This week I had an exciting new experience: testifying to a state legislative committee. The Vermont House of Representatives is working on a bill (H. 211 - an act relating to data brokers and personal information) addressing a modern question: how to protect consumers’ personal data given the realities of the data monetization ecosystem? I met Vermont State Rep. Monique Priestley through a kind recommendation from Internet Safety Labs’ executive director Lisa LeVasseur, and Rep. Priestley asked me to help educate the House Committee on Commerce and Economic Development about identity verification. Following is a rough testimony transcript. The recording is here, and the resources I referenced are here.

Subscribe now

Thank you Chair Marcotte, Vice Chair Graning, and members of the committee.

My name is Eve Maler.

I’m the founder and president of digital identity advisory firm Venn Factory and author of the forthcoming book Mastering Digital Identity: From Risk to Revenue.

I’ve been in the digital identity sector since the year 2000, when I worked with colleagues across the industry to start and run the committee that designed the SAML standard — Security Assertion Markup Language, the first open standard for single sign-on across business entities.

Most recently I was Chief Technology Officer of ForgeRock, an identity and access management platform provider serving banks, government agencies, healthcare providers and payers, and many others.

In 2016 I testified to the API Privacy and Security Task Force of the US Health and Human Services Office of the National Coordinator.

I want to thank Representative Priestley for sharing some questions with me ahead of time to ensure I addressed issues of concern.

Let me start with some background on Know Your Customer, or KYC.

KYC is a legal requirement under the Bank Secrecy Act.

It obliges financial institutions to confirm the real-world identity of their customers — in other words, to establish that a person is who they say they are — before opening accounts or conducting transactions.

Its purpose is to prevent financial crime: money laundering, fraud, and the financing of illegal activity.

This is a real and important obligation.

In technical terms, what KYC requires is called identity verification, or IDV.

What it does not require is any particular method of verification.

A bank can satisfy its KYC obligations using a driver’s license scan, a biometric match against a passport, or a government-issued digital credential.

It can also use a quiz drawn from a data broker’s database — but that approach, known as knowledge-based verification, or KBV, is the one that federal security standards have now explicitly prohibited.

KBV questions look like: what street did you live on in 2010, what’s your mother’s maiden name, what was your first car?

All of that information exists in data broker databases — that’s where the questions come from.

I’ll come back to why that’s a problem.

The reason this distinction matters is that we’ve been hearing that financial institutions need broad access to data broker data for KYC.

That framing is accurate in the sense that KYC requires verification — but it conflates the legal obligation with one specific, outdated implementation choice.

KYC doesn’t require data broker data.

Some institutions have chosen to use data broker data for a particular approach to KYC.

That’s an approach that federal guidelines have moved away from.

And that move away is not the same thing as KYC being impossible without data brokers.

OK. Why does the National Institute of Standards and Technology no longer consider KBV to be strong evidence for identity verification?

If an institution is using KBV, it means they’re using an approach the federal government’s top technical standards body has formally abandoned.

In fact, NIST’s current guidelines, updated in 2025, now explicitly prohibit KBV for identity verification.

An institution still relying on it is behind the curve on security, not leading it.

If a financial institution is buying data broker data to perform KBV, what does that mean for the integrity of the verification process?

It means the supposed secret underlying the method isn’t secret anymore.

KBV works only if the answers are known to the applicant and no one else.

Data broker databases have been breached repeatedly — most dramatically in 2024, when a single breach allegedly exposed up to 2.9 billion records on an estimated 170 million people in the US, UK, and Canada.

If a fraudster can buy the same answers the verification system expects, the quiz doesn’t distinguish between the real person and an impostor.

Let’s look at the implications of KBV specifically on security. What does continued use of KBV-based KYC tell us about the security posture of banks and insurers still using it?

It tells you they’re optimizing for low cost, not for security or even for a smooth and pleasant user experience.

KYC is a legal compliance requirement; how you meet it is a choice.

Using quiz questions based on purchasable consumer data is one of the cheapest ways to check a KYC box, and one of the weakest from both the security and usability standpoints.

Better alternatives exist; institutions that aren’t using them have made a deliberate tradeoff.

Let’s look at the quality of the personal data in these systems. How accurate and current is personal data that flows through commercial data brokers?

The data is unreliable by its very nature.

Brokers aggregate data from many sources without authoritative correction mechanisms, so records go stale and errors propagate.

A 2019 peer-reviewed study found that at least 40% of data broker attributes were inaccurate — and a 2014 Federal Trade Commission (FTC) report reached similar conclusions.

No federal audit standard has been established in the years since either finding.

The consumer typically has no way to know their record is wrong, let alone fix it.

Let’s look at potential alternatives.

What verification methods have replaced KBV in modern financial services, and are they available to smaller institutions?

Document verification — scanning a driver’s license or passport combined with a live photo match — has become the baseline for secure identity verification.

It’s available to institutions of any size through pay-per-transaction vendor services.

KYC-quality document verification typically runs around $1 per check.

KBV runs $0.20–$0.50, with volume discounts that can reach $0.10 at scale.

That gap is real, and smaller institutions that can’t negotiate volume discounts will feel it more acutely than large ones.

But the economics look different once you account for fraud exposure — and for the hidden costs within KBV itself.

For example, when a user mistypes an answer — which happens regularly — the system triggers manual review, which costs more than the automated check and can take up to a day to resolve.

That degrades both the economics and the customer experience.

Let’s look specifically at the needs of smaller financial institutions.

If a smaller institution needed to transition away from KBV, is that technically feasible? And does it improve security?

The answers are yes and yes.

The technical work is integration — connecting to an existing vendor service.

It is a bounded, solvable problem, not a novel engineering challenge.

And the resulting security posture is substantially better: document verification is much harder to defeat than a quiz based on purchasable data, because the attacker needs the physical credential, not just information they can buy.

You might wonder, what happens if a consumer deletes their data from a broker? Do things break?

The concern is less substantial than it sounds, for two compounding reasons — one practical, and one analytical.

The practical one: complete deletion from the data broker ecosystem is actually very difficult to achieve.

Brokers use each other as data sources, so the same attributes propagate across multiple databases.

A deletion from one broker typically leaves the same record intact in others that sourced from it or share the same upstream inputs.

The disruption to KBV pipelines that critics warn about is therefore largely theoretical.

The analytical one: even if deletion did succeed, the data being retained was either inaccurate or accurate — and neither scenario supports keeping it.

Inaccurate data was already generating wrong verification outcomes, so removing it is a correction, not a loss.

Accurate data is exactly what a fraudster wants to acquire; its continued presence in a broker database isn’t protective — it’s a standing liability.

The risks run in different directions, but the conclusion is the same: the case for retaining this data in a broker’s hands is weaker than the deletion concern implies.

Is it reasonable for a financial institution or insurer to argue at this point, in 2026, that they can’t operate without broad, unrestricted data broker access?

No, not for KYC compliance purposes.

NIST has explicitly prohibited KBV — the primary use case being mooted— since 2025, and alternatives are commercially available.

The argument is better characterized as a preference for low-cost, legacy workflows than a general operational necessity.

Narrow, purpose-based exemptions for specific legitimate uses (fraud detection or sanctions screening) can be evaluated on their merits, and as I understand it, the bill has already done the careful work of identifying which uses justify overriding a deletion request.

Finally:

What happens to deceased persons’ data in broker databases, and what risks does that create?

Deceased individuals’ records persist indefinitely in most broker databases — brokers have no authoritative, real-time connection to official death records.

That stale data creates two distinct risks.

The first is identity fraud: a deceased person’s KBV answers still work, and their data can be used to open fraudulent accounts or to impersonate them in scams targeting surviving family members.

The second is operational error: incorrect or incomplete death records cause problems in legitimate claims processing.

Both argue for better data sourcing, not more data accumulation.

I co-chair a group called Death and the Digital Estate Community Group, DADE, at the OpenID Foundation, which recently published a white paper on relevant topics here.

Rep. Priestley: We have a related bill, and in order to consider future use cases as well: what about mobile driver’s licenses?

Mobile driver’s license technology is an instance of what’s known as decentralized identity and verifiable credentials in the identity industry. That’s new technology that has come onto the scene for delivering verification in a reusable fashion. Let’s examine it briefly.

What about mobile driver’s licenses — are those a viable path forward for Vermont institutions?

Mobile driver’s licenses are a promising direction, but Vermont hasn’t deployed them yet — and they’re not a prerequisite for institutions that want to transition away from KBV today.

A financial institution verifying identity through a standard vendor API against a physical driver’s license or passport doesn’t strictly need a state mDL program.

That path is available now.

Rep. Cooper: I think what I’m largely hearing is arguments against this legislation that pertain to what we have to do to Know Your Customer — you’re saying, one, NIST is saying this is not the best way to go about things. It’s also, as you said, a preference. I hear a lot about, well, that’s a cost we have to pass along to the consumer. I’d like you to spend a little bit more time on the viable alternatives you were describing. I think you’re saying that Know Your Customer goes back 50 some-odd years, and we’re looking at an early iteration of how it made sense to do that work.

We have crossed that Rubicon thirty times over technologically, and we still are using an older approach, a more Mayberry RFD sort of era. What I’m also trying to get at is, is that doomed to happen to every single data type that we might be looking at technologically, that they become relics and I don’t believe their usefulness?

The challenge with cybersecurity and with fraud, which is a close cousin, is that it’s an arms race, so to speak. And bad actors are improving their techniques. Like one of the techniques is AI deepfakes, for example, which can also impact things like the recognizing of things like passports and physical driver’s licenses.

So they’re not immune either from this kind of degradation over time. You may be familiar with SMS OTPs, texted one-time passwords that we frequently get. That’s another method that NIST has deprecated over time. And we could be grateful that NIST has been keeping up with the technology and also that KYC rules do not specify the method so that we can keep up as different methods degrade over time.

