Marcos Carretero

Solution Architect; MC Solutions Inc
Marcos Carretero is a solution architect with over 15 years of experience leading development projects with the Province of BC. Marcos has been leading the development team in building authentication services involving the BC Services Card since 2011. Marcos has extensive experience with identity standards and technologies including SAML, OpenID Connect, and JOSE, and works with both web and mobile technologies.

Marcos's Session


Wednesday, June 26
11:00 - 11:25 am
Monroe
Use of standards and open source in provincial identity solutions
The Province of British Columbia has been on a journey towards enabling convenient and secure citizen access to digital services. A new Provincial identity credential, known as the BC Services Card, was established, first issued in February 2013, and has now been issued to all eligible B.C. residents (~4.7 million). The BC Services Card contains an EMV contactless chip; the B.C. identity team started with building an authentication service for NFC card readers for citizens’ laptops. Then we built an Android app that could act as a card reader. But we also needed a solution for iPhones and iPads. We waited and waited for Apple to allow NFC… We explored the idea of building a mobile app as a credential, in place of a card. Easy, right? We just needed to issue private keys to each mobile device in the Province. Without deploying an enterprise MDM to citizens’ devices. On a short timeframe. Developing the first mobile apps within the Province. We figured it out! We met the business need and developed really cool apps that we launched in 2018. We will tell you about our journey of how we designed our solution. How our mobile apps and servers exchange information to register credentials (devices) dynamically and securely, authenticate and authorize credentials for use with the server, and represent and interpret claims and assertions securely. We will tell you about how open standards and open source helped kickstart our solution, and how others in the Identity community supported us.

Enter your details to receive email updates from Identiverse