Identification and authentication are different, though. You identify yourself to a website as a specific user (e.g. using a username) and the website in turn authenticates your claim, i.e. verifies that you are in fact the user you claim to be (e.g. using that user's password).
If you go that route .. your OIDC provider authenticates your claim. The website just trusts some specific OIDC authorities which you must use to create your identity.
And the third half, “management” verbalizes the action therein.
Also, IAM has a cryptic assertion of ultimate authority: In Hebrew, . . . hayah carries the added weight of representing God himself: Yahweh, “I am.” [0]
What could be a difference between identification and authentication? In my understanding they are completely synonymous. I frequently use an IdP (identity provider) to authenticate for web applications.
Know your customer is something that started in banking and is leaking everywhere.
Identity is who you really are. Be that you as an individual or as a corporation.... In the case of your bank they have a copy of your ID, your SSN, for them identity is what established the account and auth lets you work with it.... AWS might know some members of your company (either by corporate or individual card) but might not know your identity (as an individual) and yet you can still authenticate, because you have been authorized by an identified customer. I can transact with crypto as an authenticated user and NOT be identified.
In some circles "identity" is a term of art. For instance an identity provider maps credentials to user accounts. Those may or may not map to a government-numbered human.
I think authentication is about proof of identity. Identity can mean a lot of things imo. Applications identify me all the time without me giving them any proof of who I am. This happens in meatspace all the time too. People project identity and we make assumptions about what we observe. We don’t necessarily ask them to verify this identify through mutually agreed upon terms.
KYC is not so much about removinh ambiguity. It's about risk mitigation and proof. Not only about a specific user, but also the connections of a company or a person. There is also a lot of rules and laws behind against AML and PEP checks.