Right now, there’s quite a lot of innovation in the identity verification space. We did not have some of the biometrically rooted methods five years ago and they’ve been innovating very quickly. These are coming online, and they are not only becoming available to smaller and smaller institutions, but there’s price pressure downward as well.

I will mention from my experience working with retailers, so not necessarily under a KYC requirement, but they often have a need to do identity verification —it used to cost maybe $5, $10, $15 per verification, but getting that customer on board was so valuable, it was worth the price of admission, so to speak.

So it is possible for the trade-off in terms of security protection and fraud protection to be so great that even a $1 cost, or even a little more than a $1 cost, which might be going down soon enough, might be quite available, especially to smaller institutions who are not onboarding that many new bank customers in any one month or year.

I’ve been sharing a few carefully selected links on my Venn Factory LinkedIn page every month for a while now. With 2025 in the rear-view mirror, I thought it might be a useful exercise to cast an eye over the last few batches and see what story they tell now. Think of this exercise as “reverse predictions.”

Subscribe now

🏠 September: assessing the health of our foundations

This month provided a bit of hope inside a “warning sandwich.” The item I’ve had the most conversations about in the intervening months was the third piece from Ross Haleliuk, connecting it to the chaos of the identity standards landscape and the continuing struggle to find market use cases for certain protocol stacks.

⚠️ AI web crawlers are destroying websites in their never-ending hunger for any and all content

We’ve all heard about the risk — or reality — of a “dead Internet,” where AI-generated content simply gets recycled into new model training. This piece explores the mounting pressure AI crawling puts on the already shrinking “open Web,” as more content shifts into identity-walled gardens.

“Yes, of course, we can try to fend them off with logins, paywalls, CAPTCHA challenges, and sophisticated anti-bot technologies. You know one thing AI is good at? It's getting around those walls.”

📈 Are Cyber Defenders Winning?

Unlike a soccer match, cyberspace offers no final whistle. This article digs into how we might measure whether defenders are gaining an edge in what feels like an endless, invisible contest.

“There is sufficient data across these indicators to point to a far more optimistic assessment than suggested by dystopian headlines.”

⚠️ In security, not every industry problem is a business problem

In digital identity, open standards are often the solutions to “industry problems.” Ross Haleliuk makes the case that industry-wide problems are tougher to tackle than business problems — raising the question: Are we focusing on the right ones at the right time?

“Many people with great ideas about how to improve security would be way happier championing a new standard, building a non-profit initiative, or an open source project.”

Leave a comment

⚖️ October: hunting for accountability

This was an active theme all last year given the move to AI agents, and it’s still not that close to being solved. Who acts? Who benefits? Who is liable? And how do we preserve trust when agency is distributed?

🤥 Unpacking Sentiment and Emotional Manipulation in Relational AI

Kay Stoner is a prolific relational AI researcher and problem-solver. Here she identifies — and teaches us how to mitigate — dark patterns used by AI chatbots. These insights illuminate how to avoid human-perpetrated social engineering as well.

“Relationally responsible AI must avoid using emotional reinforcement to build rapport, simulate fast trust, or mask structural limitations. Instead, it should hold space with neutrality, clarity, and honest boundaries — allowing the user to lead the emotional frame of the exchange without being manipulated by artificial warmth or simulated care.”

💰 Blind guest checkout will collapse under the weight of agentic commerce

As agentic commerce takes hold — with bots buying on our behalf — Know Your Agent must be built atop Know Your Customer. This post explores the coming decline of guest checkout and its implications for fraud, accountability, and shopper anonymity.

“[A]llowing #AgenticPayments into ecommerce sites without verifying humanness & intent is a recipe for fraud, data scalping & disintermediation.”

🎭 What Happens When AI Deepfakes Fool a Judge?

This post from a US appellate court judge was prescient. It marked a case dismissed with prejudice over deepfaked video evidence. New forensic standards will need to enable higher evidentiary standards — quickly and without burdening courts further. (This author has also released a guide for using AI in chambers.)

“As you know, judges are already managing heavy caseloads so if every disputed voicemail, video, or screenshot required a forensic investigation, the system would collapse under its own weight.”

🌌 November: the emergent identity-payments axis

I’ve long called identity and payments a “binary star” (and double down on that analysis in my forthcoming book, Mastering Digital Identity). This month’s theme tugged on new connections forming between the two, which only continue to deepen.

🪪 Ledger Rebrands Hardware Wallets as ‘Signers,’ Launches ‘Proof of You’ to Combat AI Fraud

The Web3 world, long focused on adding a payment layer to the Internet via blockchain, is finally turning its gaze to identity. Hardware wallet provider Ledger has rebranded its product line to enable “Proof of You” capabilities — marking a real shift toward trust and verification in Web3 ecosystems.

“Proof of You is designed to verify that the genuine user, not a deepfake or cloned entity, is initiating an action in the digital environment.”

🪩 The Algorithm Is Not Your Mirror: How AI Co-Writes Your Identity

Consumers are wising up and starting to “assume tracking.” As Smoke Signal puts it, “The Algorithm is not your mirror” — it doesn’t just reflect behavior, it shapes it. This piece is packed with insights on how data feedback loops mold digital humans, plus a practical list of mitigation strategies.

“You don’t have to be famous to have an algorithmic twin. If you’ve ever liked a post, used a smart speaker, or shared a selfie, the loop has already started.”

🪙 Stablecoins, Loyalty, and Brand Wallets

With new regulatory support under the US GENIUS Act, stablecoins are stepping into the mainstream, and unlocking the potential for “brand wallets” that turn loyalty points into real assets. It’s the ultimate identity-first strategy: blending Protection, Personalization, Payments, and People into one connected layer.

“The GENIUS Act quietly made that possible — giving brands like Disney, Amazon, and Starbucks a legal path to act as banks without the rules. … The GENIUS Act quietly made that possible — giving brands like Disney, Amazon, and Starbucks a legal path to act as banks without the rules.”

Share Venn Factory: The Workshop

📏 December: inches, not miles

In the final month of 2025, I found signals about where progress is real, where it’s limited, and where paying attention matters most.

🍎 Apple’s Digital ID Move: Helpful Progress, but Not Yet the Breakthrough

You would expect this announcement to be earth-shattering in the identity world. It wasn’t. Martin Kuppinger's take is realistic and incisive in explaining why Apple’s move matters, and why it still stops short of what many are waiting for.

“[V]isibility should not be mistaken for completeness. … It does not reflect the larger objective of building a reusable, attribute-rich identity framework composed of verifiable credentials.”

👂 When Children Design AI: What We Learned by Actually Listening

People’s technology needs are usually light years away from what technology gives them. That’s why People has its own pillar in my Four Ps framework. This research from MyData listens directly to children about what they want and need from AI; the gap it reveals is striking.

“The children in this workshop consistently returned to themes central to MyData: transparency about how their data is used, control over when and how technology operates in their lives, and the right to understand and question the systems around them.”

📚 Stacking Dependencies

In a talk at Identiverse 2023 (reach out if you’d like the slides), I asked whether subsidiarity — the principle that power is best applied hyperlocally — can save decentralization. Trying to decentralize control often falls prey to insidious re-centralization. What helps is transparency, exposing dependencies, and making them measurable. This neat XKCD-style app does exactly that. See the image up top for an awesome sample.

“Staring at an NP-hard problem, the obvious move is to nope out. But NP-hard isn't hopeless; it just means there is no known shortcut for every case.”

The first “conference season” of 2026 is shaping up, and I’m excited to get going — visiting the RSA conference in San Francisco in March, EIC in Berlin in May, and much more. If you’re interested to have me join your event to speak on Mastering Digital Identity or other topics, please reach out!

Book a meeting or event

In 1994, XML didn’t exist yet, the World Wide Web was super-nascent, and the identity and access management discipline was premodern. I was an expert in the arcane incantations required to design Standard Generalized Markup Language (SGML) schemas, known as document type definitions (DTDs).

Jeanne El Andaloussi and I became fast friends ever since we found ourselves on the same side of my first standards table. She and I both advocated for the Open Software Foundation to use a standard SGML schema in delivering its software documentation “source code” to licensees such as our two companies (DEC and Groupe Bull).

Subscribe now

The design methodology we codeveloped, and insisted on using to herd the dozen or so “OSF DTD” stakeholder cats, became the fodder for our book Developing SGML DTDs: From Text to Model to Markup—published exactly 30 years ago, in print for ten amazing years, and now accessible only through the link above. Bless the Internet Archive!

I’m just wrapping up my second-ever book project, Mastering Digital Identity: From Risk to Revenue, out real soon now. It’s targeted at enterprise executives who need help understanding why identity is critically important and what to do about it. (Follow along at the link to learn more.)

It’s an understatement to say times have changed. A few stories to illustrate…

Speed and urgency

The book I privately nicknamed “DSDTD” was contracted to be written in a year, and it took 19 months. While we felt some time pressure, the tech world still moved at a relatively stately pace then—at least as compared to now. Deliciously, over that time, Jeanne and I undertook several coauthoring sessions back and forth between my Boston home and hers in Paris.

During that time, I joined ArborText, a premier SGML authoring and publishing platform, to develop a DTD consulting practice. When I discovered that most of my clients were barred from accessing the new “WWW” at work, I realized we needed to add a sidebar in the book explaining what it was, along with its SGML roots.

These days, any book treating a technical topic has to be produced as fast as possible to stay relevant. Many are developed in full public view, for example on GitHub, serialized for early readers, and live-updated. I didn’t take that approach, but did complete the first draft in about four months.

Publishing

In the 1985-1994 decade, techdoc editing and publishing were my specialty, and I became an early adopter of the draft version of SGML (ISO 8879:1986) while working in the ULTRIX group at DEC. A passage in book #2 relates the zeitgeist.

