Solving identity theft and fraud issues is of great interest to Liberty Alliance, and many solutions are offered in the standards and policy guidelines that have been published. This special interest group comprised of all levels of membership focuses on immediate solutions.
- Why did Liberty Alliance form the Identity Theft Prevention Group?
- How does the formation of the Identity Theft Prevention Group represent a “natural progression” of Liberty’s work in open identity specifications?
- Aren’t there other organizations already working to solve this issue?
- How will Liberty’s Identity Theft Prevention Group differ from what these other companies and organizations are doing in the identity theft space?
- Has Liberty always addressed the technology, policy and business issues of identity?
- What will Liberty’s Identity Theft Prevention Group do?
- What Liberty members are participating in the group?
- What organizations from outside of Liberty’s membership base are involved with the Identity Theft Prevention Group?
- How will Liberty accomplish its goals in curbing online identity theft by working with so many organizations?
- Do you need to be a member of Liberty Alliance to participate in the Identity Theft Prevention Group?
- Will the work of Liberty’s Identity Theft Prevention Group influence how Liberty currently develops specifications?
- How do Liberty’s federated identity specifications help in combating identity theft?
- How does Liberty’s work in federated identity help restore “trust” to consumers?
- How do Liberty specifications help consumers protect their privacy?
- What has the group accomplished to date?
Why did Liberty Alliance form the Identity Theft Prevention Group?
Identity theft is a critical concern to our members—many of whom have been working to address online identity theft and fraud for quite some time. The formation of the group represents a natural progression of Liberty’s work in developing open identity specifications and brings together the resources – both within and outside of our membership base — to attack the online identity theft problem aggressively and in a collaborative environment.
How does the formation of the Identity Theft Prevention Group represent a “natural progression” of Liberty’s work in open identity specifications?
Liberty Alliance is the only global body of vendors, consumer-facing companies, government agencies, and non-profit organizations focusing on all aspects of identity. Our 150 members have hands-on knowledge and experience implementing complex identity systems. We understand the technical and — more importantly — non-technical challenges associated with such implementations. We’ve got processes in place to pull together the various requirements to address ID theft and fraud and reconcile those requirements to meet broad demand.
Aren’t there other organizations already working to solve this issue?
Yes, there are many individual organizations doing valuable work in the online identity theft and fraud space. Some of these organizations are individual technology vendors, some are government and law enforcement agencies, and some are advocacy and consumer groups. But the online identity theft problem is too big and growing too quickly to be solved by only one vendor or by multiple organizations with limited scope and reach. Liberty Alliance has formed this new group with the belief that when the industry works together, the majority of online identity theft issues will be solved faster and on a broader scale.
How will Liberty’s Identity Theft Prevention Group differ from what these other companies and organizations are doing in the identity theft space?
Liberty’s identity theft group is about attacking online identity theft issues in a collaborative environment and from multiple fronts. The online identity theft problem is multi-faceted and brings new challenges to businesses and consumers almost every day. Addressing and moving to solve these issues won’t happen in silos. Identity theft impacts technology, policy and business practices and for identity theft solutions to work, they must be comprehensive. This is where Liberty’s identity theft group is unique – we are addressing online identity theft from a holistic perspective – combining our work in open identity specifications, privacy and business guidelines with the work of others in the industry to address the problem from a comprehensive and global perspective.
Has Liberty always addressed the technology, policy and business issues of identity?
Yes. Since Liberty was formed in 2001, it has continuously demonstrated success in analyzing broad market needs — and quickly driving solutions to meet those needs – by addressing identity from a technology, policy and business perspective. Liberty released its first set of technical specifications in April 2002 and regularly releases new specifications to solve a variety of identity issues. Liberty has tremendous depth in its membership to address technical challenges and is the only identity-focused organization that has an experienced policy team, which has released best practice and privacy guidelines. Our business expert group has always been focused exclusively on the business aspects of identity through guidelines, updates and case studies.
What will Liberty’s Identity Theft Prevention Group do?
Member activities are focused on developing comprehensive strategies and potential solutions to the online identity theft and fraud problem based on the information and experience all members bring to the group. The group is also working closely with other organizations — government agencies, advocacy and consumer groups and law enforcement agencies—to create a global network for delivering vendor-neutral information, guidance and best practices for combating the online identity theft problem.
