Unisys has submitted policy proposals, which the company claims is designed to help create global standards and practices for identity authentication and credentialing. The proposals have been submitted to delegates attending the 15th World Congress on Information Technology (WCIT 2006) in Singapore, who will later put each proposal to a vote.
A rapid convergence of security issues among businesses, governments and consumers worldwide, combined with the growing debate around individual privacy, has created an urgent need for identity authentication standards. Validating one’s identity is something people do everyday, from logging on to computer networks, conducting online banking transactions, navigating airport security, and crossing borders, yet very little global coordination exists in identity management business practices and procedures.
“Establishing ID authentication standards can have a profound global social and economic impact, and play a significant role in helping organisations better secure their business operations,” Unisys President and CEO Joseph W. McGrath said. “Moreover, standards can encourage additional security and convenience, enhanced efficiency, and reduced costs across a multitude of daily interactions among consumers, businesses and government agencies. Unisys looks forward to driving a spirited debate on an issue that ultimately would influence how and why people share personal information with organisations around the world.”
The Unisys proposals represent an attempt to create a diverse and impartial consortium that would develop standardised business procedures for worldwide identity authentication. The end goal is to create a baseline for adoptable global practices, allowing ID credentials to operate across international borders and encourage confidence and trust from organisations and individuals around the world.
WCIT’s goal is to make specific, actionable policy recommendations to the global IT community. The Congress delegates will vote on the Unisys proposals following presentations on related issues.
Unisys Policy Proposals
- Policy #1: International business and government communities must collaborate to define and promote global standards for the development of internationally trusted, interoperable baseline electronic credentials used to authenticate, with appropriate levels of assurance, a person’s identity. Organisations should be able to incorporate credentials based on these standards into both new and existing instruments of identity authentication – such as e-passports, national ID cards, driver’s licenses, and credit cards.
- Policy #2: Standards for electronic credentials must be built on the business processes for authentication and not just the underlying core technologies. They should promote common approaches for how organisations across different industries create credentials and use them within their various business and government operations. Therefore, standards must address data elements, verification procedures and management requirements necessary to create credentials protected by design and ongoing maintenance from tampering and misuse. Standard practices must accommodate varying organisational identity management requirements ranging from one- to three-factor authentication.
- Policy #3: To address privacy concerns and foster a climate of consumer confidence and trust, organisations issuing electronic credentials must demonstrate and publicise the safeguards used to protect an individual’s personal information. Furthermore, organisations must adhere to a code of conduct, based on best practices, that requires them to clearly define and present to the public the uses of and benefits from electronic credentialing prior to requesting any personal data necessary to create these instruments.
In developing its proposals, Unisys conducted primary global research to study consumers’ views on privacy and security issues. The study reveals that a majority of individuals worldwide would share personal data if they knew the end user will securely protect their information and they can perceive a clear benefit in convenience gained. The research also points to preferable methods of technology for identity verification, among other pertinent findings. You can view a summary of the survey results. |
