No sessions found. Try making a different selection.
- Day 1
- 11:00 am5:45 pmRegistrationSunday, December 13th, MGM Grand
- 12:00 pm1:00 pm
- 1:00 pm2:00 pmDigital technologies are revolutionizing customer interactions, with new rules and possibilities that were unimaginable only a few years back. Customer Identity and Access Management (CIAM) is an emerging area in IAM, and a foundational layer in crafting quality digital customer experiences.
Today’s increasingly sophisticated consumers now view digital channels as the primary mechanism for interacting with brands and, consequently, expect deeper online relationships delivered simply and unobtrusively. CIAM turns customer data into gold!
101 Workshop Takeaways:
- CIAM is not a single product; it is a solution that integrates multiple components into a larger ecosystem to build a smooth digital experience for customers
- The 5 Pillars of CIAM that act as foundational layers to crafting digital customer experiences
- The maturity model of the CIAM journey and how organizations can assess the degree of maturity of their implementation
- 1:00 pm2:00 pmThis FIDO 101 workshop will give attendees a foundational understanding of the FIDO Alliance, FIDO standards and the FIDO certification program, and is designed for organizations interested in deploying FIDO standards. This session will help those organizations prepare for deployment and help them think through any business considerations that may impact their decisions.
The FIDO Alliance is a cross-industry, not-for-profit consortia that provides a set of specifications and certifications for an interoperable ecosystem of hardware, mobile, and biometrics-based devices. This ecosystem enables web service providers to: deploy strong authentication solutions that reduce password dependencies and provide a superior, simpler and trusted user experience, eliminate the need for consumers to have multiple authenticators, and allow each service provider to create its own trust relationships with individual customers and their devices. Perhaps best of all, FIDO standards protect service providers from data breach risk stemming from phishing and man-in-the-middle attacks.
- 1:00 pm2:00 pmCCPA is here, do you have a plan? This workshop will explore the impact of California's data privacy regulation. The shifting data privacy landscape is set to fundamentally shift how companies work with personal data and is expected to have an outsized impact on the field of identity graphing and identity resolution. Whether located in California or merely maintaining a website accessible to California consumers, you'll come away with a tactical action plan. Non-compliance isn't an option. Leave this workshop with practical next steps for your organization on how to move your organization into compliance, also discover how to respond to consumer rights requests under the law.
- The scope of the CCPA. What is considered personal information? How this law affects your organization.
- What you can do now to get your organization in compliance
- Your organization’s obligations to respond to consumer rights requests
- A roadmap for your organization to move to compliance quickly
- 1:00 pm2:00 pmAuthentication should be smarter and more adaptive. You want to trust your users, and you want them to trust you. Whether they are updating account information, being onboarded as a new customer or employee, or requesting privileged access, it’s a delicate balance. Learn how to combine advanced risk detection with identity and access to assess the full context of a digital user’s identity. By implementing an AI-powered adaptive access strategy, you will be able to deliver a frustration-free digital experience without increasing risk.
Master Class Takeaways:
- How to combine AI with threat intelligence to produce more accurate fraud analysis
- How seamless authentication can contribute to overall Digital Transformation business goals
- How to effectively balance usability and security requirements for end-users
- 2:00 pm2:15 pm
- 2:15 pm3:15 pmHow many times have you heard “Identity is key to securing your networks?” Unless you have some assurances that the digital identities on your networks are being used by the individual identified by them, the security of your networks and the information they contain are in question. The first part of implementing your Digital Identity Perimeter is establishing trust in who belongs to every digital identity operating on your network and accessing your services. Building trust in a digital identity starts with sound identity proofing. This workshop explores how government and private industry are taking a serious look at improving their identity proofing processes and the newly released OMB M-19-17 following NIST SP 800-63-3 digital identity guidelines.
- The processes necessary for agencies to meet the remote identity proofing requirements for Identity Assurance Level (IAL) 2 and IAL3 following NIST SP 800-63-3 guidelines
- Challenges most organizations encounter when performing remote identity proofing
- Identity proofing templates agencies can use to document their identity proofing processes
- 2:15 pm3:15 pmAdrift in an ever-morphing sea of technologies that 'relate' to identity and access management (IAM)? Join JumpCloud Chief Strategy Officer Greg Keller as he leads a journey tracing the evolution of the foundational directories that remain fundamental to resource access governance. From the impact of cloud on IT and security personnel; the advent of cloud-forward and/or ‘born in the cloud’ companies that have zero intention of managing on-premise infrastructure, or companies that are trying to be like these progressive startups and ‘lifting/shifting’ their way to the cloud; we'll explore the technology ‘stack’ that currently composes the IAM spectrum.
