Gearing Up For 2020
2019 has been a very busy year in identity, and the proposals we’ve seen come in for the Identiverse® 2020 Call for Presentations—which is still open until January 10—suggest that 2020 is likely to follow suit. Here are a few general trends that I think we can look forward to.
Privacy and Consent
This has been a major topic throughout 2019, and it looks like the buzz will continue into 2020. GDPR is taking root, the CCPA comes into force on January 1, 2020, the Brazilian General Data Protection Act (or Lei Geral de Proteção de Dados (LGPD) in Portuguese) goes live later in the year… and there’s plenty of other regulatory activity underway around the world.
Consumer awareness of data privacy is also on the rise, and consumer-facing organizations have been responding with new product and service designs and in how they market and promote their offerings.
Meeting customers’ expectations and satisfying regulatory requirements requires a solid digital identity foundation. The whole area of privacy and consent will be a focus for the foreseeable future.
Identification and Verification
Earlier this year, the World Wide Web Consortium (W3C) approved a charter for a new working group to standardize the data model and syntax of decentralized identifiers (DIDs). A few weeks ago, the W3C separately approved the Verifiable Credentials Data Model 1.0 as a recommendation.
Meanwhile, the Better Identity Coalition, Good ID, the World Economic Forum (through their Platform for Good Digital Identity) and many others have been increasingly active in trying to get investors and policymakers aligned around how we deal with identification in the digital world.
These activities will all have a significant impact on how we build, design and deploy our digital identity systems and processes. It’s still too early to know exactly what the implications will be, but there’s momentum here as we go in to 2020.
Authentication … Authorization?
2019 was a big year for authentication. Among other things, we saw Android and Windows Hello achieve FIDO2 Certification, FIDO Biometric Certification for the Samsung Galaxy Ultrasonic Fingerprint System and the WebAuthn specification reach Recommendation stage with W3C.
With good standards in place and compliant implementations widely available, deployments are now a focus. In the financial services sector, the deadline for the Strong Customer Authentication requirement of PSD2 has been pushed back to the end of next year, but we’re certain to see lots of strong authentication activity continuing through 2020.
And don’t take your eye off the authorization ball either! Things have been a little quiet in this area, but there’s increasing activity from a standards perspective with work going into UMA and XYZ.auth, along with active discussion within the oAuth working group about the evolution of that standard.
These are just some of the things that I’m excited about going into 2020, but there’s sure to be more that bubbles up after the New Year kicks off. If I didn’t capture your favorite topic here, or if you think there’s an area of activity in the Identiverse that’s not getting enough attention, go ahead and put in a proposal to the Call for Presentations!View More Posts