the World Economic Forum. Kaliya is widely recognised for her community leadership. She travels to Africa and Asia at least once a year to ensure the development of person-centric identity is truly global and inclusive. Most recently, she co-founded HumanFirst.Tech with Shireen Mitchell, a project focused on creating space for diverse voices and building a more inclus...

Jan 6

30 min 31 sec

Let's Talk About Digital Identity with Khalid Maliki, Co-Founder & Managing Director, and Jimmy J.P. Snoek, Co-Founder & CEO at Tykn. Khalid and Jimmy join Oscar for episode 35 of the podcast, discussing everything Self-Sovereign Identity (SSI) and the SSI company they co-founded, Tykn. The conversation details the 'three pillars of SSI' (verifiable credentials, decentralised identifiers and blockchain), how SSI fits with existing processes, what it should appear as to end users (and what level of education they need around the technology), the importance of accessibility for inclusivity, and what's next for Tykn. [Scroll down for transcript] "In 5 years, people should take [SSI] for granted" Khalid Maliki After many years working in UX at the Dutch Ministry of the Interior, Khalid’s keen product design knowledge combined with a passion for social impact led him to put all his time and efforts into co-founding the award-winning digital ID company Tykn. Khalid believes Self-Sovereign Identity will positively impact billions of people’s lives and has advocated for its adoption on the most important stages, from the Economic Forum in Africa to the United Nations in NYC. He considers one of his biggest achievements to have co-founded a happy family. Find Khalid on LinkedIn and on Twitter @Khalidworks. Jimmy J.P. Snoek Jimmy J.P. is a musician, business developer and entrepreneur, currently residing in The Hague, The Netherlands. After having worked as a professional musician in Spain and having started his first company in The Netherlands before the age of 20, Jimmy was accepted into the prestigious McGill University in Montréal, Canada and co-founded the now award-winning digital ID company Tykn. As an evangelist of data privacy and an early adopter of crypto, Jimmy has spoken about the merits of blockchain and self-sovereign identity at conferences and institutions worldwide since 2017, and has been featured in multiple publications, including The Guardian. Find Jimmy J.P. on LinkedIn and Twitter @idforgood. Tykn leverages blockchain technology to bring trust, privacy, and interoperability to identity. Tykn’s Ana platform allows organisations to issue tamper-proof digital credentials which are verifiable anywhere, at any time. Users can prove their ID to access services while remaining in full control of what personal data is viewed, shared & stored. Find out more at tykn.tech. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello, and thanks for joining this new episode of Let’s Talk About Digital Identity. “A future of opportunity through digital identity” - so that’s what I read in the page of the guests we will have today, which is a young but very promising company called Tykn. They are working on a very interesting project and very interesting stories you are going to hear today from two guests. We have two guests today. So let me introduce to you my guests today. First of all, Khalid Maliki. After many years working on user experience at the Dutch Ministry of the Interior, Khalid’s keen product design knowledge combined with a passion for social impact led him to put all his time and efforts into co-founding the award-winning digital ID company, Tykn. Khalid believes self-sovereign identity will positively impact billions of people’s lives and has advocated for its adoption on the most important stages, from the Economic Forum in Africa to the United Nations in New York. And my second guest is Jimmy Snoek. Jimmy is a musician, business developer and entrepreneur, currently residing in The Hague, in The Netherlands. After having worked as a professional musician in Spain and having started his first company in The Netherlands before the age of 20,

E

Dec 2020

32 min 39 sec

Let's Talk About Digital Identity with Ilkka Hyvönen, Head of Cyber Security at Sogeti Finland. In episode 34, Oscar talks to Ilkka about the challenges that financial services face with digital identity, how CIAM helps with those challenges, the Zero Trust model and its applications for remote working, security in digital payments today, and his predictions for the near future of FS. [Scroll down for transcript] "Customer Identity and Access Management can enable financial services to do business in this digital world, especially now that people are not able to go to their branch." Ilkka Hyvönen works as the Head of Cyber Security at Sogeti Finland and has ten years of experience in security consulting. In his free time, he likes to do sports such as running, biking and swimming. Find Ilkka on LinkedIn. Sogeti is a part of the Capgemini group and offers advisory, implementation and managed services in 15 countries. In addition to digital identity, Sogeti’s cybersecurity services cover cyber security strategy, application security and detection & response. Find out more at www.sogeti.fi. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining today. Today, it’s time to talk about financial services and what are the implications for digital identity. For that, let me introduce you to my guest today. Ilkka Hyvönen works as the Head of Cyber Security at Sogeti Finland and has 10 years of experience in security consulting. In his free time, he likes to do sports such as running, biking and swimming. For the ones who are not familiar with Sogeti, Sogeti is part of Capgemini group and offers advisory, implementation and managed services in 15 countries. In addition to digital identity, Sogeti’s cyber security services cover cyber security strategy, application security and detection and response services. Hello, Ilkka. Ilkka Hyvönen: Hello. Oscar: Very welcome to have you here, Ilkka. Ilkka: My pleasure. Oscar: Nice. I hope you’re having a good day and you told me, we are both in Finland and we have a sunny day. You’re in Helsinki, correct? Somewhere… Ilkka: Yes, correct. Oscar: Yes, so we can see the same almost sunny, autumn morning. Ilkka: Yes, it is very nice weather for Finnish autumn. Oscar: Exactly. Excellent. It’s really great having you here. So, Ilkka, let’s talk about digital identity and the first thing I would like to hear is what was your journey to this world of digital identity. Ilkka: Yes. So, I have a background actually in telecommunications so not a security background originally. And after I graduated, I went to work for a big technology consulting company. And I got assigned to a digital identity project as one of my first projects. And I guess I sort of got hooked into the world of security and digital identity. I like security and digital identity because you get to work with a lot of different things, like you have to understand the technology such as protocols and applications that you are securing, you have to understand the business drivers and the sort of assets that you are protecting, because it’s really important to understand those as well. And then especially in digital identity, you have to understand the human aspects such as usability and how the users are behaving. Because if you, for example, had to enforce too strict rules the users can find some clever workarounds for things such as using the same passwords everywhere. So, I have been working in security for about 10 years now and I work a lot with digital identity especially in the financial services industry. So that’s my journey so far in digital identity. Oscar: Yeah, excellent. So, you started in telecommunication, but you got somehow enchanted,

Dec 2020

24 min 39 sec

Let's Talk About Digital Identity with Petteri Ihalainen, Senior Specialist at the National Cyber Security Centre, Finland (part of Traficom - Finnish Transport and Communications Agency). In episode 33, Oscar's on home turf talking to Petteri Ihalainen about the identity landscape in Finland and all about the Finnish Trust Network (FTN) – what it is, why it came about and what the benefits are for Finland's population. They also discuss Katso, Finland's business-to-government national delegation solution (read more about Katso here), and eIDAS, a regulation that Petteri is deeply involved in. [Scroll down for transcript] "You get basically the whole population of Finnish people through a single contract." Petteri Ihalainen has an extensive information security background, having worked for organisations like SSH, Ubisecure, the EU Commission, Gemalto and GlobalSign. During his career he has participated in advanced initiatives and digital identity programmes in various roles. He's currently working as a senior specialist at the National Cyber Security Centre of Finland (part of Traficom – the Finnish Transport and Communications Agency) in a team that supervises and advises organisations deploying digital identity solutions. Petteri also acts as one of the country's representatives at the EU-level in eIDAS related tasks and programmes. Find Petteri on LinkedIn and on Twitter @Ihalain. Read more about 'What is the Finnish Trust Network' in our blog. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining today. In Finland, people are used to accessing many services completely online and authenticate using verified identity, I would say almost on a daily basis. So this has been the norm for already many, many years. But recently, there have been some changes and as a result, we have something called the Finnish Trust Network. So, if you haven’t heard about that, you are going to hear from an expert in this matter who – let me introduce you today, is with me, Petteri Ihalainen. He has an extensive information security background having worked for organisations like SSH, Ubisecure, the European Commission, Gemalto and GlobalSign. During his career, he has participated in advanced initiatives and digital identity programmes in various roles. He’s currently working as a Senior Specialist at the National Cyber Security Centre in Finland which is part of the Finnish Transport and Communication Agency, Traficom, in a team that supervises and advises organisations deploying digital identity solutions. Petteri also acts as one of the country representatives at the European Union-level in eIDAS related tasks and programmes. Hello, Petteri. Petteri Ihalainen: Hello, Oscar. How are you doing? Oscar: Very good. It’s great talking with you after some time. So, as I said in your bio, you’ve been part of Ubisecure some time ago and it’s great to talk with you again and see what you are doing now in Traficom. Petteri: Yeah, thanks for inviting me over. Oscar: Fantastic. So, we’d like to hear a bit more from your own words what was your journey to this world of digital identity? Petteri: Digital identity is kind of a long story. So, I have been interested in information security in general for ages, even in my first job at the healthcare sector had an aspect of information security. But it really got start information security career at SSH Communications Security in 2000. And I was then hired as a product manager for the PKI product family that was still being developed at SSH. And it was supposed to be the year of the PKI, but it didn’t happen and then we kind of like went, “OK, 2001 has to be the year of PKI and so on and so forth” which never happened.