Master Cass Takeaways:
- An overview of the evolution of directory services
- The impact of cloud on IT and security personnel
- The ability to contrast/evaluate the technology ‘stack’ that currently composes the IAM spectrum
- 2:15 pm3:15 pmThe Digital Credentials Consortium, founded by MIT and 11 other major universities, is a university-led effort developing a verifiable digital credentialing ecosystem. Join lead architect Kim Duffy as she describes how this effort employs decentralized identity standards such as Verifiable Credentials and Decentralized Identifiers, how the DCC plans to adapt to varying requirements among its members, and the challenges in providing usable and user-friendly credentials to learners.
Master Class Takeaways:
- The goals and architecture of the Digital Credentials Consortium (DCC)
- How DCC relates to other efforts and which standards are used
- The technical and user-facing challenges of building usable decentralized identity systems
- 2:15 pm3:15 pmGoogle is whipping up an all-new Master Class for KNOW attendees! Check back often for a sneak peek of their syllabus!presented by
- 3:30 pm4:30 pmToday’s headlines are ripe with data breaches and fraud attempts, but fraud goes far beyond stealing identities and payment information. Sift Trust & Safety Architect Kevin Lee reveals why spammy content is the fastest-growing type of fraud, with 50% of businesses expecting content abuse to increase over the next 12 months, taking a massive toll on customer loyalty and affecting both revenues and growth.
Over recent years, the growing threat of fake reviews forced the FTC to launch its first-ever case challenging paid fake reviews on websites. Consumer perceptions and feelings towards fake reviews highlight risks of brand abandonment and the potential to suffer long term revenue loss.
Despite growing concerns over fake reviews, many businesses still heavily rely on reviews as a key search differentiator. Businesses need to smarten up and evolve and adopt new strategies that protect their users, actively identify fake content and take a proactive defensive approach.
Case Study Takeaways:
- Deep dive into what fake reviews are and how they can lead to fraudulent activity as well as brand abandonment
- Critical strategies on how to recognize a fake review or fake user
- Real-world examples of content fraud and how businesses can use trust & safety practices and machine learning applications to mitigate fake reviews and reduce the associated risks
- 3:30 pm4:30 pmMost real-life security projects are messy business. Where modern protocols need to integrate with legacy solutions, security best practices must coexist with the unique requirements of existing business practices, and common sense expectations are blatantly subverted. While we all wish we could find a clear path to the Emerald City, down the Yellow Brick Road to an identity utopia where questions are easily answered, there really is no “one size fits all solution.”
Join Vittorio Bertocci, Auth0 Principal Architect, in a technical session where he explores specific identity use cases that are the most in need of customization. He'll discuss strategies for providing last-mile affordances and customizations, and how customization will ensure you keep pace with today's staggering pace of identity development.
Master Class Takeaways:
- A “one size fits all” solution will not protect the identities of your customers and their customers. Learn how to take a surgical approach, not a general one
- Security solutions that require customization to deal with any obstacle, even the most complex
- Specific identity use cases are the most in need of customization
- 3:30 pm4:30 pmIn this one-hour education session, Dave Birch will be exploring the global identity landscape and taking a look at the different models being adopted. With Open Banking taking great strides forward, can this be the catalyst for digital identity? Or are there other use cases that will drive a tipping point of adoption? You will hear from experts in different markets supporting the theory that one size certainly doesn’t fit all!
Dave Birch and his colleagues from Consult Hyperion have worked with clients globally on both Digital Identity and Open Banking initiatives and will bring impartial knowledge and experience, to share with you.
- Detailed analysis of implementation models
- Lessons learned from initial implementations
- The link between Open Banking PSD2/SCApresented by
- 3:30 pm5:30 pmOpen source AI tools are now available that can help malicious actors manipulate face and voice data to create deepfakes. While celebrity deepfakes have garnered mass media attention (we've all seen that Obama video), the bigger concern is when we're exposed to content that's not overtly obvious to be fake. These fakes can be weaponized by rogue nation-states for disinformation campaigns - to destabilize financial markets or manipulate elections. Or what happens if your voice and face are unintentionally being used to authorize someone else to access your account?
