What is trusted digital identity federation?
This is the second in a series of four articles from KOBIL exploring trusted digital identities. Got a question? Leave it in the comments below!
As business becomes ever-more demanding, regulations become increasingly stringent and internet use becomes the dominant part of all working practices, convenience and security are paramount concerns. The growing need for trusted digital identities underlines the recognition that a move towards enhanced authentication, protection and compliance is necessary.
But the power of trusted digital identities lies beyond simply security. They have the potential to transform day-to-day operations of large enterprises around the world by delivering significant levels of convenience and control.
Instead of simply being used to log on to a single portal, trusted digital identity federation means a trusted digital identity login could be completed only once — but then used to access all other portals on the same identity federation. This idea, also known as session federation, enables a user to effortlessly move between portals without having to retrieve multiple sets of login details.
Here’s how it works:
1. The user creates a trusted digital identity, authenticating their identity with official ID documents.
2. The trusted digital identity is used to log in to a single portal.
3. When the user wants to log in to a different portal, they give their consent for their original login details to be shared with the new portal — removing the need for the user to have to re-enter all their details and go through another authentication process. This also removes the pressure on the user to safely store and manage multiple sets of login data.
4. With further consent, some of the information generated on the original portal could also be used to influence what is shown in the next portal, creating an experience with even fewer points of friction.
mFederation, KOBIL’s next generation single sign-on (SSO) platform, is a leading example of this functionality. With just one login, created from a trusted digital identity, users receive access to all necessary networks across an organization.
To find out more about trusted digital identity federation and how it could improve experiences among both your clients and staff, visit www.kobil.com.
The two most important factors in any trusted digital identity federation are security and consent. Users must clearly understand and agree that their data will be shared between platforms.
Given the introduction of legislative developments including HIPAA, GDPR, PSD2 and eIDAS, consent is a clear regulatory demand. If a user logs in to their banking portal, and then switches to another portal, they must understand what is happening in this process and the data that is being shared. Crucially, too, consent will only be secured if the user has trust in the process and technology that shares their data.
Originally published at https://www.linkedin.com.
