Identity Deployment of the Year Awards
Liberty Alliance Announces Winners of the 2007 IDDY Award
San Francisco, California, USA. Liberty Alliance. September 25, 2007.
Liberty Alliance, the global identity consortium working to build a more trusted Internet for consumers, governments and businesses worldwide, today announced winners of the 2007 IDDY (Identity Deployment of the Year) Award. This year Liberty Alliance awarded four IDDYs recognizing digital identity management applications built using Liberty's open, privacy-respecting and proven interoperable identity specifications. Winners were announced at DIDW 2007 where eBIZ.mobility, the New Zealand Government, NTT Labs and Rearden Commerce were awarded the 2007 IDDY. A photo of the Liberty Alliance IDDY Award is available at:
"From applications that put users in better control of their identity information to deployments requiring the highest degree of security and privacy protection, the IDDY recognizes individuals and organizations that are solving real world identity management challenges based on specifications from Liberty Alliance," said Roger Sullivan, president of the Liberty Alliance Management Board and vice president of Oracle Identity Management. "eBIZ.mobility, the New Zealand Government, NTT Labs and Rearden Commerce are among the organizations around the world implementing Liberty-based solutions users can trust for conducting more secure and privacy respecting online transactions."
IDDY Award nominations are evaluated based on criteria that include the benefits applications deliver to users and organizations; the ROI the application is demonstrating; and how the solution may successfully address identity issues such as reducing identity theft, meeting regulatory requirements or providing users with increased security and privacy protection. The program includes an emerging applications category to showcase up-and-coming Liberty-based applications and proof-of-concepts that are driving the next generation of secure and trusted digital identity management solutions.
2007 IDDY Award Winners
eBIZ.mobility provides unique digital content payment processing, called OneTouch Online Purchasing, for banks, telecom service providers and digital content providers that is suited to the 'open garden' model of consumer Internet browsing. OneTouch Online Purchasing allows online purchasers to charge digital downloads such as music, videos, games, ring tones and more directly to an existing account at their phone company, VoIP provider, mobile operator, bank or Internet service provider.
Deployment: eBIZ.mobility is working on this solution, which is offered as a payment option for consumers, with several organizations, including Bankinter, S.A. in Spain; Javien, Inc, the 'online shopping cart' that is used by content sites such as Azureus, BearShare, MySpace Music, iMesh, MTV Networks URGE, and others; as well as local payment and mobile partners. The solution requires all four entities involved in every transaction (Billing Provider, Consumer, eBIZ.mobility, and Merchant) to validate and authorize a purchase.
Highlights of User Benefits: Users of the system only need to register once when making purchases with their preferred online provider, with whom they already have a service and billing relationship. Only the trusted service provider is aware of the purchaser's identity, thus creating a more secure and privacy-respecting environment without fear of identity theft and credit card fraud.
Highlights of Business Benefits: Utilizing merchants can accept payments from their customers without the need for a credit card merchant account and without the border limitations of other payment options. The solution increases revenues, improves customer satisfaction and 'stickiness' and allows service providers to easily reach a variety of new demographics, some of whom may not have a credit card.
Interoperable Federation Technologies: OneTouch Online Purchasing is based on SAML 2.0 and Liberty Alliance specifications to ensure interoperability and a high level of identity assurance within the federated system.
The New Zealand Government
The New Zealand Government is developing a user centric framework to better utilize the Internet to meet strategic eGovernment transformation goals. Led by the State Services Commission, the project has a working title of GOAAMS (Government Online Attribute Assertion Meta System) and is being developed to enable every citizen and participating organization to use the authoritative data held about them online and in real-time, rather than having to repeatedly submit the same information across government systems. GOAAMS is being developed with input from a wide range of government agencies and international experts.
Deployment: The application is being developed primarily for people and organizations that want to interact with all levels of government in New Zealand, irrespective of their global location. Inclusion of the private sector on both the provider and consumer sides is currently being examined.
Highlights of User Benefits: GOAAMS offers citizens the convenience of being able to request and control the sending of authoritative information as well as quicker and more consistent government services and entitlement decisions within a secure and privacy-respecting framework.
Highlights of Business Benefits: Participating organizations can access authoritative information in real-time and directly from the source. This leads to reduced compliance costs for businesses, lower operational costs and reduces risks by avoiding paper documents as a secondary source of information.
Interoperable Federation Technologies: The proposed GOAAMS framework requires unprecedented levels of product interoperability to be economical and easy to deploy. The project will use SAML (v2 at present) and Liberty Web Services (ID-WSF).