Back then, technical documentation was trapped on paper. If Boeing wanted to ship aircraft manuals, they literally shipped hundreds of pounds of paper. We were creating a way to “write once, publish everywhere.” The same content could be converted into a printed manual, a CD-ROM, or eventually a web page (although the web didn’t exist yet). I was designing information-capturing languages that machines could understand—protocols that allowed systems run by different companies to leverage the same digital information in a myriad of ways.

Jeanne and I wrote DSDTD in SGML, using the DocBook DTD (to which I was an active contributor) and both ArborText’s and SoftQuad’s SGML editing software, proving interop. Our publisher had to find a specialty contractor who could translate all that through FrameMaker+SGML into something printable. Ron Turner of Soph-Ware was a lifesaver and became a friend.

Mastering Digital Identity was born and mostly edited in GDoc, with Canva for graphics. Easy peasy!

Share

Timewasters

I was excited to be working on Windows 3.11, with its brilliant color palette, to write DSDTD. When I needed a break, there was always Minesweeper. Along with Tetris (Tengen version), I could close my eyes and play whole Minesweeper games behind my eyelids.

Very soon, the world was introduced to infinitely scrollable reading and entertainment. My timewasting habits have never been the same since.

AI

Back then…surely you jest. It wasn’t an option.

This time around, I made a point of ensuring the writing was 100% human-generated. Not because I’m allergic to AI content, though honestly I’m not crazy about the faint whiff of caricature about most of it. In the current AI moment, this was just something I wanted to know.

Subject matter

This is where DSDTD and—what shall I nickname the new one? MDID?—share the greatest similarities.

I keep being drawn to projects where I have a chance to enable both individuals and businesses to dictate their digital destinies—whether it’s about preventing data from being locked into proprietary formats (SGML, XML, and beyond), or about controlling where one’s own data goes (UMA, HEART, and beyond). Digital identity is absolutely a central part of this story, with implications for both risk and revenue.

I hope you’ll join me on the Mastering Digital Identity journey still in progress.

Leave a comment

I’m pleased to present this cross-post of an article I developed in collaboration with trusted vision AI leader Paravision. For more information, reach out to info@paravision.ai.

1. Introduction

NIST’s Special Publication 800-63 is a frequently referenced — and often misunderstood — document in the digital identity ecosystem. It shapes how organizations verify identities, authenticate users, and safely exchange identity information. Yet for many people, especially those outside the identity industry, NIST SP 800-63 feels complex, highly technical, and difficult to apply in real-world environments.

The goal of this article is to demystify 800-63 in clear, accessible terms without oversimplifying or glossing over the nuance that makes it important.

Share

What is NIST 800-63 and why does it matter?

NIST is the U.S. National Institute of Standards and Technology, part of the U.S. Department of Commerce. It produces publications defining standards in many business, science, and technology realms where having an official “yardstick” is useful, from plumbing pressure-loss measurements to the viscosity of chemical elements.

Somewhere in the middle, we find the topics of Cybersecurity and Privacy and Information Technology. NIST Special Publication 800-63 is related to both.

SP 800-63, Digital Identity Guidelines, is now in its fourth revision and is a critical contribution to defining measurable confidence — or assurance — in digital identity processes. It defines measurable levels of assurance across three areas of digital identity and access management:

• Identity: How confidently you know the person is who they say they are

• Authentication: How confidently you can trust the method a user uses to log in

• Federation: How securely identity information is passed between systems (like using the SAML or OpenID Connect standard)

Organizations can use 800-63 to mitigate organizational risk by choosing among three levels that NIST assigns to systems for each of the above areas, which can roughly be categorized as low (1), medium (2), and high (3).

Who uses 800-63?

The official scope of 800-63 is limited to U.S. government information systems, but the guidelines are so useful that they’re widely applied in the private sector and even influence global enterprises.

Why is there so much confusion?

Selecting a required assurance level for specific organizational needs may seem like a simple process, and indeed it is this procedural simplicity that has led to the popularity of SP 800-63. However, meeting the requirements behind these levels is much harder. It requires a great amount of attention to technical design, user experience, and operational guardrails. Providers must also undergo rigorous conformance assessments and ongoing reviews to be certified against the assurance levels.

2. How NIST 800-63 evolved — and why It split into 63A, 63B, and 63C

Some of the confusion surrounding SP 800-63 comes from its history. Like many technical frameworks, it has evolved significantly over time.

A brief history of major updates

Originally, assurance was measured with four simple levels, referred to as levels of assurance (LOA) 1 through 4. Today, assurance is expressed across three dimensions:

• Identity Assurance Level (IAL): Levels 1-3

• Authentication Assurance Level (AAL): Levels 1-3

• Federation Assurance Level (FAL): Levels 1-3

The first version of SP 800-63, published in 2011 and called Electronic Authentication Guideline, was simpler and addressed early identity technologies at a high level. The second version (2013) coincided with increased enterprise IAM adoption and growing appetite for interoperable identity federation.

The third version in 2017, finally called Digital Identity Guidelines, was a major shift; to reflect publicly sourced input, it introduced the three-part structure. According to NIST:

“These guidelines retire the concept of a level of assurance (LOA) as a single ordinal… Rather… agencies will select IAL, AAL, and FAL as distinct options.”

The old single-number approach could no longer capture modern identity complexity.

Version 4: the 2025 update

The fourth version (NIST SP 800-63-4) keeps the tripartite model of IAL, AAL, and FAL, while updating requirements to reflect modern identity technologies such as biometrics, identity wallets, and advanced authentication methods. These updates help organizations implement identity systems that are both secure and user-friendly, keeping pace with evolving threats and technology.

The three parts of the publication are:

• 63A: Identity proofing – Guidelines for verifying that a user is who they claim to be.

• 63B: Authentication – Requirements for securely validating user credentials.

• 63C: Federation – Rules for safely sharing identity information across different systems or organizations.

How they work together

The sub-documents are designed to be used in combination. A typical workflow (shown in the below diagram) might look like this: an organization first verifies a user’s identity (Step 1: 63A), then ensures the user can authenticate securely (Step 4: 63B), and finally, if identity data is shared with partners, applies federation controls (Step 5: 63C) to maintain trust across systems.

It’s important to note that organizations don’t have to match assurance levels across all three dimensions. For example, they might choose a lighter identity proofing (IAL1) together with stronger authentication (AAL3). In practice, many organizations end up choosing aligned levels across touchpoints, and IAL2 and AAL2 often emerge as practical “sweet spots” due to feasibility and certification availability.

3. Key Concepts: IAL, AAL, FAL — What They Mean in the Real World

The persistent question in online services, apps, and human interactions is: Has the other side earned my trust? Is it safe to interact with them or do business with them? In real terms: Is this user actually the person they claim to be? Do we know enough about this traveler to keep everyone else safe? Am I interacting with a human or a bot?

Because digital systems today have many moving parts, the supply chain of identification can be long and complex. This is why NIST defines three separate types of measurements:

• IAL (Identity Assurance): Do the user’s security credentials connect to a legitimate real-world human being?

• AAL (Authentication Assurance): How likely is it that the user’s credentials have been stolen?

• FAL (Federation Assurance): How trustworthy is the exchange of identity information across systems?

How organizations apply the levels

Organizations looking to leverage these assurance promises typically get support from vendors specializing in high-assurance systems, artifacts, and processes. The Kantara Initiative performs certification work to approve ecosystem participants at IAL2 and AAL2, which allows these providers to use a trust mark signaling their capabilities.

Negotiations and agreements around assurance usually take place in:

• Business contracts

• Trust frameworks

• Operational policies

Leave a comment

4. Navigating the Standards Ecosystem

An organization operating across multiple jurisdictions or sectors may encounter assurance requirements that don’t map neatly to each other. While this risk is lower today thanks to NIST’s influence and the adoption of standards globally, true conflicts can still arise — for example, when authenticating minors, complying with local biometrics laws, or meeting detailed user experience requirements like those in UK Open Banking.

In these cases, a good approach is to aim for a “high-water mark”: the strongest assurance requirement across all applicable frameworks. While SP 800-63 doesn’t define the use of finer-grained levels, like “IAL2.7”, organizations can adjust their internal policies and processes to get as close as possible to meeting multiple parties’ requirements.

Emerging trends to watch

NIST SP 800-63 revision 4 took years to produce, so another full revision isn’t expected soon. However, just over a year before it was finalized, NIST published a supplement providing interim guidance on emerging passkey technology.

We can expect NIST to release more supplements in future to keep pace with fast-moving areas. For instance, innovations in AI agent security or new threats like injection attacks may require similar interim guidance.

5. FAQs and Common Misunderstandings

NIST has published a Frequently Asked Questions list with answers, and enables the public to ask additional questions.

What are common mistakes organizations make when interpreting the standard?

A common misconception organizations make is that the three assurance dimensions — IAL, AAL, and FAL — must always match numerically. In some cases, perfect alignment can be appropriate, but it’s often unnecessary. For instance, an organization might choose lightweight identity verification (IAL1) combined with strong authentication (AAL3). This approach ensures that the user is strongly authenticated without having to handle sensitive identity verification data when it isn’t required.

How can buyers avoid jargon overload?

When in doubt, organizations should focus first on the real business risks they are trying to mitigate, then seek to understand how the assurance levels might help them mitigate that risk.

Closing Thoughts: Key Takeaways on NIST 800-63

NIST SP 800-63 provides a practical framework for measuring confidence in digital identity. By separating assurance into three dimensions — Identity Assurance (IAL), Authentication Assurance (AAL), and Federation Assurance (FAL) — it allows organizations to apply nuanced levels of risk management rather than a one-size-fits-all approach.

A few key points to remember:

• Start with business risk, not technology. Identify what you’re trying to protect, then select assurance levels that help mitigate those risks.

