1 00:00:09,700 --> 00:00:13,000 You're listening to the identity of the center podcast, this is 2 00:00:13,000 --> 00:00:15,600 the show that talks about identity and access management 3 00:00:15,700 --> 00:00:18,600 and making sure you know who has access to what let's get 4 00:00:18,600 --> 00:00:27,400 started. Welcome to the identity of the 5 00:00:27,407 --> 00:00:29,300 sender podcast, I'm Jeff. And that's Jim. 6 00:00:29,300 --> 00:00:33,200 Hey, Jim hey, Jeff, how are you? Oh, not so bad yourself. 7 00:00:34,000 --> 00:00:35,300 I'm good. I'm conserving. 8 00:00:35,300 --> 00:00:39,200 My guess the little that I have left and driving my guest house 9 00:00:39,200 --> 00:00:42,700 or car when I'm not conserving gas. 10 00:00:42,700 --> 00:00:47,300 But, you know, I'm living in the southeastern United States where 11 00:00:48,000 --> 00:00:52,400 our gas supply has been affected by two things. 12 00:00:52,400 --> 00:00:57,200 One is a cybersecurity attack that Happened on the pipeline, 13 00:00:57,200 --> 00:00:59,700 that fuels a lot of the southeast. 14 00:00:59,800 --> 00:01:02,500 And the second is by Panic, buying, everybody rushing out 15 00:01:02,500 --> 00:01:06,200 the fill up their tank, all in the same day and it's the same 16 00:01:06,200 --> 00:01:09,100 thing that happened, you know, right after covid, where 17 00:01:09,100 --> 00:01:11,900 everybody had to rush out and buy toilet, paper of all things. 18 00:01:12,100 --> 00:01:14,600 Yeah, I think I saw a picture of you filling gas tanks and 19 00:01:14,600 --> 00:01:17,500 putting them into the trunk of a car or something like that. 20 00:01:17,500 --> 00:01:20,000 Maybe make a few extra bucks on the side here. 21 00:01:20,000 --> 00:01:22,800 The Good Ol American Way. Yay, capitalism that sort of 22 00:01:22,800 --> 00:01:24,700 thing. Yeah, we all knew. 23 00:01:24,800 --> 00:01:27,800 Bunker, right? So it's interesting you bring up 24 00:01:27,800 --> 00:01:31,500 the pipeline thing. So the latest that we have as of 25 00:01:31,700 --> 00:01:35,500 Wednesday, May 12th on recording this and this will go out into 26 00:01:35,700 --> 00:01:38,000 the internet and all of our listeners on the following 27 00:01:38,000 --> 00:01:44,500 Monday. 17th is that it's is that the pipeline hack may have 28 00:01:44,500 --> 00:01:48,400 come from The Exchange vulnerabilities that were widely 29 00:01:48,400 --> 00:01:50,900 touted a couple months ago. I think it was back in March or 30 00:01:50,900 --> 00:01:54,300 whatever means and yet again you know patching didn't get in 31 00:01:54,300 --> 00:01:56,700 place. And wasn't remediated and your, 32 00:01:56,700 --> 00:01:59,100 we are having another ransomware story and now we're seeing 33 00:01:59,100 --> 00:02:01,400 prices gas, go up because of that. 34 00:02:01,400 --> 00:02:03,500 But also because of, you know, the economy, I think starting to 35 00:02:03,500 --> 00:02:04,900 open up a little bit here in the US. 36 00:02:04,900 --> 00:02:08,500 So, I guess keep those systems patched. 37 00:02:08,800 --> 00:02:11,900 Well, I think, you know, a lot of the, a lot of these 38 00:02:11,900 --> 00:02:15,100 ransomware attacks are, you know, eventually boiled down to 39 00:02:15,100 --> 00:02:19,000 basic blocking and tackling we talked to dr. 40 00:02:19,000 --> 00:02:23,100 Jason Cunningham on the show, a few months back and you know he 41 00:02:23,100 --> 00:02:24,700 mentioned that these types of attacks. 42 00:02:24,800 --> 00:02:28,500 Or moving Downstream, not that utilities. 43 00:02:28,500 --> 00:02:31,400 And and kind of core infrastructure is that far 44 00:02:31,400 --> 00:02:35,000 Downstream but they're going from government agencies and 45 00:02:35,000 --> 00:02:38,700 Banks down to, you know, kind of companies that haven't seen 46 00:02:38,700 --> 00:02:41,200 themselves as Prime Targets in the past. 47 00:02:41,200 --> 00:02:45,300 But I think what you and I have seen with a lot of organizations 48 00:02:45,300 --> 00:02:49,200 we work with is that they're understaffed. 49 00:02:49,300 --> 00:02:52,500 And you've got a lot of, you know, not enough people running 50 00:02:52,500 --> 00:02:56,100 around trying to keep up and They're doing yeoman's work and 51 00:02:56,100 --> 00:03:01,300 there I am here as but if they don't have the tools like MFA 52 00:03:01,300 --> 00:03:07,200 everywhere, there's only so much that they can do and so run into 53 00:03:07,200 --> 00:03:10,700 these kind of situations where nobody wants to end up on the 54 00:03:11,000 --> 00:03:14,100 front page of the newspaper, but I certainly what's happening. 55 00:03:14,200 --> 00:03:15,800 Yeah. I mean, job security, I guess, 56 00:03:15,800 --> 00:03:18,600 right? Human error gets involved and 57 00:03:18,600 --> 00:03:20,800 people start to, you know, fall behind. 58 00:03:20,800 --> 00:03:23,200 I think, you know, one thing that we see a lot, right is 59 00:03:23,200 --> 00:03:26,800 underfunded. Man, they're understaffed teams 60 00:03:27,500 --> 00:03:31,200 really doing heroic effort to keep organizations as best of 61 00:03:31,200 --> 00:03:32,400 the camp, but the can't do it. All right? 62 00:03:32,400 --> 00:03:34,900 And they can't do it forever. So something is certainly 63 00:03:34,900 --> 00:03:37,300 consider. Yeah, well, hey we, you know, 64 00:03:37,300 --> 00:03:40,400 we've been talking a lot about that. 65 00:03:40,400 --> 00:03:45,400 By the end of this year, we're hoping to be able to do some 66 00:03:45,400 --> 00:03:48,600 business travel again. It's there's nothing like a year 67 00:03:48,600 --> 00:03:52,900 of no business travel to make you miss business travel, but I 68 00:03:52,908 --> 00:03:56,400 think you'd agree that probably the Favorite business travel is 69 00:03:56,400 --> 00:04:00,900 conferences because we get to see and interact with people in 70 00:04:00,900 --> 00:04:03,700 our industry. Hopefully, when this starts up 71 00:04:03,700 --> 00:04:06,300 again, we'll get to meet a lot of the folks who listen to the 72 00:04:06,300 --> 00:04:10,100 podcast, but I had an interesting story and that our 73 00:04:10,100 --> 00:04:14,400 guest today is somebody that I met at a conference that 74 00:04:14,500 --> 00:04:17,899 actually had a couple of forgerock conferences that I can 75 00:04:17,899 --> 00:04:19,800 recall. One of the cool things about 76 00:04:19,800 --> 00:04:25,000 forgerock was especially in the early days was you know, the Of 77 00:04:25,000 --> 00:04:29,100 some of their conferences. And a lot of times, the two that 78 00:04:29,100 --> 00:04:31,700 I'm thinking of we're in California, which is such a 79 00:04:31,700 --> 00:04:37,000 beautiful state but the Asilomar Conference Center it was like 80 00:04:38,700 --> 00:04:42,200 Pine Forest right on the woods and our I'm sorry right on the 81 00:04:42,200 --> 00:04:46,000 beach and it was such a cool place to be and the other was at 82 00:04:46,000 --> 00:04:52,200 the Ritz-Carlton a Half Moon Bay and the Bay Area and wow I mean 83 00:04:52,600 --> 00:04:56,300 couldn't pick a better place to To go for a work trip. 84 00:04:56,500 --> 00:04:57,900 Yeah. I always enjoy going west for 85 00:04:57,900 --> 00:05:00,200 that for conferences. I'm a California guy. 86 00:05:00,200 --> 00:05:03,000 So I like it. So speaking of our guests, why 87 00:05:03,008 --> 00:05:05,900 don't we go ahead and introduce Nathan coughing? 88 00:05:05,900 --> 00:05:08,600 He is the head of strategy at Cloud entity. 89 00:05:08,900 --> 00:05:11,200 Welcome, Nathan to the show. Thanks for joining us. 90 00:05:11,500 --> 00:05:13,900 Thanks for having me really, really glad to be here and 91 00:05:13,900 --> 00:05:15,600 thanks for going to the Wayback machine. 92 00:05:16,300 --> 00:05:18,300 There's, those are wonderful conferences, both from a 93 00:05:18,400 --> 00:05:21,400 technical point of view as well as you know, the atmosphere 94 00:05:21,600 --> 00:05:24,400 absolutely phenomenal for idea sharing and kind of growing in 95 00:05:24,400 --> 00:05:27,300 the The I am space. Yeah it's a lot of fun to kind 96 00:05:27,300 --> 00:05:30,600 of interact with folks. I do miss the conference thing. 97 00:05:30,600 --> 00:05:34,300 You know, I never thought I would say this is I miss being 98 00:05:34,300 --> 00:05:37,900 in the line to get on to a United flight scrambling with 99 00:05:37,900 --> 00:05:41,100 the, you know, 200 other people trying to fight for overhead 100 00:05:41,100 --> 00:05:43,400 space or under, you know under seat space, you know whatever, 101 00:05:43,400 --> 00:05:47,000 maybe so maybe it's some point here in a future that will 102 00:05:47,000 --> 00:05:49,600 resume, I know we're going to talk a little bit today about 103 00:05:49,600 --> 00:05:54,500 open Banking and how that has started to I guess we'll open 104 00:05:54,500 --> 00:05:56,100 up. Up right, for organizations, 105 00:05:56,100 --> 00:05:59,300 start, taking advantage of. But before we get to that, I 106 00:05:59,300 --> 00:06:01,900 think would be helpful for the folks who are listening to a 107 00:06:01,900 --> 00:06:05,600 kind of understands you know, your journey, you've known Jim 108 00:06:05,600 --> 00:06:09,600 for a long time and in Prior roles and sort of, you know, the 109 00:06:09,600 --> 00:06:11,100 the maturation of your own career. 