DID Conference Korea 2022 Recap – Identity Proofing, Passwordless Sign-in and User-friendly Digital Identity

IdRamp recently presented at DID Conference Korea 2022. The mission of the event was to bring together leaders from across the decentralized identity community to review the latest trends in self-sovereign identity and verifiable credentials. Keynotes and speakers shared their insights on topics such as community standards, governance, regulation, and the growth and adoption across the enterprise market.

IdRamp CEO, Mike Vesey and COO Karl Kneis, presented a session titled “How to overcome hurdles of existing authentication market with DIDs,” where they discussed the technical and business obstacles that exist and how finding a way to bring products out of the pilot and POC phase is what will start getting adoption happening sooner and faster.

Key points included:

DID Orchestration: Enterprises are constantly being presented with new identity and access management solutions, usually when they are either in the middle of building an identity solution project, planning for an identity solution project, or trying to figure out how to unwind their previous failed identity integration project. Decentralization is perceived as the natural enemy to existing traditional legacy systems. We must overcome this misconception, and focus on the ability for a decentralized system to orchestrate and protect the use of existing identity sources, how it can future-proof infrastructure to quickly deliver new services, and focus our messaging on the fact that decentralization is not another rip and replace platform. It is a new business strategy that improves existing IT strategy and investments.

Interoperability: Interoperability brings the ability to work with legacy systems and makes it easy for an organization to adopt decentralization. It is essential to decentralized identity to have interoperability among vendors and solutions, but some of the biggest players in the industry have created their own centralized solutions with decentralized identity around the edges. This approach creates more silos that hinder innovation and evolution. Decentralization can move a step beyond traditional identity standards, where general specifications have many flavors among vendors. DID interoperability must operate like electricity. Just plug and play without customization or variability.

Governance: Many enterprises have rigorous IT governance architectures and procedures that they are heavily invested in. C-suite IT leaders cannot justify investment in a brand new governance model just for decentralized technology. This is a major point of confusion with DID adoption. Fortunately, DID governance can easily be retrofitted into existing IT governance models. We have to focus on helping adoption, explaining how we are going to make their life better, and how legacy systems can become more powerful, more portable, and more secure.

During the presentation, Mike also spoke about communicating the value of decentralized identity to a c-suite audience saying, “With everything we do at IdRamp, we consider how an enterprise is going to adopt this technology into what they’re already using without ever seeing a forklift. We don’t want to ever give the perception that this is a heavy lift. If they have a source of authority for identity, I don’t care if it’s an excel spreadsheet or active directory or what it is, we need to provide a way that they can decentralize it.” Mike went on to say, “We need to provide a way that they can issue a credential based on this authoritative source, that they like, and use every day. We need to provide a way to allow them to complete digital verification without centralized backhaul of that system.”

“It is imperative that we understand and appreciate their digital experience flow and augment it with decentralization. We need to have dynamic delivery of those flows to achieve the best possible experience. This comes back to ID orchestration.”

The presentation focused on the keys to mainstream DID adoption:

• Focus on practical business value
• Better data protection vs debates on the value of decentralized/centralized systems
• Stronger Zero Trust security vs details on blockchain, DIDs, and, ZKPs and ledgers
• Easy password elimination and superior privacy vs sociological discussion on SSI and data economy
• Trust as strategic brand advantage vs a long walk into new governance operation
• Verifiable Credentials to accelerate service delivery and reduce cost of IAM
• Optimize existing systems incrementally vs replacing them

Mike went on to describe a real-world example of how a solution like this could be communicated to a client, “Let’s say we issue a credential based on their active directory. Then we configure DID verification on their most active service– maybe it’s email, maybe it’s the intranet site, Workday or Salesforce…that service is hit really hard at 9:00am in the morning when everybody checks into the office. What if we issued a verifiable credential to each of the employees to access that service, without backhauling verification traffic to the centralized identity management system. That identity management system was taking several hundred thousand verification requests between 9:00am and 9:30am everyday.”

“What if we can get rid of that? What if that traffic never sees the identity management system? We can do that today with DID. We can provide tangible cost reduction by offloading that burst traffic across a decentralized network for a more secure verification process”

“Large multinational organizations are fighting these challenges and it’s massive. Decentralized identity can satisfy verification more securely than backhauling a user to a username password process. We can go one step further and disconnect that identity management system from public internet access to increase security. We can help customers save money and reduce load on their identity management systems. This provides real measurable business value. Those are the things we need to focus on.”

Mike concluded the presentation by advising attendees to continue to focus on driving the business value of decentralized identity by communicating on how the technology is ready today and how adoption leads to improved cost management, service delivery, friction reduction, process improvement, data security and cost savings.

Watch the full video recording

About IdRamp: Digital identity orchestration for a multi-cloud, decentralized, Web3.0 world