Underserved Initiative Receives Approval

July 24th—Un and Underserved People’s Identity approach receives IDESG Privacy Committee Review approval. This means that wider adoption of such an approach is more feasible.

Process Flow Diagram

Un and Underserved Use Case Process Flow

One of the indices of the human trust experience is whether or not and  the extent to which a person or organization creates work that serves others and interests separate and greater than themselves. My view is that particularly today economic development should wherever possible be designed to serve the under served first. To this end I have worked on a systemic approach (at the IDESG referred to as a “Use Case” for identity management and privacy for the Un and Underserved People for the Identity Ecosystem Steering Group (IDESG). In essence this approach allows individuals who have been left out of the existing online environment to piggy back into interactions and transactions online through identities received through Federally Insured bank accounts. This can be done remotely as well as in person. There are many advantages to this approach which will be reported on in the coming months. The good news is that on July 24th this approach received IDESG Privacy Committee Review approval. This means that wider adoption of such an approach is more feasible.

For complete information see https://www.idecosystem.org/wiki/Un_and_Underserved_People_Use_Case

Use Case Description
“Use Case Purpose”: Un and Underserved People Enter the IDESG Identity Ecosystem.

Un and Underserved refers to people that do not have, have lost, or have inadequate digital identities to enable them to participate in the secure and resilient, cost effective and easy to use, privacy enhancing and voluntary interoperable online Identity Ecosystem envisioned by NSTIC and the IDESG. Currently there are barriers to and opportunities for the Un and Underserved to enter the IDESG Identity Ecosystem. Such barriers may be, limited financial means, physical disadvantage or challenge, language differences, loss of employment, to name but a few. Such opportunities may be new products and services to remove these barriers, innovations in serving this community as well as greater social cohesion and internet-wide cyber-security. Importantly, many of the Un and Underserved are also financially un and underserved. Today 68 million American adults are un or under banked. More than 2.5 billion adults around the world are unbanked.

The goal of this use case is to leverage existing programs and services, for example the FDIC “Safe Account” program, to allow the Un and Underserved to use their “Safe Account” bank account enrollment process as a means of obtaining a digital identity and entering the IDESG Identity Ecosystem. Being Un and Underserved is not a new problem but one that has had a long (perhaps going back to the beginnings of money and then banking)and often intractable set of complexities. The efficiencies of cyberspace (the internet) provides an historic opportunity to bridge this gap.

Scenario(Example): Julia, a prospective underserved financial services customer, wants to open a bank account as well as obtain an digital identity for use in the IDESG Identity Ecosystem. Julia learns of a FDIC “Safe Account” type of account at her local community center which allows her to apply for an account and subsequently obtain a digital identity. Julia applies for and gets an FDIC “Safe Account” through an FDIC insured bank or equivalent financial institution compliant with 31 CFR 1020.220 – Customer identification programs (CIP) for banks, savings associations, credit unions, and certain non-Federally regulated banks. Or other acceptable customer identification program. The enrollment vetting process into a “Safe Account” serves the vetting requirements for Julia to obtain her digital identity. After a period of successful Safe Account practices Julia uses her Safe Account history and digital identity to apply for an FCCX credential or other governmental credential for accessing government services. Julia receives the government credential and uses the government credential to apply for other online services and products including more financial services. Julia is able to step by step build access to a wide range of products and services she will need and use as she provides for her family and builds her entrepreneurial life as a clothes designer and pattern maker.

Goals Summary: Julia will be able to obtain an digital credential with the qualifications used to obtain her Safe Account. Julia will be able manage her finances in a secure and insured or protected environment where she can increase her income through entrepreneurship, improving the quality of life for herself and her son, the economic activity in her neighborhood through her purchases, and tax receipts to her city and state. Julia will be able to interact with some government and non-profit services improving confidence in government and non-profit institutions and financial institutions including banking. The financial institutions and non-profit organizations, government agencies and healthcare providers will be able to increase the number of their customers/participants. Through this use case a broad range of stakeholders are brought together to share risks and rewards in creating an online Identity Ecosystem Framework where economic opportunity, productivity and human well being are harmonized.


