The idea for a British standard began in the spring of 2015. It became clear to a number of people who were involved within a range of different industries that no-one understood what all of the different regulations really meant to them as they appeared to contradict each other. How was an organisation supposed to know which regulations was the correct one to follow and if it failed to meet the requirements of one standard how would that affect their standing with the regulator of the standard that was not adhere to? The completely unsatisfactory resolution was that the standard to follow was the one that was going to fine you the most.
So in the spring of 2015 three organisations who were involved in trying to solve this conundrum, Experian, FICO and Facebanx decided that it would be a good idea to approach the British Standards Institute with a proposition to see if it would be possible to get the companies from a number of disparate industries to work together to develop a management standard that would resolve the conflicting issues of contradictory standards.
The British Standards Institute (BSI) was very welcoming to the idea and agreed to a meeting whereby the terms of the requirements to create a standard were outlines, its costs and the role of the Steering group in helping to develop it. The BSI have a very strict set of rules that were clearly established at this meeting in order for a standard to be created.
It became clear that what was required was for an organisation to be created that would be a conduit for information for organisations who wanted to help solve the question of what would satisfy all of the regulators that would be overseeing the standards.
It became clear very early on in both discussions with the BSI and industry representatives that there was a need to develop a standard that helped with defining digital Identity and authentication.
The MIDAS Alliance was the organisation that was created in order to be the focal point for defining such a standard with the help of many members from different organisations but also was the lead author of the standard.
The first public meetings took place throughout 2015 and these events were very well attended, there was obviously a need for an easy to understand standard that would help organisations understand what was required for Digital Identification and authentication.
It was not until May 2016 that the BSI agreed to create a standard that was given a working title of “Enhanced Identity and authentication online” and the number PAS499. The number 499 was chosen as in Latin it is ID.
A steering group was formed to help define the outline of the standard (the scope) which was made up of representatives from the Government, Retail banks, Investment banks, Data providers, Privacy groups, Technology providers, and Retailers.
The first meeting of the steering group took place in September 2016 where the definition of what the standard would like was discussed. It soon became apparent that the title would have to change and it was quickly amended to “Digital identification and authentication”. The full definition of the scope can be read HERE.
Once news of the standard became widely known, a number of different organisations asked if it could cover additional issues relating to KYC and AML. The standard has therefore become more expansive as these relationships developed. During 2017 there will be a number of significant developments culminating later in the year in a finished standard that will be publicly available.