Nov 2020

28 min 15 sec

Let's Talk About Digital Identity with Andrew Weaver, Executive Director of Digital Identity New Zealand (DINZ). In episode 32, Andrew fills us in on the main trends and challenges for digital identity in New Zealand, its national Digital Identity Trust Framework and the importance of interoperability between identity systems. He also gives us an excellent tip for individuals and organisations on reframing identity, inspired by Maori identity validations - trusting and respecting identities as a precious gift. [Scroll down for transcript] "The strange thing with digital identity is most of the technology that's needed is already there – we're not really inventing anything new. The key to digital identity working is actually in collaboration." Andrew Weaver is the Executive Director of Digital Identity New Zealand, an organisation whose mission is to create a digital identity ecosystem that enhances privacy, trust and improves access for all people in New Zealand. Andrew is a strategic specialist with over 30 years hands-on management, consultancy and systems development experience built throughout New Zealand, Australia, Asia and the Middle East.  He is also an active and passionate supporter of social enterprises and charities working in New Zealand and overseas. Connect with Andrew on LinkedIn. Digital Identity NZ is a purpose driven, inclusive, membership funded organisation, whose members have a shared passion for the opportunities that digital identity can offer. Digital Identity NZ supports a sustainable, inclusive and trustworthy digital future for all New Zealanders. Find out more about Digital Identity NZ at digitalidentity.nz. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hi and thanks for joining today. We always are very interested in learning what are the digital identity initiatives around the world. And today, we have a location that is geographically a bit far from where we are in Finland, it’s 10 hours ahead. And today we’re going to talk about New Zealand. And for that, we have a very special guest who is Andrew Weaver. He is the Executive Director of Digital Identity New Zealand, an organisation whose mission is to create a digital identity ecosystem that enhances privacy, trust and improves access for all people in New Zealand. Andrew is a strategic specialist with over 30 years hands-on management, consultancy and systems development experience built throughout New Zealand, Australia, Asia and the Middle East. He is also an active and passionate supporter of social enterprises and charities working in New Zealand and overseas. Hello, Andrew. Andrew Weaver: Kia Ora. [Introduces himself in Māori] That is just a very brief introduction of me. I’ve just told you my identity. That’s the Māori language, the indigenous people of New Zealand and that’s a traditional greeting. They’ve had that for hundreds if not thousands of years to describe the place that they call home. So, I talked about my mountain, I talked about my river, I talked about the geographic location, then I talked about my family and finally, talked about myself. So, it’s always a good way to start a conversation around identity. Oscar: Fantastic. Kia Ora, Andrew. Definitely it’s very fascinating talking with you. You started in a very special way. And we want to hear more about you, please tell us a bit more about you how you came to this world of digital identity. Andrew: OK. My personal background - and I have been working in payments, cards, banking, fraud prevention for too many years to count. And on a couple of occasions I’ve been asked to facilitate some discussions at a conference, banking conference primarily. And then last time I did that, the topic was digital identity.

Nov 2020

24 min 58 sec

Let's Talk About Digital Identity with Miikka Sainio, CTO, and Rami Raulas, Vice President EMEA, at SSH.com. In episode 31, Oscar talks to Miikka and Rami about expanding identity beyond IAM and CIAM to Privileged Access Management. Listen for: what exactly Privileged Access Management (PAM) is; PAM benefits and use cases; the complexity and challenges with cloud, hybrid, and multi-cloud environments; ephemeral certificates; the principle and application of zero trust; and SSH's PAM product – PrivX. [Scroll down for transcript] "Ideally you want to have a single pane of glass through which you control access to your whole estate." Miikka Sainio Miikka Sainio is CTO at SSH.com. He has been successfully building services and products for over 20 years as a coder, architect and product owner. Find Miikka on LinkedIn. Rami Raulas Rami Raulas is Vice President EMEA at SSH.com. He has a wealth of experience in IT, working at Fujitsu prior to joining SSH. His specialist area is in building successful customer experiences. Find Rami on LinkedIn. SSH.COM (SSH Communications Security Oy) is an encryption specialist for safe data communications and a pioneer in data and internet security since its incarnation, when founder Tatu Ylönen invented the SSH Secure Shell Protocol in 1995. It is a global company with headquarters in Helsinki, Finland. Find out more about SSH at www.ssh.com. SSH.com is a Ubisecure partner; view more information in this press release. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining today. Now, the organisations and the projects in the organisations are getting more and more complex, there is more complexity in these environments and there is a topic that is completely linked to that: it's Privileged Access Management. So, we are going to hear from experts in this matter from the company called SSH.com. We have today two guests. They are Miikka Sainio. He’s CTO at SSH.com. He’s been building beautiful services and products for over 20 years as a coder, architect and product owner. And our second guest is Rami Raulas. He is Vice President EMEA at SSH.com. He has long experience in IT from Fujitsu before SSH. His special area is in successful customer experiences. Hello Miikka. Hello Rami. Miikka Sainio: Hello, nice to be here. Rami Raulas: Hi, Oscar. Pleased to join. Oscar: Yeah, very welcome and it’s nice talking with you and great to talk after some time from some company in Finland here where we are, so it’s great to hear. Let’s see what SSH, a Finnish company, is having for solving these very complicated problems for some organisations. We’ll hear more. But I would like to hear now a bit more about yourselves. So please could you tell me, each of you, what was your journey to this world of digital identity? Miikka: For me, it goes way back. So, I’ve been in IT for over 20 years now and even before that in the ‘90s, I used to run dial-in bulletin board systems which of course already had user accounts and user identities, which you logged in to the systems. And from those I graduated to different textual multi-user online games, again with accounts and so forth. And from that to our first start-up and building social web experiences. So, building and having a digital identity has always been a part of who I am as long as I can remember. Rami: Yeah, and for me, I’ve been working with the identity and authentication actually with different technologies like biometrics and user certificates or tokens. I’ve actually been putting, in the early ‘90s so a long time ago, smartcard readers and biometric readers into laptops. But now, the focus of course from our side is less so on the identification and authentication of the user.

Oct 2020

33 min 25 sec

Let's Talk About Digital Identity with Katryna Dow, founder and CEO of Meeco. Katryna talks to Oscar about her career (including inspiration from Minority Report), Meeco's personal data & distributed ledger platform, the importance of data minimisation to inspire trust in organisations, and cultural differences in attitudes towards digital identity. [Scroll down for transcript] "The greatest way to overcome this privacy paradox is transparency." "Where regulators have moved to increase the data transparency and data rights of individuals, these need to actually be part of the solution architecture." Katryna Dow is the founder and CEO of Meeco; a personal data & distributed ledger platform that enables people to securely exchange data via the API-of-Me with the people and organisations they trust. Katryna has been pioneering personal data rights since 2002, when she envisioned a time when personal sovereignty, identity and contextual privacy would be as important as being connected. Now within the context of GDPR and Open Banking, distributed ledger, cloud, AI and IoT have converged to make Meeco both possible and necessary. Find out more about Meeco at meeco.me. For the past three years, Katryna has been named as one of the Top 100 Identity Influencers. She is the co-author of the blockchain identity paper ‘Immutable Me’ and co-author/co-architect of Meeco’s distributed ledger solution and technical White Paper on Zero Knowledge Proofs for Access, Control, Delegation and Consent of Identity and Personal Data. Katryna speaks globally on digital rights, privacy and data innovation. Follow Katryna on her blog at katrynadow.me, on LinkedIn and on Twitter @katrynadow. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hi and thanks for joining today. Today, we’re going to have a very interesting conversation about how many technologies and business ideas converge into products that help people directly to protect their data and their identity. For that we have a very special guest. Our guest today is Katryna Dow. She is the founder and CEO of Meeco, a personal data and distributed ledger platform that enables people to securely exchange data via the API-of-Me with the people and organisations they trust. Katryna has been pioneering personal data rights since 2002, when she envisioned a time when personal sovereignty, identity and contextual privacy would be as important as being connected. Now within the context of GDPR and Open Banking, Distributed Ledger, Cloud, Artificial Intelligence and the Internet of Things have converged to make Meeco both possible and necessary. For the past three years, Katryna has been named as one of the Top 100 Identity Influencers. Hello, Katryna. Katryna Dow: Hello, Oscar. That introduction makes me feel I’m going backwards and forwards in time at the same time. Oscar: Very nice talking with you now Katryna. It’s super interesting having this conversation with you. I know there are so many things we can talk about. And so, I would like to hear from you what was your journey to this world of digital identity? Katryna: So, I don’t know where to start because I’m not sure it’s something that I ever consciously woke up one day and went, “Oh, you know, I really want to work in the identity space.” And I think that maybe true for a lot of people that maybe you’ve even interviewed previously. It actually unfolds out of something that is either driven by something you’re trying to do in society or related to commerce or related to access to services. And then all of a sudden you have this question of who or what are you? Are you supposed to be here? Are you allowed to have access to this place or this thing? And now you have access,

Oct 2020

38 min 54 sec

Let's Talk About Digital Identity with Lisa Forte, Partner at Red Goat Cyber Security and Host of the Rebooting YouTube Channel. In episode 29, Oscar talks to Lisa about her fascinating journey to cybersecurity, the lucrative schemes that hackers and scammers have been employing since the start of the pandemic, the group of volunteers (CV19) she co-founded to help protect hospitals against cyber-attacks with the onset of COVID19 in Europe, and top tips for individuals and organisations on cybersecurity and identity. They also discuss a new Tomorrow Unlocked documentary that Lisa appears in - Ha(CK)c1ne: Healthcare on the Edge. It explores the shocking cyber-attacks that have hit vulnerable hospitals, healthcare supply chains and vaccine labs since the COVID-19 pandemic. Released on 25th September, watch Ha(CK)c1ne on YouTube now. [Scroll down for transcript] "The pandemic is a crisis, but security has to continue. Even though we're fighting a biological virus at the moment, security still has massive ramifications If you ignore it." Lisa Forte is a social engineering and insider threat expert. She is a partner at Red Goat Cyber Security and Host of the Rebooting YouTube Channel. Lisa is a regular on TV shows, documentary films and news broadcasts. Her career started in a very unlikely place, working to stop pirates off the coast of Somalia! She worked in one of the UK Police Cyber Crime Units before starting Red Goat Cyber Security. Lisa is also one of the very proud co-founders of the Cyber Volunteers 19 (CV19) initiative providing free help and intelligence to healthcare providers in Europe during the pandemic, an organisation that has been recognised and praised by Governments around Europe. Find Lisa on Twitter @LisaForteUK and LinkedIn. Find out more about Red Goat Cyber Security at red-goat.com. Watch Ha(CK)c1ne here, embedded from YouTube:  We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!   Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host Oscar Santolalla. Oscar Santolalla: Hi and thank you for joining today. Already in the second week of March, I started hearing on social media news about ransomware gangs that were targeting hospitals in the very beginning of the pandemic and that was really horrible to hear and hard to believe. Today, we’re going to discuss what has happened since then until now because our guest will tell us how we can also protect ourselves, both as individuals and as organisations. Our special guest today is Lisa Forte. She is a social engineering and insider threat expert. She is a partner at Red Goat Cyber Security and Host of the Rebooting YouTube Channel. Lisa is a regular on TV shows, documentary films and news broadcasts. Her career started in a very unlikely place, working to stop pirates off the coast of Somalia! She worked in one of the UK Police Cyber Crime Units before starting Red Goat Cyber Security. Lisa is also one of the very proud co-founders of the Cyber Volunteers 19 (CV 19) initiative providing free help and intelligence to healthcare providers in Europe during the pandemic, an organisation that has been recognised and praised by governments around Europe. Hello Lisa. Lisa Forte: Hello, it’s wonderful to be here. Oscar: It’s a pleasure having you Lisa and super interesting what we’re going to discuss. But first, I would like to hear how you started, what was your journey to this world of cyber security. Lisa: So, it was a bit weird because I actually studied Law at university, and I thought I was going to become a lawyer for many years. And then I got a job working for a private armed security company that put armed guards onboard commercial ships to protect them from pirates. I started working there and I started getting more interested in security and more specifically how pirates were targeting ships because...

