Decentralised Identity - 'corporate' survey of technology

Kuppinger Cole is a consultancy with a good reputation in the field of security, corporate identity and access management (IAM). They are up there alongside IAM specialists like Dave Birch and Consult Hyperion.

They have just released a report on ‘corporate’ decentralized ID solutions…

Full report here:

Personal View:

In the KC report, the whole idea of ‘corporate decentralised identity’ is a little bit self-contradictory. (If you are a strong, centralised corporate, why bother with a decentralised ID solution when it is easier to impose and implement a traditional centralised ID solution?) Having said that, if you are a less dominant corporate (or a ‘corporate co-op’) trying to extend its reach to the customer base of another co-op and vice-versa, mutually, you might both agree to implement a ‘decentralised’ id service supported by a trusted third party as a common ‘neutral and trusted’ solution.


The report does contain a useful comparative 'capabilities and feature list and a use-case checklist which we might also use (with acknowledgement, of course :slight_smile: )as a way to refine and categorise part of our own cooperative ‘corporate’ offer in decentralised identity.

The use cases they are thinking about are different, but have some parallels with possible co-operative use cases:

When they boil this down to more generalised identity use cases, they come up with four:

  • Universal ID – the creation of a large-scale digital identity management system that connects
    individual identity holders with enterprises across multiple industries to facilitate the verification and
    exchange of identity credentials.
  • New Customer Onboarding – enables enterprises to quickly onboard new users by accepting the
    identities verified by other entities, eliminating username, password, and sign-up forms.
  • SCA – provides Strong Customer Authentication for enterprises without the need for passwords.
    Blockchain-enabled SCA solutions typically involve a combination of biometric, username, QR code,
    and/or verified and encrypted credentials attested on the blockchain. This is sometimes referred to
    as a single-sign-on product.
  • Reusable KYC – equips an enterprise to verify that a user’s stated identity is correct by allowing the
    user to share previously verified identity credentials with the enterprise in question.

…sounds pretty familiar :slight_smile: They call these ‘subsegments’ (I don’t think these are really much to do with customer ‘segmentation’… I’d call them big ‘Epics’ if we were in the world of Agile)

However there is a nice set of tables in the report used as their glossary and benchmark for the study and this makes for a good checklist of features… mainly to help refine our needs / problem statements.

In due course we could also use these and self-score our own co-op creds initial solution / service offer and do some gap analysis work?

Lastly, I don’t take much heed of the scoring, because in the complex world of IAM ecosystems, I don’t think there is ever a ‘silver bullet’ simplistic winner. However, there are some interesting new entrants in here, like 1Kosmos who I hadn’t heard of, and need to look at… must keep up!

Nick, thanks for this. I have not managed to read through it yet, but I managed to download the 2022 version of this KuppingerCole report from the 1Kosmos site and have posted here:

Look forward to continued discussion on this topic and, yes - at least judging from the 2020 report - the 1Kosmos approach is worth knowing more about.