Regular updates from our Work Groups

Anchored Notice & Consent Receipt WG

February 28 2023 Chair: Salvatore d’Agostino

On 20th February, our Anchored Notice and Consent Receipts Work Group (ANCR WG) celebrated the 5th anniversary of the publication of the Consent Receipt Specification v1.1

This is now an integral part of multiple ISO standards and has been adopted by developers and service providers around the world. We are currently extending this work to meet the challenges of an evolving, decentralized identity market.Ā  Our current efforts focus on providing an ā€˜Open Source Notice Controllerā€™ credential which will include Transparency Performance Indicators (TPIs) to measure the transparency, privacy and security of individual data controllers.

This credential and its performance indicators are widely applicable across sectors but are particularly relevant to regulated activities such as banking, healthcare, and ā€“ importantly, in the case of automated decision making ā€“ to the use of AI in the delivery of identity and access services.

The work of the ANCR WG is relevant to several national and global initiatives including the CoE 108+ protocols for the protection of individuals with regards to the processing of their personal data, adopted by 47 countries including 28 EU members. The WG submitted comment to rulemaking at the US Federal Trade Commission and is preparing a response to the current Request for Comment by NIST on SP 800-63-4 Digital Identity Guidelines Ā 

The Open Notice Controller Credential and TPIs address key areas of interest to NIST including advancing equity. Ā This includes expanding the risk management framework to measure the impact of digital identity adoption on individuals. It considers any equity implications in terms of individual control or increased risk exposure. The approach also provides optionality and choice with notice and consent receipts that can be used independently of service providers. Our work also helps to deter fraud and advanced threats through actionable co-governance that allows people to be involved personally in managing their data security.

Join us as we engage with innovators and standards setters in identity assurance for people. Ā We welcome new contributors and participation in the Work Groups, it does not require membership in the Kantara Initiative. Visit ANCR WG or Kantara Wiki for more information.

Identity Assurance Work Group

March 1 2023 Chair: Andrew Hughes

IAWG continues to bring together contributors to Kantara’s assurance framework which underpins the Kantara Trust Framework program. ID proofingĀ and authenticationĀ providers,Ā as well asĀ assessors convene to discuss, clarify andĀ improve the framework documents.Ā 

At present, IAWG is focused on analysing, and providing feedback on, NIST SP 800-63 v4 draft.Ā The four volumes of 800-63 are being updated, with potential impact to Kantara’s approved CSP vendors. We will assemble a comments package to submit to NIST for consideration, by the deadline of March 24th, 2023.

Later in 2023, IAWG will work on updates to our Service Assessment Criteria to match the updated 800-63 Digital Identity GuidelinesĀ as well as initiatives related to Diversity, Equity and Inclusion (DEI) in relation to the Identity space.

If you work with ID proofing/verification providers or authentication/authorizationĀ providers and wish to gain insight into how those services fulfill requirements, please join our weekly calls. Just complete theĀ Group Participation AgreementĀ to get set up.Ā