Supporting Trusted Digital
Identification and Authentication

What is the MIDAS Alliance?

The MIDAS Alliance’s key aim is to develop and promote an industry standard for digital identification and authentication of individuals and organisations to enable them to trust each other’s digital identity and to manage this is a secure manner.

The starting point for developing this industry standard has been the creation of PAS499 on “Digital Identification and Authentication”. This has been completed with the collaboration of the British Standards Institute (BSI) during the past two years.
In order to develop PAS499 as an industry standard the MIDAS Alliance are currently working with UKAS with a view to developing this into a UKAS accredited Certification Scheme.

A significant achievement of the MIDAS Alliance’s PAS499 is how it helps to expand on the current minimum definition within PSD2 of “Strong customer authentication”(SCA) and provides the information and processes required for organisations to fulfill all of their technical and management requirements under this Directive.

What is PAS499?

PAS499 creates a secure authentication management and technology standard that meets the needs of all the disparate legislation and regulations for both domestic and international applications.

PAS499 was developed from a number of public meetings involving hundreds of stakeholders and further small committees within the rules of the BSI with senior stakeholder representatives from across the government, payment, technology and consumer sectors to participate in helping draft the content of PAS499.

PAS499 sets out recommendations for organizations to meet security, regulatory, and usability requirements in the provision of user identification and authentication in digital services.

It aims to assist organizations in understanding changes to existing security practices necessary to prevent fraud techniques that have evolved, or could be developed, to circumvent controls.

It aims to help organizations secure their systems to prevent fraudulent misrepresentation of a natural or legal person.
The PAS covers in detail the following subjects:
Identity Validation
Identity Proofing
Enrolment
Authentication
Delegated Authority and Authorization
Security and Usability
Authentication Risk Model

Accreditation

The MIDAS Alliance Accreditation Scheme is the sole scheme for the United Kingdom to assess organisations against the management and technical requirements of the British standards Institute (BSI) PAS499 “Digital Identification and Authentication”. 

Compliance certification to the scheme by accredited auditors demonstrates assurance that an organisation has understood and acted upon the security and risk management recommendations of PAS499.
Certifying to the MIDAS Alliance Scheme enables organisations to give confidence to all interested parties that the complete lifecycle of their handling of digital identity meets the PSD2 requirement of strong customer authentication.

Certification will be vital to any organisation that incorporates digital identification, validation, proofing or authentication, into their business model whether they are organisations that provide software or hardware solutions; provide digital id services; those that rely on products and outsourced services for their digital ID and authentication; and those that build and operate their entire digital identity ecosystem.
MIDAS Alliance are currently working with UKAS with a view to developing this into a UKAS accredited Certification Scheme.

Consulting

The MIDAS Alliance trains organisations to meet the requirements of its management and technical requirements of the MIDAS Alliance Accreditation Scheme. 

Benchmarking

The MIDAS Alliance will provide benchmarking for technology assessments in order to help organisations understand and compare suppliers against recognised industry standards
twitterlinkedincheckmark-circle