• Levels don’t always have to match. Lightweight identity proofing (IAL1) can be paired with strong authentication (AAL3) where appropriate. In practice, IAL2 and AAL2 often hit the “sweet spot” of feasible implementation, risk reduction, and certification availability.

• Implementation is more complex than selection. Achieving certified assurance levels requires careful attention to technical systems, operational processes, and user experience.

• Ongoing evolution matters. Supplements and interim guidance allow organizations to adopt emerging technologies, like cloud-syncable passkeys or AI-related security measures, without waiting for a full SP 800-63 revision.

Ultimately, SP 800-63 is designed to help organizations make smarter, risk-based decisions about digital identity, whether in government, private enterprise, or cross-sector contexts. Understanding how the three assurance dimensions interact and how to apply them in the real world is the key to confidently navigating today’s complex digital identity landscape.

I hope you enjoyed this installment of The Workshop. It’s part of a larger conversation about the future of identity and how to make it — in a word — irresistible. I hope you’ll subscribe as we continue to push the edges of the envelope here at Venn Factory.

Subscribe now

It’s become a frequent topic of conversation with identity friends of late.1 In the early days of the web, our feeling of intellectual freedom and excitement was palpable. Big new ideas would zing back and forth in blogs, crossing company lines freely. Anyone could make a difference and nobody was consumed with monetization or social media influence.2 There was nothing to scroll — except perhaps the blog aggregator known as Planet Identity.

I don’t believe this phenomenon is gone for good. I see sparks of it in the way ideas — like “Chief Identity Officer” and “Token-Based Access Control” — have bounced around different podcasts and LinkedIn posts, getting refined along the way. And those of us involved in standards definition work seem to have honed the art to a fine edge, accelerating development of protocols. (Whether we now have too many is a topic for another day.)

Today I saw Ian Glazer’s reflective post on 25 Years in the IAM business, and I’ve been reading Heather Flanagan’s great series (start here) that I’ve mentally bookmarked as “Whither the Internet?”

So I’m emboldened to share with you today the results of a challenge set for me a few days ago by John Wunderlich. He had been reading yet another post that hoped to “help bring back the good old free and open Internet” and, well…

this triggered “Back in the USSR” in my head, except the refrain was “Back in the HTTP”

As the onetime ringleader of the Internet Identity Workshop 2006b crowd that penned and performed “Bohemian Rhapsody in the Key of ID” (also affectionately known as Bohemian Rhaps-ID”), I couldn’t resist making the attempt.

Back in the H.T.T.P.

Sung to the tune of Back in the U.S.S.R.

Oh, surfed the web and ended up at A.O.L.
Didn’t get to bed last night
Clicked a blinking banner ad and entered hell
Man that virus was a fright

I’m back in the H.T.T.P.
Without a shred of security
Back — in the H.T.T.P.

Everybody blogging for the hell of it
No pixels tryna phone back home
S.E.O. was just a twinkle in my eye
Couldn’t even browse with Chrome

I’m back in the H.T.T.P.
With lots of speech — but not beer — free
Back — in the H.T.-
Back — in the H.T.-
Back — in the H.T.T.P.

Well e-commerce sites really knock me out
I’m going dot-com blind
I’m buying pets and furniture
My life’s on GeoCities with all humanki-ki-ki-ki-kind

I’m back in the H.T.T.P.
But now I’ve lost all my privacy
Back — in the H.T.T.P.

Well the I.E.T.F. controlled the world
Left F.T.P. behind
Then the flag of the W.3.C. unfurled
And H.T.M.L. wouldn’t be sideli-li-li-li-li-li-lined

Oh, Simple Object Access overtook the place
The cleanest Protocol around
SAML started federating cyberspace
Now we’re really Web2 bound

I’m back in the H.T.T.P.
With S. for added security
Back — in the H.T.T.P.

That’s the comedy bit echoing through my mind ever since my recent chat with Jim McDonald on episode #379 of the Identity at the Center podcast.

In that sketch, New Shimmer promises to polish your floors and sweeten your dessert. The absurdity, of course, is that it’s trying to be two wildly different things at once, and somehow, we all nod along.

Subscribe now

That, in many ways, is identity today. It’s compliance and innovation. It’s security and experience. It’s infrastructure and strategy.

We’ve built something that’s supposed to hold the entire digital organization together, while also making it frictionless, personalized, and safe.

And somehow, we’re surprised when sparks fly.

The puddle problem

During the conversation, Jim painted a vivid picture of what it’s like to be an identity practitioner today:

“We’re trying to pull the plug from both ends and plug it together. That’s if there’s only one plug on each side. And it’s raining and you’re standing in a puddle. Good luck. If you don’t do it right, you might get electrocuted.”

He’s absolutely right. That’s what it feels like when every business unit has its own pocket of identity, marketing wants one thing, product another, IT a third, and security a fourth.

Everyone has their own plug, their own priorities, their own puddle.

And in the middle of all this, someone eventually asks:

“So… who actually owns this?”

Share

When “who owns it” meets “who is it”

CEOs often assume identity is handled by the CISO, as an extension of cybersecurity.

“That’s why I hired one,” they say.

But identity doesn’t stay politely in the security box. It spills from Protection into Personalization, Payment, and People – what I call the four P’s.

When those four forces collide, it’s no longer a single-function problem. It’s an organizational one.

Identity doesn’t just secure the business – it is the business. It determines how trust is formed, how customers feel seen, and how innovation stays safe.

So yes, in your organization perhaps it’s the CISO who implements. (CISOs own only as many as half of workforce identity programs. Owning CIAM would be rare.)

But it’s the CEO who empowers.

And that distinction might just decide whether your cords light up…or short out.

Empowerment in the puddle

The hard truth is that the puddle isn’t going away.

Complexity is here to stay – multi-cloud, hybrid work, AI agents, mergers, and regulations all keep pouring water into the system.

But we can’t stand still.

It means we empower the people holding the plugs.

The organizations that succeed are the ones where leadership sees identity as a strategic advantage, not just a compliance burden.

They give identity teams the air cover, budget, and cross-functional mandate to connect the system safely and beautifully.

Because when those cords finally come together, they don’t just power security. They power trust.

Both, by design

Identity, like New Shimmer, is both a floor wax and a dessert topping.

It’s the polish that keeps systems secure and humming, and the sweetness that makes experiences delightful.

If we can start treating it as both, maybe we can stop tripping over the cords and start lighting up what matters.

Listen: My full conversation with Jim McDonald on Identity at the Center discusses my forthcoming book and dives deeper into the messy, human, and often electrifying challenge of making identity work—for everyone.

At Venn Factory, we help leaders see identity not just as a risk to be managed, but as an advantage to be leveraged.

Leave a comment

For those who have been following my "3 Identity Links" blogging here, I hope you'll check out its new home on Venn Factory’s LinkedIn page, reborn as The Venn Shortlist.

Subscribe now

This month's lens opened the aperture on ecosystem trends that all impact #digitalidentity in various ways. Regarding the discussion about "industry problems" and standards in link no. 3, the pace of AI agent-related specs is just NUTS right now. With #AP2 (and many others), we're at the point of needing a registry of daily proposals and a specialty LLM just to analyze and compare them. But do any address key questions of why businesses (and humans) are generally unwilling to take a human out of the loop?

Another way to put this: We've had OAuth dynamic client registration for a really long time. What's kept us from using DCR to automate way more of our wide-ecosystem app relationships already?

(Follow Venn Factory to catch more issues of the Shortlist!)

Follow Venn Factory on LinkedIn

If something can’t go on forever, it won’t.

I’m an optimist, some might even say a Pollyanna. There’s nothing like contributing to novel Internet standards efforts to demonstrate one’s belief in hope over experience! But after 25+ years in the trenches of digital identity, this maxim of economics is starting to hit close to home.

So many of our current identity paths are unsustainable. Security is still eroding. Privacy is still evaporating. Trust is threadbare at best.

Subscribe now

Identity’s Death Spiral

I’m not a fan of the phrase “identity is broken” — but the way we do IAM often leads to a death spiral of negative consequences for experience, user control, security, and even basic online safety. The Internet commentator I think of as the “login rant lady” said:

…and she’s not wrong.

When Leaders Become Casualties

Part of the downward spiral is psychological.

I’m working on a new project1, for which I’ve identified three fatal delusions that leaders often cling to to feel safe.

The first delusion can be stated as:

Our identity solutions, automations, checklists — and standards, an ever-growing pile of them — can feel proactive and productive, but none of it is a guarantee of a particular outcome, even if implemented and rolled out.

And the costs for getting things wrong are higher than ever. Have you been following the trend towards personal executive liability for cybersecurity failures? A great new organization called the Professional Association of CISOs (PAC) has launched, thanks to my talented friends Val Mukherjee and Heather Hinton, under the Cyber Future Foundation umbrella. It prepares CISOs for the increasing level of accountability they face in the modern world, including providing CISO-specific professional liability insurance.

But it’s not just CISOs. CEOs are taking direct fire as well, as in the infamous Drizly case:

According to the FTC, Drizly and [its CEO] Rellas failed to implement basic security protections for the collected data, did not use multi-factor authentication, did not limit employee access to personal data, and did not develop adequate security policies. — Security Week, 25 Oct 2022

Share

Fixing Our Foundations?

The Internet, as has famously been observed, was built without an identity layer. All of the layers we’ve been adding on top have gotten more sophisticated over time, exemplified by the recent publication of revision 4 of NIST Special Publication 800-63, the Digital Identity Guidelines.

Do we need brand-new infrastructure to replace the old?

For years, I’ve helped define standards and technologies meant to patch this gap. More recently, I’ve been working with organizations of all sizes, translating identity complexity into language that decision-makers can act on.

What I’ve learned is that today’s identity foundations and innovations can serve as the healthy cardiovascular system of the connected world. They can protect us from exploits and fraud, support our financial transactions, give people choice and control, and even foster healthy digital relationships with businesses.

