Privacy Enhanced Decentralized Identity System

Currently, some public and private organizations have implemented various identification verification solutions to manage identity authentication. The idea of using a third-party identity provider (IdP) to access a relying party (RP) is not new, and both RP and IdP have their benefits as they can only be connected once in a federated identity ecosystem.  While the deployed identity brokerage system has provided participants with great utility, it was pointed out that the principles they designed had several security and privacy gaps.

Privacy Enhanced Decentralized Identity System

The rise in adoption of online services for sensitive tasks such as banking and accessing public services, has led to increased security and data privacy requirements. Many institutions use third-party services for logging in and handling security. So you might enter a single username and password, connecting only once to access a number of different government services. This is convenient for a user, but there are some security risks in the way these third-party services are currently implemented.

Open MIDaaS – Mobile Identity as a Service

I will be working on open MIDaaS project. It stands for Mobile Identity as a Service. The project aims at making a mobile application the centre of user authentication. The app will be like a personal wallet which will store the list of attributes like verified email, address, and phone and credit card numbers. A merchant can request these attributes using push messages, QR code or other means. This will reduce the repetitive form filing and verification steps every time one goes to a new merchant site. I will also create MIDaaS library and hub.

Mobile Transaction Initialization, Authentication and Cooperation

 

The intern and organizational partner are looking for unique and interesting ways of using mobile devices to help authenticate users and methods of cooperation between a mobile device and another device, a PC for example. The intern will research and implement different authentication techniques on mobile devices. Additionally, it is prudent to study and develop a way of simplifying user interactions while maintaining a high level of security at all times.