Report Finds Liberty Alliance Standard Helps Financial Institutions Extend Trusted Relationships and Enable New Online Businesses Independent study sponsored by leading banks and industry vendors demonstrate SAML and Liberty Alliance ready to meet banks’ business needs San Francisco, CA – July 9, 2003 (Catalyst Conference) – The Liberty Alliance specifications for federated network identity are the subject of an independent report issued today by the Financial Services Technology Consortium (FSTC) examining how financial institutions can best make use of identity management and today’s leading open standards. The report concludes that the Liberty Alliance specifications and OASIS’ Security Assertion Markup Language (SAML) provide financial institutions with a standardized way to extend trusted relationships with customers and employees to third-parties, thus enhancing protection from fraud, network attack, and scrutiny compared to other proprietary solutions. It also concludes that the two leading open standards, SAML and Liberty Alliance, can enable new types of online businesses and streamline access to existing Web-based products and services. FSTC’s Identity Management in Financial Services: An assessment of the Liberty Alliance and SAML specifications report provides an introduction to Liberty Phase 1 and SAML, and assesses their ability to meet business requirements of common financial service scenarios. The report details scenarios for employee single sign-on (for outsourced employee services), business-to-business single sign-on (for supply chain management), and account aggregation. It also provides general recommendations on the future of identity management and open standards in financial services. “Identity management is an important priority for financial institutions,” said Mike McCormick, a contributor to the FSTC report and Wells Fargo systems architect. “Single sign-on is just the beginning. Deploying SSO functionality will drive additional requirements for attribute sharing in order for banks, insurance companies, brokers or others in the industry to deliver more personalized services to their users. Liberty’s first set of specifications and future work is playing an important role this area.” Beyond the technology discussion, the study references Liberty’s work in mitigating common business problems associated with establishing circles-of-trust, such as providing guidance on bilateral business agreements, which vary extensively among companies. “As the Liberty Alliance expressed in our recent Business Guidelines paper, network identity is just as much about business considerations as it is about technical specifications,” said Michael Barrett, president of the Liberty Alliance management board and vice president of Internet strategy at American Express. “Hammering out privacy and regulatory compliance, service level agreements, business roles and best practices is critical as we reach the deployment stage of identity-based services. This study supports Liberty’s commitment to understanding the complex nature of identity deployment, especially in a trusted industry like financial services.” Sponsors of the report include Citigroup, Fidelity, JPMorgan Chase, University Bank, Wells Fargo, Digital Resources Group, eONE Global, Niteo Partners (an NEC Company), Hewlett- Packard, Sun Microsystems and Yodlee. An executive summary of the report is available on the FSTC web site at http://www.fstc.org/projects/liberty/executive-overview.pdf About Liberty Alliance Technology About FSTC About the Liberty Alliance Project ### |