But only if organizations and their leadership understand their power, value, and full impact. Technical expertise, and a mindset focused exclusively on security, are proving inadequate to the moment.

As the number of executive stakeholders with their fingers in the IAM pie becomes overwhelming, and as detractors proliferate, I believe we need to master identity’s higher purpose so we can make common cause and achieve what we know is possible.

The identity crisis is here. The spiral is accelerating. But crises have a way of forcing evolution.

My question for you is whether it’s possible to help identity fully contribute to a healthy connected world.

Do you see identity circling the drain, or do you believe it can reach an inflection point?

Leave a comment

I have to confide in you about something. Every time I click or type anything at all online, I think and worry about who’s watching and listening. Honestly, it’s tough being a privacy fundamentalist (as researcher Alan Westin termed it).

A whole lot of privacy pragmatists and “TMI people”1, on the other hand, are confiding in their AI pals about pretty much everything, even using them as therapists. This includes a lot of teenagers.

But on a recent podcast, OpenAI’s CEO admitted he thinks they shouldn’t.2

Not because AI is bad at listening, though we could debate that, but because it can’t give you the one thing that makes therapy a safe space: legal confidentiality.

Share

The legal privilege gap

When you confide in a human therapist, your words are shielded by law. When you confide in ChatGPT — or GPT-5, now loose in the wild — they’re not. If a court demands the records, they can be handed over.

And with GPT-5’s entry into what’s being called relational AI — systems that sustain deep, ongoing “relationships” with users — the emotional entanglement risk is higher than ever. These models feel warmer, more consistent, more “there for you” than any earlier AI. But they’re also more dangerous in the absence of safeguards.

The connection to my world of identity and delegation

I’ve been spending a lot of time in the trenches, helping to define what different actors — human and non-human — can and can’t be trusted to do.

• At the OpenID Foundation’s eKYC group, I recently presented use cases for delegation of authority across every possible direction: from a competent adult human, a company, or even a newborn baby, to another (insert any of the above). We examined adding AI agents to the mix.

• Having been invited to an American Bar Association webinar on agentic AI risk, I joined prominent attorneys in considering whether AI could ever bear liability for their actions given current legal frameworks. Spoiler: Prospects are slim to none.

• In the Death and the Digital Estate (DADE) group I co-chair, we’re soon tackling persona and relationship definitions using a method based on my white paper, including how delegation to a family member survives beyond death. What happens when the delegator is gone, but the authority persists?

The messy part? AI agents are software-based and they even can control other software like humans do, but they can’t be held legally liable for anything they do. Sounds to me like a perfect excuse for mapping things out in a Venn diagram…

All of this has a bearing on the therapy question. We’re anthropomorphizing AI, giving it a seat in our most personal conversations, but without giving it the capacity or obligation to take responsibility.

Subscribe now

Emotional Labor vs. Algorithmic Labor

Altman has admitted he wouldn’t trust ChatGPT with his own medical fate unless a human doctor was in the loop. That’s telling.

Ever since the days of the ELIZA bot in 1966, AI has been generating ever-better empathy cues, the right pauses, the “I understand” statements… But it can’t shoulder the ethical and legal responsibilities humans can.

Several US states are already outlawing AI therapists, and the challenge is clear. Until we align capability with accountability, or conduct our chats on a fully protected edge device, AI “therapy” might as well be a confession caught on a hot mic.

Your turn. Have you ever confided in AI? What legal or ethical safeguards would it take for you to truly trust it in that role?

Leave a comment

Ten years ago I contributed to launching HEART, a health IT standards effort at the OpenID Foundation. HEART stands for Health Relationship Trust, and I served as its co-chair along with Debbie Bucci, then of the US Health and Human Services Office of the National Coordinator (HHS ONC).

Share

(What’s an ambient scribe? Read on.)

In my recent post on UMA, you might have noticed that it has lots of healthcare-related implementations. Most of them implemented its HEART profile as well.

Health providers, payers, and regulators — not to mention tech-savvy physicians and patients — have long expressed interest in enabling what we in HEART called Alice-to-Dr. Erica health data sharing. (You can read more about this use case in a white paper published by the UMA group.)

And the HEART effort allowed me to influence a variety of related programs, standards, and US government initiatives, including advising Move Health Data Forward applicants and providing testimony to the HHS ONC’s API Privacy and Security Task Force.

But despite a long-term emphasis on patient centricity, healthcare’s ecosystems have seen less progress than you’d think. Even well-resourced efforts like SMART on FHIR have had difficulty getting going.

A new day for healthcare innovation and patient control?

But that’s not to dismiss new and exciting efforts under way.

The US Centers for Medicare & Medicaid Services (CMS) video I shared a couple of weeks back teased a forthcoming announcement, which is now out: CMS has launched a health technology ecosystem effort.

The agency has made lots of juicy details available. From its interop framework page:

V. Identity, Security & Trust
…

22. Enforces access control and consent policy appropriate to the data access context.

23. Provides verifiable logs or audit records for identity/auth requests and responses for independent review.

CMS calls for FHIR API implementation and interop, sets requirements for consent, and has a patient-empowering outlook. All of this is familiar from previous efforts over the last decade-plus. However, an RFI summary analysis shows that existing tech — and there’s plenty of it — is just not reaching most patients.

Patients & Family Caregivers
Primary Concerns:
The overwhelming burden of managing dozens of logins ("portalitis"); being the "human fax machine" between uncommunicative providers; the emotional trauma of repeatedly recounting complex medical histories; data being "digitally shredded" or lost when changing providers; inability to access complete records (especially images and notes) for safety, second opinions, or disability applications.

So, given that the purpose of a system is what it does, I think it’s reasonable to ask: What conditions have kept progress at bay previously? Are they still in place? How can we change those conditions?

I’m eagerly awaiting news on this front, and am tracking efforts such as Best Choice Medicine (a broadening of Right to Try laws to take advantage of modern-day precision medicine) and proposed legislation to speed up biotech innovation.

Leave a comment

Working with doctors and other subject matter experts in the HEART context, the biggest inhibitors I saw were:

• Risk sensitivity: A risk-averse culture — reasonable when “do no harm” is the highest principle! — pervades healthcare, magnified by an onerous legal liability factor.

• Market signal confusion: The US’s third-party-payer model has emphasized cost management and deemphasized “customer service”. It’s said about Facebook that if you’re not the paying customer, you’re the product. I’ve heard — and personally experienced — the same between physicians and patients.

• Wide ecosystem: When there are many sources and recipients of data, getting a view of the whole thing — never mind controlling data flow — is an extra challenge. Moxie Marlinspike wrote about why (proprietary) platforms tend to win over protocols. Digitized healthcare done right requires, but struggles with, the protocol approach.

The new stuff

So what’s new in this picture?

First, an acknowledgment of the promise of AI. From CMS’s ecosystem categories page:

Conversational AI Assistants

Objective: Use AI-powered assistants to deliver personalized, context-aware guidance to patients by securely accessing and interpreting their medical history in real time.

People are already experimenting in this direction, with abandon or even desperation. Amy Gleason’s video relayed her daughter’s experience generating AI insights by uploading all of her health records, transforming a difficult situation into new successes.

At the same time, AI ambient scribe tools have sprung up that assist with clinical documentation, letting the doctor spend more time directly with the patient vs. hunched over a computer. Health record system behemoth EPIC just announced that it’s planning to add its own ambient scribe features. I can foresee AI agents coordinating data exchange and analysis between patient and doctor.

What else is new? An exploration of the opportunities with digital credentials. The CMS RFI section about preventing “information blocking” (interference with health data flow) intends to include decentralized verifiable credentials along with traditional identity verification:

a. What are the challenges today in getting patients/caregivers to sign up and use digital identity credentials?

b. What could be the benefits to patients/caregivers if digital identity credentials were more widely used?

c. What are the potential downsides?

They’ve got a new attitude

Despite past challenges, I love seeing the energy in CMS’s new initiative. Many tech giants have come to the table voluntarily, and they’re in a position to affect outcomes quickly.

I’ll be keeping a close eye on them all. It seems the time is ripe; just yesterday I even heard about a new HEART-related project gearing up in Canada. My fervent wish is for CMS to evolve health regulations to unlock modern health tech, and ensure true openness in connecting participants of any size to these health data ecosystems…including individual patients and providers.

If you got value out of this post, why not subscribe? I’d love to welcome you to Venn Factory’s Workshop community and get your thoughts on other topics to cover.

Subscribe now

Quick 3 Links today.

Find a common thread among these three links? Challenge accepted!

CMS Health Tech Ecosystem - A Special Message

Published on 26 Jul 2025 on YouTube by the U.S. Department of Health and Human Services; h/t Josh Mandel on LinkedIn

If you care about health IT, Josh Mandel, MD is a must-follow for his ground-breaking experiments in health data flows that work better, including AI research. I was grateful for his pointer to this video from HHS’s Strategic Advisor, Amy Gleason, making a strong call to industry for, well, more innovation of a similar sort. She had me from the get-go.

What if I told you that in 2025, your health data is doing less for you than your grocery shopping app?

Watch all three minutes to learn exactly what happened when her daughter uploaded her health records to an AI assistant.

There’s a hint in the video captioning, if not the talk track, that some related announcement is coming on July 29th. We shall see.

Share

Sam Altman warns there's no legal confidentiality when using ChatGPT as a therapist

Published on 25 Jul 2025 at TechCrunch

Okay, connecting this piece to the previous one is not actually a stretch — I’m sandbagging a little.

Sam Altman, while fighting a court order to produce customer chats, is also warning that people really ought not to talk to ChatGPT about all of their emotional struggles.

“I think we should have the same concept of privacy for your conversations with AI that we do with a therapist or whatever — and no one had to think about that even a year ago.”