  • 1 Un and Underserved People.
  • 2 Financial Institutions.
  • 3 Non-profit Organizations.
  • 4 Government.
  • 5 Insurance entities.
  • 6 Any Relying Party or Service Provider in the IDESG Identity Ecosystem that complies with the NSTIC principles and has a Trustmark Accreditation.
  • 7 Alternative Financial Services.

Assumptions Un and Underserved Person applies in person at the Financial Institution or uses an acceptable electronic means of application including for example Treasury’s OCIP that has brought together the FSSCC, DHS, and NIST to create a Cooperative Research and Development Agreement on identity proofing, which has identified new methods for satisfying the “know your customer” requirements of financial institutions. Financial Institution must be a FDIC insured bank or equivalent. The digital identity meets the needs of relying parties.

Process FlowProcess Flow Diagram

This use case is unique in that the person, Julia and her son in this case, exist outside an online Identity Ecosystem. Entering the Identity Ecosystem is a kind of state change, so to speak, for Julia. The other stakeholders are already inside the Identity Ecosystem. The process of entering the ecosystem should be done with care by all stakeholders. Success Scenario Julia is able to enroll in a Safe Account that provides her with a digital identity useful in the ID Ecosystem for products and services and for federal, state and local governments. Julia can also apply for and potentially receive other digital identities from other ID Ecosystem providers enlarging the range of products and online services, including financial she can access.

People Get a Trust Framework

Individuals, Micro and Small Businesses
Trust Framework


•         Identity Ecosystems need to avoid creating an underclass Certification and Attestation status for individuals, micro and small businesses who meet the NSTIC requirements.

 •          High quality IDESG and IEF NSTIC compliant Certification status needs to be affordable across the economic spectrum.

The Changing Nature and Role of Individuals, Micro and Small Businesses in Commerce

•         Individuals… are more than consumers

•         Individuals, Micro and Small Businesses are well suited to take advantage of the efficiencies of the online economy

•         Barriers to Individuals Micro and Small Businesses agility and efficiencies should be avoided.

Assertions – 2

•         Individuals… in their emerging roles need to be trustworthy like other elements in the Identity Ecosystem

 •         Individuals, Micro and Small Businesses have unique and complex value propositions. Their needs and requirements fit well into a Trust Framework

Do we trust in online anonymity?

On June 13, 2014, the Supreme Court of Canada, ruling in a case (R. v. Spencer, 2014 SCC 43) concerning police requesting information about online activity:
“Some degree of anonymity is a feature of much Internet activity and depending on the totality of the circumstances, anonymity may be the foundation of a privacy interest that engages constitutional protection against unreasonable search and seizure. In this case, the police request to link a given IP address to subscriber information was in effect a request to link a specific person to specific online activities. This sort of request engages the anonymity aspect of the informational privacy interest by attempting to link the suspect with anonymously undertaken online activities, activities which have been recognized in other circumstances as engaging significant privacy interests.”

Constructing Human Anonymity

Can Human Anonymity be Constructed?

Are Human Identity and Human Anonymity compatible in online or Internet interactions, transactions?

To begin to wrestle with these questions take a look at the complex and challenging process recommended as a best practice by the Washington Post for constructing imperfect anonymity online.


SecureDrop – The Washington Post.

Why is human anonymity so hard to construct on line and how is this difficulty central to the human trust experience ?  Does the elaborate process the Washington Post has created indicate that someone is intending to tell the truth as they know it? Or that they are intending to mislead or lie about something? One thing  I take away from the Washington Post SecureDrop process is that both the sender and receiver of the message anticipate and intend that the message not be distributed even though the sender and receiver don’t know each other. This is a very high standard of privacy—my mouth to your ear.  Further it seems clear that both sides without even knowing the content of the message anticipate or want to make it possible for the importance of the message to be inferred as well as maintained. This is not throw away language but language that both the human sender and the human receiver must have confidence—to a very high degree of certainty—will be transmitted completely with its original content. This is a powerfully human experience of trust, mistrust, of risk and even intimacy. From this view the stakes for the  human trust experience are very high.