110 00:06:11,100 --> 00:06:14,400 But how did you get into the? I am space. 111 00:06:14,700 --> 00:06:18,400 Is it something that you chose or did you choose it or well, we 112 00:06:18,400 --> 00:06:22,000 gotta go in the way, way back machine back to the Netscape, I 113 00:06:22,000 --> 00:06:26,500 Planet days where I was actually At Boeing working just in cyber 114 00:06:26,500 --> 00:06:31,300 side building you know some of the initial firewalls and then 115 00:06:31,700 --> 00:06:34,000 son chose me somehow. I'm not sure how they got my 116 00:06:34,000 --> 00:06:36,000 number. But apparently there was there 117 00:06:36,000 --> 00:06:38,600 was Data sharing back then that required some type of consent, 118 00:06:38,600 --> 00:06:42,300 right? And I got recruited into the eye 119 00:06:42,300 --> 00:06:45,300 planet Sun Alliance or the AOL Sun Alliance. 120 00:06:45,700 --> 00:06:48,500 And then from there just kind of continued both in the identity 121 00:06:48,500 --> 00:06:52,600 space as well as the cyberspace. So it's been about 15 years 122 00:06:52,600 --> 00:06:54,500 doing just identity and then hop back. 123 00:06:54,700 --> 00:06:56,900 Over to the Cyber side. Because maybe one of the are 124 00:06:56,900 --> 00:06:58,900 joining, as one of the first couple dozen employees, at 125 00:06:58,900 --> 00:07:04,900 imperva back in 17, 2008, 2009, and then release all kind of 126 00:07:04,900 --> 00:07:07,600 this inculcation. This need to bring cyber 127 00:07:07,900 --> 00:07:10,000 together with identity. I think that's one of the core 128 00:07:10,000 --> 00:07:12,600 tenets of the podcast, right? It's identities at the center. 129 00:07:12,900 --> 00:07:15,600 Whether that's the center of your application security or the 130 00:07:15,600 --> 00:07:18,800 center of your user security unit becomes a fundamental part 131 00:07:18,800 --> 00:07:21,000 to building out your next generation of applications. 132 00:07:21,200 --> 00:07:23,900 Sorry to give you to give you a plug guys, but it's too easy, 133 00:07:23,900 --> 00:07:26,200 right? Definitely love that. 134 00:07:26,200 --> 00:07:29,700 I always love hearing somebody about somebody's journey in this 135 00:07:29,700 --> 00:07:34,200 industry because usually they started off somewhere. 136 00:07:34,200 --> 00:07:36,700 Like I don't want to say the bottom, right, but they started 137 00:07:36,700 --> 00:07:41,300 out somewhere in kind of the guts of the machine that you 138 00:07:41,300 --> 00:07:45,400 started off with the Netscape directory, which of course, this 139 00:07:45,400 --> 00:07:49,000 kind of like core functionality, but as you know, more or less 140 00:07:49,000 --> 00:07:53,300 than the back office and now you said your Chief strategy officer 141 00:07:53,600 --> 00:07:58,800 at Cloud identity. I'm sorry Cloud density and I'm 142 00:07:58,800 --> 00:08:01,000 wondering if you could tell us a little bit about that role. 143 00:08:01,300 --> 00:08:05,100 Yeah, so I think I alluded to it right in that previous 144 00:08:05,600 --> 00:08:07,900 monologue. But you know what we've done is 145 00:08:07,900 --> 00:08:12,800 we've looked to bring Dynamic authorization and when I mean 146 00:08:12,800 --> 00:08:15,700 when I say that is bring in a lot more context right now, can 147 00:08:15,700 --> 00:08:19,600 be cyber context, it could be consent context and push it all 148 00:08:19,600 --> 00:08:21,000 the way out to the edge of the service. 149 00:08:21,700 --> 00:08:23,800 And so we started like thinking, how can we start building 150 00:08:23,800 --> 00:08:26,900 product around this? Looking at microservices, you 151 00:08:26,900 --> 00:08:32,100 know, API light infrastructure back in 2015, 2016 and then sort 152 00:08:32,100 --> 00:08:33,900 of rolling, you know, Intelligence on top of it and 153 00:08:33,900 --> 00:08:37,100 machine learning is much better descriptor than AI, but I know 154 00:08:37,100 --> 00:08:39,600 AI is nowhere more in Vogue to use those words these days. 155 00:08:41,299 --> 00:08:43,100 So, what we started, building all these pulling these 156 00:08:43,100 --> 00:08:44,400 different pieces together, right? 157 00:08:44,400 --> 00:08:48,300 Making sure that we could have adequate data sets, adequate 158 00:08:48,300 --> 00:08:51,600 rules and adequate policy decision points at the edge of 159 00:08:51,608 --> 00:08:54,600 the service and you know as we've built that you know 160 00:08:54,600 --> 00:08:57,200 started Getting Believers both in the marketplace, right? 161 00:08:57,200 --> 00:08:59,300 Meaning some early adopters of our technology, as well as 162 00:08:59,300 --> 00:09:02,900 Believers in the, in the VC Marketplace and can Under 12 163 00:09:02,900 --> 00:09:05,300 first round of funding last year, as part of that. 164 00:09:05,300 --> 00:09:08,200 You know, I kind of shifted out of the the sheer Tech point of 165 00:09:08,208 --> 00:09:11,200 view and really moved into, you know, how can we lead the team, 166 00:09:11,200 --> 00:09:13,900 how can we start building a bigger broader team and we've 167 00:09:13,900 --> 00:09:16,200 been able to bring in some incredible Talent, both from 168 00:09:16,200 --> 00:09:19,500 people running in the Olaf circles as well as other I am 169 00:09:19,500 --> 00:09:22,400 platforms. So Nathaniel I was kind of 170 00:09:22,400 --> 00:09:29,300 wondering You go to a prospect, is this something they've sought 171 00:09:29,300 --> 00:09:30,900 you out? Because they understand your 172 00:09:30,900 --> 00:09:35,400 technology are usually going through education process. 173 00:09:35,600 --> 00:09:38,300 So I'd say that's actually really transitioning over the 174 00:09:38,300 --> 00:09:43,200 last three to six months, right? So part of its due to covid, you 175 00:09:43,200 --> 00:09:45,100 know, part of its due to the adoption of distributed 176 00:09:45,100 --> 00:09:47,800 services, but what we're seeing is that, you know, as people 177 00:09:47,800 --> 00:09:50,000 move into the next generation of services and whether that's a 178 00:09:50,000 --> 00:09:53,900 kubernetes, or a service mesh or functions, they have no idea how 179 00:09:53,900 --> 00:09:56,400 to bring identity. He constructs into that much 180 00:09:56,400 --> 00:09:59,400 less cyber constructs, and one of the big goals as your 181 00:09:59,400 --> 00:10:01,600 building, you know, this next Generation services to make them 182 00:10:01,600 --> 00:10:04,100 immutable, right? So how can I externalize 183 00:10:04,100 --> 00:10:06,500 identity, authorization and privacy? 184 00:10:07,300 --> 00:10:09,200 Make that incredibly easy for my developers. 185 00:10:10,000 --> 00:10:12,700 So anytime I bring in a new service it's protected by a 186 00:10:12,708 --> 00:10:15,200 default set of rules. So if we think about like 187 00:10:15,200 --> 00:10:17,600 identity for the last 2,000 years, right? 188 00:10:17,600 --> 00:10:20,000 What's been the hard part? It's always been onboarding 189 00:10:20,000 --> 00:10:23,600 applications bar not and now you're starting to have the 190 00:10:23,600 --> 00:10:25,800 capabilities to Get on board, right? 191 00:10:25,800 --> 00:10:28,500 Make it very very seamless, like an onboard 10,000 services in a 192 00:10:28,508 --> 00:10:32,000 matter of minutes, so long as their next Generation services 193 00:10:32,000 --> 00:10:35,100 that our API driven. So you're able to really start 194 00:10:35,100 --> 00:10:38,100 driving Innovation forward and instead of becoming this kind of 195 00:10:38,100 --> 00:10:40,400 tax it happens. After the fact, you're able to 196 00:10:40,400 --> 00:10:42,400 lead the digital transformation by saying, I'm going to make 197 00:10:42,400 --> 00:10:44,800 these parts easy for you and we can we talk about that from a 198 00:10:44,808 --> 00:10:47,700 customer perspective. Now, the reason that we have 199 00:10:47,700 --> 00:10:50,100 open banking like at the center of the discussion is, because 200 00:10:50,100 --> 00:10:53,500 that's really one of the first mandated and Regulatory 201 00:10:53,500 --> 00:10:56,800 regulated areas where a Apis have to be, you know, the center 202 00:10:57,300 --> 00:11:01,900 meaning, the first, you know, real API Centric transaction 203 00:11:01,900 --> 00:11:04,400 requirements coming from, you know, Federal bodies or 204 00:11:04,500 --> 00:11:07,100 government regulatory bodies depending upon the the 205 00:11:07,100 --> 00:11:09,400 nationality. So we talk about open banking 206 00:11:09,400 --> 00:11:12,900 here a little bit. I guess, why don't we start with 207 00:11:13,200 --> 00:11:15,900 what is open banking? Because I think people may be 208 00:11:15,900 --> 00:11:18,000 using it and they don't maybe even know it, right? 