François Chung, Ph.D.

Tag: product development

Digital identity wallet

Digital identity wallet

Zetes project @Brussels, Belgium (2022). For many years, transactional and online services have relied on end users using devices such as desktop computers and laptops. Therefore, solutions for remote identity proofing and digital signatures have been designed to the characteristics of such devices. However, these devices are more and more replaced by mobile devices such as tablets and smartphones, which raises new challenges.

For example, smart cards and tokens, which are typically connected to desktop computers and laptops using USB devices, cannot be easily connected to smartphones, or cannot at all. Furthermore, given developments in cloud computing, solutions have emerged in the last few years where the process of digital signature creation is done in a distributed way by different systems that may be controlled by different actors.

This is why recent standards have introduced the concept of mobile identity (e.g. driving licence in association with a mobile device) and electronic signature created using a remote signature creation device (i.e. electronic signature device is replaced by cloud-based services offered and managed by a trusted service provider), which can be both made available to the end user through a digital identity wallet as a smartphone app.

The related standards are:

  • ISO/IEC 18013-5:2021 - Personal identification, ISO-compliant driving licence, Part 5: Mobile driving licence (mDL) application;
  • ETSI TS 119 432 - Electronic Signatures and Infrastructures (ESI), Protocols for remote digital signature creation;
  • CSC standard - Architectures and protocols for remote signature applications.

In this project, my tasks are first related to the analysis of these standards so as to investigate how they could be implemented in practice and what is their impact on the project scope. Then, my tasks are related to the analysis of business needs (whether internal or from the customer), software implementation (e.g. software releases and documentation) and project management (e.g. project coordination with the customer).

References

Identity proofing

Identity proofing

Zetes project @Brussels, Belgium (2021). Identity proofing consists in verifying for a given level of assurance that a person, who is claiming an identity, is indeed the correct person. This identity proofing process can be performed manually by a human operator, either on site (through physical presence) or online (remotely through videoconference), but also automatically (e.g. fully automated online or in a controlled environment).

At the European level, the European Telecommunications Standards Institute (ETSI) is working on technical specification ETSI TS 119 46 to lay the foundations on a new identity proofing standard, whose aim is to be applicable in areas such as the issuance of electronic identity (eID) and Know Your Customer (KYC) processes, with several person types considered: natural person, legal person, and natural person representing a legal person.

One of the objectives of this specification is to provide controls against two main identity proofing threats:

  • Falsified evidence: A person claims an incorrect identity using forged evidence;
  • Identity theft: A person uses valid evidence associated with another person.

Therefore, implementing identity proofing requires a risk-based and outcome-based approach where requirements can be tuned up to a desired level of assurance (i.e. degree of certainty) of the result, depending on the context (e.g. purpose of the identity proofing, regulatory environment, acceptable risk regarding the result of the process).

In this project, my tasks are related to the analysis of technical specification ETSI TS 119 46 so as to investigate what parts of the identity proofing process are already developed and available at Zetes (and therefore could be reused), how the missing parts can be implemented in practice and what are the possible impacts of the implementation on the existing products and solutions.

References

Project

Related articles

Learn more

ETSI - European Telecommunications Standards Institute

ITIL Foundation

ITIL Foundation

QRP International training, Belgium (2020). This online training introduces participants to the IT service management (ITSM) and prepares them for the ITIL Foundation exam. The training provides an understanding of the common language and key concepts of ITIL (Information Technology Infrastructure Library) and shows how ITSM professionals can improve their work and the work of their organisation thanks to the ITIL 4 guidance.

Module 1: Introduction

Main topics:

  • Guide for the ITIL Foundation exam;
  • ITIL repository and documents;
  • Successive versions of ITIL.

Module 2: Definitions and key concepts

Main topics:

  • Service management;
  • Provision of services;
  • Client, user and sponsor;
  • Services and products;
  • Offer of services;
  • Service relations;
  • Consumption of services;
  • Deliverables and results;
  • Utility and warranty.

Module 3: The 7 guiding principles of ITIL

Main topics:

  • Focus on value;
  • Start where you are;
  • Progress iteratively with feedback;
  • Collaborate and promote visibility;
  • Think and work holistically;
  • Keep it simple and practical;
  • Optimize and automate.

Module 4: The 4 dimensions of service management

Main topics:

  • Organizations and people;
  • Information and technology;
  • Partners and suppliers;
  • Value streams and processes.