Sep 2020

24 min 27 sec

Let's talk about digital identity with Jurgita Sarkovaite, Innovation and Strategy Manager at NEO Consulting. In episode 28, Jurgita and Oscar discuss digital transformation, particularly in light of COVID19, and the critical role of identity in any digital transformation project. The conversation also explores the importance of digital identity in customer experience and how companies are approaching digital identity in light of that, including who has ultimate influence over digital identity projects within the organisation and the popularity of Identity-as-a-Service (IDaaS, SaaS-delivered IAM). [Scroll down for transcript] "Digital identity is part of every digital transformation project because it would be impossible to do without it" Jurgita Sarkovaite is Innovation and Strategy Manager at NEO Consulting. She’s also Professor of Digital Marketing and Digital Transformation courses at Pacífico Business School, Peru. Jurgita has 8+ years of project management experience in digital strategy consulting, technology and software development. Her research covers digital culture, entrepreneurship and innovation. She has a passion for education. You can contact Jurgita on LinkedIn or email jurgita.sarkovaite@neoconsulting.ai. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host Oscar Santolalla. Oscar Santolalla: Hello and thank you for joining today. Digital transformation is a term that we have been hearing and reading about in the last recent years, but I will say has never been as important as today. That’s why in this interview, we’ll dig into that. And also, we’d like to hear about the role of identity in digital transformation. And for that let me introduce you to today’s guest. Jurgita Sarkovaite is Innovation and Strategy Manager at NEO Consulting. She’s Professor of Digital Marketing and Digital Transformation courses at Pacifico Business School in Peru. Sarkovaite has more than eight years of project management experience in digital strategy consulting, technology and software development. Her research covers digital culture, entrepreneurship and innovation. And she has a passion for education. Hi, Jurgita. Jurgita Sarkovaite: Hi, Oscar. Nice to be here and delighted to share this time with you. Oscar: Yeah, it’s very nice. Thanks for joining. It’s very nice talking with you and I’m really intrigued about hearing more about digital transformation that as I say is becoming more and more important in these circumstances that we are living. But I would like to hear a bit more about yourself, so please tell us what is your journey to be in this world of digital transformation and digital identity, et cetera? Jurgita: Definitely, yes. So, I think as most professionals who are working in digital these days you know, my journey began a bit random. So, I kind of stumbled upon the digital at the beginning of my career, so I was freshly graduating from the university for my bachelor’s degree and I was looking for internships, for international internships. And so I started exploring around the globe and luckily I found this company, NEO Consulting, located in Lima, Peru, which was working in digital marketing at the time. So yeah, knowing absolutely nothing about digital marketing, I joined the company and it started straight ahead. So, I was working there developing the digital marketing strategies for companies in different industries. And after that I found myself very interested in the field, so I continued my journey, went on to working for a time for a specialised software development company in Lithuania which was working for clients in Europe or in Switzerland and in the United Kingdom. And I think just somehow you know rolled over from there. So, digital kind of became part of what I am,

Sep 2020

24 min 16 sec

Let's talk about digital identity with Josselyne Abarca, Gerente General y socia fundadora de Seguridad América. A note for our English-speaking listeners: this week's episode is in Spanish, talking about the challenges of digital identity in Latin America with Josselyne Abarca, CEO and founding partner of Seguridad América. You can read the transcript in English - scroll down to below the subscription links. [En español] “Las empresas y organizaciones están migrando todos sus servicios al ámbito digital y uno de los desafíos con los que se encuentran es certificar o ratificar la identidad de las personas que ingresan en sus sistemas y servicios.” Josselyne Abarca es Gerente General y socia fundadora de Seguridad América. Josselyne se encuentra ligada a la seguridad y autenticación digital desde los tiempos de VeriSign, donde comienza su carrera comercial. Para Josselyne, uno de los mayores retos en América Latina es la necesidad de proveer a los usuarios con una identidad global, robusta, flexible y verificada tanto en el ámbito público como privado para que puedan acceder con total seguridad y confianza a aquellos sistemas más susceptibles de sufrir ataques cibernéticos. Seguridad América es una organización con sede en América Latina con una cartera de soluciones destinadas a ayudar a las organizaciones con requisitos crecientes para la gestión de la seguridad cibernética y permitir a las empresas expandirse de manera eficiente y segura. Su compromiso es facilitar el acceso de la empresa privada y los organismos públicos a soluciones digitales robustas y seguras, así como entregar a sus clientes soluciones flexibles que permitan el fácil ingreso a los portales y manejo de las identidades para que el entorno sea productivo. Seguridad América es partner de Ubisecure y RapidLEI. Puedes leer más sobre asociación aquí. [In English] Challenges of digital identity in Latin America with Josselyne Abarca, Seguridad América – Podcast Episode 27 [Scroll down for English transcript] “Companies and organisations are migrating all their services to digital solutions and one of the challenges they face is to certify or verify the identity of the people who access their systems and services.” Josselyne Abarca is General Manager and founding partner of Seguridad América. Josselyne has been involved in digital authentication and security since the days of VeriSign, where she began her business career. For Josselyne, one of the greatest challenges in Latin America is the need to provide users with a global, robust, flexible and verified identity, both in the public and private sector, so that they can access the most susceptible systems with total security and confidence. Seguridad América is a Latin American-based organisation with a portfolio of solutions aimed at helping organisations with increasing requirements for cybersecurity management and enabling businesses to expand efficiently and securely. Its commitment is to facilitate the access of private companies and public organisations to robust and secure digital solutions, as well as to provide its clients with flexible solutions that allow easy access to portals and management of identities. Find Josselyne on LinkedIn. Find out more about Seguridad America at www.seguridadamerica.com. Seguridad America is a Ubisecure and RapidLEI partner. Read more about the partnership here. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure! ­   Podcast transcript (translated to English) OSCAR: Hello and welcome to the show, this time and for the first time we are going to speak in Spanish and what we are going to touch on today are the challenges of digital identity in Latin America, and for this I have a special guest who is Josselyne Abarca. Josselyne is CEO and Founding Partner of Seguridad América. Josselyne has been involved in digital authentication and security since VeriSign where she began her ...

Sep 2020

37 min 50 sec

Let's talk about digital identity with Schehrezade Davidson, CEO of Tricerion. In episode 26, Oscar talks to Schehrezade about Tricerion's neurographic authentication solution – picture-based passwords. They discuss how neurographic authentication solves the risks of alphanumeric passwords and spoof phishing, the benefits for users who find it hard to remember and input alphanumeric passwords, and its use cases. [Scroll down for transcript] "None of us like passwords, we want something simple. But individuals understand they need something secure." Schehrezade Davidson is the CEO of Tricerion, whose innovative SafeLogin product provides strong mutual authentication with picture-based passwords. Find out more about Tricerion and watch videos of how it works at tricerion.com. Schehrezade has 30 years' experience in financial services and equity fund management, where her expertise covered investing in large and small cap companies. She has over 10 years' experience in early stage technology investing, especially in companies on the cusp of commercialisation. Schehrezade was an early stage investor in Tricerion. Find Schehrezade on LinkedIn. Schehrezade also joins LTADI for a second podcast episode, discussing immunity passports. Listen to that conversation in episode 41. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     Podcast transcript Oscar Santolalla: Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Thanks for joining again to a new episode of Let’s Talk About Digital Identity. And happy to discuss a very interesting, very innovative way of protecting our digital identity. And if you haven’t heard before, we’ll talk about neurographic passwords. And for that we have a special guest so let me introduce to you, Scheherazade Davidson. She is the CEO of Tricerion Limited, a company that owns novel patented mutual authentication software. Before Tricerion, she worked in finance and fund management where she had a special interest in investing in innovative technology businesses. This experience has given her the understanding of what is needed to commercialise technology. Timing is all. Hello, Scheherazade. Scheherazade Davidson: Hello, Oscar. Great to meet you. Oscar: Nice meeting you. It’s great talking with you. I’m really curious about hearing what Tricerion is doing so it sounds very, very interesting. But first, let’s hear something more about yourself, so please walk us through your journey to the world of digital identity. Scheherazade: Yeah, sure, happy to give a little bit of background. So, originally, I was an investor in Tricerion. I came across it when the original founders came to present the idea to me. And it’s one of those things, in my investment career, I’ve seen a lot of amazing ideas and solutions in a whole range of industries. But when I heard the story of what the guys are trying to do, I just thought it was amazing. And when I left finance - that’s a long, long convoluted story - but in the end, I ended up joining the business and have become the CEO. Because I think our solution for authentication is simple, easy and visual. And it’s one of these stories where I have to admit I fell in love with the solution, and I really want to spread the idea far and wide. Oscar: Oh, fantastic. Yes, we have been talking, not in all the episodes but I was thinking nearly all of the episodes in these conversations, we’ve been talking about one way or another about passwords. And people have differing opinions. But from your perspective of being in this company, Tricerion, having already been for several years and you have a very different perspective/way of solving this problem, what would you say is the main problem with traditional passwords? Scheherazade: Well, I think one of the main issues is that everywhere that you log in with an alphanume...

