Let’s talk about digital identity with Elizabeth Garber and Mark Haine, co-editors of the Global Assured Identity Network paper.

In episode 95, Elizabeth Garber and Mark Haine, who were editors on the Global Assured Identity Network (GAIN) paper, join Oscar to share the latest updates for GAIN, including recapping what GAIN is, the challenges that have been faced, alongside successful case studies and what developments we can expect to see for the future of GAIN.

[Transcript below]

“It’s all interconnected with standards development and has a really big impact on how identity systems will work, interoperable, in years to come.”

You’ll remember Elizabeth Garber, who was one of the lead editors of the GAIN paper – we interviewed her in episode 52 (back in October 2021).

Elizabeth has a long background in Customer Strategy and Product Management. She has also led the Open Digital Trust Initiative at the Institute of International Finance and co-chairs the OpenID Foundation’s GAIN technical proof-of-concept, which strives to create globally interoperable networks for exchanging high-assurance identity information. Since we last interviewed her, she co-founded IDPartner, a venture-backed startup that puts people in control of their digital identities. It will be a key player in any Global Assured Identity Network (GAIN) as interoperable networks begin to flourish.

Elizabeth and Mark recently published a draft paper for the OpenID Foundation called “Human-Centric Design: a primer for government officials” which is all about how to design identity systems to sustain and promote human rights. It is open for public comment – and may feature on a future episode. You can find it on the OpenID Foundation website and blog, openid.net.

Connect with Elizabeth on LinkedIn.

Mark is an engineer and entrepreneur who has focussed his career on building solutions that enable business and mitigate risk in financial services.

Through Considrd.Consulting Ltd. Mark and his team are providing strategic security consultancy to a range of clients. He has also taken on a leadership role in the OpenID Foundation as Co-Chair of the eKYC & Identity Assurance Working Group and is a co-author of OpenID Connect for Identity Assurance specification.  Mark also is a board member of the Open Identity Exchange.

Connect with Mark on LinkedIn.

We’ll be continuing this conversation on Twitter using #LTADI – join us @ubisecure!

Go to @Ubisecure on YouTube to watch the video transcript for episode 95.

Let's Talk About Digital Identity
Let's Talk About Digital Identity

The podcast connecting identity and business. Each episode features an in-depth conversation with an identity management leader, focusing on industry hot topics and stories. Join Oscar Santolalla and his special guests as they discuss what’s current and what’s next for digital identity. Produced by Ubisecure.

Podcast transcript

Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla.

Oscar Santolalla: Hello, everyone. You will remember Elizabeth Garber, who was one of the lead editors of the GAIN paper. We interviewed her in episode 52, late in 2021. Elizabeth has a long background in customer strategy and product management. She has also led the Open Digital Trust Initiative at the Institute of International Finance, and she co-chairs the OpenID Foundation’s GAIN technical proof-of-concept.

Since we last interviewed her, she co-founded IDPartner, a venture backed Start-Up that puts people in control of their digital identities. This will be a key player in any global assure identity network, as interoperable networks are beginning to flourish.

We have a second guest. Our second guest today is Mark Haine. He is an engineer and entrepreneur who has focussed his career on building solutions that enable business and mitigate the risk in financial services through Considrd.Consulting Ltd. Mark and his team are providing strategic security consultancy to a range of clients. He has also taken on a leadership role on the OpenID Foundation as co-chair of the eKYC and Identity Assurance Working Group and is co-author of OpenID Connect for Identity Assurance Specification. Mark also is a board member of the Open Identity Exchange.

Elizabeth and Mark recently published a draft paper for the OpenID Foundation called Human-Centric Identity: a primer for government officials, which is all about how to design identity systems to sustain and promote human rights. As we speak, it’s open for public comment. You can find it on the OpenID Foundation website – openid.net. So, let’s get started.

Hello, Elizabeth. Hello, Mark.

Elizabeth Garber: Hi.

Mark Haine: Hi.

Oscar: It’s very nice having you. Welcome back, Elizabeth, and welcome for the first time Mark. So, we’ll hear more about GAIN, this initiative that was launched a bit less than two years ago. And we really want to hear the news about that. But to get started, we always want to hear about our guests.

So, for all of you, please tell us about yourself and your journey to the world of identity.

