Following approval in late 2025, five new Groups officially launched between January and March 2026. Each addresses a priority area within digital identity:
Trusted Transaction Assurance Work Group (Trusted Transaction)
Bridging the gap between identity proofing and authorization, this group is developing frameworks that bind verified digital identities to legally significant actions — such as signing a mortgage, granting durable consent for care, or approving a wire transfer. It also aims to reduce market confusion around certifications and ease component integration for Credential Service Providers. The group is currently meeting regularly to develop its preliminary work plan.
Digital Identity Risk Universe Discussion Group (DIRU)
Already delivering: the DIRU DG has published a major community resource — the Digital Identity Risk Universe – 2026 and an accompanying methodology report, both freely available to the public. See the Publication section below for details. (Note: John is also exploring a video walkthrough of the Risk Universe as a marketing asset.)
Shadow AI in the Workplace Discussion Group (Shadow AI)
The rapid adoption of generative AI tools — ChatGPT, GitHub Copilot, and others — without IT approval creates real enterprise risk. Chartered in November 2025, this group has moved quickly: it has developed a preliminary outline and is now actively drafting its report, which will map causes, implications, and practical countermeasures, with a particular focus on identity-rooted detection and response.
Blinding Identity Taxonomy Discussion Group (BIT)
The BIT DG evolves and maintains a taxonomy for identifying and managing PII and quasi-identifiable information (QII) — supporting privacy-preserving data handling and enabling use cases such as filtering data unsuitable for AI training. The group is well into active development: a draft BIT Report 2.0 is already under review, with regular meetings focused on expanding and refining the taxonomy.
Biometric Data Discussion Group (Biometrics/BDDG)
Addressing the management, security, and privacy of biometric data from collection to destruction, this group will produce practical recommendations and best practices that translate complex existing standards into accessible, real-world guidance — with a focus on GDPR compliance. The group has developed a preliminary outline and is actively expanding its work plan.
To participate in any of Kantara’s Groups, complete Kantara's Group Participation Agreement (GPA). |