Aug 2020

27 min 36 sec

Let's talk about digital identity with Debbie Reynolds, Founder, CEO, and Chief Data Privacy Officer at Debbie Reynolds Consulting LLC. And we're back with series 2! Kicking us off is Debbie Reynolds, looking at privacy in contact tracing apps around the world. Debbie walks us through the potential issues with contact tracing apps with regard to regional laws, security risks which must be mitigated against and the practical effectiveness of the apps themselves. Debbie and Oscar also dive into the world of facial recognition – including the importance of accuracy and transparency around public practices and relevant regulations (GDPR, CCPA, BIPA etc.). [Scroll down for transcript] "For me, contact tracing is a profession, not an app" Debbie Reynolds, “The Data Diva,” is a world-renowned technologist, thought-leader, and advisor to Multinational Corporations for handling global data privacy, cyber data breach response, and complex cross-functional data-driven projects. Ms. Reynolds is an internationally published author, highly sought speaker, and top media presence about global data privacy, data protection, and technology issues. Ms. Reynolds has also been recognised as a Technology Visionary and as a top leader in the Data Privacy industry worldwide. Find out more about Debbie at www.debbiereynoldsconsulting.com and connect with her on LinkedIn. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining today. 'Facial recognition', 'contact tracing apps' are terms that we have been hearing and reading very often in the last months. And we are going to discuss what are the implications in privacy and in the digital identity, and of course also opportunities related to that. And for that, we have a very special guest, an expert in that matter. Let me introduce to you, Debbie Reynolds. She is “The Data Diva,” is a world-renowned technologist, thought-leader, an advisor to multinational corporations for handling global data privacy, cyber data breach response, and complex cross-functional in data-driven projects. Ms. Reynolds is an internationally published author, highly sought speaker, and top media presence about global data privacy, data protection and technology issues. Ms. Reynolds has also been recognised as a technology visionary and as a top leader in the data privacy industry worldwide. Hello, Debbie. Debbie Reynolds: Hello, Oscar. Thank you. That’s such a wonderful introduction. Thank you so much. Oscar: It’s a pleasure talking with you. I really want to hear your opinion on some of these topics that I mentioned. But first of all, I want to hear a little bit more about you. So let us know how your journey to this world of privacy and digital identity was. Debbie: Sure. So, I have been a 'data junkie' or a 'data geek' for many, many years. My first start in technology was working with library systems at times when they were trying to move from card catalogues to digital systems and databases. So, I started my technology career as a database administrator and I fell in love with data. And this was around the time a little bit before kind of internet became so commercially available to people. So, at that time, I became very interested in privacy. This is like in the ‘90s actually, I read a book called The Right to Privacy that came out in 1997. And I was fascinated by the concept. So, I sort of had this parallel journey where I was working more in the data space in terms of helping– I ended working with multinational corporations, helping them do data movements for legal cases. So, moving data around the world and understanding how to do so legally, so I’ve been doing that for over 25 years. But as I kept keeping tabs on privacy,

Aug 2020

36 min 22 sec

Let's talk about digital identity with Clare Rowley, Head of Business Operations at the Global Legal Entity Identifier Foundation (GLEIF). In episode 24, Clare and Oscar delve into the world of the Legal Entity Identifier (LEI) – what exactly is an LEI; the GLEIF's role in ensuring the operation of the Global LEI System and promoting LEI engagement; and the specific, quantifiable benefits that the LEI can bring to the banking sector. [Scroll down for transcript] "Consumer protection, greater transparency in the supply chain, and the detection and prevention of fraud can be achieved only through full transparency of counterparties." Clare Rowley is the Head of Business Operations at the Global Legal Entity Identifier Foundation (GLEIF). Prior to working with GLEIF, Ms. Rowley worked at the United States Federal Deposit Insurance Corporation where she led technology initiatives improving bank resolution programs and contributed to research on subprime mortgages. Find Clare on LinkedIn. Established by the Financial Stability Board in June 2014, the Global Legal Entity Identifier Foundation (GLEIF) is a not-for-profit organisation created to support the implementation and use of the Legal Entity Identifier (LEI). GLEIF is headquartered in Basel, Switzerland. GLEIF services ensure the operational integrity of the Global LEI System. GLEIF also makes available the technical infrastructure to provide, via an open data license, access to the full global LEI repository free of charge to users. GLEIF is overseen by the LEI Regulatory Oversight Committee, which is made up of representatives of public authorities from across the globe. GLEIF has obtained the ISO/IEC 20000-1:2011 certification in October 2019 for its Partnership Program Services to the LEI issuing organisations (LOUs). For more information, visit the GLEIF website at https://www.gleif.org/en Ubisecure is a Local Operating Unit (LOU) for the GLEIF through its RapidLEI service and is the number one issuer of LEIs worldwide. Find out about becoming a RapidLEI partner at rapidlei.com/partners. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     [Podcast transcript] Let’s talk about digital identity. The podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thank you for joining today. We usually talk about digital identity of individual people from many perspectives, but today we are going to talk about the identity of organisations. The first question would be, do we have any universal way of identifying organisations in a way that can be electronically verified? The answer is yes, we have that and it’s called the Legal Entity Identifier or LEI. Today we are going to talk about that, and for that we have a representative from the organisation that works on the promotion of the LEI which is the GLEIF. So let me introduce to you my guest today: Clare Rowley. Clare is Head of Business Operations at the Global Legal Entity Identifier Foundation or GLEIF. Prior to working with GLEIF, Ms. Rowley worked at the United States Federal Deposit Insurance Corporation where she led technology initiatives improving bank resolution programmes and contributed to research on subprime mortgages. Hello Clare. Clare Rowley: Hello Oscar, it’s lovely to be with you today. Oscar: My pleasure Clare, it’s very nice talking with you and hearing what more about what GLEIF is doing. So, Clare let’s talk more about digital identity. The first thing I would like to ask you is: What is GLEIF? Clare: Certainly. I will mention again, as Oscar said in the intro, I will use two acronyms throughout this discussion. The first is GLEIF, for Global Legal Entity Identifier Foundation and then LEI for the identifier itself, for Legal Entity Identifier. So, we at GLEIF, we are a non-profit Swiss foundation inaugurated in June 2014 and founded by the Financial Stabil...

Jun 2020

30 min 32 sec

Let's talk about digital identity with Susana Lopes, Director of Product at Onfido. In episode 23, Oscar talks to Susana about what biometrics enable that other identifiers can’t; the importance of anti-spoofing (liveness); privacy concerns around biometrics and regulatory impact; algorithmic bias in biometrics (including race, age, gender and other demographic differentials) and Onfido's work with the ICO in this regard. [Scroll down for transcript] "Biometrics protect users against themselves in situations where they might not realise they're under attack" Susana has a varied background in product management in the B2B space. She has a breadth of platform experience, from web front and backend, iOS, Android and Machine learning infrastructure. Her current role is director of product at Onfido, specifically focusing on their biometric product offering. Connect with Susana on Twitter @susanavlopes and on LinkedIn. Onfido is building the new identity standard for the internet. Its AI-based technology assesses whether a user’s government-issued ID is genuine or fraudulent, and then compares it against their facial biometrics. Its mission is to create a more open world, where identity is the key to access. For more information, visit: onfido.com or follow Onfido on social media: Facebook, Twitter @Onfido and LinkedIn. As referenced in the episode, you can also find Onfido's tech blog on Medium here: https://medium.com/onfido-tech. Onfido is a Ubisecure partner. Find out more about the partnership here - https://www.ubisecure.com/partner-directory/onfido/. Susana also refers to a NIST study on demographic differentials of biometric facial recognition accuracy, which can be found here: https://nvlpubs.nist.gov/nistpubs/ir/2019/NIST.IR.8280.pdf. Mei Ngan, Scientist at the National Institute of Standards and Technology (NIST), discusses evaluating face recognition biometrics in episode 42 of the podcast: https://www.ubisecure.com/podcast/face-recognition-biometrics-nist-mei-ngan/. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     Podcast transcript Oscar Santolalla: Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Hello and thanks for joining today. I will ask you: have you already used biometrics for authentication? Do you like it? Do you use it often? Well, today we are going to have a guest who will discuss with us the world of biometrics and what other things are happening today. So let me introduce to you our guest today: Susana Lopes. Susana has a varied background in product management in the B2B space. She has a breadth of platform experience, from web front and backend, iOS, Android and Machine Learning infrastructure. Her current role is Director of Product at Onfido, specifically focusing on their biometric product offering. Hi Susana. Susana Lopes: Hi Oscar. How are you? Oscar: Oh, very good. I’m really happy to talk with you and learn more about biometrics and what you are doing in Onfido. So first of all, I would like to hear more about your journey to the world of digital identity. Susana: Sure. So about three years ago, I joined Onfido and we are an identity verification business. So we want to help people prove who they claim to be, prove that they are who they claim to be when they’re trying to rent a car or when they’re trying to open a bank account so that they can do that without having to go to a store or to a bank front, particularly useful in pandemics. So when I joined Onfido, I originally was looking after our identity databases product. So making sure that your name, your date of birth, your address are known in say credit rating agencies or in government databases. So that was my first introduction to the world of identity and then later on I actually was one of the founding members of the biometrics team and we started looking at - wh...

Jun 2020

29 min 51 sec

Let's talk about digital identity with Simon Wood, CEO of Ubisecure. In episode 22, we're featuring a bonus lockdown episode in which Oscar talks to Simon about how the current pandemic has changed, and is still changing, the digital identity landscape. [Scroll down for transcript] "Now is the time for the digital identity industry to practice what we preach - security, efficiency, user experience, regulatory compliance." The conversation covers the key issues surrounding remote working and digital-first strategies, exploring both the commercial and governmental sides of the situation we all find ourselves in. Simon touches on the privacy aspects of contact tracing, the now 'blurred lines' of internal and external users from an identity and access management perspective, and the key role of SaaS to enable fast routes to digitalisation. As Group CEO at Ubisecure, Simon Wood is responsible for planning, communicating and delivering Ubisecure’s overall vision and corporate strategy to enable the true potential of digital business through modern identity management solutions.  Connect with Simon on LinkedIn. As mentioned in the episode, Simon joined a previous episode of Let's Talk About Digital Identity. Catch up here: https://www.ubisecure.com/podcast/simon-wood/. Ubisecure provides feature rich customer identity management software and services to help companies reduce identity data breach risk, improve operational efficiencies, and improve user experience. Find out more at ubisecure.com. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     Podcast transcript Oscar Santolalla: Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Hello and thank you for joining today to a new episode of Let’s Talk About Digital Identity. And I am sure many of you, if not all of you, are remote workers right now, so we are going to talk about some of the implications of remote working and what other things have happened because of COVID-19 in this area of digital identity. And for that, I’m going to introduce for the second time, our guest who has been on exactly 11 months ago, Ubisecure CEO, Simon Wood who was here talking about many aspects about what happened in digital identity in Ubisecure and giving some predictions. And let’s see what happened not only in these 11 past months, but especially in the very recent weeks. So, let’s welcome Simon Wood. Hello, Simon. Simon: Hi, Oscar and thank you for having me back again. Oscar: Yeah, it’s great having you here now. We’re going to discuss a bit different topics because we are living in quite different times, given what happened last year. So let’s jump directly into this. So now that COVID-19 has affected every single industry, how do you see it has affected particularly the digital identity industry? Simon: Yes. So I mean obviously right now, we are in quite an unprecedented time for all industries. We see a landscape where businesses are having to adapt quickly to this new unfolding situation, start planning for what the situation will become. And we don’t know that yet, but there's fairly wide acceptance that we will arrive at some new normal as we go forward. Certainly, how interactions have taken place, the default models I think will shift as we go forwards. Priorities will have to be slightly different as well. Right now as employers, we’re looking after employees as the first priority. We've got to serve our customers and make sure that they can continue receiving services that they need. And then kind of the core business itself. In the general sense, it’s interesting to see how businesses are behaving relative to their stated values, that a number of businesses published. And these are complex times and for all industries, we have to kind of practice what we preach and I think for the digital identity industry that...

