[Log In] []

Exploring the science and magic of Identity and Access Management
Friday, July 19, 2024

Identify Verified by miiCard

Author: Mark Dixon
Wednesday, March 20, 2013
9:41 pm

This evening, I stepped through the process of having my identity verified by miiCard. The process of establishing an account, verifying my identity, linking to my online accounts and posting a badge on my blog took about 30 minutes. Not too bad. You can click on my badge on the right to check the extent of my verification.

It will be interesting to learn how I can leverage this in the future.


Identity Hardness – Do You Need Talc or Diamonds?

Author: Mark Dixon
Wednesday, June 15, 2011
4:56 pm

I had an interesting Twitter conversation recently with @steve_lockstep and @NishantK about Identity Assurance.  It began with Steve’s comment about how Facebook identities were of little worth, unfit to use with valuable transactions.  Nishant suggested that most Relying Parties (RP’s) are content with “soft” identities that have to with personal likes and interests, while significantly fewer RP’s rely on “hard” identities.

Nishant’s observation about “hard” and “soft” identities made me think of the Mohs Mineral Hardness Scale, which assigns an “absolute” hardness value to different minerals.  Wikipedia’s article uses the following table to illustrate this concept:

Mohs Hardness Scale

Perhaps we could suggest a corresponding mineral and hardness value to each of NIST’s standard four Levels of Assurance (LOA) shown in the following table.

Levels of Assurance

Steve stated on Twitter that “I’m preoccupied with hard identity: doctors, lawyers, bank accts, patients”: scenarios where Facebook just doesn’t work. We could say that Steve is dealing in diamonds (level 4), but Facebook only offers talc (level 1).  Having a tangible example helps illustrate the somewhat ethereal LOA concept.  And over time, perhaps we can come up with a more definitive way to measure just how hard a particular Identity Assurance process really is.

As a parting thought: I have suggested minerals match NIST Assurance Levels 1 and 4.  What would you suggest for the other two?


Tru.ly Identity Verification – Strike 1

Author: Mark Dixon
Thursday, February 24, 2011
5:00 pm

imageOver the past few years, I have been intrigued with the subject of Identity Validation – being able to determine, which a high degree of confidence, that a person is whom he says he is, prior to issuing Identity credentials to him.

Today, I became aware of Tru.ly, that promises to “[maximize] personal privacy by providing users with a single, verified identity on the internet.”  A lively Twitter conversation among Identity experts @dak3 @NishantK @paulmadsen and @iglazer convinced me that I should check it out.

But alas, when I tried to join Tru.ly (twice), I got this nasty error message:


My only comment is ARRGGGGGH! I guess I’ll try again tomorrow to join the latest service that promises to save the world.

Comments Off on Tru.ly Identity Verification – Strike 1 . Permalink . Trackback URL
Copyright © 2005-2016, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.