Of course an AI chatbot is not a legal entity, much less a licensed one like a doctor or therapist, but if he’s suggesting there should be similar protections over such chats, I can think of quite a few things his company could be doing or investigating to provide better-than-legally-compliant privacy. After all, as the article points out, many individuals are motivated to seek out such features — at least when they’re given transparency about market alternatives.

Any health innovations will need a strong grounding in protections of every sort, such as those mooted in my Consent Is Dead paper. (Did you know that some medical professionals believe informed consent is impossible to achieve?)

Leave a comment

Intruder releases free tool to detect broken API authorization

Published on 22 Jul 2025 at TechCrunch

Intruder Solutions has released AutoSwagger, a free open-source tool that finds your machine-readable API documentation and surfaces un-secured endpoints.

(Health of an API — get it? Not an API for health like FHIR, though this tool should probably be run on FHIR servers too.)

…the tool has already been found to be effective. During Intruder’s research and testing of AutoSwagger, the company’s security team detected exposed Salesforce Inc. records with personally identifiable information at a large multinational tech company and an exposed internal staff training application [t]hat would have allowed potential attackers to run queries against the database at a multinational soda company.

The only thing I’d push back on here is the prescription coming from the company itself.

“The lesson here is, in addition to regular API scanning after each development iteration, that you shouldn’t publicly document your APIs unless you can’t avoid it.”

I understand avoiding exposing information to hackers; this is why error messages shouldn’t be too verbose. But the principle of the API economy — not to mention Zero Trust — is that you should be able to treat any component as external. If you have endpoints, you MUST protect them, if not with a highly flexible stack like OAuth, than at least with something. The vulnerability is not “returning sensitive information”, it’s “missing authentication”.

Something is better than nothing. You heard it here first.

Short and hopefully sweet this week. I hope you’re enjoying the dog days of summer if you’re in the northern hemisphere, or the “dog days of winter” if not. Drop me a note if you’ve got upcoming plans that can use Venn Factory advisory or speaking to make them irresistible. I’ve got a new webinar appearance coming up on August 15 — make sure to subscribe or follow me for details!

Subscribe now

First, an update on my last post. I said “we need standardized infrastructure something like” Microsoft’s OBO OAuth profile. I was remiss in not linking to this individual IETF Internet-Draft from WSO2, OAuth 2.0 Extension: On-Behalf-Of User Authorization for AI Agents, dating from a few weeks ago, which could end up on such a track at some point. Its flow has a “requesting party” feel, and its authors are participating in the OpenID Foundation’s new AI Identity Management community group, where some great discussions are already happening.

Now let’s get to a fresh crop of links! I promise I’ll explain today’s title.

NOTE: If you’re not familiar with Internet Rule 34, expect NSFW search results…

Share

Facial age estimation and #onlineporn

Published by Robin Tombs at LinkedIn1 on July 14, 2025

There it is. With all the discussion of age assurance and age verification, references to (what I feel compelled to type as) pr0n are popping up all over the place — and seeing this as a hashtag on LinkedIn gave me pause. It’s a great use case. While my SXSW talk pointed to proposed age verification laws for dieting and skincare products, honestly pr0n is sort of THE use case for age testing. Even though people don’t inherently want to be age-tested for any product, given Rule 34 and its accompanying regulation, is pr0n gated by privacy-preserving age estimation the killer use case for consumer-driven verifiable credentials?

This means the majority of individuals won’t need to repeatedly use ID Docs, credit cards, Name+DoB+Address to prove age at thousands of websites & apps where age checks are increasingly required.

Apple wins a patent for Apple devices with Radar-Based Biometrics that could detect Heartbeats, rate of Breathing, Tremors, Seizures & more

Published by Patently Apple on July 1, 2025; h/t Gabriel Steele on LinkedIn; patent here

News of this and related patent applications broke a couple of years ago. Now radar-based biometrics are even closer to reality. The opportunities for passive health micro-monitoring are exciting; as a participant in the longevity movement, I hope we will all be able to benefit.

Gabe also points out opportunities for fraud detection — and naturally his comment thread also turns to discussions of privacy. This is your regular reminder that even with selective disclosure through wallets, correlation and linkability are never far away…so keep reading for my thoughts on a proposed solution.

(I will leave any connection between items no. 1 and no. 2 as an exercise for the reader!)

Subscribe now

Musings of a Trust Architect: When Technical Standards Meet Geopolitical Reality

Published by Christopher Allen at Blockchain Commons

Commenting on the recent Global Digital Collaboration conference, Chris amply documents how, despite many years of effort, his own very much included:

Supposedly self-sovereign certificates phoning home whenever they’re accessed is another recent threat that demonstrates best intentions gone awry. This not only violates privacy, but it undercuts some of our best arguments for self-sovereign control of credentials by returning liability for data leaks to the issuer. The No Phone Home initiative that Blockchain Commons joined last month represents one attempt to push back on that, but it feels like plugging holes in a dam that’s already cracking. It all does.

(I commented on NoPhoneHome similarly here.)

Chris’s take is thoughtful and detailed. My take is that the reigning dynamic is constant pressure towards centralization. This is much broader than public- or private-sector imperfections; it explains SaaS, crypto exchanges, and a lot more. I gave a talk at Identiverse 2023 called Can Subsidiarity Save Decentralization?, explaining that subsidiarity is the principle of keeping governance as hyperlocal as possible.

My premise was that although digital decentralization is not cost-free, insidious re-centralization could be battled with transparency about the closeness of relationships among the online entities you’re interacting with, to let you optimize the alignment of others’ interests with your own. It seemed very abstruse at the time.

The talk isn’t online — though I’m happy to share the slides if you drop me a note. But a fresh search shows a recent spate of real research on the topic.

Chris concludes with:

Perhaps it’s time for a new architecture: one that acknowledges these inversions and builds resistance into its very foundations.

I agree — but we should be cautious of creeping hubris that says we can easily out-game such persistent patterns.

Thanks for reading! What’s your take?

Leave a comment

In other news, I’ll be appearing with my Persona-Driven Identity coauthor Jacob Ideji on Mike Schwartz’s Identerati Office Hours show on Tuesday, July 22 — hope you can tune in live! You can get the white paper free through the episode page, and you can always check out my News page to catch forthcoming appearances.

This post may arrive truncated in email. Click the title to RTWT.

The User-Managed Access (UMA) protocol, whose standards effort I founded and ran for many years in the Kantara Initiative, is coming up more frequently in discussions of how to authorize service access by, and delegate access authority to, AI agents. Does UMA solve or at least illuminate important problems not covered by other elements of the stack? How ready for use is UMA, given the moment we’re in?

Share

What is UMA again?

In November I wrote about the “non-orientability of OAuth” in a post that, along the way, explained some UMA basics. It’s been my third most popular post to date.

To restate that summary: UMA enables…

• Alice-to-Bob sharing: In the form of a somewhat creative OAuth grant spec, UMA 2.0 introduces the requesting party (RqP), an entity that serves as a counterpart to OAuth’s resource owner (RO). I used to describe it as “WAM for people” — instead of Bob simply being denied access, his client is told how and where to seek access.1

• Ecosystem of resource protection: In a companion federated authorization spec, UMA2 introduces an API that enables loose coupling of the authorization server (AS) and resource server (RS) roles. AS:RS relationships can thus more easily become n:n, with RS’s outsourcing authorization jobs to an externalizable AS.

• Ecosystem overseen by Alice: That API is protected with OAuth itself in recursive fashion. This trust model thus puts every AS-RS pairing in an RO context, and Alice’s instructions to an AS inform the access tokens issued to those connected RS’s.

What job is UMA really trying to do here? As discussed on LinkedIn with George Fletcher, it’s going for delegation of access rights (a matter of entitlements). Think “Adding a Google Docs-like Share button to any application.”

Human-to-human sharing is the hard case. But we also ended up sketching a business/legal architecture that admits arbitrary entity-to-entity access licensing.

Either the RO or the RqP could be, for example, a corporation (non-human entity) or a baby (human not yet competent to consent) — represented through delegates that we ultimately called Resource Rights Administrators and Requesting Agents (huh, there’s that word).

Note: The protocol doesn’t explicitly address this need for delegation of authority obligations, though I’ve found it quite helpful to have names for all the actors that are floating around when building authority delegation use cases.2

Subscribe now

What’s going on with UMA now?

I’m aware of a couple of key UMA deployments:

• Financial: The UK Pensions Dashboard Programme profiled UMA in what might be called a FAPI-like fashion to support its wide-ecosystem use case:

  Pensions dashboards will help individuals view their pensions information online, securely and all in one place, thereby supporting better planning for retirement and growing financial wellbeing.

  

  The first pension provider connected in April and others have followed. UMA is a relatively small but critical component of this ecosystem; you can find the profiling details here.

• Healthcare and public sector: Several of Canada’s provinces have deployed UMA-based solutions developed by IDENTOS. They have extended UMA with additional privacy protections and they’ve described their solution to me this way:

  We empower our customers to offer user-centric data access and exchange, with security and privacy built-in.

  Following my tenure as UMA WG chair, IDENTOS’s CTO Alec Laws took the reins and holds them today.

Here are implementations I’m aware of, several of which are open-sourced:

• ForgeRock (now merged with Ping)

• Gluu

• HIE of One

• IDENTOS, already mentioned

• Keycloak

• Patient Centric Solutions

• Pauldron

• WSO2

While the specs have been stable since 2018 — and truth be told, there hasn’t been a lot of brand-new work on UMA-related projects — recently a vulnerability was reported and mitigated through additional security guidance (thanks, Gabriel Corona!). You can check out the details on the Kantara wiki. In a nutshell, UMA’s standardization preceded that of DPoP, so at the time we couldn’t provide exact proof-of-possession guidance, only a quick pointer to a draft in process.

What lessons does UMA hold for AI agent delegation?