Elizabeth: Okay, I’ll go first. For me, the journey really started in identity when I was working at a bank. We had introduced a new vendor into our identity and access management program. I won’t say who because it didn’t really go very well at first. But I was brought in as kind of fresh eyes to lead a root cause analysis exercise and make some quick changes and fixes. And that led to two things.

First, I ended up taking a digital products role on that team and having more and more to do with identity. And second, I was absolutely hooked on the industry. So, there were just so many interconnected challenges and opportunities. The stakes were really, really high. So, I started to form partnerships outside the bank, and most notably with the person who would become my good friend and my Start-Up co-founder Rod Boothby. So, he brought me into the Open Digital Trust Initiative with all the world’s leading banks, the IRS, and also the OpenID Foundation.

And that, of course, led to the GAIN paper where I quickly raised my hand to help out and Mark my colleague here and the other co-editors. I then still co-chair the proof-of-concept along with Mark and authored the follow up paper, which will be out by the time this podcast airs, I think.

Mark and I then wrote the paper you just referenced, which is addressing how government identity systems can sustain and promote human rights. All of those papers can be found on the OpenID website, by the way, openid.net.

Since we last talked, I co-founded my company IDPartner, which is really in the spirit of GAIN and is seeking to help banks and other parties connect into such a global network. So yeah, I’m still relatively new to this industry of being a few years in now, but it’s pretty much consumed the majority of my waking moments for the last three to four years.

Mark: So, we’re in some ways similar to Elizabeth, but in other ways slightly different. My background is also from financial services. I have had a number of operational roles and then design and architecture roles in primarily UK banks. I’ve had a rich array of roles. I’m taking on some really interesting challenges along the way. It started out with operational I.T., moved into networks and security design and after some time and lots of rich experiences.

I ended up in the Identity and Access Management team at a large UK bank having done a bunch of work on future architectures for that organisation and innovation team. And around that time the UK was starting to move towards open banking. I managed to switch over to become a core member of the Open Banking UK implementation Entity Security Team, where I was involved in designing various aspects of the open banking architecture and the protocols involved. And that led me to interact with a bunch of people from the OpenID Foundation, who recruited me to come and help on the open standards side of things more actively, after I moved on from open banking to do other things.

Since then, we’ve been working on new draft specifications, and writing a number of white papers, including the GAIN white paper and the one that Elizabeth and I have been working on together about human rights in the context of government digital identity. And here we are today.

Oscar: Excellent. Thanks both of you for sharing your story. Before starting to hear the newer things that happened for GAIN, I hope you can give us an overview. So, what is the Global Assure Identity Network?

Elizabeth: Well, so back in 2021 when we last spoke, GAIN was just a paper. It was – we used to say it was no logos and pro-bono. It was 156 individuals, identity and industry experts who signed as individuals because it contained so much that they could all agree on. And primarily that was that we wanted to build a globally interoperable network for high assurance identity.

We wanted to connect the islands of trust that exist out there today, the different ecosystems where you can be trusted. And we want to create new ones and connect those too. We want to make it possible for somebody in the US, like me to transact with somebody in Finland confident that you could trust who it was on the other end of that digital session.

And we wanted to do that in a really – privacy preserving way. So, no new databases being introduced of PII, full customer consent for sharing and really the minimal amount of information required. All of that was the stuff that the original authors could agree on. At the time we wrote it addressing financial institutions. We didn’t think any such network were going to be inclusively or exclusively led by banks.

But we did argue the banks were really well-placed to catalyse such a movement as they had done in Sweden, Norway and other places. And also, open banking was a growing enabler and there were lots of benefits to them, their customers and others. If they took a lead and did so with a sense of urgency. What we have seen in the intervening years though, is that while that’s still true and still would be a great catalyst, but other corners of the market are moving very, very quickly. We’re having broader conversations now in relation to GAIN, including with the European Union and those designing mobile driver’s licenses.

It’s all interconnected with standards development and has a really big impact on how identity systems will work, interoperable, in years to come. Sorry, that was a summary and a movement into the present day.

Mark: There was a couple of things I would raise from the original paper, that holds true today as well, I think. And those are that we felt back in 2021 that there wasn’t a need for any particularly new or ground-breaking technology to enable this. And probably the most critical thing to allow such a scheme or system to emerge was a way for the three key classes of entity involved, all to find benefits from the services provided.

