The traditional identity lifecycyle—registration, credential and device management, provisioning, authentication, authorization, consent, self-service, and deprovisioning—hasn't changed much in the last 10–15 years from the end user's perspective. This user journey is still "one size fits all". Attackers understand this, and use it to their advantage, by crafting fake sites and authentication requests. The industry's response has been to make the user's experience more complex, introducing friction into the process. This creates usability, supportability and privacy issues.
This session will present a vision of a highly personalized user experience. We will explore the use of existing and emerging technologies, like Machine Learning, to deliver secure, easy to use, but manageable lifecycle flows that honor the end user’s privacy.
It will address the pros and cons for both end users and service providers, and highlight why identity personalization is an achievable and desirable future for our industry.