May 2020

25 min 23 sec

Let's talk about digital identity with Bengt Berg, Head of Compliance Management Services at Cybercom. We all know the importance of regulatory compliance in any Identity and Access Management (IAM) scenario. What we don't always know is how to make colleagues engage with compliance, to ensure they sit up, listen and remember to always keep compliance front of mind. In episode 21, Bengt Berg fills us in on the new alternatives to the dreaded compliance management handbook that sits on the office shelf collecting dust, taking inspiration from the finance industry. Oscar and Berg also cover other key topics such as how to convince the board that IT security is important with easily accessible metrics, specific cases of IT security compliance in IAM and Cybercom's approach to compliance management. [Scroll down for transcript] "The most common system or platform to get hacked is the system you didn't even know you had." Bengt has been in the IT security industry since 1994, when building encryption systems for people in uniforms, have been a manager in an American big firm, has taken some time in the finance industry and today works as a do-all guy at Cybercom. Some sales, some consulting, some business strategy, and is also a member of the steering group of Cybercom Secure. He is also the proud father and protector of Cybercom’s products and services in the Compliance Management area. Connect with Bengt on LinkedIn or at bengt.berg@cybercom.com. Enjoyed this episode? Listen to episode 10 with Bengt's colleague, Cybercom’s Head of IAM Solutions, Robin von Post. Find out more about Cybercom at www.cybercom.com. Cybercom is a Ubisecure partner. Get the details here: ubisecure.com/news-events/cybercom-partnership. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     [Podcast transcript] Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining. Imagine you have joined a new company and among the very first things, you are meeting the IT manager, giving you some training about security and then they hand you a 40-page guideline that you have to follow and that can be a nightmare for everybody - some stress how I’m going to make sure that I will follow that. On the other side of the story, of course there are the compliance managers who really want that a company complies with these regulations or guidelines, security-based practices, and how they make sure that everybody is contributing to that, to the common goal. So for that, we will have a conversation about compliance management. For that we have an expert who is Bengt Berg who is a head of compliance management services at Cybercom. Bengt has been in the IT security industry since 1994, when building encryption systems for people in uniforms. He has been also a manager in an American big firm, has taken some time in the finance industry and today works as a do-all guy at Cybercom. Some sales, some consulting, some business strategy, and he is also a member of the steering group at Cybercom Secure. He is also the proud father and protector of Cybercom’s products and services in the Compliance Management area. Hello Bengt. Bengt Berg: Hello. Good to meet you, Oscar. How are you doing? Oscar: Oh, very good. I’m really happy to talk with you and talk about this very interesting topic - compliance management. So let’s get started Bengt. Let’s talk about digital identity. And the very first things I would like to know is a bit more than I said everything in your bio. But tell us a bit more about your journey into this world of compliance and digital identity. Bengt: I would like to start with thanking you for telling us, saying that compliance management sounds very interesting. In fact it sounds really, really boring. Most of the people who got these PDF documents with all the r...

May 2020

37 min 18 sec

Let's talk about digital identity with Marjukka Niinioja, co-author of API Economy 101 and Founding Partner at Osaango. Why are APIs not just a technical issue, but a business issue as well? In episode 20, Oscar chats to API guru Marjukka Niinioja about the opportunities APIs can create, how COVID-19 has highlighted the need for digitalisation, the role of identity in API security and the importance of standards like OpenID Connect. [Scroll down for transcript] "You don't need to have an army of coders, you just need to buy the capabilities as APIs" Marjukka Niinioja is co-author of API Economy 101 book and founding partner and leading consultant at Osaango, a company specialising in API and Platform economy. Osaango has worked with several companies in Finland and abroad as well as public organisations to help them not only learn about the possibilities of API and Platform business models but also define their API and platform strategies and guide them in the implementations. For links and more information visit www.osaango.com Marjukka is also the "mother" of the lean, business-oriented and open APIOps Cycles method, creator of the open course about API Economy with Tampere University and the local organiser of APIdays Finland conferences. Visit APIOps Cycles at www.apiopscycles.com and check out the API Economy open course at Tampere University at www.osaango.academy/courses/intro-to-api-economy. For a roundup of APIdays Finland 2019, read Oscar's blog - www.ubisecure.com/api/apidays-finland-2019/ Find Marjukka on Twitter @MNiinioja and on LinkedIn. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     [Podcast transcript] Oscar Santolalla: Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Hello and thanks for joining today. We will have now for the first time talking about APIs and the API economy and what is the relationship with identity. For that, our guest is Marjukka Niinioja. She is co-author of the API Economy 101 book and founding partner and leading consultant at Osaango, a company specialising in API and Platform economy. Osaango has worked with several companies in Finland and abroad as well as public organisations to help them not only learn about the possibilities of API and Platform business models but also define their API and platform strategies and guide them in the implementations. Marjukka is also the “mother” of the lean business-oriented and open APIOps Cycles method, creator of the open course about API Economy with Tampere University and the local organiser of APIDays Finland conferences. Hi Marjukka. Marjukka Niinioja: Hi. Nice to be here. Oscar: Welcome. It’s very nice talking with you. So Marjukka, let’s talk about digital identity. And the very first thing I want to hear from you is what was your journey to this world of APIs and digital identity? Marjukka: It’s an interesting question because it started actually about 20 years ago. I will never be older than 25 but still 20 years ago. Finland joined the European Union, and we were basically pulled as students from the university to build the European Union Agricultural Benefit Systems in Finland. And one of the key things there was, of course, identity and we started - very ambitiously because we were young and stupid, we didn’t know that it was very difficult to do. So we started building a web services-based architecture and one of the key things for that was how to handle identities and it was a really tough school because we had to handle the public sector people, like the people in municipalities who made the decisions about the benefits and also the farmers and everybody else who were somehow delivering or handling the agriculture goods and supplies and everything else, and the animals. So we even had to find out ways to handle digital identity for animals.

May 2020

37 min 13 sec

Let's talk about digital identity with Sid Desai, Director at Remme. In episode 19, Oscar talks to Sid about what exactly a decentralised ID is, its benefits, use cases and open standards such as the Decentralized Identifiers (DIDs) specification from W3C. They also discuss how decentralised identity will develop in the coming years, and why Remme is building a decentralised model of Public Key Infrastructure (PKI). [Scroll down for transcript] "Decentralised IDs give control of digital identity back to the user." Sid Desai is a Boston (USA) based IT security professional who’s passionate about user/machine identities, security & PKI. Sid has led the distributed identity front in his work at Remme, helping work with the platform, engineering and partner teams to massively extend the impact of decentralised identity & authentication solutions for the modern enterprise. He consults with Remme’s customers around the world on how to transform their identity & authentication ecosystems thus helping them increase their business integrity & efficiency while lowering costs. Recognised as a well-rounded advocate for identity, digital transformation and blockchain-enabled solutions, Sid is also a regular speaker, contributing author and media commentator. Find Sid on LinkedIn or email sid@remme.io. Founded in 2015, Remme is building the distributed Public Key Infrastructure protocol and PKI-enabled apps to address the challenges of Web 3.0. Remme Auth is a 2-click authentication solution that allows users to securely access a website without passwords. Instead, the solution uses X.509 self-signed certificates and blockchain technology. Find out more at remme.io. Remme is a Ubisecure partner, with the companies collaborating to create identity solutions using blockchain technology. Read the press release here - https://www.ubisecure.com/news-events/remme-ubisecure-blockchain-identity-management/ We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     [Podcast transcript] Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining today. Today, we will hear our guest talking about Decentralised ID. So for that, I would like to welcome Sid Desai. Sid is a Boston-based IT security professional who’s passionate about user and machine identities, security, and PKI. Sid has led the distributed identity front in his work at Remme, helping work with the platform, engineering, and partner teams to massively extend the impact of decentralised identity and authentication solutions for the modern enterprise. He consults with Remme’s customers around the world on how to transform their identity and authentication ecosystems, thus helping them increase their business integrity and efficiency while lowering costs. Recognised as a well-rounded advocate for identity, digital transformation and blockchain-enabled solutions, Sid is also a regular speaker, contributing author and media commentator. Hi, Sid. Sid Desai: Hey, Oscar. How is it going? Oscar: Very good. It’s nice talking with you. Welcome to the show. Sid: Thank you for having me. Oscar: A pleasure. Sid, let’s talk about digital identity and I would like to start hearing how was your journey to this world of digital identity? Sid: I think it began around 2011. I was working on some energy smart grid projects for a large US-based smart metering company. And it was during that time where I was exposed to concepts of identity, especially something that’s got to do with Active Directory. I was also exposed to things like PKI and very early versions of single sign-on. And this applied not just for users at the company but also for machines, for the smart meters. So, concepts of machine identities were very early on at that time and was very much exposed to machine identities. So,

Apr 2020

33 min 54 sec

Let's talk about digital identity with Dean Coclin, Senior Director, Business Development at DigiCert. In episode 18, Oscar is joined by Dean Coclin, representing the world's largest public Certificate Authority (CA) – DigiCert. The conversation decodes exactly what a CA does and its critical role in Public Key Infrastructure (PKI). Listen in on DigiCert's view of, and role in, digital identity with relation to Transport Layer Security (TLS) and Extended Validation (EV) certificates, the Internet of Things (IoT) and Legal Entity Identifiers (LEIs). LEIs are the 20-digit alphanumeric codes identifying unique global legal entities. Ubisecure is the fastest growing LEI issuer globally through its RapidLEI service. DigiCert announced a partnership with Ubisecure in December 2019, collaborating to extend the use of LEIs for multiple types of digital certificate-based use cases. Read the press release here - ubisecure.com/news-events/digicert-ubisecure-partnership-legal-entity-identifier-organization-identity-solutions. Dean also fills us in on the CA/Browser Forum and the ASC X9 PKI Study Group, which he chairs. [Scroll down for transcript] "What good is encryption if we don't know who we are encrypting to?" Dean Coclin brings more than 30 years of business development and product management experience in software, security and telecommunications.  As Senior Director of Business Development at DigiCert, he is responsible for representing the company in industry consortia and driving the company's strategic alliances with technology partners. Mr. Coclin is also the past Chair of the CA/Browser Forum and the CA Security Council. Currently he chairs the ASC X9 PKI Study Group. Previously Mr. Coclin worked at Symantec’s Website Security business unit before it was sold to DigiCert and was one of the founders of ChosenSecurity, an Internet security firm which was sold to PGP Corporation in February 2010. PGP was subsequently acquired by Symantec in June 2010. Prior to this, Mr. Coclin was Director of Business Development at GeoTrust which was sold to Verisign in 2006. He holds a BSEE and MS from The George Washington University and an MBA from Babson College. Follow Dean on Twitter @chosensecurity and find his articles on the DigiCert blog at digicert.com/blog. For more information on DigiCert, visit its website - digicert.com – and follow the CA/Browser Forum at cabforum.org. We’ll be continuing this conversation on Twitter using #LTADI – join us @ubisecure!     [Podcast transcript] Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello, and thanks for joining today. Today, we will hear how certification authorities contribute to securing the internet but also what is their role in digital identity. And for that, I have a very special guest. Dean Coclin brings more than 30 years of business development and product management experience in software security and telecommunications.  As Senior Director of Business Development at DigiCert, he is responsible for representing the company in industry consortia and driving the company’s strategic alliances with technology partners. Mr. Coclin is also the past Chair of the CA/Browser Forum and the CA Security Council. Currently, he chairs the ASC X9 PKI Study Group. He holds a BSEE and MS from the George Washington University and an MBA from Babson College. Hello, Dean. Dean Coclin: Hello, Oscar! Thank you for having me today. Oscar: You're very welcome. It’s great talking with you, Dean. I’m really very excited to talk about your career and what you are doing today in this world of Certification Authorities, particularly in DigiCert. So, I would like to hear first, what was your journey to this world of digital identity? Dean: Well, I’ve been involved with Public Key Infrastructure and Certificate Authorities since 1996 actually,