Module 5: The service value chain

Main topics:

  • Plan;
  • Engage;
  • Design and transition;
  • Obtain and build;
  • Deliver and support;
  • Improve.

Module 6: General management practices

Main topics:

  • Continual improvement;
  • Information security management;
  • Relationship management;
  • Supplier management.

Module 7: Service management practices

Main topics:

  • Change control;
  • Incident management;
  • IT asset management;
  • Monitoring and event management;
  • Problem management;
  • Release management;
  • Service configuration management;
  • Service desk;
  • Service level management;
  • Service request management.

References

Training

Certification (PeopleCert)

Learn more

Data science specialization

Data science specialization

Coursera training, MOOC (2020). This specialization covers the concepts and tools needed throughout the entire data science pipeline, from asking the right kinds of questions to making inferences and publishing results. Topics covered include using R to clean, analyze, and visualize data, navigating the entire data science pipeline from data acquisition to publication, using GitHub to manage data science projects, and performing regression analysis, least squares and inference using regression models.

Course 1: Data scientist’s toolbox

Main topics:

  • Data science fundamentals;
  • R and Rstudio;
  • Version control and GitHub;
  • R Markdown, scientific thinking and big data.

Course 2: R programming

Main topics:

  • Background and getting started;
  • Programming with R;
  • Loop functions and debugging;
  • Simulation and code profiling.

Course 3: Getting and cleaning data

Main topics:

  • Finding data and reading different file types;
  • Data storage systems;
  • Organizing, merging and managing data;
  • Text and data manipulation in R.

Course 4: Exploratory data analysis

Main topics:

  • Analytic graphics and base plotting in R;
  • Lattice and ggplot2;
  • Data dimension reduction;
  • Cluster analysis techniques.

Course 5: Reproducible research

Main topics:

  • Concepts, ideas and structure;
  • Markdown and knitr;
  • Reproducible research checklist;
  • Evidence-based data analysis.

Course 6: Statistical inference

Main topics:

  • Probability and expected values;
  • Variability, distribution and asymptote;
  • Intervals, testing and p-value;
  • Power, bootstrapping and permutation tests.

Course 7: Regression models

Main topics:

  • Least squares and linear regression;
  • Linear and multivariate regression;
  • Residuals and diagnostics;
  • Logistic and Poisson regression.

Course 8: Practical machine learning

Main topics:

  • Prediction, errors and cross validation;
  • Caret package;
  • Decision trees and random forests;
  • Regularized regression and combining predictors.

Course 9: Developing data products

Main topics:

  • Shiny, GoogleVis and Plotly;
  • R Markdown and Leaflet;
  • R Pakages and Swirl.

References

Related articles

ODSC APAC Conference 2023 (ODSC conference)
Spark fundamentals (Cognitive Class training)
Hadoop fundamentals (Cognitive Class training)
AWS: foundations and machine learning (AWS training)

Learn more

CBK software

CBK software

FIS project @Brussels, Belgium (2017). CBK is a chargeback processing software provided by FIS, which resolves disputed transactions while minimizing fraud loss. CBK is implemented at major banks and card processing centers, offers one single interface to cover all types of exception processing problems, cutting down operational costs, ensuring real financial control and relieving users from repetitive and highly time-consuming tasks to focus on decision making.

Key benefits of CBK are:

  • One single solution for both issuer and acquirer exception processing;
  • Support of the whole chargeback cycle (e.g. retrieval requests and miscellaneous);
  • Easy direct access to the original transactions;
  • Easy user interface to all data (e.g. clearing items);
  • Fast and easy generation of reports and statistics.

More precisely, some of the main features of CBK include:

  • International, domestic and on-us dispute management;
  • Multi-currency, multi-bank and multi-platform solution;
  • Fraud reporting and deadline control;
  • EMV compliance and clearing rule validation;
  • Interfaces to card, merchant and document management systems;
  • Interfaces to accounting systems;
  • Business rule automation;
  • Modular architecture and open database system.

Within the CBK team, my tasks are related to business analysis (e.g. product presentation and meeting the client to discuss its business needs), software implementation (e.g. configuration of the solution within the client’s environment and post project support) and project management (e.g. project coordination during the software implementation phase).

References

Related article

Learn more

FIS – Fidelity National Information Services Inc.