Johannes Harkema (Experian)
Scott Shorter (IAWG Vice-Chair)
Matt King (SAFE-BioPharma)
David Simonetti (SAFE- BioPharma)
Richard Wilsher (Zygma)
Matt Williams (Exostar)
Colin Wallis and Ruth Puente (KI)
1. Welcome and Roll Call
2. Internet2 Update
3. Kantara Identity Assurance Working Group Update
4. SAFE-Biopharma Update
5. NIST and FICAM Updates
6. Open Mic
Incommon/Internet 2 Report
SAFE Bio-Pharma Update
- No further news from NIST.
- They also noted that the "authoritative sources" requirement is a challenge.
- They have seen interest from companies to be certified against 800-63-3. There seem to be a requirement from the Insurance, Banking and Healthcare industries on 63-3 compliance.
- Regarding AL2 minus, there have seen interest on something in between AL1 and AL2.
NIST SP 800-63-3
- Scott Shorter provided the link to NIST FAQ: https://pages.nist.gov/800-63-FAQ/
- Matt Williams commented that as they do not have a regulatory requirement or use case they still do not have a specific strategy towards 63-3.
- Colin Wallis proposed to have updates from CSPs on the TFS Sync. Matt King added that he would be interested to hear the CSPs market perspective.
- Matt Williams added that he would like to share an update from Exostar but also hear from those CSPs that are certified by Kantara, in particular those who has been certified on 800-63-3; and from those who make B to G or C to G and what success they are having with Federal Agencies.
- JJ Harkema said that they would be happy to share updates and lessons learned after they get certified on 63-3.
- Matt Williams shared an article from Washington Post about Banks and identity verification: Banks Have a Solution for Their Identity-Fraud Woes: The DMV Identity verification, a perennial problem for banks, has taken on greater importance in the digital age
- Add to the agenda an item to include CSPs updates.