So, the identity provider, the relying party and the end user, who is subject to all of us, all needed to have their own benefits arising from this for such a thing to become viable. And I think that was something that really hadn’t been voiced quite so directly before.

Oscar: Yeah, well, no surprise of course. From a paper to the implementation for a proof-of-concept that nowadays you, and some of your allies, are working on. So, I think it’s time to hear more deeply, what are the main updates in advancement that GAIN has had since then?

Elizabeth: Okay, so after we launched the paper, we had five organisations initially, who had signed a MOU, a memorandum of understanding. It was legally not binding, but it meant that they would loosely collaborate and align efforts to further the GAIN vision of interoperability. So, I share those organisations now and you can go learn more about what they’re doing in the space. So that’s the OpenID Foundation, the Open Identity Exchange, the Global Legal Entity Identifier Foundation (GLEIF), the Cloud Signature Consortium, the Institute for International Finance. And since then, we’ve had one more organisation formally sign up, and that’s the Secure Identity Alliance.

Each of those organisations does work that’s relevant to GAIN and feeds, whether it’s standards or requirements maybe from the financial sector. They feed into the work that is done at the moment through two major communities that we should drill into what both of these communities have been doing. So, we have the technical proof-of-concept of the OpenID Foundation, which is where Mark and I co-chair a community group, and we really have built a prototype that interconnects multiple trust networks.

And then there’s the policy work at the Open Identity Exchange, OIX. It’s called the Global Interoperability Working Group, and they’re really looking at more of a semantic interoperability; how two different policies interact, how do the policies in one trust framework translate into another and what enables that. Mark, do you want to give an update on the technical proof-of-concept that we’ve been running?

Mark: Yeah. So, to GAIN proof-of-concept within the community group in the OpenID Foundation, has been taking a number of steps to dispel any suggestion that this stuff can’t be done with the technology we have today. One could argue not terribly ground-breaking work because it’s showing that stuff can be done using existing protocols. But at the same time, we’ve been doing it in a way which demonstrates quite significant Cross Domain Examples.

So, our first little proof-of-concept was simply allowing existing identity providers from multiple different countries to provide digital identity data to a relying party. And it was existing trust networks of various different types. It wasn’t terribly complex. In some ways. That’s kind of the beauty of it. A relatively simple OpenID Connect implementation with a relatively simple layering of eKYC and Identity Assurance Working Group specs as well on top, to allow us to be explicit about the assurance level for the individual.

We’ve then moved on from that Federation example to addressing the question of trust between the entities involved. So, allowing the identity provider and the relying party to be more confident in each other, that they are dealing with an entity that is another member of the network. And the big realisation we had when we were doing that was that we shouldn’t try and have every party register to a GAIN instance. There’s plenty of identity networks out there already and we shouldn’t expect their members to have to reregister for something else. That’s not a terribly scalable way at a global level. So, our decision at that point was to build an instance of a network of networks so that we could keep the implementation impact as low as possible for each member and at the same time enable that global reach.

So, we did some work using a protocol called OpenID Federation to allow communication of trust to some of the technical details like; how to verify cryptographic keys across networks. And we ended up building a really nice little demo whereby the end user arrives in a Japanese airport and is able to present their identity from a German network to the local telephony company, so that they could then pick up a new eSIM as they entered the country. It sounds simple. There were a few challenges along the way, but we managed to overcome them and have a little demo which we could share at some point with any interested party.

Elizabeth: So, the two main concepts that we’ve been testing there have been – we often break it down as the data plan in the control plan. So, the first piece that Mark was talking about where we tested the OpenID Connect for identity assurance standard, that’s how does the data move between one party to another. And then the second, which we spent a lot more time on, was the control plane, how do we enable one party in one network to trust another party in another? So how does a relying party in Japan trust an identity provider in Germany? And that’s where OpenID Federation came in, as a really scalable way of delivering that kind of trust.

Mark: Yes, it avoids having to build direct 1 to 1 relationship between every entity, which clearly on an international level, it’s not going to be possible.

Oscar: How many countries have you – mentioned two countries in this example – but how many countries so far have you managed to connect?

Mark: We’ve got members from quite a range of countries, actually. Our initial proof-of-concept involved contributors from UK, Sweden, Germany, Netherlands, Italy, USA and Japan. I think there may have been more. My memory isn’t the best on these things. And then the second one, again, we had Italy, Japan, UK, Germany, the US. Any others Elizabeth?