This workshop takes a data-centric perspective on these topics, reviewing the state of the art in face recognition technology and discuss where biometrics is headed. Workshop leaders will explore novel ways to secure biometric data, such as homomorphic encryption and leveraging the blockchain. The workshop will conclude with the role that deep learning is playing in both improving identification accuracy as well in fake news and cybersecurity.
- Overview of the rising problem of deep fakes
- State of the art technology in face recognition
- Use of new techniques like homomorphic encryption/blockchain to protect biometric databases
- 4:30 pm4:45 pm
- 4:45 pm5:45 pmEach day, detecting fraud, increasing security, and ensuring customer satisfaction becomes a tougher act to juggle as cybercriminals work diligently to concoct new scams. Solving for newer fraud challenges – as well as traditional ones – will require using more innovative tools and data with less friction for the consumer.
When organizations harness relevant data and turn it into intelligence that evaluates each individual, revealing their potential – or their hidden risks – they find the Maximum Viable Person. By using a combination of cutting-edge technologies that include machine learning, AI-powered analytics, and comprehensive data resources, organizations can gain meaningful insights into customers and applications to help identify risks early in the transaction process, while accurately identifying top potential customers.
This workshop covers recommended best practices to make critical decisions in real-time without increasing the level of manual reviews or sacrificing customer satisfaction.
- How fraud detection tools, like alerts and scores, can work silently in the background, reducing friction between you and your prospective customer
- How to prevent account takeover (ATO) with risk-based authentication
- How to layer security into mobile and digital channels to create a robust identity intelligence systempresented by
- 4:45 pm5:45 pmBug bounty programs are becoming increasingly common across industries. Today, more organizations embrace collaborating with ethical hackers to find vulnerabilities before cybercriminals have a chance to exploit the same bugs for nefarious purposes. HackerOne Security Engineer Reed Loden outlines the steps to develop a vulnerability disclosure program and what to include in the policy itself.
Attendees will be grouped into teams to create a mock VDP, playing the roles of product lead, legal, security, communications, vendors, and suppliers. This engaging content will give you the practical knowledge you need to establish a Vulnerability Disclosure Program within your organization.
- The steps needed to develop a Vulnerability Disclosure Program, regardless of your industry or company size
- Why having a Vulnerability Disclosure Program can offer a way to receive security reports from external security researchers or members of the public
- How to leverage an ISO-compliant workflow to complement security efforts without changing the way you work
- 6:00 pm9:00 pmIf you like Piña Coladas and getting caught at an awesome networking night, AU10TIX welcomes you to the KNOW Identity 2020 Pool Party. Join us at the Live Lucky Pool at the MGM Grand for an evening of libations and lite bites. Get the beach ball rolling on your 2020 networking!presented by
- Day 2
- 7:30 am8:30 am
- 7:45 am5:30 pmRegistrationMonday, December 14th, MGM Grand
- 8:30 am10:15 amGlenn Greenwald is a former constitutional lawyer and Pulitzer-Prize winning writer, regarded as one of the most influential journalists of our time for his work exposing the US’ global surveillance programs, including Edward Snowden’s classified documents as well as other groundbreaking exposés. His finger is on the pulse of national security and surveillance, and now, he’ll bring insider insights to the KNOW stage.presented by
- 10:15 am4:30 pm
- 10:15 am10:45 am
- 10:45 am11:30 amCould ""Bring Your Own Identity"" be a core trend in IT?
Organizations strive for digital accessibility to deliver services efficiently, answering user demands for seamlessness. Unfortunately, the most portable logins, Facebook and Google, aren’t wholly trusted; and, the most trusted logins, from banks and employers, aren’t portable to other websites. This state of affairs means that organizations, not individuals, control the login and the data – requiring individuals to repeat workflows to establish a new login at each site.
With Federated Identity, individuals control the login and associated verified credentials, so registration at a new application is streamlined process. However, issues like branding, trusting a third-party's authentication process, and linking a login option lacking massive scale are all significant barriers to adoption for high-assurance applications like government, financial services, healthcare, and hospitality. This session explores case studies of solutions being implemented at Allscripts, ADP, and MGM and the considerations of these brands as they tackled the problem.