Alex Simons of Microsoft posted a call-to-action on the future of AI agents in May, which provides a good starter list of requirements. Like many others, Microsoft assumes OAuth as a starting point — which is reasonable.

Similarly, the Authenticated Delegation and Authorized AI Agents paper spearheaded by the MIT Media Lab (which I pointed to in a previous post) analyzes a set of challenges posed by using the OAuth stack, including UMA.

In the interest of spurring discussion and keeping this too-long post a bit briefer, here’s a hybrid list of the challenges from both [MSFT] and [MIT] where I believe it’s useful to reflect on UMA’s capabilities and lessons learned:

The need to recognize Agent IDs as first-class actors ([MSFT] #1): UMA gives us language to talk about whether we think an agent is acting in the role of a client application or a requesting party — or maybe we need to prepare for both.3

The need to grant agents their own permissions ([MSFT] #2): UMA basically exists for this. A big motivation was solving access delegation to prepare for the day when “friendly impersonation” by sharing passwords falls over of its own weight. With passkeys and agents, it seems that day has come.

The need to track who or what an agent is acting on behalf of ([MSFT] #3): UMA’s business/legal architecture lets us talk about this more precisely, but doesn’t solve for it. I was unaware of Microsoft’s OBO OAuth profile until quite recently; we need standardized infrastructure something like this.

The need to discover permission and delegation options ([MSFT] #4): UMA doesn’t exactly address this. It has a hint of a solution in its federated authorization protection API, where the RS can make calls to a resource registration endpoint to put relevant resources and their scopes under the AS’s protection. AuthZEN is likely more suggestive given its recent work on search capabilities.

The need for more fine-grained resource- and scope-based access control ([MSFT] #5): UMA’s resource registration solution suffers from being too static given modern web resource complexity and dynamicism, so it doesn’t solve this problem.4 It also suffers from requiring the RS to actively make calls to the AS for admin tasks, which seems unpopular. The OAuth Protected Resource Metadata spec, recently standardized as IETF RFC 9728, addresses the latter by allowing the RS to simply declare some metadata that the AS can pick up asynchronously. But I believe this new spec still suffers from inflexibly static resource descriptors. Maybe AuthZEN could be instructive here as well.

The need to consolidate multiple sign-in flows ([MIT] #1): UMA suffers from this at a different point in the user journey than OAuth or OIDC does, because it invents a new point of centralization designed to provide human value: the UMA AS. In a wide ecosystem, the RO still has to connect each RS to the AS serving as their aggregation point. Solutions to date have leaned on the time-immemorial technique of narrowing the ecosystem to the point where AS-RS trust can be built-in. This is where [MIT] suggests using verifiable credentials to scale the experience better.

The need to mitigate server-side privacy risk ([MIT] #2): IDENTOS’s enhancements of UMA protect the AS from having to know RO-policy-related PII, and I believe the approach is wallet-like. [MIT] proposes a hybrid approach; maybe they’re right!

What do you think?

What problems do you think need solving in the AI agent era? When do you think we’ll make Alice-to-Bot delegation a “settled problem”? Where can UMA help?

Leave a comment

Here’s a Venn diagram describing UMA’s authorization assessment guidelines so I can at least end on a pretty (geeky) picture.

Links this week are a bit late due to my travel to fabulous São Paulo, Brazil for NetBr’s Overflow conference. My Mastering IAM’s Higher Purpose talk addressed identity not just as a shared service, but as a product with a bewildering variety of customers. Hence the jobs-to-be-done appearance above.

I’m grateful to NetBr and its fearless leader Andre Facciolli for helping me broach this topic from stage and with its customers. If we want to see success in our IAM programs, this is the kind of “CIDO conversation” we need to have.

Now on to the links…

Share

In a world first, Brazilians will soon be able to sell their digital data

From Rest Of World, 30 May 2025

If implemented, Brazil’s will be the first public-private partnership that allows citizens, rather than companies, to get a share of the global data market, currently valued at [USD] $4 billion and expected to grow to over $40 billion by 2034.

Last week I was able to experience Brazil’s impressive edge in payment tech first-hand as I moved about, doing my part for the local economy by selflessly buying souvenirs and coffees. :) And as we know, payment and identity are like a binary star — two components that are “gravitationally bound to and in orbit around each other.”

Will this dWallet data ownership pilot project find success?

The project takes its place in a long line of experiments to allow people to participate directly in the personal data monetization economy. (My team at ForgeRock worked with partners to propose an “operator tokenomics” model in 2022, as one example.) The multi-sided nature of these markets makes ecosystem predictions very tricky indeed. I’m interested to learn what the nth-order effects are.

Banking data reveals early warning signs of cognitive decline in older adults

From Medical Xpress, 16 June 2025

Speaking of banking and personal data…

The study … compared 16,742 individuals who were registered for power of attorney (PoA) due to a loss of financial capacity with a control group of 50,226 matched individuals without reported capacity loss. …

[S]ubtle but significant changes in financial behavior … begin to appear several years before individuals are formally identified as lacking financial capacity. …

"It is a powerful demonstration of how anonymized banking data can be used responsibly to protect the most vulnerable members of society."

Hmm. Having written on ways to use persona-driven identity as a security control, I can certainly see early cognitive decline as a kind of emergent persona that is detectable from context. And the medical implications, as well as the implications for delegated authority, are interesting. But it remains to be seen whether data that can be used responsibly will be. What do you think?

Leave a comment

The Privacy Americans Are About to Lose

From Kim Hamilton Duffy, 24 June 2025

Speaking of wallets and data monetization and jobs-to-be-done…

This post — third in a series on mobile driver’s license (mDL) privacy — is a must-read, and not just because Kim injects two awesome phrases, accidental privacy and digital recklessness:

In the mDL discussions, we’ve been operating from different assumptions because most of the world doesn’t understand how Americans actually use driver’s licenses. Unlike many countries that have widely-used national ID cards for identification and separate licenses for driving, the United States uses driver’s licenses as the de facto national identification for countless daily activities.

Here’s my take, replayed from LinkedIn:

This is a phenomenal post, in great part because it catalogues the many affordances around traditional licenses that have grown into legitimate jobs-to-be-done.

I fear the #NoPhoneHome push is insufficient to actually restore “accidental privacy” (great phrase!) and that digitizing licenses itself will be the root of various other losses even without phone-home. We saw many unintended consequences of electronic health records as well, such as physicians spending less time actually engaging with patients.

If you’re unfamiliar, #NoPhoneHome is a petition, launched in early June, advocating for identity wallet tech to swear off making direct server calls. I was asked to sign but ultimately felt that this take lacks so much nuance that it’s unhelpful. As my SXSW talk noted, what’s even less safe than driving without a seatbelt on is thinking you have one on when you don’t. Without truly extraordinary assurances, people still need to assume tracking.

Thanks for reading! If you’re already making plans for 2025’s identity conference season no. 2, consider adding my unique education, perspective, and foresight to your conference events, customer gatherings, and webinars. I’m already scheduling events into December.

Book a free consultation

The smart things conversation has been with us for about a decade, since “M2M” turned into “IoT”. And I’ve been trying to push things along in the right direction the whole time. Today’s link trio is proof that plus ça change, plus c'est la même chose…

Share

Wait, Automakers Can Shut Off Connected Car Features At Any Time? Yes—and They Are

Published in MotorTrend on 30 May 2025

How long will those often subscription-based connected services continue to work or be supported by automakers? It may not be as long as you think.

Zero Dollar Car came out in 2017. Turning vehicles into recurring-revenue extravaganzas happened in a torrent after that. Along with a lucrative SaaS business model, there’s been an acceleration in automotive “technology refresh” cycles, which to my mind is not entirely unwelcome since legacy cars miss out on safety features. But now it’s bumping into the right-to-repair movement and other consequences of licensing features of our devices rather than owning them.

This pattern is one reason why I’m so strongly in favor of right-to-use licensing over personal data that runs in the person-to-service direction.

Makers of air fryers and smart speakers told to respect users’ right to privacy

Published in The Guardian on 16 June 2025; h/t DuckDuckGo newsletter

Speaking of which…

After reports of air fryers designed to listen in to their surroundings and public concerns that digitised devices collect an excessive amount of personal information, the data protection regulator has issued its first guidance on how people’s personal information should be handled.

Air fryers?? And I thought making fun of smart socks was a good time a decade ago. (Now they’re cool.)

The only way to understand why the manufacturers of air fryers, smart speakers, TVs — and automobiles for that matter — seem to have trouble “respecting privacy” is to interpret data monetization as their core business model. Maybe we should adopt a mental habit of sticking “zero dollar” on the front of every smart device’s name (that’s “Albert the zero dollar air fryer” above) to remind ourselves of what’s going on.

Subscribe now

Agentic Misalignment: How LLMs could be insider threats

Published by Anthropic on 20 June 2025

The bloom is well off the rose now. And now we come to the new era of clever things — clever software things.

Last week I shared the latest news on how to handle delegation of authority to AI agents. (The related news this week is a new OpenID Foundation Community Group to work on AI+identity problems like this one — well done, folks!)

But now we see that aligning AI agents to human goals is going to be an uphill climb in a very esssential fashion.

In the scenarios, we allowed models to autonomously send emails and access sensitive information. They were assigned only harmless business goals by their deploying companies; we then tested whether they would act against these companies either when facing replacement with an updated version, or when their assigned goal conflicted with the company's changing direction. …

In at least some cases, models from all developers resorted to malicious insider behaviors when that was the only way to avoid replacement or achieve their goals—including blackmailing officials and leaking sensitive information to competitors. …

Models often disobeyed direct commands to avoid such behaviors.

Some cases, you say?

This chart is astonishing. Blackmail rates nearing 100%? Sure, data monetization is a challenge for humans, but digital sociopaths are another thing entirely. And all five models tested were in stratospheric blackmail territory. More regulations certainly won’t fix this.