NTT Labs has developed SASSO, a personal Identity Provider that enables users to single-sign-on to a PC and leverage the strong authentication capabilities of the mobile phone to conduct a wide range of secure identity-based transactions. SASSO uses the increasingly ubiquitous mobile phone as an Identity Provider (IdP) to allow users to access a Service Provider (SP). Once authenticated by their own mobile phone, the IdP on the mobile phone issues a SAML assertion signed by a private key and sends that assertion to SPs. The application drives strong authentication into online transactions and leverages the convenience and privacy capabilities of the mobile phone to allow users to better control their own identity information.
Deployment: The application is currently targeted to the mobile industry by leveraging the FirstPass Digital Authentication Service of NTT DoCoMo, but the solution can be applied to any segment and region where strong authentication is required.
Highlights of User Benefits: SASSO is easy to use, leverages the mobile phone many people already have and does away with 'token necklace' problems currently associated with many strong authentication solutions.
Highlights of Business Benefits: SASSO helps mitigate security risks and increases opportunities for deploying security sensitive services by easily implementing strong authentication. The solution reduces the time and costs of deploying new services and helps reduce customer churn.
Interoperable Federation Technologies: To realize a 'plug and play' usage model, universal interoperability among the implementation of SPs is important. By leveraging the mobile phone as an identity-aware client, SASSO demonstrates a convergence of the OpenID, Cardspace and SAML styles of user-centric identity management.
Delivered as Software as a Service (SaaS) to more than half a million employees in six hundred companies, the Rearden Personal Assistant leverages federation technology to help users find and purchase the services they need based on their preferences and company policies. As users schedule travel, dining reservations, corporate entertainment, package shipments, web conferences and other services, the Rearden Personal Assistant automatically updates their calendars and notifies them of any changes.
Deployment: Rearden Commerce's initial deployment of PingFederate went live on July 9th 2007 and within one month Rearden Commerce federated with 15 companies supporting 10-20 percent of all user sessions. Rearden Commerce's fast-growing customer base spans the pharmaceutical, financial services, high-tech, energy, and consumer products industries.
Highlights of User Benefits: Federation allows users of the Rearden Personal Assistant to maintain control over their credentials, easily collaborate with others and securely purchase services from a network of more than 137,000 service merchants. With a single login and password, employees enjoy instant, secure access to the services and company resources they need to do their jobs.
Highlights of Business Benefits: Through the use of federation technology, organizations deploying the Rearden Personal Assistant rapidly achieve high levels of user adoption. By making it easy for their employees to find and buy services from preferred providers offering negotiated discounts, organizations typically save 20-30% on the services purchased through the system.
Interoperable Federation Technologies: Rearden Commerce exposes SAML and WS-Federation endpoints with the Rearden Personal Assistant relying on PingFederate for multi-protocol support and proven interoperability.
About the Liberty Alliance IDDY Awards
Now in its second year, the annual IDDY Awards program is designed to shine a spotlight on identity applications built using Liberty's open identity specifications. Recipients of the 2006 IDDY were EduTech, deploying Liberty Federation within New York State educational agencies; Deutsche Telekom AG (TCom, Business Unit T-Online), deploying Liberty Federation reaching nearly 12 million customers in Germany; and the UK Government Authentication Gateway, which provides eGovernment services to nearly 8 million citizens. More information about the IDDY including this year's panel of judges and judging criteria is available at:
About Liberty Alliance
Liberty Alliance is the only global identity organization with a membership base that includes technology vendors, consumer service providers and educational and government organizations working together to build a more trusted Internet by addressing the technology, business and privacy aspects of digital identity management. The Liberty Alliance Management Board consists of representatives from AOL, Ericsson, Fidelity Investments, France Telecom, HP, Intel, Novell, NTT, Oracle, and Sun Microsystems. Liberty Alliance works with identity organizations worldwide to ensure all voices are included in the global identity discussion and regularly holds and participates in public events designed to advance the harmonization and interoperability of CardSpace, Liberty Federation (SAML 2.0), Liberty Web Services, OpenID and WS-* specifications. More information about Liberty Alliance as well as information about how to join many of its public groups and mail lists is available at www.projectliberty.org.
Prepared by Robin Cover for The XML Cover Pages archive. See also: (1) "Security Assertion Markup Language (SAML)"; (2) "Liberty Alliance Specifications for Federated Network Identification and Authorization."