209 00:11:18,000 --> 00:11:21,100 If I think of services may be something like plaid or you're 210 00:11:21,100 --> 00:11:24,700 connecting different Financial Services together or I think you 211 00:11:24,700 --> 00:11:26,400 do. Into personal Capital, you know, 212 00:11:26,400 --> 00:11:29,400 there's a bunch of these out there that lets you interface 213 00:11:29,400 --> 00:11:34,700 and pool financial data, right into third-party apps that 214 00:11:34,700 --> 00:11:38,000 aren't necessarily owned by the financial institution themself. 215 00:11:38,500 --> 00:11:40,100 Is that a good explanation of it? 216 00:11:40,100 --> 00:11:42,600 Or is there is there more to it? You're hitting on the core 217 00:11:42,600 --> 00:11:44,400 tenets, right? And it's really about the 218 00:11:44,400 --> 00:11:46,900 democratization of banking, right? 219 00:11:46,900 --> 00:11:48,700 So I can build, I won't be a build a bank. 220 00:11:48,700 --> 00:11:51,800 I'll be able to build a service that can consume Bank data and 221 00:11:51,800 --> 00:11:55,500 then the second aspect of it is the utilization of Of privacy 222 00:11:55,500 --> 00:11:58,500 and consent, right? So I've seen gdpr CCPA, things 223 00:11:58,500 --> 00:12:02,500 of that nature, kind of bubble down on a larger industry basis. 224 00:12:02,700 --> 00:12:04,900 But then open bank has been very, very explicit in the 225 00:12:04,900 --> 00:12:06,500 flows. Here's where I need to consent 226 00:12:06,500 --> 00:12:07,900 to what? Here's how fine grain that 227 00:12:07,900 --> 00:12:11,100 consent to be that consent should be and we're also seeing 228 00:12:11,100 --> 00:12:14,300 that start to now percolate into some of the different standards 229 00:12:14,300 --> 00:12:14,900 bodies. Right. 230 00:12:14,900 --> 00:12:20,500 So, you know, we've seen just in the last six to seven months, is 231 00:12:20,600 --> 00:12:24,000 a Grant Management standard pop into the oauth into the or 232 00:12:24,000 --> 00:12:26,200 standards bodies. And that's becoming increasingly 233 00:12:26,200 --> 00:12:29,800 important because everybody, you know, every user now once to 234 00:12:29,800 --> 00:12:32,000 understand where their data goes are tired of seeing, you know, 235 00:12:32,000 --> 00:12:34,800 the Facebook, Cambridge analytical, if you know examples 236 00:12:34,800 --> 00:12:37,600 or the experience data breach that just happened, you know, 237 00:12:37,800 --> 00:12:39,500 last week or the week before last. 238 00:12:39,500 --> 00:12:41,900 I'm sorry. You know where highly insecure 239 00:12:41,900 --> 00:12:45,100 API. No authentication right? 240 00:12:45,100 --> 00:12:46,900 For user, or for another service? 241 00:12:47,300 --> 00:12:49,400 No authorization. And the only constructs 242 00:12:49,400 --> 00:12:52,200 protecting it was public data. Meaning my birthday. 243 00:12:52,200 --> 00:12:53,300 I'm sorry. Not even my birthday. 244 00:12:53,300 --> 00:12:56,900 I first name last name. My address, and then a 245 00:12:57,900 --> 00:13:00,800 unvalidated birthday, right? So you can program. 246 00:13:00,800 --> 00:13:02,500 And when using it in the API perspective, right? 247 00:13:02,500 --> 00:13:05,100 You can programmatically go and just download all of it, right? 248 00:13:05,200 --> 00:13:06,700 You can literally iterate all the way through it. 249 00:13:06,700 --> 00:13:09,200 Taking public records to either pull from the dark web or maybe 250 00:13:09,200 --> 00:13:12,000 you have, you know, from Peridot or something like that, right? 251 00:13:12,000 --> 00:13:14,700 And just boom, boom, boom boom, right and now I've got 252 00:13:14,700 --> 00:13:17,700 everybody's credit score number and that's that's sensitive data 253 00:13:17,700 --> 00:13:19,100 to me. I'm sure it is to everybody else 254 00:13:19,100 --> 00:13:21,300 listening as well. So I think one of the challenges 255 00:13:21,300 --> 00:13:23,700 that I've seen having been a consumer of some of these 256 00:13:23,700 --> 00:13:29,200 services, Is the inconsistency with how they may be implemented 257 00:13:29,200 --> 00:13:32,400 and I think of things where, you know, you have to go into this 258 00:13:32,400 --> 00:13:37,100 interface, you type in your ID and password for the Target 259 00:13:37,100 --> 00:13:41,900 financial institution. And if they have MFA in place or 260 00:13:41,900 --> 00:13:44,200 some other type of, you know, second factor that you need to 261 00:13:44,208 --> 00:13:47,200 provide, it's a very sticky situation. 262 00:13:47,200 --> 00:13:49,900 Sometimes where you're waiting, it's almost like they're doing 263 00:13:49,900 --> 00:13:52,700 screen scraping behind the scenes sometimes and it's 264 00:13:52,700 --> 00:13:54,800 frustrating for me as a consumer. 265 00:13:54,900 --> 00:13:56,800 Zoomer right? Trying to get the kind of keep 266 00:13:56,800 --> 00:14:00,500 my accounts linked. How does you know, from an enemy 267 00:14:00,500 --> 00:14:02,800 not knowing enough of how it works between the open banking 268 00:14:02,800 --> 00:14:05,400 standards and that have been developed and companies who 269 00:14:05,400 --> 00:14:09,600 maybe aren't using it? Is that a symptom of, you know, 270 00:14:09,600 --> 00:14:12,100 a poor implementation of it is just, you know, how it works 271 00:14:12,100 --> 00:14:13,900 right now? Or maybe they're not even using 272 00:14:13,900 --> 00:14:16,100 open Banking and that's why my experience is so poor. 273 00:14:16,200 --> 00:14:18,900 So if they are screen, scraping, they're not using open banking, 274 00:14:19,100 --> 00:14:21,500 you know, screen scraping is a security vulnerability right 275 00:14:21,500 --> 00:14:24,200 there, doing an impersonation against both, probably your 276 00:14:24,200 --> 00:14:26,300 Banks. Standards of conduct as well as 277 00:14:26,300 --> 00:14:28,900 even even their Partners standards of content that you're 278 00:14:28,900 --> 00:14:31,200 that you're logging into and that's been kind of the de 279 00:14:31,200 --> 00:14:34,100 facto, right? For the last half dozen years, 280 00:14:34,100 --> 00:14:36,200 right? If we seen Financial aggregators 281 00:14:36,200 --> 00:14:39,600 really come to fruition. Now, that's changing because, 282 00:14:39,600 --> 00:14:42,600 you know, of open banking right? Literally everybody, realizes 283 00:14:42,600 --> 00:14:45,100 that's a big problem. So how do we start to normalize 284 00:14:45,100 --> 00:14:49,000 that how we build common patterns around consent and 285 00:14:49,000 --> 00:14:50,700 around data? All right, flows. 286 00:14:51,500 --> 00:14:54,200 So so if you're seeing screen, scraping, you're seeing that 287 00:14:54,200 --> 00:14:56,200 delay. You'd probably not in open 288 00:14:56,200 --> 00:14:59,200 banking, in open, banking ecosystem, and you don't have 289 00:14:59,200 --> 00:15:01,100 the security that's wrapped around open banking. 290 00:15:01,400 --> 00:15:03,800 Now, I'm actually gonna go back to your earlier Point Jeff, and 291 00:15:04,100 --> 00:15:06,200 it's a lot worse than we actually think particularly over 292 00:15:06,200 --> 00:15:08,900 here in North America. And what I mean by that is, you 293 00:15:08,908 --> 00:15:11,300 know, we've got all of this identity and authorization 294 00:15:11,300 --> 00:15:13,500 sprawl. So depending on, when you're 295 00:15:13,500 --> 00:15:16,200 doing your, your application was build, right? 296 00:15:16,300 --> 00:15:19,400 It was a 2008 mobile app or maybe it's a 2020 mobile app. 297 00:15:19,700 --> 00:15:22,200 Probably have a different ID P. You have hard-coded 298 00:15:22,200 --> 00:15:24,200 authorization. You have hard-coded, privacy, 299 00:15:24,200 --> 00:15:27,100 built into And even those different Services different 300 00:15:27,100 --> 00:15:29,400 applications from a singular Bank, don't talk to each other. 301 00:15:29,400 --> 00:15:32,200 Well now the banks are actually trying to fix that and kind of 302 00:15:32,208 --> 00:15:34,700 give a little bit better user experience, but I can jump, you 303 00:15:34,700 --> 00:15:36,500 know, within some of the credit bureaus. 