Skip To Content
logo

Digital Trust Laboratory of Canada – Assessments

Bonnie Yau
283 Alexandre-Taché Blvd Suite LB A-1360 Gatineau QC J9A 1L8

Service Details

Assessments
We deliver assessments that cater to the assessee's needs and leverage community and industry-recognized frameworks where available. Areas of assessment include user-centric functional testing, usability testing, accessibility testing, conformity testing, interoperability testing, performance testing and privacy assessments. In doing so we commit to (1) Understand the client's product or service (2) Establish testing objectives (3) Determine appropriate types of testing (4) Select testing methodology (5) Provide a detailed findings report. All steps are designed to suit the client’s context and needs, while leveraging community and industry-recognized frameworks, where available.
General Information: Website
Point of Contact: Bonnie Yau

Role(s)

  • Audit
  • Broker
  • Consulting
  • Service Integrator
  • Service Provider
  • Other - Specify
Other: Custom assessments

Capability(ies)

  • Attribute Broker
  • Attribute Provider
  • Audit IAM
  • Audit InfoSec
  • Audit QA
  • Audit Risk
  • Authentication 
  • Authorization
  • Client Identity Verification
  • Consulting IAM
  • Consulting InfoSec
  • Consulting QA
  • Consulting Risk
  • Credential Issuer or Provider
  • Federated Attributes 
  • Federation Operator
  • Identity Proofing
  • Identity Provider
  • Integration
  • Managed Hosting
  • Network Operator
  • Relying Party or Verifier
  • Validating Identity Claims
  • Wallet Provider
  • Other - specify
Other: Areas of assessment include user-centric functional testing, usability testing, accessibility testing, conformity testing, interoperability testing, performance testing and privacy assessments.

Client Identity Verification Methods

  • Government-issued photo identification method
  • Credit file method
  • Dual process methodology

Audiences

  • Public Sector Individuals (G2C)
  • Public Sector Organizations (G2B)
  • Public Sector Internal Services (G2)
  • Private Sector Businesses (B2B)
  • Private Sector Consumers (B2C)
  • International and NGO
  • Other - specify
Other: Academia

Sectors and Use Cases

  • Academia and Research
  • Agriculture
  • Construction
  • Financial Services
  • Healthcare & Social Services
  • Legal / Law 
  • Manufacturing 
  • Natural Resources 
  • Property Services 
  • Public Sector 
  • Retail & Wholesale Trade
  • Technology & Innovation 
  • Tourism & Hospitality
  • Transportation & Logistics 
  • Other - specify

Adoption Communities

  • Public sector
  • Large organizations
  • Small organizations
  • Consumer direct
  • Other - specify
Other: Non-profit organizations and Academia

Jurisdiction(s)

  • Canada
  • Asia Pacific
  • Europe
  • Indo Pacific
  • North America
  • Latin America
  • Caribbean
  • Global
  • Other - specify
Other: We are not restricted to these jurisdictions and are happy to discuss support for clients globally

Operational Language(s)

  • English
  • Canadian French
  • Other - specify

Technical Support Language(s)

  • English
  • Canadian French
  • Other - specify

Platform(s) Availability

  • Apple app store
  • Google app store
  • Embedded in client app
  • Microsoft app
  • In-person scanner (hardware)
  • Other - specify
  • None

Cost Model

  • Time period flat fee
  • Pay per use
  • Mixed flat and use
  • Other - specify
  • Not Applicable

Service Design Principles

Service Design Principles

  • Accessibility 
  • Auditability
  • Combats fraud
  • Creates efficiencies
  • Diversity, equitability, and inclusion
  • Personal data choice and control
  • Privacy protection and enhancement
  • Transparent governance and operations
  • User-friendly
  • Not applicable

Service Design Tools & Auditability

Design Tools

  • Assurance and risk management framework(s)
  • Codes of practice
  • Community practice guides 
  • Industry, National, International Standards
  • Open source code
  • Regulatory guidance
  • Third-party assessment services
  • Other - specify
  • Not applicable

Protocols Supported

  • API
  • DIDCom (decentralized identifiers)
  • FIDO
  • Hyperledger Indy Aires
  • Oauth
  • OpenID
  • SAML
  • UDAP
  • UMA
  • Other - specify
  • Not applicable

Image Standards Supported

  • GIF
  • JPEG
  • PNG
  • TIFF
  • ISO IEC19794-5 (Passport Image Standard)
  • Proprietary Standards
  • Other - specify
  • Not applicable

Process Standards Considered

  • AODA
  • ETSI EN 301 549 
  • HIPAA 
  • GSA Section 50
  • ISO/IEC 27001
  • ISO/IEC 27018
  • ISO 30107-3
  • ISO 90001
  • NIST 800-63
  • SOC 2 Type 1
  • SOC 2 Type 2
  • WCAG
  • WCAG 2.0 (ISO/IEC40500)
  • WCAG 2.1
  • Other - specify
  • not applicable

Accreditations and Certifications

  • AODA tested
  • FIDO® Certified
  • ETSI EN 301 549 
  • GIAC GSNA
  • GSA Section 508
  • HIPAA self-attest
  • Institute of Internal Auditors, Certified Internal Auditor
  • ISACA CISA
  • ISO/IEC 27001 ISMS
  • ISO/IEC 27001 ISMS Lead Auditor
  • ISO/IEC 27018
  • ISO 30107-3
  • ISO 90001
  • IRCA ISMS Auditor
  • NIST 800-63
  • OpentID Certified
  • SOC 2 Type 1
  • SOC 2 Type 2
  • WCAG
  • WCAG 2.0 (ISO/IEC40500)
  • WCAG 2.1
  • Other - specify
  • Not applicable

Pan-Canadian Trust Framework (PCTF)

Jurisdictional Privacy Law Compliance

  • Canada
  • Asia Pacific
  • Indo Pacific
  • Europe
  • North America
  • South America