Market development for such a service is challenging for the important merchant cadre of relying parties. In a study conducted by the Merchant Risk Council on the value proposition of universal authentication, major e-commerce merchants raised a number of concerns, including:

• The high cost of implementation, when compared to more pressing business optimization efforts, would be unjustifiable until a critical mass of consumers were enrolled
• The outsourcing of liability to an unproven third-party platform, performing a technically and legally untested role, was met with considerable skepticism.

From this point of view, why should routine transactions need to invoke a third party in real time to negotiate, on their behalf, the required set of attributes when they are already satisfied through existing relationships and agreements? While federation promises less friction for new customers, it’s an illusion when the implicit complexity of the new arrangements is so novel, it cannot even be quantified.

Fractional identity

Humans exercise different identities in different contexts. In business, personal and family settings, we behave and engage with others in distinct ways. What this means in the digital world is we disclose different identity elements to different parties. It all depends on what we need to know about someone to be able to transact with them.

For instance, a merchant may not need to know much more about you than your credit card number. Conversely consumers know which payment card they prefer to use and at which shop. Similarly, if you’re at a health care site, the server wants your health plan identifier; if you’re at a liquor store, the clerk wants your anonymous proof-of-age and your money. In each case, only a fraction of one’s “identity” is needed to legitimize a transaction and the context – encompassing physical location, virtual location, or even the software you’re running – determines which identity fraction exactly matters.

In cold hard reality, relying parties set the rules of transaction engagement, because they bear most of the risks of misidentification. For example, if you’re a doctor logging onto an e-prescribing site, you must have a medical certificate or you don’t get in. A merchant may opt not to accept American Express cards. That’s non-negotiable for the customer because it’s the relying party’s prerogative to set the rules.

In each case, well-understood identity assertions are in play. Therefore, we propose a re-orientation toward more achievable initiatives based on the concept of “fractional identity,” a context-specific approach that encourages broader usage of existing identity elements for use cases with broadly similar risk profiles.

Fractional identity recognizes the utility of the many elements we have today and leaves the heavy lifting of credentialing in the hands of those already doing it – financial institutions, federal and state agencies, health care providers, etc. We would encourage use case expansion via natural financial incentives.

We’re advocating minimal change to the current bilateral relationships because stepping up to a multilateral exchange is such a huge change. Most business IDs today are issued by relying parties for use in closed arrangements. The closed nature of these approaches confers resilience and utility, provided authentication methods are not confused.

Rather than forcing all participants to confront, individually, the legal hairball of outsourced liability, fractional identity lets participants carefully unpack what assertions are implicit in today’s “identities” and assemble useful attribute sets instead. With granular access to the authentication signals involved with a given transaction, relying parties remain in control, rejecting signals with uncertain provenance or inadequate strength, such as a software-based authentication token when relying party policies demand hardware.

Defining the attribute bus

An Attribute Bus is a set of Application Programming Interfaces for exchanging information about identity assertions. Authoritative sources of truth provide standardized responses to queries from relying parties about given attributes; the responses can be in the form of privacy-protective binary – yes/no – or they can provide a measure of confidence in the accuracy of a bundle of attributes.

Attribute Providers feeding into the bus will include government registries, license authorities, professional associations, employers, financial institutions, credit ratings agencies, and business intelligence brokers. The attribute brokering business will be made contestable through the bus, with different providers offering to verify various ensembles of attributes, and bundling other e-services.

To tackle the problem of redundant identities, we advocate for component claims, attributes, and data signals to be shared. If an organization knows something specific about me, my delivery address for example, as a result of them “identifying” me, then that organization can vouch for that signal to other relying parties. And get paid for it. Across this attribute “bus” relying parties are able to acquire the signals required for the transaction.

Financial institutions, state and federal governments, health care organizations, insurers and others are natural providers of these signals. There is going to be just one natural authority for assertions like driver license number or health ID; others might be provided by brokers or intermediaries, in the same way as financial metrics based on raw registry data are packaged, value-added and resold. Moving organizations into this new line of business – and it is a business – is the hard part. Financial institutions are not yet viewing their “know your clients” records as assets with ROI potential.

Unlike data-centric, cloud-based approaches with their inherent privacy concerns, a lightweight service enables the relying party to interrogate the attribute provider through the service via simple yes/no queries. Is this Steve’s shipping address? Is this card credential associated with George’s bank account?

Notice that this model does not require the outsourcing of trust relationships or risk. Nor does it require personal data to be centralized by an identity service. Instead it leaves relying parties free to construct identities for their customers and partners from different signals relevant to them.

From here, it is possible to construct a subject-centric model where individuals are able to manage and release their personally identifiable information on a permission basis as opposed to leaving its use up to the business purposes of a central provider.

Major questions remain

Defining Fractional Identity

Federated identity efforts have long tried to share abstract identities across organizational boundaries. The trouble is that the way you are known in one context is not exactly the same as in any other context. Subtle variations in risk and relationship management create untold complexities. On the other hand, the elemental identity assertions that go to make up identities – given names, addresses, ID numbers and so on – do tend to have the same meaning across multiple settings. Therefore we propose “fractionating” identities into different component attributes and federating those.

Even the simple expansion of authentication services is nothing simple. The marketplace is just beginning its exploration of the economic incentives required to encourage behavior change, and new business exploration, by financial institutions and other candidate attribute providers.

Other questions include:

• Can a heterogeneous approach evolve in the face of the data-driven identity monocultures envisioned and managed by the largest Internet properties?
• Will consumers be willing to have packets of their Personally Identifiable Information traded as authentication signals, explicitly, in exchange for services from the internet giants?
• Will consumers be willing to shift from today’s opaque, one-sided bargain for Personally Identifiable Information to a transparent negotiation?

What is certain is that there is room for improvement between today’s hard-edged closed approaches and the Open Identity Exchange über framework. Evolution of closed approaches into new application niches is certainly more achievable than the construction of an entirely novel ecosystem. Attribute services, strengthened by creative use of authentication based on dynamic data, represent an evolutionary step that cannot be skipped in the far more risky, and expensive, pursuit of a complex framework.

At the very least, what is achievable in the next five years will do two things. It will provide new levels of privacy and security while opening up new markets for attribute exchange. As important, it will inform decision making for the next round of security infrastructure investment.

About the authors
	George Peabody is a payments industry consultant with Glenbrook Partners focused on digital identity, mobile commerce, and payment security.  George brings 10 years in payments technology and 25 years in IT and entrepreneurial management to help clients with strategy and market development. George is also a Certified Smart Card Industry Professional / Payments (CSCIP/P).
	Stephen Wilson is principal at Lockstep Consulting, providing advice in all aspects of identity management. For the past 17 years he has helped organizations in government, health care and banking throughout the Asia Pacific establish authentication systems including Australia’s emerging national authentication frameworks, including the Gatekeeper PKI, the National Smart card Framework, the National Electronic Authentication Council and the Law Reform Commission’s Emerging Technology Advisory Committee.

---

Related articles:

What is an identity ecosystem? The future of credentialing in the U.S. government Feds fund digital ID