Skip to main content

ToIP Takeaways from the European Identity Conference and Identiverse

By June 9, 2023June 12th, 2023Blog

This May brought us two of the oldest and largest digital identity conferences: the European Identity Conference in Berlin and Identiverse in Las Vegas. Both were attended by ToIP Executive Director Judith Fleenor and a full contingent of ToIP members. In this post we’ll summarize our key observations and takeaways from each.

European Identity Conference, May 9-12, Berlin

EIC is the largest digital identity event of the year in Europe, running for four days every April or May for the last 16 years. Hosted by German-based analyst firm Kuppinger Cole, last year it moved from Munich to Berlin to give it even more room. This year had over 1,000 attendees and several dozen exhibitors.

While EIC has always had a major focus on conventional Identity and Access Management (IAM), Privileged Access Management (PAM), and Enterprise Cybersecurity, it was also the first conference to host a session on SSI and decentralized identity back in 2016. The following years that grew into an dedicated all-day track on SSI curated by Andy Tobin, formerly GM Europe for Evernym and now for Gen.

This year Andy and other ToIP attendees were amazed to see that half the conference was now focused on decentralized identity: digital wallets, credentials, exchange platforms, orchestration engines, and governance solutions. In retrospect this makes sense given the worldwide attention on the European Digital Identity Wallets initiative (EUDIW). However even the KuppingerCole analysts were surprised by the level of interest. On Wednesday, the entire mainstage presentation track was devoted to Decentralized and Verifiable Credentials, and on Friday (the last day of the conference and usually the slowest day) the EU Digital Identity Wallet track curated by Andy was standing-room-only.

Equally encouraging was the level of interest in the OpenWallet Foundation (OWF). The conference opened on Tuesday with a half-day OWF deep-dive—seven sessions with over 40 panelists, including Andy, Judith, André Kudra (esatus), Dan Bachenheimer (Accenture), and Drummond Reed (Gen). These sessions covered the OWF mission, code contributions (including two SD-JWT libraries), technology (including OpenID for Verifiable Issuance, OpenID Verifiable Presentation, and ISO 18013-X mDL), and verifiable credential use cases in travel, finance, and government.

On Wednesday, Judith facilitated the ToIP panel on Defining the Protocol for Internet-Scale Digital Trust (see YouTube video of panel recording) with Andre, Daniel, Drummond, and Christoph Schneider (GLEIF) as panelists. At the start of the session the audience was polled if they were familiar with the topic of a trust spanning layer and the response was near 0%. After the panel explained how and why we were building such a layer and what this layer would do for interoperable digital trust (see the graphic we used below), we polled the audience a second time to ask if they felt a trust spanning protocol was valuable. This time the response was 100% affirmative.

A multi-layer diagram covering concepts such as the trust-spanning layer and its role in Digital Trust.

On Thursday Judith delivered a well-received keynote presentation Decentralized Identity – Why is it all the Rage? The video is available here. But the ultimate highlight of the conference were the two ToIP members honored with the prestigious European Identity Conference Awards:

  1. Monokee won the award in “Enterprise IAM” category for their work with Italian manufacturer Gibus, where Monokee implemented a secure, compliant, modern and future-proof single sign-on solution in a business-to-business environment with an estimated 5000 users. KuppingerCole noted that Monokee’s solution integrated a significant number of identity providers and in a highly regulated environment.
  2. Global Legal Entity Identifier Foundation (GLEIF) took home the award for “Future Technologies & Standards” for their suite of organizational identity services leveraging the new verifiable LEI (vLEI) model of digital identity, offering a standard for organizational identities, a trustworthy governance structure for assigning these, and a secure and reliable way of verifying the end-to-end identity of an organization.

Identiverse, May 30-June 2, Las Vegas

Identiverse is to North America what EIC is to Europe—in fact even larger. Last year the conference was sold by Ping Identity to CyberRisk Alliance, a business intelligence company serving the high-growth cybersecurity industry. This year CyberRisk Alliance moved the conference to the sprawling Aria Resort hotel in Las Vegas, ensuring plenty of room for over 2500 attendees and 125 exhibitors.

As always, the conference opened with a riveting talk from Ping CEO Andre Durand. This year it began with Andre coming on stage and sitting down as we listened to his pre-recorded voiceover narrative to a powerful three-minute slideshow about how generative AI was now about to impersonate almost anyone almost anywhere. It ended with this warning:

A red slide with the following words in caps: "ALL UNAUTHENTICATED CHANNELS WILL BECOME UNTRUSTWORTHY"

At which point Andre stood up and announced that every single bit of the voiceover narrative and slide show we had just watched—including his voice, the script, the slides, and all the images—had been generated by AI.

In keeping with that theme, the dominant topics at Identiverse were tilted towards the cybersecurity side of digital identity. FIDO passkeys were a particularly strong focus, featuring in at least a dozen of the 175+ sessions.

However decentralized identity and trust was far from absent. A number of sessions and exhibitors covered various facets of digital wallets and verifiable credentials. However, the difference between the North American and European perspectives on decentralized identity and trust infrastructure was palpable. For example, while the Wednesday keynote presentation from Alex Simons of Microsoft included their Entra Verified ID decentralized identity platform, it was just one of four major topics he covered. And the talk given by Jeremy Grant, coordinator of the Washington D.C.-based Better Identity Coalition, was titled, “The Four Horsemen of the SSI Apocalypse” (Jeremy assured several ToIP members that it was “constructive criticism”).

Thankfully, that skeptical view of decentralized identity was contrasted with a Thursday keynote session featuring the OpenWallet Foundation. Led by OWF Executive Director Daniel Goldscheider, that session helped paint a strong picture of the progress of digital wallets and credentials, leaving the impression that the EU is leading the world in digital wallet infrastructure much as the EU GDPR regulations have led the world in privacy.

To the ToIP members attending, this Identiverse was a clarion call that we need to advance our work on all aspects of the ToIP stack as quickly as possible and be prepared to shine a brighter light on it in the next season of digital identity conferences.