1. 1 How Serious Are Financial Institutions About Electronic Identity? -- for -- Educause Policy 2005 Conference Jim Gross Wells Fargo April 7, 2005

2. 2 The Online Trusted Identity Ecology Financial Institutions: Lookin’ Cool While Not Talking To Each Other The Business Solution Providers: Elegant, Stiff and High Maintenance Subscribing & Relying Parties: How Loud Do We Have To Scream?

3. 3 Why Should Trusted Identity Services Matter to Financial Institutions? Identity authentication lies at the core of existing financial services products  Its use can be leveraged beyond payments/credit authentication Financial Institutions own 3 powerful assets:  Trust  A pre-authenticated customer base comprised of 90% + of the US population  Strong KYC leading to strongly authenticated identities Financial Institutions can leverage these assets to protect their customers’ identities (and their own)  Other institutions/businesses, knowing the value of these assets, will (already) leverage them for their own purposes

4. 4 Financial Institutions As Authenticators Attribute  Strong  Mixed  Weak ConsumerThe RelationshipThe Authenticator Broad customer base Long term relationship Frequent use of credential Trusted entity? Strong registration process? Current Authenticators – with large bases of authenticated customer relationships Financial Institutions  ISP’s and Telco’s  Employers  Schools  Merchants & Service Providers  Future Authenticators – could have large bases of authenticated customer relationships Governments  Private ID Providers  Chart courtesy of Glenbrook Partners

5. 5 Phishing, Spoofing and “Identity Theft” Are Top of Mind Actual loss experience suggests there’s not much of a problem Marketers are concerned about Reputation Risk Regulators want to “fix” something Most vendors are perceived as driving “the hysteria” These concerns have driven FSTC, BITS, Nacha and other banking industry associations to sponsor more “authentication” task forces and events

6. 6 Identity Services Are Not Generally Managed As a Business Default approach: manage risk, contain losses Potential customers/partners don’t associate bank brand with trusted identity But, some customers/partners are beginning to ask for trusted identity services  GSA eAuthentication Program  Biopharmaceuticals via SAFE program  A digital identity consortium exists for strong authentication via Identrus

7. 7 The 3 Big Issues Lack of solid initial identity proofing source documents – will Financial Institutions be asked to assume ultimate responsibility/liability? Managing liability in an increasingly federated identity world Achieving alignment behind common architecture, rules/policies and compliance  EAP has strong Financial Services participation

8. 8 Contact Information Jim Gross Vice President, eBusiness Leader Wells Fargo One Front Street, MAC A0195-204 San Francisco, CA 94132 v: 415-222-5007 f: 415-788-3039 jgross@wellsfargo.com