Features & Benefits
The e-ntitle.® business process is ‘data protection by design and by default’ which has become an actual legal requirement under GDPR (Article 25). e-ntitle.® implements the fundamental data protection principles on behalf of organisations in their roles as Identity Controllers and Identity Processors and safeguards the rights of the Identity Owner regarding the processing of their personal and professional identity data (PPID). This is privacy and data protection compliance by design from the outset rather than any bolt-on after-thought. The benefits and key features of e-ntitle.® demonstrate accountability for Identity Controllers and Identity Processors and delivers transparency about PPID processing activity to Identity Owners. Key features of e-ntitle.® include:
- The purpose of e-ntitle.® is to establish genuine online identity and an electronic signature for a person (Identity Owner).
- Regulatory compliance is automatic by virtue of executing the e-ntitle.® business process design.
- e-ntitle.® requires explicit consent from the real Identity Owner as the lawful basis to process their PPID.
- e-ntitle.® is designed as an Identity Management as a Service (IdMaaS) architecture that supports a pay per use business model. Organisations are not required to budget for high capital expenditures to use the service.
- The business process implements effective measures to control and protect PPID using established technical standards so that integration within organisations’ existing technology infrastructure is not a barrier to deployment.
- The Identity Owner is always in control and presents their identity attestations (PPID) in their possession. This efficiency requires as little as 10 to 15 minutes to claim and establish genuine ownership of identity attributes.
- e-ntitle.® uses the Four Eyes Principle as an internal control to support the Identity Processor in the proper identification of persons when corroborating identity claims and attestations.
- All identity ‘Levels of Assurance’ (LoA) about PPID are supported, from ‘balance of probability’, ‘substantial assurance’ to ‘beyond reasonable doubt’ which is a critical flexibility for Identity Controllers and considers the availability of relevant social biographical PPID that varies in different contexts.
- The Identity Owner has the option of sole-control of their electronic signature which can be relied on. This is critical to legal non-repudiation and enables e-signing high value transactions.
- The Identity Controller and the Identity Owner have lifecycle control over the validity period of PPID and any associated electronic signature e.g. revocation and renewal.
- e-ntitle.® provides a secure online self-service to Identity Owners so they have full visibility of their stored and processed PPID – fulfilling a data protection ‘subject access request’ is a cost and can be resource and time consuming for Identity Processors.
- Some organisations as Identity Controllers have obligations under Freedom of Information legislation (FOIA). e-ntitle.® provides a secure online self-service to Identity Owners who make an FOIA request – fulfilling an FOIA request is a cost and can be resource and time consuming for Identity Controllers and Processors.
- The genuine Identity Owner has control of a valuable new asset – their online identity store.
The processing of our personal and professional data, including identity data, has become heavily regulated. Identity Owners are actively seeking full transparency over such processing activity and the new focus on both Controllers and Processors of PPID is accountability for processing activity. e-ntitle.® is strategically significant to organisations who can now separate the lifecycle management of PPID ( as a utility like self-service) from all other normal, business as usual, information processing and therefore minimise the burden and impact of compliance and assign more responsibility, such as data accuracy and integrity, to the Identity Owners – shared liability. Our professional services team can help with organisational preparedness in advance of adopting a new, more efficient and compliant approach to processing PPID.