- The overall promise of federated identity. We see it with driver's licenses, Facebook, and Google. Why don't we see it on high-value apps?
- The equality implications of federated identity. How can it help individuals without a credit history who can't establish their identity online through a credit reporting agency?
- Barriers to adoption that have prevented the adoption of federated identity at scale. Are these crumbling?
- 10:45 am11:30 amForeign governments are targeting more industries than one would expect. And they may not be targeting who you might think; hackers are increasingly making private citizens - from a middle manager working at a tech company to a Hollywood assistant - the subject of their attacks. With the global internet rapidly becoming a battlefield for national intelligence agencies, and private institutions no longer off-limits as targets, cybersecurity defenses must evolve to protect against increasingly skilled and well-funded opponents. Is your organization prepared to face these escalating threats? Who's really at risk? This session explores deep fakes, disinformation, cybersecurity, and campaigns designed to threaten elections and beyond.
- Overview of critical infrastructure protection and resilience
- Computer vision techniques and deep learning algorithms to exploit hidden patterns and detect manipulated parts of fake content
- What can we do to increase the resilience in our election systems
- 10:45 am11:30 amWith digital identity poised to enter the mainstream in 2020, both incumbents and startups alike are vying for leadership positions. The frontiers of digital identity ― verifying claims and credentials, proving possession, granting consent ― boil down to the quality characteristics of data. When we deal with people, entities, and things online, data is all we got. Explore the role "big tech" can, should, and should not play in how digital identity data is created, stored, and used across the economy.
- The internet's current identity problem -- truth and data quality in the digital economy
- Real-world examples of some of the most promising pilots, projects, and proofs-of-concept from around the globe
- How product managers, software engineers, and architects can test, build, and scale solutions that address the unintended consequences of technology
- 11:45 am12:30 pmThe shift to EMV, SCA, and other measures to stop fraud has left fraudsters scrambling to find new successful ways to profit. Enter synthetic identity.
Synthetic identity fraud occurs when fraudsters use a blend of real and fake information to create a “new” individual. In some cases, the information used is entirely fake. The bad actors will open up new credit cards or auto loans under the fake individual's name, to create credit records and boost the credit profile.
While synthetic ID fraud is not a new tactic, it has become a new favorite for seasoned fraudsters who know how to test your business’s controls and age accounts to bypass your security systems. This session will explain what synthetic ID fraud is and how fraudsters use it to exploit your systems as well as best practices for stopping and preventing loss due to this insidious type of fraud attack.
- What is synthetic ID and how are fraudsters profiting from it
- An understanding of why synthetic ID fraud is more difficult to detect than other types of fraud
- A checklist of best practices for detecting, stopping, and preventing synthetic ID fraudpresented by
- 11:45 am12:30 pmIs it time to throw in the towel? From billion-record data breaches to GDPR and CCPA, global consumer awareness of data privacy and data protection issues are at an all-time high. Will these new pressures force a fundamental shift in the industry, or can companies continue big data monetization in a data-preserving way? Are privacy-preserving platforms good for the bottom line or the latest PR talking point? This energetic debate features industry experts going head-to-head over the ethics and possible future of big data monetization in a post-CCPA world.
- 11:45 am12:30 pmTrust is the essential foundation to feel safe in any relationship, whether personal, professional or even financial. Without Trust & Safety, it all falls apart. For digital platforms, in particular, ensuring user trust in the accuracy and integrity of their platform remains a fundamental challenge.
This panel is all about building trust into the user experience. Industry experts will come together to discuss tales of past launch failures, what decisions went well, and future predictions. The conversation will also explore how are unicorn marketplaces managing expectations while maintaining platform integrity. Understand how managing this balance is more possible than ever, with perspectives from trust & safety innovators.
- An overview of digital trust for consumers and businesses including what trust even looks like and more importantly, how businesses can design for it
- Changing consumer expectations and the shifting regulatory landscape relating to data privacy
- How to balance upfront user friction with fraud detection measures including biometric-based identity proofing and privacy-first identity resolution
- 11:45 am12:30 pmThe frontiers of digital identity -- from verifying claims and credentials to granting consent ― boil down to the quality characteristics of data. Yet, driving adoption at scale is more than a matter of solving for missing identity data sets. From internationalization to offshore operations, learn the secrets to success from the teams that have successfully onboarded millions of users in challenging markets across the globe.