Apr 2020

28 min 32 sec

Let's Talk About Digital Identity with Grace Mutung'u, internet policy advocate and research fellow at CIPIT. This week, Oscar chats to Grace Mutung'u about challenges for digital identity in Kenya and the various considerations for inclusive national identification, including historical, social and economic issues. She fills us in on the court case against Huduma Namba (Kenya's national ID platform) that she has been involved in and its recent judgement to rule out unnecessary DNA and GPS data collection, and the framework that must be in place before being fully rolled out. [Scroll down for transcript] "We need to think about identities before thinking about applications of digital technologies." Grace is a research fellow at the Centre for IP and IT Law (CIPIT) at Strathmore University, studying digital ID and society in Kenya. She has been involved in ICT policy advocacy for over 10 years and was most recently providing support during litigation in Kenya's digital ID case. Find Grace on Twitter @bomu. Find out more about the Centre for Intellectual Property and Information Technology Law (CIPIT) - a think tank and training centre established under Strathmore Law School at cipit.org. We’ll be continuing this conversation on Twitter using #LTADI – join us @ubisecure!     [Podcast transcript] [Intro] Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining today. Today we’ll hear for the first time how is digital identity in the African continent. So, for that we have a special guest who is Grace Mutung’u. Grace is a research fellow at the Centre for IP and IT Law at Strathmore University in Nairobi studying digital identity and society in Kenya. She has been involved in ICT policy advocacy for over 10 years and was most recently providing support during litigation in Kenya’s digital ID case. Hello Grace. Grace Mutung’u: Hi, Oscar. Thanks for having me. Oscar: It’s a pleasure. I’m happy to have you today on the show. So the first thing I would like to hear from you is how you entered in the world of digital identity? What was your journey? Grace: I just kind of stumbled upon it. I have been working in ICT policy work here in Kenya. And in 2017, we had the general elections and - something about Kenya is that people take their politics very seriously. For us in the ICT space we were observing use of technology in the elections. And we observed that there was a lot of use of digital identity from two spaces. One is that the politicians were using identity data from the voters register to target voters, to vote for them. And then at the same time there was also use of social media for political discourse for political mobilisation. And later on, the news came out that one of the political parties had actually engaged the firm Cambridge Analytica for voter targeting and some sort of political manipulation. So after that we really got into the work of advocating for our rights based digital identity for data protection and for political accountability for use of digital identity data. Oscar: And what would you say are today the main challenges in digital identity that Kenya is facing? Grace: I’d say one big challenge is that there has been a lot of importation of ideas, technology and hardware. So for example, Kenya is one of the countries in Africa that has always had a legal identity. In Kenya, it’s the normal thing to walk around with a card, a national identity card. It’s very normal to be asked for your card in order to access a building. This just started from a long time ago during the colonial period and then over time it’s become normalised because of the security challenges that we’ve had, the terrorism issues that we’ve had, so it’s very normal to walk around with the paper identity. But there have been a lot of problems with the paper identity because that iden...

Mar 2020

34 min 49 sec

Let's talk about digital identity with Niklas Bergvall, Chair of the Mobile Connect Interest Group at GSMA. In episode 16, Niklas fills us in on how mobile operators around the world have joined forces to build a standard for strong authentication and other services to help protect our digital identity – Mobile Connect. [Scroll down for transcript] "It may be that you and I, and some of the listeners of the podcast, are interested in identity. For the rest of the world its a necessary evil." Niklas and Oscar discuss Mobile Connect (a mobile identity-based service), its proven global use cases (such as China Mobile), why digital identity became a strategic priority for GSMA and the unique insights of MNOs to improve digital identity. Niklas Bergvall Niklas Bergvall, Chair of the Mobile Connect Interest Group at GSMA, leads the international Mobile Connect community developing and commercialising new identity capabilities using Mobile Connect. The Mobile Connect community engages over 70 mobile operators in over 30 countries, countless service providers, reaching over half a billion people worldwide. With over 20 years of experience in the mobile ecosystem, Niklas has an exceptional understanding of the key challenges being faced when launching products and services internationally. Prior to the GSMA, Niklas launched and managed a number of global business-to-business products and services in various roles at Vodafone, Oxford Instruments and Europolitan. Find Niklas on LinkedIn. Find out more about GSMA at www.gsma.com and Mobile Connect at www.gsma.com/identity/mobile-connect. Ubisecure also has a useful blog on 'What is Mobile Connect?' - check it out here: https://www.ubisecure.com/mobile-connect/what-is-mobile-connect/ - and an overview page on the Mobile Connect solution - read it here: https://www.ubisecure.com/mobile-connect-telecom/. We’ll be continuing this conversation on Twitter using #LTADI – join us @ubisecure!     [Podcast transcript] [Intro] Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining. Today we are going to hear how mobile operators around the world have joined forces to build a standard which brings not only strong authentication but also other services that help us to protect our digital identity. So my guest today is Niklas Bergvall. He is Chair of the Mobile Connect Interest Group at GSMA. He leads the international Mobile Connect community developing and commercialising new identity capabilities using Mobile Connect. The Mobile Connect community engages over 70 mobile operators in over 30 countries, countless service providers, reaching over half a billion people worldwide. With over 20 years of experience in the mobile ecosystem, Niklas has an exceptional understanding of the key challenges being faced when launching products and services internationally. Prior to the GSMA, Niklas launched and managed a number of global business-to-business products and services in various roles at Vodafone, Oxford Instruments and Europolitan. Hi, Niklas. Niklas Bergvall: Hi, Oscar. Very nice to be here on this podcast and thank you for inviting me to talk a little bit more about the identity and Mobile Connect specifically. Oscar: Thanks to you. It’s really great talking with you. We really want to know more about how Mobile Connect is doing right now, what are the things coming during this New Year and ahead. But first, I would like to hear from you, how did you join, or your journey to come to, this world of digital identity? Niklas: From the GSMA, it was really looking at our members. And our members’ networks as you know really underpin and have drive the– of the digital economy and its associated services. I mean as we see these services bring new challenges for businesses to protect customer identities and customer data which is both complex...

Feb 2020

28 min 50 sec

Let's talk about digital identity with Andy Milton, Head of Channels at Hitachi Digital Security. In episode 15, Oscar talks to Andy about Hitachi's pioneering finger-vein biometrics – VeinID Five. Hear about its use cases (present and future), the evolution of the product to its current form, comparison with other biometric and non-biometric authentication methods and, importantly, the relevant privacy and security risk mitigations. [Scroll down for transcript] "I think it’s going to be an interesting time in the biometric world. I think we will start to see that one biometric is not necessarily the best at everything. So we are going to see lots of different applications of different technology and at different times. And what we will potentially start to see is also some of them start to become blended together as well." Andy Milton is Head of Channels and Marketing for Hitachi Security Business Group. He joined Hitachi in November 2018 to lead and develop the channel strategy for the Hitachi Security Business Group in EMEA and North America. With over 30 years in IT and 20 years in cybersecurity, Andy's experience in working for both vendors and channel partners has given him a unique insight into the workings and drivers for aspects of the channel. He brings experience across a wide range of products and solutions including SIEM, device management, WAFs, network devices and a specific interest in identity management and biometrics. Get in touch with Andy on LinkedIn. Hitachi Europe Ltd., a wholly owned subsidiary of Hitachi, Ltd. (TSE: 6501, "Hitachi") is headquartered in Maidenhead, UK. The company is focused on its Social Innovation Business - delivering innovations that answer society’s challenges. Hitachi Europe and its subsidiary companies offer a broad range of information & telecommunication systems; rail systems, power and industrial systems; industrial components & equipment; automotive systems, digital media & consumer products and others with operations and research & development laboratories across EMEA. For more information, visit www.hitachi.eu. To find out more about Hitachi's Finger Vein products visit digitalsecurity.hitachi.eu. Hitachi is a Ubisecure partner. Find out more about the partnership, including further resources on VeinID Five, here: www.ubisecure.com/partner-directory/hitachi. We’ll be continuing this conversation on Twitter using #LTADI – join us @ubisecure!     [Podcast transcript] Intro: Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello, and thanks for joining. Today, we will hear about a very novel authentication method, multi-factor authentication method based on biometrics that you might not have heard before. My guest today is Andy Milton from Hitachi. Andy Milton is Head of Channels and Marketing for Hitachi Security Business Group. He has more than 20 years of experience in cybersecurity across many companies. Hello, Andy! Andy Milton: Hello, Oscar. How are you? Oscar: Very good and very happy to talk with you today about what Hitachi is doing with this very interesting new authentication method. So I would like to hear first from you how your career, how life led you to this world of digital identity. Andy: OK. So just over 20 years ago now, I made a decision to move from engineering IT into security as it looked like it was becoming interesting and a hot market space, and that has proved to be very successful and a very good choice. So after working for several different vendors and partners and resellers, I've now found myself with the opportunity to join Hitachi with the addition of their new VeinID product, Five, which is very exciting for us all. I joined just over a year ago. Oscar: OK. Fabulous. So you joined cybersecurity really many years ago and you have been in this industry since then. And very recently as you said,

