Term of the Moment
Chivo wallet
Definition: identity metasystem
An infrastructure that enables different Internet identity systems to work with a consistent user interface. The identity metasystem was designed to prevent identity theft, provide a secure authentication framework and also give users control over the data they share. It eliminates the myriad usernames and passwords for each user and replaces the browser password manager with a more secure system.
Multiple Authenticators
Just as a driver's license and credit card serve as multiple forms of ID, the identity metasystem supports multiple authenticators. The user confirms which ones should be used.
The Wallet Metaphor - M-Cards and P-Cards
Organizations issue and store the data of managed cards (m-cards), such as credit cards and IDs. Self-issued personal cards (p-cards) hold the data typed into a registration form. A person can have multiple p-cards, with one card having more data than another. P-cards are stored in the user's computer along with the transaction history for both information cards. See Windows CardSpace, Higgins project, Web services protocols and Identity 2.0.
The Authentication Process
Multiple Authenticators
Just as a driver's license and credit card serve as multiple forms of ID, the identity metasystem supports multiple authenticators. The user confirms which ones should be used.
The Wallet Metaphor - M-Cards and P-Cards
Organizations issue and store the data of managed cards (m-cards), such as credit cards and IDs. Self-issued personal cards (p-cards) hold the data typed into a registration form. A person can have multiple p-cards, with one card having more data than another. P-cards are stored in the user's computer along with the transaction history for both information cards. See Windows CardSpace, Higgins project, Web services protocols and Identity 2.0.
A compliant website is a relying party (RP) because it relies on an identity provider (IdP). When a user visits an RP, the site states its ID requirements, and the user's card selector highlights the likely cards. The user confirms the selection, and a request is sent to the IdP, which sends back a signed token the user can inspect and accept. With p-cards, the card selector functions as the IdP and sends a secure token to the RP.