Dr.-Ing. Torsten Lodderstedt is CTO of yes.com, a startup building an identity scheme for banks and their customers. Before joining yes.com, he served for a decade in different roles at Deutsche Telekom’s identity team, building and operating large-scale consumer identity services. In his previous positions as consultant and IT architect, he helped customers in several domains (public, banking, railway communication, telecommunication) to implement highly scalable and secure applications. Torsten Lodderstedt received his Ph.D in computer science from Albert-Ludwigs University in Freiburg. Torsten regularly contributes to OAuth & OpenID with a focus on security and architecture. For example, he was editor of the OAuth Security Threat Model (RFC 6819). Currently, he is editor of the OAuth 2.0 Security Best Current Practice (draft-ietf-oauth-security-topics), contributes to OpenID Foundation's FAPI working group, and helps ongoing API standardization initiatives, especially in the PSD2/Open Banking & Electronic Signing spaces, to effectively use OAuth.