Feb 2020

27 min 17 sec

Let's talk about digital identity with Rainer Hörbe, Senior Manager at KPMG Austria. In episode 14, Oscar and Rainer discuss identity management and eGovernment, including views on challenges in real eGovernment projects - India's Aadhar, Austria's smart ID card and China's residents' card. They also talk about Kantara's eGovernment work group, of which Rainer is the chair, and the annual TIIME conference, which he organises. [Scroll down for transcript] Rainer graduated in Computer Science from the University of Vienna. Working as a software developer for some years, he then specialised in identity and access management starting in 2001. In roles as a security and identity architect he contributed to projects like the Austrian eGovernment identity federation and European framework projects (epSOS, MAPPING). He is chair of the eGovernment WG at Kantara Initiative and contributor to standardisation activities in standards developing organisations like ISO SC27. He started the TIIME event – an annual identity conference - in 2013. Currently he has the position of Senior Manager at KPMG Austria, consulting clients in different sectors on enterprise IAM topics. Find Rainer on Twitter @rhoerbe1 and on LinkedIn. Find out more about the annual TIIME (Trust and Internet Identity Meeting Europe) event in Vienna at tiimeworkshop.eu. The event facilitates the cooperation between the innovative communities in various fields of trans-organisational trust and identity matters. Check out Kantara's eGovernment Work Group here - kantarainitiative.org/confluence/display/eGov/Home. We'll be continuing this conversation on Twitter using #LTADI - join us @ubisecure!     [Podcast transcript] Oscar Santolalla: Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Hello! Thanks for joining today. We will have a conversation about eGovernment, a very interesting conference coming now in February, and many more things. So let me introduce to you our guest today, Rainer Hörbe. He graduated in Computer Science at the University of Vienna. Working as a software developer for some years, he then specialised in identity and access management starting in 2001. In roles as security and identity architect, he contributed to projects like the Austrian eGovernment identity federation and European framework projects, epSOS and MAPPING. He is chair of the eGovernment Work Group at Kantara Initiative and contributor to standardisation activities in standards developing organisations like ISO SC27. He started the TIIME event, an annual identity conference in 2013. Currently, he has the position of a Senior Manager at KPMG Austria, consulting clients in different sectors on the enterprise IAM topics. Hi, Rainer. Rainer Hörbe: Hi, Oscar. Oscar: Welcome. Very nice talking with you. So it’s starting now- just talking that we are in the middle of winter there, a little bit minus on your side, a little bit of sun. Rainer: Yeah. Thank you for having me. It’s a good opportunity to start the year with identity management and eGovernment. Oscar: Exactly. So let’s get started. Let’s talk about digital identity. So I would like to hear first from you how you entered this world of digital identity. Rainer: So well, I think in 2020, a 40-year professional anniversary. And around half of that time, so almost 20 years ago, after working mostly as a software engineer, I came into identity and access management. So before that, I was exposed to topics like PKI and the host mainframe identity management tool, RACF, Lotus Notes, directories, etc. And I obviously as a developer had to do authentication, etc. But I would say from today’s point of view, I was living in blissful ignorance because I didn’t understand identity management. Well, today still, if I could cite a Game of Thrones character, Ygritte, she was always saying to Jon Snow, “You know nothing.

Jan 2020

36 min 41 sec

Let's talk about digital identity with Monique Morrow, President and Co-Founder of the Humanized Internet and President at the VETRI Foundation. We're very excited to kick off #LTADI 2020 with Monique Morrow, multi-hyphen technology innovator and a Forbes Magazine's top 50 women globally in tech. [Scroll down for transcript] "2020 is going to be the year for digital identity and, even more so, self-sovereign identity" In episode 13, Oscar and Monique discuss her route to digital identity, ethics in technology and credentialing, self-sovereign identity (SSI), and the various interesting projects that she is involved with. Monique Morrow is President and Co-Founder of the Humanized Internet, a non-profit organisation focused on addressing the need to control our identities as well as providing digital identity for those individuals most underserved. The belief in the social good of technology with embedded ethics has guided Monique’s extensive work with blockchain, especially its applicability to education and credentialing as well as other industries including healthcare, insurance, and Internet of things. Find out more about the Humanized Internet at www.thehumanizedinternet.org. Monique is also President of the VETRI Foundation in Switzerland. The main purpose of the Foundation is to manage a platform presently known as VETRI and the funding, establishment and execution of initiatives that are focused on the management and control of data and privacy. The Foundation abides by the key tenets of "Trust and Transparency". The vision is to enable individuals to self-determine over their data. This alignment translates to assessing possible investments and activities towards secure self-sovereignty and secure e-vault mechanisms for the management and storage of data. Find out more about the VETRI Foundation at vetri.global/the-vetri-foundation-is-here. Much of Monique’s work operates at the intersection between blockchain technology, security-privacy issues, questions of legal jurisdiction, and portfolio development. She has had the opportunity to engage with and explore these issues in her capacity as a member of the procivis.ch and VETRI ’Global advisory boards based in Switzerland . Furthermore, she is also an active member of the IEEE Ethics in Action Executive Committee as well as Co-Chair of the IEEE Ethics in Action Extended Reality Committee. More about Monique can be found on LinkedIn and at www.moniquemorrow.com. We'll be continuing this conversation on Twitter using #LTADI - join us @ubisecure!     [Podcast transcript] Oscar Santolalla: Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host Oscar Santolalla. Hello and thanks for joining today. We are starting the New Year 2020 and I hope you had a nice time in 2019. Now we are back and we have a fabulous guest to start this year - a guest who has an amazing career in technology, in cybersecurity and today she has embarked a lot on projects for combined technology with social impact, and a lot of that is also related to digital identity. Monique Morrow is President and Co-Founder of the Humanized Internet, a non-profit organisation focused on addressing the need to control our identities as well as providing digital identity for those individuals most underserved. The belief in the social good of technology with embedded ethics has guided Monique’s extensive work with blockchain, especially its applicability to education and credentialing as well as other industries including healthcare, insurance, and Internet of Things. Monique is also President of the VETRI Foundation in Switzerland. Among other accolades, Monique has been recognised in the industry for her tireless focus on social good. Monique was selected as one of the Top Digital Shapers 2018 in Switzerland. In this year, One World Identity recognised Monique as one of the top 100 influencers in identity for 2019.

Jan 2020

33 min 54 sec

Let’s talk about digital identity with Diane Joyce, Identity Evangelist and Executive at Women in Identity. In episode 12, Diane and Oscar explore all manner of digital identity topics - including self-sovereign identity, digital wallets, GDPR, CIAM and, importantly, what organisations should be doing to protect consumer identities. She also fills us in on her work with Women in Identity – a not-for-profit organisation promoting diversity in the identity industry. [Scroll down for transcript] "I want to use technology as the enabler to make a safe and frictionless journey – I don't want to put technology in 'because it's fun'." Diane has provided thought leadership, vision and innovation in the digital transformation of financial institutions. She has worked with blue chip corporations to implement the technology and service architectures required to become certified identity providers as part of the GOV.UK Verify identity scheme. Diane has also worked with government departments setting up a pan government identity community and worked with leading IDAM vendors to address the need for secure and scalable identity federation to enable collaboration between public and private sector organisations. She champions technology innovation to provide users with a frictionless and safe digital experience. Find Diane on Twitter @kiwiIDgal and on LinkedIn. Find out more about Women in Identity at womeninidentity.org or on social media - Twitter @womeninid, LinkedIn and Instagram. We'll be continuing this conversation on Twitter using #LTADI - join us @ubisecure!     [Podcast transcript] Oscar Santolalla: Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Hello. More and more we hear phrases like “reclaim your identity”. Some people care, some people don’t, but reclaiming identity from who? Who owns my identity today? And there are better ways we can do this. For that, we have a very special guest today, Diane Joyce. Diane has provided thought leadership, vision and innovation in the digital transformation of financial institutions. Diane has worked with blue chip corporations to implement the technology and service architectures required to become certified identity providers as part of the GOV.UK Verify identity scheme. Diane has worked with government departments setting up a pan government identity community and work with leading IDAM vendors to address the need for secure and scalable identity federation to enable collaboration between public and private sector organisations. Diane champions technology innovation to provide users with a frictionless and safe digital experience. Hello Diane. Diane Joyce: Hi Oscar. Oscar: It’s great talking with you, Diane. Diane: Thank you. Oscar: I know you do many things and you have done many things, very interesting things. But I would like to hear first from you, what was your journey, your personal journey, to this work of digital identity? Diane: I’ve worked in technology, I started as a programmer many, many years ago. I’ve worked in identity for some time now but I started out in integration and security. And I saw two catalysts that I thought were going to change the technology world. And alongside those, the problem with identity needed solving. So the first was the internet. Suddenly we could connect to anyone, anywhere, but we didn’t really know who we were connected to and how do we know it’s them the next time we connected. And when you added to that the .com boom and the subsequent e-commerce boom it has become even more important to understand who it is we’re speaking to. And second thing is cloud computing. Following the internet and e-commerce, cloud computing solved a problem that I don’t think most organisations knew that they had. Their identity model was within the walled fortress of the data centre and so therefore they control all the identity there.

