Abuse of “digital identity” is a key factor in phishing, identity theft, on-line fraud, and other types of cybercrime, as well as many off-line crimes including terrorism. A robust, secure, usable, scalable, and eventually pervasive digital identity infrastructure will be a major step in preventing such crimes. Such an infrastructure would encompass

• enrollment of users into the infrastructure with a defined level of trust,

• secure authentication of enrolled users before granting digital credentials for access to resources, and

• an IT infrastructure that uses those credentials to permit only the actions allowed for that user.

Since such a strong use of digital identity has the potential for abuse of private information, that infrastructure should also provide controls on what information is shared with different entities.

Various elements of such digital identity systems have been deployed, and broader systems concepts have been proposed or are in development. Large corporations often have such a system to allow employee access to internal resources. A few financial institutions provide such a system for client access to their accounts, using multi-factor authentication technologies. But large scale use of such systems that cross institutional boundaries does not seem to be gaining traction. What are the issues that are holding this back? Technology, cost, usability, scalability, cross institutional trust models? The goal of this workshop is to examine the issues and technologies that will foster the development and deployment of digital identity systems, with a focus on the system and infrastructure level, not point technologies.

This was an interactive workshop which brought together leading experts on the impact of the digital identity systems problem; developers of recently proposed solutions; and researchers exploring new directions for such an infrastructure and recent progress in the area. The workshop included a panel session with invited representatives of the financial community and major identity infrastructure proponents to discuss what is needed to foster future progress in deployment of digital identity systems in the financial sector.

The workshop also included a conference session on Technology Advances in Authentication and Trust Management Infrastructure, and a poster session on enabling technologies for digital identity systems.

This web site now contains most of the presentation material and posters that were presented at the workshop. Links to these materials are on the program and poster pages on this site. In some cases, we cannot provide the presentation materials.