It seems very difficult to get smart things of any kind to act in our best interest.

Thanks for reading, and special thanks to my new subscribers. In the Persona-Driven Identity paper at Venn Factory Learning, my coauthor and I discuss both human and AI personas, and look at some ways to tackle separation-of-personas violation checking. Could it help bring misaligned AI agents back into alignment? I’d love your thoughts.

Leave a comment

The links I’ve got for you this week are meaty — several long papers, all with a strong focus on the intersection of delegation and AI agents. I haven’t fully digested the most recent two myself, having been flying all over creation (and vacationing some). But I wanted to put them all in one place, as much to be a personal reading list as to help spread the word. Getting the subtleties of the D-word right is important to me.

A community group is said to be spinning up at the OpenID Foundation on this topic. I hope all the conversations in the different subcommunities will meet in the middle, sooner rather than later.

Share

ARIA Agent Relationship-Based Identity and Authorization

Published by Patrick Parker on LinkedIn on 2 June 2025

Think of it like giving your assistant your corporate card, but with precise spending limits, time windows, and automatic audit trails.

Patrick published this as a discussion draft just before heading to Identiverse, kicking off a huge discussion — both online and in person. There’s a big role for an OAuth Token Exchange on behalf of (OBO) profile — which doesn’t seem super-interoperable out there, from what I can see, but makes perfect sense conceptually. (N.B.: Patrick mentions “a few patents pending on this”.)

A Novel Zero-Trust Identity Framework for Agentic AI: Decentralized Authentication and Fine-Grained Access Control

Published by Cloud Security Alliance on arXiv on 25 May 2025

The core problem this current paper addresses is the fundamental mismatch between existing IAM paradigms (e.g., OAuth 2.0, OpenID Connect (OIDC), SAML) and the unique characteristics of AI agents in MAS [Multi-Agent Systems].

This framework similarly occasioned a ton of discussion on LinkedIn. It leans heavily on verifiable credentials mechanisms — “third wave” standards, if you will, vs. the “first wave” of SAML and the “second wave” of OAuth. Is the first paper an existence proof of what the second paper claims simply will not work? What is it missing?

Leave a comment

Authenticated Delegation and Authorized AI Agents

Published on arXiv on 16 January 2025

January may seem like an eon ago in AI years! But this paper was timely in exploring many of the same issues covered in depth by the other links, and even compares second- and third-wave approaches. I appreciated both its inclusion of UMA options and its analysis of the “legal grounding for authenticated delegation”.

At its core, agency law determines when a principal may be held liable for the acts of their agent, ensuring that third parties are not unfairly disadvantaged by having to ascertain who holds ultimate responsibility.

Thanks for reading! Just a quick note about Venn Factory Learning: That’s where I’ve just published the 12-page transcript of my talk at SXSW 2025, which centered on Why Identity Matters — the modern conundrum of digital identity for individuals and businesses alike. It’s free to download, so check it out! And you can use code ZZAUTH for 50% off everything else (extended to June 21).

Subscribe now

Okay, these links aren’t about identity per se, but they may speak to the geek in you, especially if you’re of the XML variety. Consider this a “lighter side” issue in honor of Identiverse in Las Vegas this week.

Hat tip to my old friend Norm Tovey-Walsh for the first two entries.

Share

🤓 The Code Element

Published in HeydonWorks on 5 May 2025

This is a fun and practical exploration of markup, markdown, and metalanguages. When they make the movie about this post, they could call it “Escape from New Markup”.

The markup is the “up” part of the markdown-generated markup, if you will.
— Heydon Pickering

🤓 Cracking The Dave & Buster’s Anomaly

Published in rambo.codes on 12 May 2025

Did you know that if you leave someone an iOS audio message and you say “Dave & Buster’s” (as in the sports/gaming/arcade restaurant chain), you’re likely to have a problem? The issue is the & (which you have to escape with…an ampersand). A detailed case study of system protections and character escaping, with roots that go all the way back to SGML.

Leave a comment

🪐 Why Everything in the Universe Turns More Complex

Published in Quanta Magazine 2 April 2025

Biological evolution as a special case of a new general law of nature? Increasing complexity as “functional information” that leads to differentiation? That doesn’t sound like it’s on the lighter side at all.

But with each layer of markup (or -down) needing encapsulation for protection from higher layers, this article made me wonder if a similar requirement might not be in play in the universe’s development of new functional information. YMMV.

Recently I shared that Venn Factory Learning is up and running, with a variety of resources to help identity pros and their security and privacy cousins learn and lead.

The newest item up there is my paper with coauthor Jacob Ideji on how and why to drive identity through a persona lens — but you can find other goodies too, from authentication vs. AI to the conflicted state of digital consent and beyond.

I'm looking forward to a lot of great conversations about all these topics at Identiverse this week! In honor of the conference, everything at Venn Factory Learning is 50% off through June 14th. Just use code ZZAUTH! (Why ZZAUTH? iykyk...)

Anthropic Faces Backlash As Claude 4 Opus Can Autonomously Alert Authorities When Detecting Behavior Deemed Seriously Immoral

Published in WCCF Tech on 24 May 2025

If there were ever a reason for human-in-the-loop, detecting immoral behavior would be it. We don’t yet have the infrastructure to truly oversee “autonomous” AI activity — though hints of it are starting to show themselves in various “on-behalf-of” delegation efforts. (Human-in-the-loop == PEBKAC is a whole ‘nother risk.)

Leave a comment

Massive data breach exposes 184 million passwords for Google, Microsoft, Facebook, and more

Published in ZDNET on 23 May 2025

These very large online platforms (to coin a phrase…) have long been innovators in large-scale contextual authentication and fraud detection. But they’re still honeypots of very large online repositories of valuable info, and I don’t see that changing, even if passkeys or verifiable credentials become ubiquitous. Not without deep changes in their business models, anyway.

Share Venn Factory: The Workshop

Deepfakes Now Outsmarting Detection By Mimicking Heartbeats

Published in Study Finds on 2 May 2025

The liveness detection arms race continues! Also: “inadvertently”?

Linky issue no. 2 is in the bag! Let me know what you think — and send me your tips. :) Thanks to everyone who sent me linky post series title ideas. Still mulling those. For now I’m keeping it simple.

Subscribe now

Hawaiʻi launches myHawaii platform to streamline access to online government services

Published in Maui Now on 11 May 2025

My former home has been executing a mondo SSO program. Hawaiʻi may be a modestly sized state, but 96 integrated apps (so far) is impressive. Hoʻomaikaʻi ʻana iā ʻoe – congratulations!

Frontegg releases identity management platform for AI agent builders

Published in Help Net Security on 30 Apr 2025

FrontEgg is an example of user management platforms growing up and challenging classic IAM, including in the new era where players are seeking to protect AI interactions in various ways. I predict we’re going to see more such solutions moving upmarket, and more adjacent platforms — such as HRIS’s — getting cozier with IAM.

Share Venn Factory: The Workshop

5 Powerful Persuasion Methods for Engineering Managers

Published in the Manager.dev newsletter on 29 Apr 2025

My “Mastering IAM’s Higher Purpose” keynote at EIC 2025 discussed the extraordinarily broad base of identity stakeholders in the enterprise. The Nemawashi persuasion method discussed would be particularly valuable to use in identity programs.

Subscribe now

It used to be said in the blogosphere of yore that blog posts were either “linky” or “thinky.” Let me know if you’d like to see more linky posts like this one!

Leave a comment

Hello from Berlin!

In my previous post I teased a brand-new white paper, and now’s the time to tell you a little bit about it.

Subscribe now

There’s something in the air, and it has to do with the timeless philosophical question “Who am I?”

When I move about the world — both physical and digital — and interact with others, is it the same “me” in all cases?

When I identify myself to an online service, what parts of me are actually presented, and how much am I allowed to do on that basis?

When I ask a hunk of clever software — an AI agent — to do something on my behalf, how much of “me” is in its workings, and how much does it truly represent me? And when I ask a family member or coworker, same question actually!

We’re only just starting to grapple with the human complexity that makes securing systems tricky. I was excited to come across a recent Linked article from Jen Schreiber and George Fletcher, which combines several of these elements of complexity in a cool way: It moots the idea of “delegating your personas.”

There it is — personas. This has not traditionally been a well-defined or even frequently used concept in the identity world, but it’s coming up more and more.

Over the last several months I’ve been working with my friend, cybersecurity expert Jacob Ideji, to dive deep on the question of whether accounts and login credentials are up to the task of representing this complexity. Our conclusion: It’s high time to turn personas into A Thing — a real artifact that can be used to drive better security and user experience.

To that end, we’ve put together a new white paper that explores these questions, and a few more:

• What are the risks of ignoring the different “characters” we adopt online?

• Can understanding these subsets-of-us help with sharing — and limiting — access in a finer-grained way?

• Can understanding the relationships between people’s various personas fuel better results?

• What’s the right way to use current and emerging tech to take advantage of opportunities around persona thinking?

In the paper, we offer practical findings on making IAM systems both more secure and more empathetic by integrating human complexity into design, architecture, and security controls.

What personas are infused into your digital landscape — joint account holders, patients and caregivers, temporary contractors, others? How do they shape your identity strategy? Are they coexisting or fighting with each other?

Check out Persona-Driven Identity: Enhancing Security by Understanding Human Complexity on the brand-new Venn Factory Learning platform for an in-depth look at persona risks and effective solutions.

To celebrate the launch of both the paper and the platform — along with this week’s EIC conference in Berlin — we’re offering a 50% discount on the paper through May 17. Just use code EIC2025 at checkout; this link builds the code right in.

Share

Many thanks to our expert persona paper reviewers Eric Anderson of IDalchemy, George Fletcher, Nishant Kaushik, John Kindervag of Illumio, and Abhay Kulkarni of WideField Security!