Dec 2019

34 min 7 sec

Let's talk about digital identity with Rachelle Sellung and Alberto Miranda García, representing the LIGHTest Project. As the successful three-year LIGHTest project draws to a close, Oscar talks to two key team members – project lead, Rachelle Sellung, also of the IAT University of Stuttgart, and project partner Atos representative, Alberto Miranda García. They discuss the idea behind LIGHTest, what it's all about, specific use cases of the infrastructure, and the project's achievements at its completion. [Scroll down for transcript] "Are you sure you're doing the transaction with that person? Is that person a trustworthy counterpart in that transaction?" Find out more about the LIGHTest project at lightest.eu or visit the community website at lightest-community.org. LIGHTest are also on Twitter @LIGHTest_trust and on LinkedIn. LIGHT est = Lightweight Infrastructure for Global Heterogeneous Trust management in support of an open Ecosystem of Stakeholders and Trust schemes. Rachelle Sellung Rachelle Sellung is a Senior Scientist in the competence team of Identity Management at the IAT University of Stuttgart. Within this interdisciplinary team with an array of skill sets, she provides the Economic perspective for not only Identity Management, but a variety of IT Security related technologies. She contributed a socio-economic perspective in the large-scale EU FP7 project FutureID, which developed an identity management infrastructure for Europe. Currently, she is the lead for the University of Stuttgart in the EU Horizon2020 project, LIGHTest. Find Rachelle on Twitter @rachellesellung and on LinkedIn. Alberto Miranda García Alberto Miranda García is Senior Business Consultant at Atos. Coming from the financial industry sector (Barclays Bank UK) he joined Atos in the Financial Services of Consulting Division. Later in 2017 Alberto joined the Financial Services sector of the Atos Research and Innovation unit, committed to business consultancy and exploitation management for European level projects, mainly related to Cybersecurity and Identity.  Find Alberto on LinkedIn. This podcast is produced by Ubisecure who, among other respected identity players, has been one of the cooperating partners of the LIGHTest project, in its capacity as a provider of Customer IAM interactions. Ubisecure has contributed by giving insights into current best-of-breed principles in service provisioning in IAM globally; and by reviewing and contributing to the LIGHTest specifications and design from that perspective. We'll be continuing this conversation on Twitter using #LTADI - join us @ubisecure!     [Podcast transcript] Oscar Santolalla: Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Hi and thanks for joining. Today you can virtually make business with companies that are from any continent. But how would you know without this face-to-face contact that you can trust the person that is behind this digital service? Today we are going to hear about a European project that has built a global trust infrastructure and for that today, we have two guests. So let’s introduce you. My first guest is Rachelle Sellung. She’s a Senior Scientist in the competence team of Identity Management at the IAT University of Stuttgart. Within this interdisciplinary team with an array of skill sets, she provides the Economic perspective for not only Identity Management, but a variety of IT Security related technologies. She contributed a socio-economic perspective in the large-scale EU FP7 project, FutureID, which developed an identity management infrastructure for Europe. Currently, she is the lead for the University of Stuttgart in the EU Horizon2020 project, LIGHTest. Hello Rachelle. Rachelle Sellung: Hi. Thank you for having me. Oscar: And our second guest is Alberto Miranda García. He is a Senior Business Consultant at Atos.

Nov 2019

27 min 24 sec

Let's talk about digital identity with Robin von Post, Head of IAM Solutions at Cybercom. In episode 10, Oscar talks to Robin about digital signatures - what are they, what challenges do they solve/pose, and why businesses should be taking advantage of their benefits now. They also talk about the issue of trust between organisations and internationally - particularly from Swedish (where Robin is based) and pan-European perspectives. [Scroll down for transcript] "Digital identities and digital signatures are one of the basic building blocks of making the transition to pure digital." Robin has a deep interest and experience in the IT-security domain. He has for the last 20 years been involved in the development and deployment of high assurance encryption systems for European government and defense customers, with the last year's focus on securing national civilian critical infrastructure. Last year, Robin took on a role at Cybercom Secure as the Head of IAM Solutions, including advanced electronic signature services, directory administration and governance, and other IAM and security related services. On a private note, he weekly curates a newsletter – 'The von Post' - covering IT-security related events. He supports the Swedish “Säkerhetspodcasten” as a freelance reporter. He is also a private pilot & passionate photographer. Find Robin on Twitter @rvonpost and on LinkedIn.  Cybercom is an innovative consulting firm that enables leading companies and organisations to benefit from the opportunities of digitalisation. It provides innovative, secure and sustainable solutions in IT and communications technology by combining technical edge and strong business insight. This applies whether the issue is transforming products into services, developing new business models or helping the public sector get closer to citizens. It is a highly diverse company, with a large age range, 45 nationalities and assignments in 20 countries. Cybercom’s domestic markets are the Nordic region and Poland, and in addition the company offers global delivery capacity for local and international business. Find out more at cybercom.com. Read about Ubisecure and Cybercom's recent partnership announcement at ubisecure.com/news-events/cybercom-partnership. Listen to episode 21 with Robin's colleague, Bengt Berg - Head of Compliance Management Services at Cybercom, here: www.ubisecure.com/podcast/bengt-berg-cybercom-iam-compliance/ We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     [Podcast transcript] Let’s talk about digital identity. The podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining today. Today we’re going to discuss a situation in which many people who have to sign documents and are given a digital version of signing might be aware that is this really safer, more secure than the old way? Or, if you are one of these persons who are signing documents not occasionally but many times per day and you think there will be a more modern way to do this. So we’re going to talk about digital signatures. And for that we have our guest today. Let me introduce you to Robin von Post. He has a deep interest and experience in the IT-security domain. He has for the last 20 years been involved in the development and deployment of high assurance encryption systems for European government and defence customers, with the last year’s focus on securing national civilian critical infrastructure. Last year, Robin took on a role at Cybercom Secure as the Head of IAM Solutions, including advanced electronic signature services, directory administration and governance, and other IAM and security related services. On a private note, he weekly curates a newsletter called The von Post covering IT-security related events. He is also a private pilot and a passionate photographer. Hello Robin.

Nov 2019

24 min 54 sec

Let's talk about digital identity with Don Thibeau, Executive Director of the OpenID Foundation. In episode 9, Oscar talks to Don about his career so far; his work with the OpenID Foundation (including FAPI and CIBA standards) and the Open Identity Exchange (OIX); and what he calls the 'Holy Trinity' driving the identity industry. Throughout the conversation Don highlights cultural differences in attitudes towards digital identity, and how we should be taking a more global approach. [Scroll down for transcript] "We have to work locally, but we have to think globally" Don Thibeau is the Executive Director of the OpenID Foundation, a non-profit international standards development organisation of individuals and companies committed to enabling, promoting and protecting OpenID technologies. The Foundation’s membership includes leaders from across industry sectors and governments that collaborate on the development, adoption and deployment of open identity standards. Formed in June 2007, the Foundation serves as a public trust organisation representing the open community of developers, vendors, and users while providing needed infrastructure and leadership in promoting and supporting expanded adoption of OpenID. Find more information at openid.net/foundation/. Don is also the Co-Chair of the OASIS Electronic Identity Credential Trust Elevation Methods (Trust Elevation) Technical Committee. He founded and now serves on the board of the Open Identity Exchange (OIX) - a non-profit, technology agnostic, collaborative cross sector membership organisation with the purpose of accelerating the adoption of digital identity services based on open standards. As Don mentions in the episode, you can find the OIX's extensive whitepaper library at openidentityexchange.org. Find Don on Twitter @4thibeau, on LinkedIn, or email don(at)oidf.org. Don also refers to previous episodes of Let's Talk About Digital Identity with DIACC President, Joni Brennan - ubisecure.com/podcast/joni-brennan-diacc - and with One World Identity’s Cameron D’Ambrosi - ubisecure.com/podcast/cameron-dambrosi-one-world-identity/. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     [Podcast transcript] Let’s talk about digital identity. The podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining. Today we will have a conversation with a man who has led, and today leads, very influential organisations in this realm of digital identity. Don Thibeau is Executive Director of the OpenID Foundation, a non-profit international standards development organisation of individuals and companies committed to enabling, promoting and protecting OpenID technologies. The foundation’s membership includes leaders from across industry sectors and governments that collaborate on the development, adoption and deployment of open identity standards. Don is also the Co-Chair of the OASIS Electronic Identity Credential Trust Elevation Methods (Trust Elevation) Technical Committee and Don was the founder of the Open Identity Exchange and serves on its board. Hello Don. Don Thibeau: Hello Oscar. I’ve been looking forward to this conversation for some time. Oscar: Same on our side. It’s great talking with you today. So let’s talk about digital identity. I would like to ask you first, what was your journey to this world of digital identity? Don: Yes. Most of my career has been involved in the identity data business. The companies that I’ve been part of and the companies that I’ve founded have all in one form or fashion been concerned with how identity is expressed online, both in code and in governance. So the work that I’ve been doing for the last 10 years has really been focused on digital identity on a global basis. I’ve had an opportunity to lead two organisations in the space and if I can,

Oct 2019

40 min 32 sec

Let’s talk about digital identity with Cameron D'Ambrosi, Principal at One World Identity. It's a crossover episode! Host of One World Identity's State of Identity podcast, Cameron D'Ambrosi, joins Oscar on the Let's Talk About Digital Identity podcast, to talk about the benefits of collaboration in the industry, how identity trends and behaviours are changing (particularly with Gen Z, aka 'zoomers') and global identity challenges. "Digital identity has ceased to be a technology problem – it's a people problem." Make sure you check out the State of Identity podcast with Ubisecure CEO, Simon Wood! Listen here - oneworldidentity.com/podcast/ubisecure. Cameron D’Ambrosi is a Principal at One World Identity, and host of the State of Identity podcast. In his role, Cameron is responsible for supporting OWI’s advisory services platform by offering clients key insights into the companies and technologies shaping digital identity today. Prior to joining OWI Cameron was a Manager with Deloitte, focused on helping financial services clients complete digital transformations of their AML and KYC programs. Cameron is a graduate of Fordham University, with a degree in History. A long-time resident of New York City, in his spare time Cameron can be found in the somewhere in the five boros hunting down something delicious, or in his apartment tinkering with gadgets. Follow Cameron on Twitter @dambrosi. One World Identity (‘OWI’) is a market intelligence and strategy firm focused on identity, trust, and the data economy. It helps business leaders, governments, and investors stay ahead of market trends so they can build sustainable, forward-looking products. Follow OWI on Twitter @1worldidentity. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure!     [Podcast transcript] Let’s talk about digital identity. The podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining. Today we will hear about the work of One World Identity and also we will hear the voice of another podcast host in the digital identity industry. Cameron D’Ambrosi is a Principal at One World Identity, and host of the State of Identity podcast. In his role, Cameron is responsible for supporting One World Identity’s advisory services platform by offering clients key insights into the companies and technologies shaping digital identity today. Prior to joining One World Identity, Cameron was a Manager with Deloitte, focused on helping financial services clients complete digital transformations of their AML and KYC programs. A long-time resident of New York City, in his spare time Cameron can be found somewhere in the five boroughs hunting down something delicious, or in his apartment tinkering with gadgets. Hello Cameron. Cameron D’Ambrosi: Hey Oscar. Thanks for inviting me. This is great and I’m very excited to be here. Oscar: Same. It’s very nice talking with you today Cameron and please, the first thing I want to know is how was your journey to this world of digital identity. Cameron: That’s a great question. So I’ve kind of danced around the topic of digital identity for a large part of my career. Even before I was with Deloitte, I actually started my career with the New York Stock Exchange’s regulatory arm, NYSE Regulation, which is now defunct. It’s part of FINRA still I believe but that’s neither here nor there. But I started off at the New York Stock Exchange in trade surveillance looking at how the specialists at the time were conducting themselves and if they were comporting with New York Stock Exchange rules, specifically around the time stamping and audit trail of orders, which at that point had basically become automated as well. There was a man in the loop but it was largely computer systems making those decisions. And in hindsight, that was kind of my first exposure to digital identity because a lot of...

Oct 2019

35 min 20 sec