Elizabeth: Not off the top of my head. But what I think is really cool about the prototype that we have operating right now is that you’ve got three different trust networks, in three different countries, in I guess four different verticals operating. So, we have the German bank based, yes.com Federation. Then you have that connected, both at a data level and a control level, to an open banking system in Japan and the relying party is in telecommunications. And then you have all of that connected, both at a data level and a controlled trust level, all that connected to what is essentially an Italian government implementation. So, we’ve got lots of different types of systems, different types of architecture.

And in that early prototype that we did it with just the data passage, was that we interconnected with wallet-based ecosystems as well there, and we’re looking to bring that back into this larger multilayer proof-of-concept that we have going on right now. So that’s our next stage. But that’s a preview.

I want to make sure we don’t move on before we talk about the work that OIX is doing. Their emphasis has been on mapping different policy frameworks. They looked at how well policies relate to one another and how bilateral agreements can enable one trust framework to trust another, and then ultimately landing on the idea that bilateral agreements are not actually scalable the world over. And so, what they’re looking at now is something that Nick is calling, this as Nick Mothershaw, a ‘smart wallet’. So how can an agent or something –

Mark: Global Interoperability Working Group has been focusing in a couple of areas. One has been to discuss how we might communicate assurance levels between different jurisdictions. One of the challenges we have is that there are different standards for identity assurance in different countries. And as part of that, there’s been a bunch of analysis work going on in partnership with the Fraunhofer Institute to do a comparative review of the different assurance standards and see whether they’re readily mapped or not.

And there will be a report coming out from the Open Identity Exchange in the space sometime in the next few months. Then net-net is that it’s unfortunately not terribly easy to do a mapping and there may be a need to take it to a lower level and map the underlying data points to each other rather than to map to the abstract assurance level.

Elizabeth: So, they’re looking at, how can an agent work on behalf of a user to help translate those policies from one framework to another. To how can an agent or a wallet understand what credentials are inside it that meet the needs presented by a verifier? And does a new credential need to actually be issued? They’re looking at how can we know what wallets can be trusted in an ecosystem? How can it dynamically understand what policy requirements need to be met, what credentials qualify? Is there a common format that can be agreed upon for these policy decisions? And all this is underway at OIX.

Mark: In terms of analysis there as well. They’re looking at the UK Digital Identity and Attributes Trust Framework, the European digital identity eIDAS assurance levels, the US NIST standards in the space and at the trust framework that exists in Canada and Sweden are on the list as well. Although I don’t think all of the analysis is in. So, a fairly broad reaching comparative review of assurance levels and the new policy framework around them.

Oscar: Yeah, it sounds definitely, definitely really good. I haven’t heard of this. I want to hear more information about this.

Mark: The best way to find out more about this analysis would be to join an OpenID Exchange and come and attend something that, some of the working group calls that happen. The report I don’t know whether it’s going to be publicly available or a ‘members of’ report at this stage. There might be a summary report available for non-members. So that remains to be seen.

Oscar: Excellent. If you see as a retrospective have there been any main challenges or barriers that you had to overcome in this nearly two years?

Elizabeth: I would say one of the biggest challenges is really an exciting one, is how quickly the market moves. When you’re talking about global interoperability, you’re talking any kind of shift around the world has an impact on the interoperability aspect. So, I think we do a really good job as a group, both at the technical proof-of-concept level of the Open Identity Exchange and as the GAIN six non-profit, we do a really good job keeping connected to a lot of those moving pieces around the world.

Proud to say that we have close relationships both inside Europe and the European Union, those leading mobile driver’s license efforts, or I should say, North American mobile driver’s license efforts. You know, sometimes this stuff means that actually new concepts, new standards are embraced. And we need to make sure that our prototypes move and shift to ensure that we’re still keeping up to date with the standards that are being embraced and matured by regulations and others around the world.

This is a really exciting problem to have to see things develop and mature. I guess the connected challenge to that is just making sure that we’re aware of all of that’s going on. We recently got in touch with a group working out of the UN on a similar challenge of; how do you enable one entity to build trust with an entity in a different trust network. And they’re really, you know, we’re all working on similar things and exploring. Once we know; what have been your lessons learned, what have been ours and cross-pollinated ideas about how we can achieve these things together and maybe work together. So yeah, a big challenge is knowing what is going on everywhere.