What Liberty members are participating in the group?
Since Liberty approved the formation of the group, interest from across Liberty’s membership base has been enormous. The group currently has over thirty-five member organizations participating and includes representatives from Liberty’s management board and all of Liberty’s expert groups.
What organizations from outside of Liberty’s membership base are involved with the Identity Theft Prevention Group?
We’ve put a liaison program in place to encourage broad industry participation in the group’s activities. The goal of this program is to ensure that Liberty’s identity theft group is leveraging the work and accomplishments of many regional, national and global organizations working to provide education and solutions for identifying, reducing and solving the online identity theft problem. While we’ve begun working relationships with numerous groups from around the world, our initial focus in this area has been in developing close working relationships with organizations focusing on identity theft issues from both a consumer and business perspective.
How will Liberty accomplish its goals in curbing online identity theft by working with so many organizations?
Liberty has a track record of success when it comes to getting the job done in a multi-organizational and global environment. From day one, our greatest strength has been in working collaboratively with members and other organizations to deliver open identity solutions that solve real problems. This is the model we are applying to our identity theft group and one we believe will be effective in helping to solve the online identify theft problem on the widest possible scale.
Do you need to be a member of Liberty Alliance to participate in the Identity Theft Prevention Group?
While we are working with many global national and regional organizations to collaboratively attack the online identity theft problem, Liberty membership is required to actively participate in the identity theft workgroup. The group is open to all Liberty members regardless of membership level. Current participation spans across the entire Liberty Alliance membership base.
Will the work of Liberty’s Identity Theft Prevention Group influence how Liberty currently develops specifications?
Yes. From day one our mission has been to provide open, identity specifications and business guidelines for managing open, interoperable federated identity and we have always done this in a collaborative, vendor-neutral environment. This is the basis for our existence and will not change. We believe the recommendations of this group will positively impact our technical, policy and business work and we look for forward to that happening based on work stemming from the group.
How do Liberty’s federated identity specifications help in combating identity theft?
Federation offers businesses, governments, employees and consumers a secure and convenient way to control identity information. A federated network identity delivers the benefit of authentication and simplified sign-on to users by allowing users to “link” elements of their identity between accounts without storing all of their personal information centrally. This increases security and delivers better identity control. With a federated network identity approach, users authenticate once in a trusted environment while still retaining complete control over their personal information as they travel from site to site in the federated network. Equally as important, organizations deploying federation need to look at identity issues from multiple perspectives including the technology, business, policy and privacy aspects of identity management. This combination of technology and best practices for identity management is what federation is all about – addressing identity issues from every perspective and with user controls for privacy at the core.
How does Liberty’s work in federated identity help restore “trust” to consumers?
There can be no doubt that highly visible threats are causing consumers to hesitate before conducting e-commerce transactions. The online world is moving to a federated identity model because centralized and static identity solutions have proven to be ineffective at helping to eliminate many of today’s most pressing identity issues. Liberty’s open identity specifications have been developed based on the principle that consumers should 1) have choice in what personal information they share and 2) be able to give permission before data is passed on to others. Only when consumers have control of their personal information – from any fixed or mobile device — will trust in the internet be restored. Liberty’s open identity specifications are delivering these capabilities to consumers now.
How do Liberty specifications help consumers protect their privacy?
Liberty Alliance is the only identity-focused global organization that has a Public Policy Expert Group (PPEG), providing best practices and guidance on enabling privacy functionality within Liberty specifications. We address privacy in the specification development process. PPEG continuously invites input from policy makers and privacy advocates from around the world and all technology decisions are made to enhance privacy and make it easier to implement good privacy practices from both an organizational and consumer perspective.
What has the group accomplished to date?
The group was formed in mid 2005 and has already achieved a lot in terms of a common ground for understanding identity theft issues. We’ve held two identity theft work shops with global participation from the consumer, government and enterprise sectors, released an identity theft matrix and an Identity Theft Primer, the industry’s first whitepaper to explore the various types of identity theft and possible mitigating strategies. This widely acclaimed document, Liberty Alliance Whitepaper: Identity Theft Primer is available for download. The work of the group is ongoing and we’re happy to be moving forward so quickly.