...
(2) PURPOSE: _Please provide a clear statement of purpose and justification why the proposed WG is necessary._
The purpose of the Consumer Identity WG is to foster the development of a user-centric "identity layer" for the internet that enables consumers to fully exploit the potential of the internet without fear of identity theft. The WG addresses this goal by proposing technical and policy solutions that address current threats to privacy and identity, and socializes these solutions with appropriate parties to help foster their implementation. Specifically, the WG crafts whitepapers, requirements, specifications, and other work products to specify how emerging identity technologies, protocols, frameworks, laws and regulations, etc., can be leveraged to: (a) enable businesses to know, with high confidence, the identities of individual consumers with whom it engages in high-value online transactions, without jeopardizing the privacy of the consumer's Personally Identifiable Information (PII); and (b) enable individual consumers to prevent others from impersonating them in online transactions. By championing the use of these high assurance, privacy-protecting identity solutions, the WG seeks to help bring about an environment in which the identities of consumers engaged in high value, online transactions can be known with the same degree of confidence as the identities of parties engaging in various types of sensitive online business-to-business transactions.
(3) SCOPE: _Explain the scope and definition of the planned work._
Online identity fraud results from the misuse of personally identifying information such as names, Social Security Numbers, and birthdates, as well as misuse of shared secrets such as passwords, credit card information, answers to "challenge questions", mother's maiden name, etc. Misuse of this PII enables fraudsters to impersonate individual consumers online because identity-related claims are often based on nothing more than knowledge of this information. Identity fraud has an obvious negative impact on consumers, who may experience damaged credit scores, drained bank accounts, fraudulent credit card charges and other bills resulting from unauthorized purchases, falsified medical histories, privacy breaches of sensitive medical records and information, etc. The negative impact on businesses that provide identity-related products or services includes damage to their operations, reputations, and bottom line, as well as loss of trust that is difficult and costly to regain. As well, identity fraud creates distrust and fear between businesses and consumers that imperils achieving the full range of economic benefits promised by the internet itself
While a number of initiatives, frameworks, and technologies currently exist that can support the purpose of this WG, today there is no large-scale, practical way to verify online identity-related claims as they pertain to individual consumers. Initiatives, technologies, frameworks, etc. that currently contribute to this goal include the Liberty Alliance Web Services Framework, the Liberty Alliance Identity Assurance Framework, Initiative for Open Authentication (OATH), the US government's e-Authentication initiative, OpenID, Information Cards, public key infrastructures (PKI), and others.
With this as a background, the Consumer Identity WG seeks to propose solutions to the problem of online consumer identity assurance that
...
(7) AUDIENCE: Anticipated audience or users of the work.
Organizations involved with online identity fraud, credit card companies and others involved with online payments, non-profit identity and privacy groups, vendors of authentication and identity services and technologies, government consumer groups (e.g., FTC), credit reporting agencies, think tanks involved with identity issues (ie, Center for Strategic and International Studies, Center for American Progress, National Research Council, etc.)
...
(10) RELATED WORK AND LIAISONS: Related work being done in other WGs or other organizations and any proposed liaison with those other WGs or organizations._
Previous work related to the efforts of the WG includes: (a) "_Authentication 2.0: New Opportunities for Online Identification", by Center for Strategic and International Studies; (b) "Online Identity Theft: Changing the Game", Microsoft Whitepaper; (c) "Connecting Americans to their Healthcare: Consumer Authentication for Networked Personal Health Information", by the Connecting For Health Initiative of the Markle Foundation; (d) "The ID Divide: Addressing the Challenges of Identification and Authentication in American Society", by the Center for American Progress; (e) "Securing Cyberspace for the 44th Presidency", by the Center for Strategic and International Studies.
The WG may have liaisons with other WGs, including Identity Assurance & Accreditation WG, Health Identity & Assurance WG, eGovernment WG.
Other organizations that the WG may interact with include the Information Card Foundation, ANSI Identity Theft Standards Panel, Center for Strategic and International Studies, Center for American Progress, Internet Society
...