Mark: Yeah, I completely agree Elizabeth Yeah, I completely agree Elizabeth. A couple of other names to drop as well, I know that the OpenID Foundation has been working quite hard to establish and develop relationships in various parts of the world. And I would say the engagement with the European digital identity project has been really good. We had some nice sessions in Berlin around the European identity conference earlier this year. The engagement with the NIST guys in the US around what they’re doing, and their update to their digital identity guidelines has been really positive.

Gail Hodges, Executive Director of the OpenID Foundation has also been reaching out quite successfully into a project called ID for Africa, and trying to bridge that global north, the global south part of the problem space. And I would also say that interoperability, I think, is probably one of the biggest challenges that spans across technology, data and policy. And it’s really good to see the OECD call that out explicitly in their drafts digital identity guidelines that are open for review at the moment and coming out, I think later this year, now.

There’s an awful lot happening in this space. It’s really dynamic. And echoing Elizabeth’s point, the biggest challenge is keeping up with all of the activity that’s going on.

One thing I would say that we’ve been doing in our GAIN groups, has been to try and make sure that we’re relevant to all sorts of different technical architectures. So, this is something that can interoperate across technology difference, at least. Ultimately, the technology should be there to serve the people of various sorts, you know, people who represent organisations and the people who are trying to access services. So, a particular protocol should not necessarily the boundary for interoperability.

To that end, although our first couple of proof of concepts have been OpenID Connect focused. The one we’re working on now is to extend that proof-of-concepts to delve more into the W3C quality-based architecture. We’re doing that in part with people involved in the European digital identity wallet, as well. So, there’s a lot going on. And I think, a lot of real dynamism and action in the marketplace at the moment as well.

Elizabeth: And the more we do in this proof-of-concept is – the more that we do to really test the specifications of these standards, the more we learn, and the more those standards mature. So really benefits from having a lot of participation. Because the both the Federation spec and the IDA spec, I think have been improved as a result of people trying to build it coming together trying to align it, make sure that both parties understand the same things that are using the same configurations. It just, it makes all the specifications better and more mature.

Oscar: Well, excellent. You mentioned already a few examples, but if you have any other success stories in particular that you would like to tell us more.

Elizabeth: I think our big success story is the one that we raised connecting the German banking network, a Japanese banking network with coms roaming and Federation’s run by the Italian government, both at the data level and the trust level. Can I trust the relying party and an IDP in two different networks? The big proof of GAIN, there’s always going to come when private companies or other entities actually bring it out there into the public domain, and people are actively using it to create their eSIM in another country. And I think that’s the next big hurdle is to see something out there in the wild. And I’m hopeful that you’re going to hear some more about that in the coming year.

Mark: Yeah, likewise. I mean, ultimately what we’re driving towards is something that gets implemented. But I do think that the debates that the white paper originally provoked and the groups that have been acting, following on from that have surfaced a few difficulties along the way. And these were difficulties that needed to be surfaced in order that a solution could be built.

I’m not yet certain that all of the challenges have been addressed fully. In fact, I’m fairly certain they haven’t all been addressed fully yet. But we’re working through them as they emerge and prioritising our efforts as best the way we can. I would say a lot of this work is being done either by companies who are contributing their staff’s time to working groups or even individuals contributing their time to these working groups.

So, you know, if anybody out there thinks that they may have the ability to devote some time or even some implementation efforts, that would be, I think, a valuable thing to do, either whether that’s in the policy domain or the data domain with the Open Identity Exchange or in the technical protocol domain with the OpenID Foundation. The only way these things are moved forward is by people contributing the time.

Elizabeth: Absolutely.

Oscar: So, they need more contributors, absolutely.

Mark: Just to drive one particular point home. In particular, at the moment, the OpenID Foundation, GAIN POC community group is looking for digital wallet implementers, particularly at the moment, and secondarily, issuers of digital identity credentials as well verifiable credentials. So, if anybody listening to the podcast is willing, able and has some expertise in that area, they would be very, very welcome. Indeed.

Oscar: Perfect. Yeah, based on your observations when I asked you the hurdles, or what you find on your way – you find a lot of things moving on projects that have similar goals, let’s say. But now looking at the future, what is coming in the near future, if you focus on the near future. So, what would be the main potential future developments that you think is going to happen in the next, let’s say, one or two years?

