Robert Kneschke - Fotolia
The “proof of concept” identity management service, using the Microsoft Windows CardSpace system, streamlines identity authentication and provides a safer and simpler way to pay online, said the partners.
The identity management service will enable organisations to dramatically reduce the customer support resources needed for web-based activity, such as resetting forgotten passwords, said the companies.
Consumers could also have a better customer experience as they are required to remember fewer verification details and are able to rely on Experian, a trusted third party, to verify that the organisation they are dealing with is bona fide.
At the outset, Experian verifies both individuals and organisations via a straightforward registration and ID authentication process. Once this process is complete, organisations and individuals are able to communicate, reassured that both parties are legitimate.
Windows CardSpace runs on the consumer’s computer desktop and acts as an identity selector to enable the individual to better control what information they choose to share online and with whom.
For instance, if an individual wants to renew their car insurance, they select their “Experian Card”, which would contain confirmation of identity details and age plus, in this instance, other facts that form part of money-laundering legislation.
Windows CardSpace then sends a request to Experian, the identity provider, to validate the identity of the website.
Once the requesting website is identified, Experian then forms and returns a signed and encrypted “token”, which contains a confidence level as to whether that person exists and is who they say they are to Windows CardSpace and then to the website.
All interactions between the individual, Experian and the organisation are encrypted and digitally signed to protect the information from data security attacks.
“As online security tries to keep up with ever-evolving ID fraud tactics, consumers are having to create multiple passwords to transact online,” said Paul MacKinnon, senior identity advisor at Microsoft UK.
“Consumers are overwhelmed with the plethora of passwords and user names they are expected to remember and are reverting to offline transactions. Businesses are also looking for ways to ensure the public are in a safe environment when online to improve the customer experience and protect web-based transactions,” he said.
Peter Brooker, director at Experian, said: “Consumers are becoming more concerned about who they are buying from and seeking reassurance that the organisation they are dealing with is legitimate.
“This service will work both ways, validating the consumer and the organisation's credentials, delivering a more secure and less stressful online experience for all.”
The partners say they are talking to organisations that could potentially deploy the system.