304 00:15:36,500 --> 00:15:39,400 I can jump from service to service to service and I'll have 305 00:15:39,400 --> 00:15:42,200 to re-authenticate. I'll have to reauthorize, will 306 00:15:42,200 --> 00:15:45,100 have to re Grant consent, because none of it's stored 307 00:15:45,100 --> 00:15:47,900 outside of the applications, all hard-coded in there, and nobody 308 00:15:47,900 --> 00:15:49,800 has any good way of reporting. Now, that's obviously a 309 00:15:49,800 --> 00:15:53,500 tremendous liability for the bank's, the credit bureaus, Etc, 310 00:15:53,500 --> 00:15:56,000 or for any of the financials. Because they're storing 311 00:15:56,000 --> 00:15:58,000 different data. And any time a regulatory body 312 00:15:58,000 --> 00:16:00,900 comes and says they show me, you know, prove to me that Nathan 313 00:16:00,900 --> 00:16:02,900 allowed you to use his account data proved to me that Nathan, 314 00:16:02,900 --> 00:16:05,900 like mother's last name and they have to go and say, okay, well, 315 00:16:06,300 --> 00:16:08,500 I don't know why policies look like right, I've got to find the 316 00:16:08,500 --> 00:16:11,200 developer that wrote that application that developer has 317 00:16:11,200 --> 00:16:13,700 to go back to the code more than like that developers in another 318 00:16:13,700 --> 00:16:15,000 company by now. Right? 319 00:16:15,700 --> 00:16:19,400 They have to go back into the code try and pull extract it and 320 00:16:19,400 --> 00:16:22,200 then showcase exactly what. Transpired, right? 321 00:16:22,300 --> 00:16:24,700 You and I both know, that's almost an impossibility, right? 322 00:16:24,900 --> 00:16:27,900 The reality is is going across all those different systems and 323 00:16:27,900 --> 00:16:31,600 platforms, trying to showcase exactly what happened within a 324 00:16:31,600 --> 00:16:36,000 transaction is a lot harder than it even is to explain, right? 325 00:16:36,000 --> 00:16:40,400 But so being able to externalize that normalize it, right? 326 00:16:40,400 --> 00:16:43,800 And then use a common authorization, privacy identity 327 00:16:43,800 --> 00:16:47,200 standard across all of them. Well, that's exactly what oauth 328 00:16:47,200 --> 00:16:50,600 was designed to be. And what I mean by that is we so 329 00:16:50,600 --> 00:16:53,300 often do ATC kind of pop out in 2012, right? 330 00:16:53,400 --> 00:16:56,400 2011 2012 depending Upon which one we're going to count by. 331 00:16:57,500 --> 00:17:01,000 And the design, there was, let's separate context, right? 332 00:17:01,000 --> 00:17:04,099 And separate the authorization construct away from the 333 00:17:04,099 --> 00:17:06,300 identity, the session building, right? 334 00:17:06,500 --> 00:17:09,599 But we saw the industry do is we took you know kind of these big 335 00:17:09,599 --> 00:17:11,400 model list that we've been using for Wham. 336 00:17:11,400 --> 00:17:13,700 You know. For the for the 2000's own. 337 00:17:13,700 --> 00:17:15,099 Let's layer on top of federation. 338 00:17:15,099 --> 00:17:17,700 You look we're using sample. Its layer on top of oauth. 339 00:17:17,700 --> 00:17:20,200 Rider looks layer on top. All you think we took a model? 340 00:17:20,200 --> 00:17:21,900 If we threw another model with that. 341 00:17:21,900 --> 00:17:24,700 It right? We built kind of these giant. 342 00:17:24,900 --> 00:17:28,600 Rocks that are difficult to use difficult to upgrade and aren't 343 00:17:28,600 --> 00:17:30,900 meeting the needs of modern application developers. 344 00:17:31,200 --> 00:17:32,900 You know, until we did is we said, well, what happens if we 345 00:17:32,900 --> 00:17:34,900 go back to the original intent, right? 346 00:17:35,000 --> 00:17:37,300 What happens if we think about authentication as a session 347 00:17:37,300 --> 00:17:39,400 generation and then there's all kinds of great contacts, it 348 00:17:39,400 --> 00:17:42,600 comes from your authentication provider and then authorization 349 00:17:42,600 --> 00:17:44,700 and application identity. That's a whole separate 350 00:17:44,700 --> 00:17:46,400 construct. And then when I want to move 351 00:17:46,400 --> 00:17:48,300 into finer grained, authorization or I want to move 352 00:17:48,300 --> 00:17:50,800 into fibrin consent management. I want to layer on top. 353 00:17:50,800 --> 00:17:55,300 You open banking based, regulatory demands, Now, I can 354 00:17:55,300 --> 00:17:57,700 do that very, very simply write. It can spin up open Banking, 355 00:17:57,700 --> 00:18:00,200 apis, and minutes, instead of saying, we've got to build this 356 00:18:00,200 --> 00:18:02,700 giant sandbox. I've got upgrade my loyal 357 00:18:02,700 --> 00:18:05,700 servant of fappy 1.0 compliance. I got to do all these different 358 00:18:05,700 --> 00:18:09,300 things which could be man months or even man years you know, I'm 359 00:18:09,300 --> 00:18:15,700 curious because I highlighted my poor experience with not having 360 00:18:15,700 --> 00:18:21,000 open banking in my life, right? So in your mind and you know, 361 00:18:21,000 --> 00:18:24,300 I'm curious, what does good look like from an open banking? 362 00:18:24,900 --> 00:18:29,000 Patient can, is there a gold standard or an example that you 363 00:18:29,000 --> 00:18:32,000 can kind of provide to say if you're doing it, right? 364 00:18:32,000 --> 00:18:33,900 Here's here's what it should look like. 365 00:18:33,900 --> 00:18:37,600 What's the process as a? Just a normal customer, trying 366 00:18:37,600 --> 00:18:41,700 to collect my finances. So I'm going to do one better 367 00:18:41,700 --> 00:18:43,800 than that, and I'm going to talk about the gold Center that we've 368 00:18:43,800 --> 00:18:46,700 seen already in the UK. And so there's a company called 369 00:18:46,700 --> 00:18:48,200 Sterling Bank. Obviously, we're not sure the 370 00:18:48,208 --> 00:18:51,100 motor from the North America so much, but what the, you know, 371 00:18:51,100 --> 00:18:54,700 Millennials and gen Z of set is I want all of my financial 372 00:18:54,800 --> 00:18:56,500 Offices. And this is not just Banking and 373 00:18:56,500 --> 00:18:59,500 moving money around but also home insurance car, insurance 374 00:18:59,500 --> 00:19:01,700 life insurance, right? All these different financial 375 00:19:01,700 --> 00:19:05,800 services available in a singular portal and by using open banking 376 00:19:06,100 --> 00:19:09,100 now, Sterling Bank has created Created that portal for Gen Z 377 00:19:09,100 --> 00:19:10,200 and they seen tremendous account. 378 00:19:10,200 --> 00:19:12,900 Adoption, because of it, what they've seen is a tremendous 379 00:19:13,600 --> 00:19:17,700 Boon right to there to account adoption, by Third parties and 380 00:19:17,700 --> 00:19:20,600 buy additional new customers. Because now, they have kind of 381 00:19:20,608 --> 00:19:23,400 this comprehensive ecosystem. They never have to leave that 382 00:19:23,400 --> 00:19:25,300 Sterling Bank portal. Able to see. 383 00:19:25,300 --> 00:19:27,500 Okay, I'm going to sign up for these different Insurance 384 00:19:27,500 --> 00:19:30,200 different retirement funds. You know, different investment 385 00:19:30,200 --> 00:19:32,800 means as well as do their regular banking all from a 386 00:19:32,800 --> 00:19:35,600 singular interface and it's completely changed the way that 387 00:19:35,600 --> 00:19:37,700 people interact with them. And that's what, you know, the 388 00:19:37,700 --> 00:19:40,400 account aggregators, you know, that the Minsk cetera have to 389 00:19:40,400 --> 00:19:43,100 have strokes driven do to do in North America. 390 00:19:43,400 --> 00:19:47,400 But without having kind of this common symbiotic, methodology of 391 00:19:47,400 --> 00:19:50,600 exchanging data of protecting, privacy of all of these 392 00:19:50,600 --> 00:19:53,700 different fundamental features of open banking, they're just 393 00:19:53,700 --> 00:19:55,500 not able to get there in a Secure manner. 394 00:19:56,000 --> 00:19:59,500 It sounds to me, like the Millennials and gen Z are 395 00:20:01,100 --> 00:20:05,100 driving. The demand for open banking. 396 00:20:05,100 --> 00:20:09,600 Would you say that's accurate and you know, I'm kind of 397 00:20:09,600 --> 00:20:12,800 wondering about the value proposition for the banks is 398 00:20:12,800 --> 00:20:16,500 this something that they want to be able to to enable these 399 00:20:16,500 --> 00:20:19,100 Financial aggregators in a secure way? 400 00:20:19,400 --> 00:20:22,500 Or is it you know a compliance driver. 401 00:20:23,400 --> 00:20:25,800 So it started as a Appliance driver. 402 00:20:26,100 --> 00:20:27,500 Well, that was a two-part question. 403 00:20:27,500 --> 00:20:29,000 Let me start from the beginning, right? 404 00:20:29,000 --> 00:20:32,100 So first of all, you know, gen Z and Millennials are the first 405 00:20:32,100 --> 00:20:33,900 digital natives, right? Jen's even more. 406 00:20:33,900 --> 00:20:36,300 So than Millennials, meaning, they grew up. 407 00:20:36,300 --> 00:20:39,600 Always on internet's everywhere Services should be everywhere. 408 00:20:39,600 --> 00:20:42,600 So they're looking for distributed services and the 409 00:20:42,600 --> 00:20:45,000 best user experience possible, that means pushing the service 410 00:20:45,000 --> 00:20:47,900 all the way down to the edge of the millennial or the edge of 411 00:20:47,900 --> 00:20:50,300 the Gen Z. Alright, so my phone's got to be 412 00:20:50,300 --> 00:20:52,300 able to do everything in that circumstance. 