Elizabeth: I would say three things.

Verifiable credentials, as Mark was just saying, we need to be interoperating, with wallet-based ecosystems. And our technical proof-of-concept in the short term, in the next few months, needs to be extended to incorporate those issuers and those wallet providers.

I think the OIX work on smart interoperability that takes us beyond the next few months, but into you know, the next year or so I think that that work will take shape a bit more. And we will hear more about how interoperability can be enabled, semantically through such systems. I think that work is really, really exciting.

And then the next thing I think you’re going to start to see is more commercial implementations of this use case, of cross border, high trust identity.

Mark: Clearly, the European digital identity project is going to march forward dramatically over the next couple of years as well. And I think that will produce a number of successes and identify a number of challenges along the journey as well. At the moment, the topic of international interoperability is a really interesting one to me. And I think the European Union has certainly within its power, the ability to solve that between the member states. But I think there will be challenges to do with interoperability to other nations.

I also think that there will be quite an interesting series of events around who wins in terms of wallet provider. Clearly, the big tech have wallets already embedded into a lot of consumer devices. But it’s going to be interesting to see how that plays out. Particularly in the context of the European Union project, as they have quite a different perspective on how a wallet should be governed more than anything else. So that’s going to be a really interesting thing to watch over the next couple of years, and I’m sure will produce some great and informative outcomes. It’s an extremely interesting experiment.

Oscar: Yeah, it’s sounds great.

Mark: And I think some of the members of our groups are active in that space as well. And indeed, the OpenID Foundation has been contributing quite strongly to that project with a couple of the key protocols in and out of the wallet being selected for the first round of proof-of-concept work in the European digital identity programme. And there’s definitely conversations going on around trust of issuers and wallets. In the context of the OpenID Federation spec as well. I know that some of the Italian contingent are quite keen to promote the use of that protocol in the European digital identity wallet space for organisation-to-organisation trust effectively.

Oscar: Excellent. So final question for both of you. So, for all business leaders that are listening to us now, what is the one actionable idea they should write on their agenda today?

Mark: I’m going to say that they should be considering how they integrate reusable digital identity into their business processes at some point in the future. A lot of what has been done before has been very organisationally with focussed and very transactional. So, us poor end users have to go through identity verification processes quite frequently. And I think going forward it would be better for end users and better for organisations to be able to reuse those assured identities.

Elizabeth: I totally agree. So, I’ll take a different angle on the question. I would address, rather than business leaders, namely standards bodies, regulators and yes, potential ID providers, including government providers, even banks. There’s a lot going on in this industry as we’ve talked about so many exciting movements forward. So many standards reaching points of maturity. And we’re really, really excited by the developments that we’ve seen over the last few years. As we put in our paper that we’ve written for government officials, no single solution or standard or architecture is going to be a panacea.

No one thing is going to solve all the world’s problems. So, we would all really benefit from, if not slowing down, then at least taking the time to speak to each other. Make sure that we understand how we’re going to establish multi-party trust, checks and balances in the systems, mitigate the risks of fraud while protecting privacy. I would love to see more, even more open, transparent communications, public private partnerships forming in this space. So that’s what I’d put on your agenda.

Oscar: Both sounds very good. Well, I’m very happy to have had this conversation with you and hear this very good news, the progress that GAIN and all the partners have had. So, congratulations and well done for you, Elizabeth, Mark and everybody has been involved and is involved.

So, a final piece, just let us know how people can find more information about this project or get in touch with any of you.

Elizabeth: Yeah. So, I think the fastest way is probably – there is the OIX Global Interoperability Working Group. The fastest way might be the openid.net, there’s a GAIN, community group there. Either way that will get you to where you need to be. You can also obviously reach out to Mark and myself. We are available on LinkedIn. So yeah, please get in touch.

Mark: Let me just reiterate then openid.net and there’s a search box there. Please put in GAIN. You’ll find a number of items there that may be informative.

Oscar: Perfect. Again, it was a pleasure talking with both of you, Elizabeth and Mark and all the best.

Mark: Thanks Oscar.

Elizabeth: Thank you.

Thanks for listening to this episode of Let’s Talk About Digital Identity produced by Ubisecure. Stay up to date with episode at ubisecure.com/podcast or join us on Twitter @ubisecure and use the #LTADI. Until next time.