- How organizations are tackling unique identity, regulatory, and cultural challenges to expand into new markets
- Overview of the key challenges with identity proofing and verification globally
- Nuances of launching products globally while thinking locally and the unexpected benefits of building large-scale identity verification platforms
- 11:45 am12:30 pmDemo Stage SessionsMonday, December 14th, Demo Dome·Demo Dome
- 12:30 pm1:30 pm
- 12:30 pm1:30 pmKNOW Identity creates a space to celebrate and support the growing community of women in the identity industry. Alongside Experian and Women in Identity, we’ll host our annual Women in Identity Luncheon on Monday, April 6. Join us in bringing the industry together to enable growth for women in the space, and meet your next mentor!presented by
- 1:45 pm2:30 pmAs technology is continuing to advance at an accelerated rate and people are uploading more and more of their lives online, many common methods of identity authentication are not keeping up with the pace.
Fortunately, the world is beginning to see action taken to address the digital identity problem head-on. Earlier this year, Canada launched a first-of-its-kind, blockchain-based digital identity network. This enables consumers with the power to verify their identities quickly and securely, granting them access to products and services.
The formation of this network is a result of leading organizations recognizing that the digital identity problem is too complex to take on alone and requires close collaboration leveraging strengths across industries.
This session will explain how this network formed, its importance in how we will improve digital identity, lessons learned so far, and where to go from here.
- The shift from traditional federation toward networks for identity
- Why this shift matters both strategically and operationally
- Three specific examples of network similarities and differences to inform business, legal, and technical decision-makers
- Easy-to-apply guidance for evaluating the value and appropriate use case applications of identity networks
- 1:45 pm2:30 pmThe moment you’ve all been waiting for - distributed ledger proponents take the stage to defend their industries' most passionate voices. Many of today’s digital identity systems are designed around cryptographic keys—much like the IP addresses of the early internet. The key challenge that remains is how we can make digital identity solutions more human and implement these solutions into existing habits. This is a can't miss event for anyone who has an opinion on what digital identity architecture is best for the industry.
- What is the right protocol for decentralized identity and self-sovereign identity (SSI) platforms in the future?
- Arguments that support the next big step in the evolution of self-sovereign identity and what that means for society
- The commercial models that will drive adoption of SSI
- The role industries can play in a collaborative framework that is globally accessible
- 1:45 pm2:30 pmCookies: oft-maligned, yet critical to providing the algorithmically-tailored recommendations demanded by modern consumers. Google and Apple are cracking down on third-party use of deterministic and probabilistic cookies data, posing a devastating threat to the viability of digital advertising. Will the death of cookies as we know them deal a fatal blow to user experience? Learn how enterprises across industries are preparing for this groundbreaking shift away from cookies and repositioning their business models to steward consent-based user experiences in a mobile-first world.
- How brands and publishers can prepare for a post-cookie world and the loss of advertising data
- The practical and ethical considerations data onboarding services must keep in mind when working with digital identities
- How brands can build creative experiences around data collection that invite consumers to take part in the process
- 1:45 pm2:30 pmMachine learning and artificial intelligence (ML/AI) have been responsible for stunning breakthroughs in speech (Siri, Alexa), pattern recognition (self-driving cars), and natural language processing (sentiment analysis). But advances in security and identity have come much slower. Additionally, the pace of technological innovation powered by deep learning and artificial intelligence is eclipsing the ethical and policy frameworks governing their application. Do software developers have an ethical obligation to build in flags that help fight misinformation? How can we detect bias in the data sets used for training machine learning models? This session unpacks how algorithm-powered technologies, from AI and machine learning to facial recognition, are redefining business processes, and the critical identity questions that we need to solve for in this tech-enabled era.
- Current state-of-the-art Machine Learning and Artificial Intelligence technologies
- The types of problems ML/AI can and cannot solve
- New legal and ethical issues related to ML/AI and the limits of algorithmic fairness
- Where ML/AI is headed in the next few years
- 1:45 pm2:30 pmDemo Stage Sessions