413 00:20:52,300 --> 00:20:55,500 So if we look at, you know, Banks, As you know, we've seen 414 00:20:55,500 --> 00:20:58,000 Banks Banks are responsible for where we are today. 415 00:20:58,000 --> 00:21:00,900 And what I mean by that is not just technological innovation, 416 00:21:00,900 --> 00:21:03,300 but Innovation across you know infrastructure. 417 00:21:03,300 --> 00:21:05,600 Accelerate banks have really stepped up to the plate in the 418 00:21:05,600 --> 00:21:09,100 last, you know, five thousand years, I think, is a fair way to 419 00:21:09,100 --> 00:21:11,800 say it right, due to the exchange of money and helping us 420 00:21:11,800 --> 00:21:13,500 build the world as we know it today. 421 00:21:14,400 --> 00:21:16,600 And so when they first started adopting open banking you're 422 00:21:16,600 --> 00:21:18,200 right. It was absolutely, you know, 423 00:21:18,200 --> 00:21:21,100 across the bear. It was literally, you know, it's 424 00:21:21,100 --> 00:21:24,000 another regulatory burden that we have to kind of pass through 425 00:21:24,300 --> 00:21:27,100 but we've Started to see that transition where it's no longer 426 00:21:27,100 --> 00:21:29,500 seen as that because not only are they getting better 427 00:21:29,500 --> 00:21:32,000 engagement from the customer communities, but now they're 428 00:21:32,000 --> 00:21:34,000 actually getting much better visibility into how their 429 00:21:34,000 --> 00:21:37,500 services are being used. You know, what apis are being 430 00:21:37,500 --> 00:21:38,800 called, who are their biggest users? 431 00:21:38,800 --> 00:21:41,200 How are they transferring money? You know what other Partnerships 432 00:21:41,200 --> 00:21:44,400 and what other services should they package and integrate that 433 00:21:44,400 --> 00:21:46,800 are allowing them to better monetize their customers. 434 00:21:47,600 --> 00:21:50,900 So all of that data that very rich rich data that now they are 435 00:21:50,900 --> 00:21:53,300 allowed to have because they have the appropriate consent is 436 00:21:53,300 --> 00:21:56,300 also the date of the It's feeding back into a, circular 437 00:21:56,300 --> 00:21:59,400 Loop of better Services which are able to again to offer out 438 00:21:59,400 --> 00:22:01,700 and to monetize and to build better customer adherence. 439 00:22:02,200 --> 00:22:06,500 Have you seen any differences in how, you know, the pandemic has 440 00:22:06,500 --> 00:22:09,800 affected uptake of some of these Services, you know, around 441 00:22:10,700 --> 00:22:13,600 getting open Bangkok open banking off the ground and 442 00:22:14,000 --> 00:22:17,000 becoming more digital first, you know, less touch. 443 00:22:17,000 --> 00:22:20,600 And, you know, I look around in my hometown, where I marry it, 444 00:22:20,600 --> 00:22:23,900 where I'm at and I see Bank branches shutting down right 445 00:22:23,900 --> 00:22:27,000 there just they Had the physical presence anymore, I can't 446 00:22:27,000 --> 00:22:28,500 remember. The last time I went into a 447 00:22:28,500 --> 00:22:32,700 bank, I've been digital banking for at least, if seal, it feels 448 00:22:32,700 --> 00:22:36,200 like 10 years. And, you know, that's probably 449 00:22:36,200 --> 00:22:38,400 the trend for the future, and I see a lot of those spaces being 450 00:22:38,400 --> 00:22:40,500 repurposed for other things. You know, one's been turned into 451 00:22:40,500 --> 00:22:44,400 electric car charging a spot because they have the parking 452 00:22:44,400 --> 00:22:47,700 and, you know, no one else is using it but I'm curious if from 453 00:22:47,700 --> 00:22:51,100 your perspective having worked on this much more closely is if 454 00:22:51,100 --> 00:22:56,000 the pandemic has driven this any more than it probably would have 455 00:22:56,000 --> 00:22:59,600 gone already just to the Natural flow and evolution of services 456 00:23:00,300 --> 00:23:02,100 or if. Yeah, there was something here 457 00:23:02,100 --> 00:23:05,600 where you know, covid here and we've got a kind of speed this 458 00:23:05,600 --> 00:23:07,800 up and maybe faster than we were planning on doing it. 459 00:23:08,100 --> 00:23:10,700 Your bang on, right? I feel like that was a softball, 460 00:23:10,700 --> 00:23:13,100 be honest. Because, you know, what is 461 00:23:13,100 --> 00:23:14,800 covid, done, you know, to push work from home. 462 00:23:14,800 --> 00:23:18,300 It's pushed distributed Services out everywhere and whether 463 00:23:18,300 --> 00:23:21,500 that's, you know, upgrading your VPN and do a CT and a for the 464 00:23:21,500 --> 00:23:24,400 podcast last week or whether that's offering your services. 465 00:23:24,800 --> 00:23:27,400 Very distributed fashion. And a very integrated fashion 466 00:23:27,600 --> 00:23:30,600 out to your consumers are to your partner's to resell, right? 467 00:23:30,600 --> 00:23:33,500 Both of those are driving at lightning speed. 468 00:23:33,500 --> 00:23:35,500 You know it's you're right. We don't go into any branches 469 00:23:35,500 --> 00:23:37,400 anymore. I mean even Starbucks, you know 470 00:23:37,400 --> 00:23:40,400 I have to order online right? Then I can go pick it up from a 471 00:23:40,408 --> 00:23:46,000 branch but you know there the reduction in touch interaction I 472 00:23:46,000 --> 00:23:48,700 think is a fair way of saying it you know do the covid has really 473 00:23:48,700 --> 00:23:51,800 pushed net, new digital services and net new ways to engage with 474 00:23:51,800 --> 00:23:53,900 your customer base out into the marketplace. 475 00:23:55,100 --> 00:23:59,100 I'm thinking about these open Banking apis, and I'm wondering, 476 00:23:59,700 --> 00:24:05,800 are banks deploying the apis to bolt onto their applications 477 00:24:05,800 --> 00:24:09,800 and, and their systems, or they deploying the apis, and then 478 00:24:09,800 --> 00:24:11,900 building their services on top of it. 479 00:24:11,908 --> 00:24:17,300 And I guess I'm I'm getting at that from the standpoint of the 480 00:24:17,300 --> 00:24:20,300 security being layered at the API level, right? 481 00:24:20,300 --> 00:24:24,000 It seems to me that if you're building apps on top of it, you 482 00:24:24,000 --> 00:24:26,900 still want to Put that security at the API level. 483 00:24:26,900 --> 00:24:31,900 So, Broad question I guess is are the banks themselves using 484 00:24:31,900 --> 00:24:33,900 those apis? They're deploying. 485 00:24:34,000 --> 00:24:38,400 And then why is securing at the API level necessary? 486 00:24:39,300 --> 00:24:41,800 Okay, lots of questions are so let's just parse them out, one 487 00:24:41,800 --> 00:24:43,100 by one by one. Right? 488 00:24:43,400 --> 00:24:46,200 So when we look at open banking, you know, I break it into kind 489 00:24:46,200 --> 00:24:48,400 of three major fundamental steps. 490 00:24:48,700 --> 00:24:51,100 So the first is building, an API driven infrastructure. 491 00:24:51,100 --> 00:24:53,400 This is where you'll create a net new API, you know, through 492 00:24:53,400 --> 00:24:56,600 apogee or acts way or one of the API Gateway vendors to your 493 00:24:56,600 --> 00:24:59,800 back-end Services, right? And that's Step 1 and that is 494 00:24:59,800 --> 00:25:03,400 just to participate in an API driven ecosystem, which 495 00:25:03,400 --> 00:25:06,800 obviously open banking as one of them, step two is bringing in 496 00:25:07,000 --> 00:25:10,000 that security layer, right? So open banking has designated 497 00:25:10,000 --> 00:25:13,800 fappy, which is financial API. It's a standard put out by the 498 00:25:13,800 --> 00:25:19,000 idea of the open ID Foundation that, you know, mandates. 499 00:25:19,000 --> 00:25:21,900 A number of things, big things like pairwise identifiers, 500 00:25:21,900 --> 00:25:23,900 right? So shared Secrets, essentially 501 00:25:23,900 --> 00:25:27,000 the easy way to think about that Mutual TLS between client and 502 00:25:27,000 --> 00:25:30,200 server. Secure software assertions, 503 00:25:30,200 --> 00:25:31,600 right? So, you have a signed 504 00:25:31,600 --> 00:25:36,200 certificate that says, I can be a client of this service or kind 505 00:25:36,200 --> 00:25:37,900 of the fundamental pieces, right? 506 00:25:38,000 --> 00:25:41,600 So, they have mandated a gold standard for API security is 507 00:25:41,600 --> 00:25:44,200 easiest way to think about that. And I think that should be 508 00:25:44,200 --> 00:25:47,600 carrying across all Industries because we wouldn't have the 509 00:25:47,600 --> 00:25:50,600 experience problem, right? To just to relate it back today. 510 00:25:50,600 --> 00:25:54,700 If that was in place yesterday, right now, the third step is 511 00:25:54,700 --> 00:25:56,700 that consent factor? And I think this is where things 512 00:25:56,700 --> 00:25:58,100 start to get really, really interesting. 