Identity Authorization Networks (IANs)
Digital identity has been a challenging area of technology. One of the core reasons for this challenge is the myriad of complex use cases and user journeys that must be handled. Over the years, various solutions have attempted to address the needs of consumers, employees, relying parties, identity management solutions, and many other stakeholders in an identity ecosystem. Solutions like risk-based verification have delivered some success in this area. However, measures to handle multiple use cases, including those offering user journey options, have fallen short. A lack of flexibility in identity management and poor dynamic response to changing and often insecure environments has opened doors to fraud. From here on in, one of the greatest challenges of identity management is the move from synthetic to deepfake identities. Estimates for identity-related fraud in the USA is $10 billion in 2023. In the UK, £1.17 billion was lost to fraud in 2023.
The need for a dynamic identity solution that can proactively adjust requirements as the service conditions change has led to the development of Identity Authorization Networks (IANs).
What is an IAN?
Liminal is an analyst and research firm that provides insight into market trends in the broader identity space. Liminal coined the term of Identity Authorization Network IAN, describing this identity innovation as being able to:
“ …verify real-world identities up to the highest assurance level, connect the verified identities to digital credentials for network-wide use, and enable frictionless transaction execution.”
What does this mean in practice?
Orchestrating an IAN
An Identity Authorization Network (IAN) is a descriptive framework that facilitates dynamic and modifiable identity management ecosystems. By definition, IANs must be able to adjust the identity service’s requirements as needs change. In terms of authorization, this means providing connectivity to a multitude of appropriate verification, antifraud and AML checks, and authentication services.
The backbone of an IAN is an orchestration and decisioning engine (an ODE). The ODE connects all of the verification and authentication services, providing the basis of the IAN. The ODE uses intelligent rules to optimize the user journey based on the ecosystem requirements. This includes having fully online user journeys and F2F human-identity service connectivity (online-offline).
The intelligent rules are the key to the dynamic adjustments made to the system based on feedback during the user journey. Data from external sources is used to identify emerging and known threats and then adjust the user journey requirements.
For example:
During user registration: if a user’s environmental conditions are deemed suspicious, additional verification can be added to the journey, creating a multi-factor verification journey.
During a post-registration transaction: additional verification, antifraud checks, and/or authentication can be requested if conditions deem it necessary.
Source: Liminal
IANs, orchestration, and fraud
IANs provide high-assurance conditions, including multi-factor verification and antifraud checks, to help mitigate fraud. Connecting best-of-breed anti-deepfake technologies to a user journey prevents the most sophisticated of scams. By multiplying the options available in the latest identity check technologies, IANs provide a comprehensive way to detect fraud signals, making high-assurance journeys and transactions practical across myriad use cases.
The market for IANs
Liminal predicts that the market for IAN technology will reach up to $15.5 billion by 2028, with a robust 60.3% CAGR. They see a critical need for adoption across sectors, from banking to e-commerce and beyond.