I will be building a privacy use case for online anonymity from an exploration of online anonymity.

Constructing Anonymity like navigating a wild American river.ver Photograph in motion
Animas River Colorado USA

The Human Trust Experience and The Importance of Economic Inclusion

Critical to the success of the NSTIC Strategy and the IDESG is the breadth and depth of trust and confidence, innovation and economic progress it releases created through the standards and certification it accredits. As Obama said in his release of the NSTIC Strategy “…we cannot know what companies have not been launched, what products or services have not been developed…what we do know is this: by making online transactions more trustworthy and enhancing consumers’ privacy…we will foster growth and innovation, online and across our economy in ways we can scarcely imagine…ultimately, that is the goal of this strategy.”
Precisely because we cannot predict how innovations will emerge and from whom we cannot rightfully leave anyone out by making barriers for participation or designing solutions without questioning our assumptions. We don’t know if innovations will come from the self-employed, the small business, the large business or even the unemployed. Evaluation of issues of economic inclusion must be central to the development of the Identity Ecosystem Framework, the identification and authentication standards risk models (NSTIC Objective 1.2) and the administration of the standards development and accreditation (NSTIC Objective 1.4) and ultimately the promise of our democracy to govern and fulfill its promise of equal opportunity.

Economic Inclusion and the Human Trust Experience

Integrating Economic Inclusion

Economic Inclusion is a part of the larger subject of inclusion. Here I am referring particularly to integrating economic inclusion into Information and Communication Technology (ICT) and on the internet in general.

Related subjects are universal design and diversity among others.

Purpose and Key Features

  • Improving the human trust experience across the economic spectrum and stakeholders in our democracy.
  • Ensuring that people and businesses across the economic spectrum including the middle and low end are welcomed and included.

• Ensuring that the needs and opportunities in all areas of contemporary life including business models, value propositions, standards and work products serves the needs of people and businesses of the middle and low end of economic spectrum.

• Increasing cooperation and life sustaining development of products and services.


• Integration of economic inclusion and human trust experience evaluation criteria into the development and contemporary communities around the world.
• To connect with and liaise with others creating to create Human Trust Experience Ambassadorships to voice the needs of the human trust experience

Examples of Economic Inclusion Criteria and Human Trust Experience Criteria are:

• Risk Evaluation by Perspective
• Purchasing Power Parity
• Micro business pricing (USPTO)

Human Trust Experience and Affordability

In Internet and Communication Technology (ICT) affordable means across the economic spectrum from micro-enterprises, entrepreneurs and individuals to large enterprises. Affordable ICT standards should include royalty free, GNU or General Public License and/or other forms of licensing innovations. Some of these license innovations are often called open source.

Affordability has many facets. An affordability criteria will require its own Evaluation Methodology to order and guide the development and understanding of its dimensions particularly in commercial activity.

Facets to be included will include but not be limited to:ncluded in

Human Trust Experience and Data Actions

Recently I attended a Privacy Workshop hosted by NIST. One of the insights that emerged is the difference between security language and privacy language. For example while a phrase like “data actions” may from the security engineering perspective be useful and meaningful from the perspective of human beings this term is quite empty. Identity is emergent, tender, personal, lying in the field of emotions and life and death. Identity is alive. We should not be impatient that such an important subject is hard maybe beyond our ability at present to speak to. Privacy too is new and unformed.

I sensed that by the end of the NIST Privacy Workshop there was an awareness of the raw and vast scope of the problem.

When “data actions” means inferring what a human being is going to do or think next, monetizing that and generating revenue for a third party or releasing the recent date of your brother’s death for monetary purposes, the emotional danger of these “actions” emerges.

Context is a wonderful tool to help us. But some things carry across context. I think we should look for our humanity in every context and accept nothing less.