513 00:25:58,200 --> 00:26:02,200 Ting because consent has kind of changed rather dramatically in 514 00:26:02,200 --> 00:26:06,100 the last five years, right. So start off with gdpr, we got 515 00:26:06,100 --> 00:26:08,700 all of these kind of blanket. Consensus got the pop-up ad, you 516 00:26:08,700 --> 00:26:11,100 know, are the top Banner saying? Hey, I'm consenting to my 517 00:26:11,100 --> 00:26:13,400 cookie, you know, take all of my data or store your cookie here 518 00:26:13,400 --> 00:26:16,400 and capture my pee, and everything else, which we all 519 00:26:16,400 --> 00:26:17,700 hate. But it seems to be a necessary 520 00:26:17,700 --> 00:26:20,100 part of using the internet at this juncture, right? 521 00:26:20,400 --> 00:26:22,700 So that's been around for a little while and I was kind of 522 00:26:22,708 --> 00:26:25,400 the start of, how do I mitigate? You know, some of the GDP our 523 00:26:25,400 --> 00:26:27,500 needs that's a very blanket base. 524 00:26:27,500 --> 00:26:29,900 Can set the It is the oauth based consents. 525 00:26:29,900 --> 00:26:31,800 Right, that I think most of us are familiar with this. 526 00:26:31,800 --> 00:26:33,800 Is we're going to Facebook. Facebook says, Hey, I want to 527 00:26:33,808 --> 00:26:35,900 see your first name last name, phone number. 528 00:26:35,900 --> 00:26:37,400 And I'm gonna do whatever I want with it. 529 00:26:37,500 --> 00:26:39,600 Right? You know, I'm going to store it 530 00:26:39,600 --> 00:26:41,500 and you know, it's going from you now. 531 00:26:42,100 --> 00:26:44,600 And that's the second one and it's definitely not fine grained 532 00:26:44,600 --> 00:26:46,500 enough, right? Because there's no real consent. 533 00:26:46,500 --> 00:26:48,800 There's just hate take my data and do whatever with it. 534 00:26:49,000 --> 00:26:52,400 Now, the third one, which open banking's and reduced is really 535 00:26:52,400 --> 00:26:54,400 consent. That actually happens before the 536 00:26:54,400 --> 00:26:57,500 oauth consent that is I'm going to consent and you're very fine 537 00:26:57,500 --> 00:26:59,600 grain. Around this account with this 538 00:26:59,600 --> 00:27:01,400 transaction ID. I'm going to consent to sending 539 00:27:01,400 --> 00:27:03,000 it to this third party. Right. 540 00:27:03,000 --> 00:27:04,800 And this is where those third-party providers and the 541 00:27:04,800 --> 00:27:08,100 aggregators really come to bear. And so, what we're seeing is 542 00:27:08,100 --> 00:27:10,800 very disconnected, approaches to consent, you kind of again, 543 00:27:10,900 --> 00:27:13,200 based upon that sprawl, we're talking about earlier. 544 00:27:13,400 --> 00:27:15,200 You might have the, the blanket consent. 545 00:27:15,200 --> 00:27:17,900 You might have some oauth consent, but unless you're an 546 00:27:17,900 --> 00:27:20,400 obeah ecosystem, the open banking ecosystem, you're not 547 00:27:20,400 --> 00:27:23,300 bringing to fruition the open bank consent. 548 00:27:23,400 --> 00:27:25,400 So what we've done is we brought all of those together, right? 549 00:27:25,400 --> 00:27:28,400 So you have a common model for consent that spans the Three 550 00:27:28,400 --> 00:27:30,100 different types. Actually, a fourth type as well, 551 00:27:30,100 --> 00:27:32,900 but will dive down the rabbit hole if we go that way. 552 00:27:33,900 --> 00:27:35,800 So I have a common model for understanding. 553 00:27:35,800 --> 00:27:38,600 What I've consent to do to an organization as well as what 554 00:27:38,600 --> 00:27:40,800 I've consented to an organization to share about me 555 00:27:41,100 --> 00:27:42,600 and I can go and revoke manage it. 556 00:27:42,600 --> 00:27:44,400 I can give you, you know, you can use it one time. 557 00:27:44,400 --> 00:27:46,600 You can use it seven times. You can sit for 30 days, you can 558 00:27:46,600 --> 00:27:49,600 use it for 24 hours, right? So I've got very fine-grained 559 00:27:49,600 --> 00:27:52,300 controls around. How I'm willing to share my data 560 00:27:52,500 --> 00:27:55,200 out to an organization and how that organization has to treat 561 00:27:55,200 --> 00:27:57,100 the data going out to third parties. 562 00:27:58,500 --> 00:28:01,800 Sorry, the rest of your question was where should a pi security 563 00:28:01,800 --> 00:28:04,100 lie, right. And so the very interesting 564 00:28:04,100 --> 00:28:07,400 thing about apis is something like 80% of the internet traffic 565 00:28:07,400 --> 00:28:11,100 is Now API driven, right? And you have to think about apis 566 00:28:11,100 --> 00:28:14,400 as machine-to-machine, right? Or service to service because 567 00:28:14,400 --> 00:28:16,700 that is the fundamental underlying flow, right? 568 00:28:16,700 --> 00:28:19,500 And whether it's me going through my, my iPad right 569 00:28:19,500 --> 00:28:21,700 through an app. On my iPad, it's making an API 570 00:28:21,700 --> 00:28:25,400 call back up to, you know, Wells Fargo or two to my bank. 571 00:28:26,300 --> 00:28:28,100 And that is a machine to machine communication. 572 00:28:28,300 --> 00:28:30,300 We have to start rethinking identity. 573 00:28:30,300 --> 00:28:32,600 So, we've always thought about identity as a user identity, 574 00:28:32,600 --> 00:28:33,600 right? Super easy. 575 00:28:33,600 --> 00:28:35,400 I know how to authenticate users, right? 576 00:28:35,400 --> 00:28:37,500 We can do that very well, although we don't do that for a 577 00:28:37,500 --> 00:28:39,600 while, but that's a, that's a different point of discussion. 578 00:28:40,100 --> 00:28:42,400 Now, when we start thinking about identity of machines, 579 00:28:42,400 --> 00:28:45,200 right, I've got two different aspects of that. 580 00:28:45,300 --> 00:28:47,700 I've got workload identity. And this is like the carbon, 581 00:28:47,700 --> 00:28:48,700 right? This is my function. 582 00:28:48,700 --> 00:28:54,400 That's done up or my kubernetes, no Dharma, kubernetes pod, sorry 583 00:28:56,200 --> 00:28:58,000 that I just spun up that kubernetes. 584 00:28:58,200 --> 00:29:00,300 Each pod your registers. And if it's in something like a 585 00:29:00,300 --> 00:29:02,700 CEO or service much, it'll go and get its own. 586 00:29:02,700 --> 00:29:05,600 What's called a spiffy service product service. 587 00:29:05,600 --> 00:29:09,200 Provider identity for everything, which is an x.509 588 00:29:09,200 --> 00:29:11,900 service, essentially. That's giving a very short term, 589 00:29:11,900 --> 00:29:14,900 often times, it's 90 minutes to two hours, identity, down to the 590 00:29:14,900 --> 00:29:17,000 workload. Now, what we've done is, we've 591 00:29:17,000 --> 00:29:22,200 also broker that's we can take a spiffy identifier and now we'll 592 00:29:22,200 --> 00:29:26,100 assign a service identifier oauth, client, ID down to the 593 00:29:26,100 --> 00:29:28,000 that workload identity. Brought those two. 594 00:29:28,200 --> 00:29:30,100 The other. And now we have a much better 595 00:29:30,100 --> 00:29:33,500 way of governing, a user, accessing a service identity, 596 00:29:33,500 --> 00:29:35,000 which is tied to a machine identity. 597 00:29:35,300 --> 00:29:38,000 So I have independent client identities that are now tied to 598 00:29:38,000 --> 00:29:40,400 different workload identities. So, every instance of my 599 00:29:40,400 --> 00:29:43,000 service, it spins up has its own unique identity. 600 00:29:43,000 --> 00:29:46,300 Instead of now, instead of old way, which is, at an API key, 601 00:29:46,300 --> 00:29:48,000 right? That was shared across a hundred 602 00:29:48,000 --> 00:29:49,800 different services or 1000 different Services. 603 00:29:49,800 --> 00:29:52,700 Even now, I have individual x.509, certs. 604 00:29:52,900 --> 00:29:56,100 So if I have a breach, I can know exactly which individual 605 00:29:56,100 --> 00:29:59,500 instance, it was as opposed to My service, got breached, I can 606 00:29:59,500 --> 00:30:01,600 say this. Service instance got breached, 607 00:30:01,600 --> 00:30:03,900 I'm going to go and rectify and look at the low audit logs for 608 00:30:03,900 --> 00:30:07,200 that as well. The sounds pretty spiffy to me. 609 00:30:08,800 --> 00:30:12,200 No one thing I thought as you were describing that framework, 610 00:30:12,400 --> 00:30:16,200 which included open banking. You peel out kind of the open 611 00:30:16,200 --> 00:30:19,300 banking thing. I'm just kind of freestyle your. 612 00:30:19,900 --> 00:30:22,600 It sounds very much like a framework that can be used 613 00:30:22,600 --> 00:30:25,000 across Industries, which I think is what you said. 614 00:30:26,200 --> 00:30:30,100 But I was also having the thought I think, you know, to 615 00:30:30,100 --> 00:30:34,600 put it in oil parlance, you're talking a lot about allowing 616 00:30:34,700 --> 00:30:40,600 certain Scopes, kind of put me into the mindset. 617 00:30:40,600 --> 00:30:44,700 I thinking of when it comes to that, I mean that's almost 618 00:30:45,300 --> 00:30:49,600 functionality, Shores security. So, you know, especially from an 619 00:30:49,600 --> 00:30:52,600 authorization context. But that's really like at the 620 00:30:52,608 --> 00:30:55,700 core functionality of what is happening here. 621 00:30:56,400 --> 00:30:59,100 Jim, you're right. So You know, kind of putting it 622 00:30:59,100 --> 00:31:01,000 into that oauth scope our lands, right? 623 00:31:01,000 --> 00:31:04,300 So what we're talking about thus far was all like oauth client. 624 00:31:04,300 --> 00:31:07,400 Credential flows, right? How am I going to get a service 625 00:31:07,400 --> 00:31:10,000 identity to a machine identity? Now, when I start talking about, 626 00:31:10,000 --> 00:31:12,700 how am I going to authorize data and whether that's privacy, 627 00:31:12,700 --> 00:31:16,100 related data, you know, be a grants or even other data that 628 00:31:16,100 --> 00:31:18,000 might be t.i. at it, might not be Pi. 629 00:31:18,100 --> 00:31:22,400 Those are the Scopes that you're talking about and so you know 630 00:31:22,400 --> 00:31:25,600 what we've done and not too kind of toot, our own horn too much 631 00:31:26,300 --> 00:31:28,500 but is we built governance around the Scope. 632 00:31:28,500 --> 00:31:31,500 So as a developer have governance that covers exactly 633 00:31:31,500 --> 00:31:34,300 what's going to transpire. So when I register a service, I 634 00:31:34,300 --> 00:31:36,500 can no longer ask for, hey, I want that full jot. 635 00:31:36,500 --> 00:31:39,400 I want the full user record. I need all this data unless I 636 00:31:39,400 --> 00:31:42,000 actually need it, right? And that's very different way of 637 00:31:42,000 --> 00:31:45,100 treating it. So I just used this metaphor on 638 00:31:45,100 --> 00:31:48,800 the open banking World Congress just last week, but you know 639 00:31:48,800 --> 00:31:52,000 what we're seeing is that Pi? I write for the last decade has 640 00:31:52,000 --> 00:31:53,900 been called. It's the new oil, right? 641 00:31:54,100 --> 00:31:56,500 You know, from whether it's Harvard Business review or CIO 642 00:31:56,500 --> 00:31:59,800 monthly, but it was really We becoming as the new CEO to write 643 00:31:59,800 --> 00:32:01,500 because we're not able to control it, we're not able to 644 00:32:01,508 --> 00:32:04,200 constrain it, it's propagating wildly because we're sending 645 00:32:04,200 --> 00:32:07,600 these giant jobs or do these giant access tokens from service 646 00:32:07,600 --> 00:32:10,500 to service the service, no idea where the data goes. 647 00:32:10,500 --> 00:32:12,100 Right? Might get dumped in a syslog, 648 00:32:12,100 --> 00:32:15,000 might get pumped out to another another API that we are unaware 649 00:32:15,000 --> 00:32:17,500 of. It might go into any recording 650 00:32:17,500 --> 00:32:21,000 platformer, might go to a rogue service, no clue once it's out 651 00:32:21,000 --> 00:32:23,500 the door. So by actually doing governance 652 00:32:23,500 --> 00:32:26,000 around the access token, that's being meant to write. 653 00:32:26,000 --> 00:32:27,900 What are we able to do? We're able to say service, a can 654 00:32:27,900 --> 00:32:30,900 see We'll use a record service. Be can only see first name and 655 00:32:30,900 --> 00:32:34,000 transaction ID. I think of all the things that 656 00:32:34,000 --> 00:32:37,700 can go wrong for banished from a security perspective and it 657 00:32:37,700 --> 00:32:40,500 comes to apis. And then you toss in like 658 00:32:40,800 --> 00:32:44,100 Facebook, wanting to be at having access to financials, 659 00:32:44,100 --> 00:32:44,800 right? You mentioned face. 660 00:32:44,800 --> 00:32:47,400 I'm like, there's no way I'm ever going to allow like 661 00:32:47,400 --> 00:32:51,500 Facebook, to be financially, connected to the rest of my 662 00:32:51,500 --> 00:32:54,100 stuff, right? But that's just an editorial 663 00:32:54,100 --> 00:32:57,000 coming anyway from a security perspective. 664 00:32:57,000 --> 00:33:02,100 What is the Worst thing that could happen if the open banking 665 00:33:02,100 --> 00:33:04,900 apis are really just apis in general, aren't properly 666 00:33:04,900 --> 00:33:07,800 secured, I mean, obviously there's theft, right, someone 667 00:33:07,800 --> 00:33:11,300 could intercept and steal money, I think of an attack. 668 00:33:11,300 --> 00:33:13,900 If you're a fan of office space where your may be developing an 669 00:33:13,900 --> 00:33:16,900 API that, you know, just takes fractions of a penny, right? 670 00:33:16,900 --> 00:33:19,400 From a bunch of different accounts and you know, you hope 671 00:33:19,400 --> 00:33:22,800 you're never caught. What are some of the other 672 00:33:22,900 --> 00:33:26,800 things that maybe aren't as noticeable from a security 673 00:33:26,800 --> 00:33:30,400 perspective that People should be concerned about and drive 674 00:33:30,400 --> 00:33:33,700 towards making sure that apis are probably governed are 675 00:33:33,700 --> 00:33:36,300 properly secured and being utilized the way that they've 676 00:33:36,300 --> 00:33:38,800 been designed to. Yeah, so that's a good question. 677 00:33:38,800 --> 00:33:41,400 And, you know, it's actually relatively scary like when we 678 00:33:41,400 --> 00:33:44,300 start back to talk about it, because if I look at, you know, 679 00:33:44,300 --> 00:33:46,900 what's driving my Tesla, its API, right? 680 00:33:47,000 --> 00:33:50,400 It's calls from, you know, a service on my steering wheel and 681 00:33:50,400 --> 00:33:54,000 my accelerator down to, you know, the central control panel 682 00:33:54,000 --> 00:33:55,600 and then talking about to the internet somewhere. 683 00:33:56,000 --> 00:33:57,900 So what can what's the worst-case scenario, you know? 684 00:33:58,100 --> 00:33:59,400 Yeah. Well, somebody takes that over. 685 00:33:59,400 --> 00:34:01,400 And we've seen it. We've seen it hacked many a time 686 00:34:01,400 --> 00:34:04,000 already. I think, Dodge not successful in 687 00:34:04,000 --> 00:34:06,600 a fairly but Dodge and a few other ones have had their, you 688 00:34:06,600 --> 00:34:09,900 know, their auto-drive features and apis hacked. 689 00:34:10,699 --> 00:34:12,500 We saw that we're just person Mercedes. 690 00:34:12,500 --> 00:34:15,000 I think believe that was the end of last year. 691 00:34:15,500 --> 00:34:18,000 It wasn't a hack of the driving system, but it was a hack of the 692 00:34:18,000 --> 00:34:21,100 data coming through the Bluetooth platform, right? 693 00:34:21,100 --> 00:34:23,400 So so it's not just personal data but you're actually 694 00:34:23,400 --> 00:34:26,500 livelihood, right? Can be impacted and whether it's 695 00:34:26,500 --> 00:34:29,199 a, you know, heart monitor. And I T device or whether it's 696 00:34:29,199 --> 00:34:30,500 the car that you're driving, right? 697 00:34:30,500 --> 00:34:32,900 And not doing a pi security, right? 698 00:34:32,900 --> 00:34:35,500 Is going to fundamentally, put you at risk and put your 699 00:34:35,500 --> 00:34:38,800 organization at risk for not just, you know, Financial 700 00:34:38,800 --> 00:34:41,600 liabilities but potentially, you know livelihood of people? 701 00:34:41,800 --> 00:34:42,800 Yeah. I think about that too. 702 00:34:42,800 --> 00:34:47,500 And it's a connected world and if a human designed it, that 703 00:34:47,500 --> 00:34:50,000 means that there are flaws in it and there will be, you know, 704 00:34:50,199 --> 00:34:54,400 ways to break systems as that have been designed. 705 00:34:55,400 --> 00:34:59,300 I know that you've been very generous With your time with us. 706 00:34:59,300 --> 00:35:02,500 And one of the things that we've started to do is kind of close 707 00:35:02,500 --> 00:35:05,100 out with maybe something not. So I am so that we're not 708 00:35:05,100 --> 00:35:08,400 leaving on a heavy note, right? Try to lighten the mood after 709 00:35:08,400 --> 00:35:12,700 the Doom and Gloom of not having apis being secured and I think 710 00:35:12,700 --> 00:35:16,400 all your money stolen and Facebook watching you, Jim came 711 00:35:16,400 --> 00:35:18,400 up with a good one. I'll let him have the honors 712 00:35:18,600 --> 00:35:21,500 Jim, why don't you go for it? Yeah, but before I do that Jeff 713 00:35:21,500 --> 00:35:23,700 went to remind you. They are fractions of a penny. 714 00:35:23,700 --> 00:35:27,900 Have you seen the the penny dish at the convenience store? 715 00:35:28,100 --> 00:35:31,200 Therefore everyone right, Community pennies. 716 00:35:31,700 --> 00:35:38,200 That's little Office Space. Chatter if you will so mine on. 717 00:35:38,200 --> 00:35:43,300 I am question and this is really timely because of my guests. 718 00:35:43,300 --> 00:35:47,000 Guzzler that I mentioned earlier, my nan, I am question 719 00:35:47,600 --> 00:35:50,500 is what is the coolest car you've ever owned? 720 00:35:51,300 --> 00:35:53,100 And I'm going to start with Nathaniel. 721 00:35:53,900 --> 00:35:57,600 Oh, this is a, I got a two-part answer on this one too, so I 722 00:35:57,600 --> 00:36:01,400 still own it. So I have a 77 Vijay 40, which 723 00:36:01,400 --> 00:36:05,900 is the old Land Cruiser, but the BJ is a diesel does Ignatian, I 724 00:36:05,900 --> 00:36:10,200 imported it from Canada on 25 some odd years ago, so it's kind 725 00:36:10,200 --> 00:36:13,800 of like a diesel Jeep essentially, that's incredibly 726 00:36:13,800 --> 00:36:15,700 low geared. Seemingly can drive up trees, 727 00:36:15,700 --> 00:36:20,400 although I would never hurt a tree, second one would be an 728 00:36:20,400 --> 00:36:24,200 F100. So I've got a 52 F100, that's in 729 00:36:24,200 --> 00:36:27,500 my garage. That's, I mean, it's pretty to 730 00:36:27,500 --> 00:36:33,100 look at and that's more my wife's car, but I bought it for 731 00:36:33,100 --> 00:36:35,200 us. There's a tough guy. 732 00:36:35,400 --> 00:36:39,100 For me to my first cars. Like I love this so much. 733 00:36:39,100 --> 00:36:45,800 It was a 69 Ford Falcon with dry-rotted winter tires. 734 00:36:45,900 --> 00:36:49,400 So in other words, these tires were like if I stepped on the 735 00:36:49,400 --> 00:36:53,800 gas they spun and left. A black streak behind me and 736 00:36:53,800 --> 00:36:58,600 left a bunch of smoke because they were just like just so old 737 00:36:58,600 --> 00:37:01,600 of tires and everything but that was a fun car. 738 00:37:01,800 --> 00:37:07,100 I had a 72 Nova SS in college. I drive a Mustang convertible 739 00:37:07,100 --> 00:37:12,900 now, but I think the fun is car I've ever owned was, I had an 88 740 00:37:12,900 --> 00:37:18,400 v w Vanagon with one of those tops and popped up and became a 741 00:37:18,500 --> 00:37:21,700 tent. And it had a full size bed under 742 00:37:21,700 --> 00:37:25,000 it. And a full-size, the back seat, 743 00:37:25,000 --> 00:37:27,100 folded down to become a full-size bed. 744 00:37:27,300 --> 00:37:30,100 It had a kitchen and a refrigerator in it. 745 00:37:30,100 --> 00:37:33,400 I mean, it was like my Hippie Mobile. 746 00:37:33,500 --> 00:37:37,400 So that thing was You know, everybody loves it was a 747 00:37:37,600 --> 00:37:41,700 conversation piece, the only downside to others to downsize, 748 00:37:42,000 --> 00:37:46,100 one was, I mean the thing broke down a lot so it was in the shop 749 00:37:46,100 --> 00:37:48,600 about as much as it was in my garage. 750 00:37:48,900 --> 00:37:51,200 The second thing is it was a gas guzzler. 751 00:37:51,200 --> 00:37:54,200 So when gas was cheap that was no problem. 752 00:37:54,400 --> 00:37:58,900 But when gas got expensive and like I'm experiencing right now, 753 00:37:58,900 --> 00:38:03,800 we're gas has not existed in my part of the country, that was 754 00:38:03,800 --> 00:38:06,400 not the best. So, With that, I already know 755 00:38:06,400 --> 00:38:09,000 what Jeff sensor is going to be. So go ahead, I'll pass the you 756 00:38:09,000 --> 00:38:11,200 Jeff. Well, okay, so I'm not a car 757 00:38:11,200 --> 00:38:13,500 person at all. I'm more of a, you know, the 758 00:38:13,500 --> 00:38:15,300 tech geek nerd. So, of course, my answer is 759 00:38:15,300 --> 00:38:18,000 probably not going to be surprised, but it is definitely 760 00:38:18,400 --> 00:38:21,900 my 2018 Tesla Model 3. Absolutely. 761 00:38:21,900 --> 00:38:24,700 Love that vehicle. Absolutely perfect. 762 00:38:24,700 --> 00:38:27,700 Never had a problem with it at least no major problems. 763 00:38:27,700 --> 00:38:30,100 Right stuff that you know, little things here and there but 764 00:38:30,100 --> 00:38:32,200 it is so much fun to drive an electric vehicle. 765 00:38:33,000 --> 00:38:37,300 You know I'm a Tesla fan just They were the ones that that 766 00:38:37,400 --> 00:38:40,000 came out ahead of time and the one that was available. 767 00:38:40,000 --> 00:38:41,200 And I've been waiting on that one for a while. 768 00:38:41,200 --> 00:38:45,000 So I guess you can coin that my maybe midlife crisis car, but I 769 00:38:45,008 --> 00:38:47,200 think it's fantastic. I have not been to the gas 770 00:38:47,200 --> 00:38:51,400 station in, I don't know, at least six months, maybe even 771 00:38:51,400 --> 00:38:55,400 longer mostly just to fill up my wife's car and I haven't, you 772 00:38:55,408 --> 00:38:57,900 know, I can't remember the last time I had to take care of an 773 00:38:57,900 --> 00:38:59,000 oil change or anything like that. 774 00:38:59,000 --> 00:39:02,200 Mean the only maintenance I've had to do on it is putting in 775 00:39:02,700 --> 00:39:04,200 windshield, washer fluid, that's it. 776 00:39:04,400 --> 00:39:07,500 So I absolutely The Tesla is just so much fun to drive and 777 00:39:07,800 --> 00:39:10,000 you know, I think it's not it's not specific to Tesla, right? 778 00:39:10,000 --> 00:39:12,800 The the quick acceleration and the torque that you get from an 779 00:39:12,808 --> 00:39:15,900 electric motor. Most electric cars are a lot of 780 00:39:15,900 --> 00:39:18,400 fun to drive and it comes down to, you know, probably the 781 00:39:18,400 --> 00:39:21,300 Comforts that come around it. But, yeah, absolutely. 782 00:39:21,300 --> 00:39:25,600 It is, is my Tesla. That is my pride and joy, and 783 00:39:25,800 --> 00:39:29,800 I'm looking already looking forward to my next EV and 784 00:39:29,800 --> 00:39:31,500 whether I'll stay with them, Tesla brand, or maybe. 785 00:39:31,500 --> 00:39:35,100 Look at something like you were kind of talked about this last 786 00:39:35,100 --> 00:39:36,700 night. Night, my wife and I around, you 787 00:39:36,707 --> 00:39:41,500 know, maybe the Ford Mustang Mach e which is, I know there is 788 00:39:41,500 --> 00:39:43,400 polarizing. A, whether you should be using 789 00:39:43,400 --> 00:39:47,400 the Mustang name for an electric vehicle, but it looks pretty 790 00:39:47,400 --> 00:39:50,200 sharp and seems to have some some pretty good metrics around 791 00:39:50,200 --> 00:39:52,200 it, so I'm going to go but I'm going to go with my Tesla. 792 00:39:52,200 --> 00:39:54,700 That's that's my jam and it's a lot of fun to drive. 793 00:39:57,300 --> 00:39:59,200 So I think with that, that's probably a good spot where we 794 00:39:59,200 --> 00:40:02,300 can go ahead and leave it. We had a pretty good mix of 795 00:40:02,300 --> 00:40:06,900 vehicles there between trucks and hippie mobiles and Mustangs 796 00:40:06,900 --> 00:40:09,400 and Tesla. So I think we covered really the 797 00:40:09,400 --> 00:40:12,200 the wide variety of vehicles that could potentially be out 798 00:40:12,200 --> 00:40:15,000 there. Nathan's think thank you so much 799 00:40:15,000 --> 00:40:18,700 for joining us and hopefully people were able to get, you 800 00:40:18,700 --> 00:40:21,600 know, idea of kind of, at least, if they, if they aren't familiar 801 00:40:21,600 --> 00:40:24,400 with open banking, you know, how they might already be using it 802 00:40:24,400 --> 00:40:27,700 and not even just be aware of it, but How, you know, 803 00:40:27,700 --> 00:40:31,300 Technologies and standards are developing to make life easier 804 00:40:31,300 --> 00:40:34,300 to be able to manage finances. And, you know, and Underneath It 805 00:40:34,300 --> 00:40:35,700 All. There's identity, right? 806 00:40:35,700 --> 00:40:37,400 It's part of this process etcetera. 807 00:40:38,700 --> 00:40:41,800 I will have a link to Nathan in the show notes. 808 00:40:41,800 --> 00:40:44,700 If you want to connect with him on LinkedIn, obviously can 809 00:40:44,700 --> 00:40:46,000 connect with Jim and I is there as well. 810 00:40:46,000 --> 00:40:49,900 We're always happy to engage and talk with, you know, our 811 00:40:49,900 --> 00:40:52,400 listeners and get ideas for shows, and so forth. 812 00:40:53,000 --> 00:40:55,000 Also have a link to Cloud entities website. 813 00:40:55,000 --> 00:40:57,600 So you can learn more about what Nathan and his company has been 814 00:40:57,600 --> 00:41:02,000 doing in this space you can get familiar with their offering and 815 00:41:02,300 --> 00:41:05,500 for us right you can always find us on the web at identity at the 816 00:41:05,500 --> 00:41:11,200 center.com you can find us on Twitter idac podcast and with 817 00:41:11,200 --> 00:41:13,300 that we're going to go ahead and close it out for this week. 818 00:41:13,300 --> 00:41:16,200 Preciate everyone thanks for listening and we'll talk with 819 00:41:16,200 --> 00:41:23,400 you all in the next one. Thanks for listening to the 820 00:41:23,400 --> 00:41:26,200 identity at the center podcast. If you like what you heard, 821 00:41:26,200 --> 00:41:29,500 don't forget to subscribe and visit us on the web and identity 822 00:41:29,500 --> 00:41:30,300 at the center.com.