Wednesday, August 08, 2007

IdenTrust adoption at inflection point

A couple of years ago in financial-i magazine we did an article aptly titled,'Whatever Happened To', which alluded to the spate of bank-led initiatives, Identrus (now IdenTrust), Bolero, SWIFT's ePaymentsPlus, CFOWeb.com, that emerged at the height of the dot.com boom only to find that user adoption was not forthcoming.

Some of these solutions, particularly CFOWeb.com and ePaymentsPlus have since gone to the technological graveyard in the sky, and even those that have survived have had to re-invent themselves to establish a more compelling business case for user adoption.

One of those companies of course is IdenTrust, which with a new name, a new focus and a new CEO,Karen Wendel, formerly of Gemini Consulting, has gone from being a bank-centric organisation to one that is now focused on helping banks deliver more robust identity management solutions to their corporate customers.

Formed in 1999 by leading global cash management banks such as Citi, Bank of America and Deutsche, IdenTrust (then known as Identrus) positioned banks as trusted third parties in B2B e-commerce by establishing policies, rules and guidelines for banks to issue PKI-encrypted digital certificates for authenticating an individual's identity.

IdenTrust's founding bank's invested $170 million in developing a policies, legal framework, trusted operations and technology (P.L.O.T.) to create a comprehensive environment for issuing trusted identities based on customer agreements which are enforceable in more than 175 countries.

IdenTrust is the only bank-developed identity authentication platform and unlike other digital ID solutions, it emphasizes the interoperability of its digital certificates and their ability to function cross-border. However, since its formation in 1999 it has suffered from an image problem. Wendel says at the time of its inception, PKI was largely driven by 'techies' more focused on encryption than business applications of PKI.

Early implementations of PKI were also costly and cumbersome to implement, and by the onset of the millennium it had been superseded by cheaper means of authentication such as pin and password. But as the incidence of identity fraud has increased in recent years, with attacks becoming more sophisticated, Wendel says PKI and IdenTrust are back in favour.

According to Wendel, IdenTrust's digital certificate volume is doubling every year and instead of having to spend $7 million to $10 million just to get started, banks can deploy PKI digital certificates for less than $500,000.

But the real inflection point when it comes to adoption of IdenTrust's identity credentials has to be pressure from major multinationals such as Shell and Merck, weighed down with hundreds of different security tokens and signature cards for logging onto proprietary banking applications.

These companies are asking banks to implement a single ID management solution that is interoperable across multiple banks. As part of a multi-year overhaul of its treasury management operations, Merck is implementing an innovative identity management solution using IdenTrust digital ID credentials and the concept of an "e-vault," to provide an extra layer of security.

Wendel says Shell will also be one of the first corporates to implement a bank account mandate application which has IdenTrust credentials embedded in it. The challenge now for IdenTrust is to encourage banks and software vendors to develop more applications with its digital credentials embedded in it and to get banks to abandon their proprietary PKI technologies.

As more and more corporates communicate with their banking providers via SWIFT, IdenTrust believes it also well positioned to provide authentication at the individual level for bulk payment transfers via the SWIFT network. Currently SWIFT’s PKI security protocol only provides authentication at the corporate level, so the bank knows for example, that Company A is sending a payment file, but not the individual within that company that has authorized the payment.

No comments: