FDIC-FinCEN Conclude Digital Identity Tech Sprint, Publish Takeaways

The Digital Identity Tech Sprint aimed to help measure the effectiveness of digital identity proofing, which is the process used to collect, validate, and verify information to establish that the identity is unique, exists in real world, and is bound to an individual. Participants from eight teams demonstrated their solutions to help answer the question "What is a scalable, cost-efficient, risk-based solution to measure the effectiveness of digital identity proofing to ensure that individuals who remotely present themselves for financial activities are who they claim to be?" Out of those eight teams, the Tech Sprint expert panel, consisting of representatives from the FDIC and FinCEN, publicly recognized three teams whose solutions displayed the greatest creativity, market-readiness, or effectiveness and impact. The Tech Sprint solution considerations included increasing efficiency and account security; reducing fraud and other forms of identity-related crime, money laundering, and terrorist financing; enabling technology accessibility; and fostering customer confidence in the digital banking environment.

One proposed solution for measuring the effectiveness of identity proofing systems included a tool and analysis process to identify gaps in an organization’s existing digital identity proofing processes relative to known threat vectors; using that information, the tool would provide recommendations for the organization to address the identified gaps. Proposed solutions with scoring methodologies for remote identity proofing varied by their focus and approach. Some included novel measurement matrices and checklists; others leveraged existing tools, products, and frameworks. There were proposals for new examination programs for digital identity proofing solutions, and new infrastructure, including an identity clearing house utility. The proposed identity provider solutions encompassed development of a shared platform for proofing identities and assessing technologies, a trusted credential network, and a collaborative identity data-sharing solution among the public and private sector similar to one that exists for cyber security. 

The roles of the public and private sector varied in each of the eight proposed solutions, ranging from primarily public or private sector to public-private partnerships. The proposed public sector responsibilities ranged from the provision of ongoing or seed funding, to standard-setting and regulatory guidance, to hosting technology pilots with safe harbor provisions to facilitate solutions (regulatory sandboxes).  Multiple participating teams referenced the use of source verification, interoperability, and emerging technologies such zero knowledge proofs and multi-party computation for secure, privacy-protecting data sharing.  Several proposals recommended the use of emerging digital identity standards, including the Worldwide Web Consortium (W3C) Verifiable Credentials and ISO compliant mobile driver’s licenses. 

Related Links

• FDIC TechSprint
• Launch of TechSprint

Keywords: Americas, US, Banking, Regtech, Tech Sprint, Fraud Detection, KYC, Ml TF Risk, Digital Banking, Data Privacy, FinCEN, FDIC