Animo,,Animo,,Timo Glastra; Ana Goessens,Digibyte; ESSIFlab,"European Union, Netherlands, Utrecht",Europe,,,Animo,"A Change In How We Handle Verification<br><br>The world is set up in a way where everyone continually needs to prove aspects of themselves. Organisations need personal information about their customers to verify their identity to give them access to services. Institutions like colleges, governments and banks need to verify information to assist people in their day to day life. To do this in the digital world people currently fill out countless forms, create accounts for every service and send copies of sensitive documents over email. This has resulted in people's information being scattered around the web, given to and stored by countless organisations, with no easy way to control and manage it.<br><br>Animo is working to change this. Through a relatively new technology called verifiable credentials, it is possible for users to store personal information about themselves in a digital wallet on their phone. Organisations that need to verify some information about the user (e.g. age, address, membership, qualification, etc.) can send a request and, with user permission, get the information they need without having to store any personal data themselves. The user proves aspects of their digital identity while keeping control over any personal information.","Our aim We build digital infrastructure that makes the world function as it should. Without borders, without vendor lock-in, without limitations. We work for a future where every individual is in control of their life. What we do At Animo we work with developers and organizations to improve digital interaction using verifiable credentials. We create solutions where exchanging data is privacy preserving and frictionless. SEE HOW IT WORKS Who we are Our team works hard to solve the most difficult problems without taking shortcuts. At Animo we understand the value in using open source and open standards to get the job done, working together makes innovation easy. MEET THE TEAM Our projects We have worked with some great organizations to make their products easier, faster and safer. Interested to see what we are working on? Take a look at our projects and updates to see our work. ALL PROJECTS AND UPDATES H I G H L I G H T S Animo receives EU grant to work on open source SSI development. READ MORE Trusted by Demo The future of digital verification is private, secure and centered around the end-user. Our demo will let you experience how easy it is!",https://animo.id/,,Company,,Company,,,Enterprise,ID; Software,,,,2020,https://github.com/animo,https://twitter.com/AnimoSolutions,,https://medium.com/@AnimoSolutions,https://medium.com/feed/@AnimoSolutions,https://discord.gg/vXRVNh3DYD,,https://www.linkedin.com/company/animosolutions/,https://docs.agent-cli.animo.id/,,,,
Anonyome,,Anonyome,,Steve Shillingford,,"USA, Utah, Salt Lake City",USA,,,Anonyme Labs,"Anonyome Labs was created to give people control and freedom over their personal and private information. We believe that people should be able to determine how, what, and with whom they share their personal details. We build the tools necessary to empower our brand partners’ users and end consumers with the necessary capabilities to protect and control their digital information. Anonyome Labs puts control back into users’ hands through mobile and desktop applications.","Privacy is progress Privacy will be the defining topic of this decade. We believe personal freedom hinges on safety and security, and this liberty is essential in our expanding digital world. We provide scalable mobile and desktop solutions that empower users to protect their private information. The challenge In today’s world millions of consumers manage much of their lives online, requiring personally identifiable information at every turn. Consumers need access to these online conveniences while also protecting their personal information. Businesses need better ways of interacting with their customers without the risks associated with collecting their personal data. The solution To meet the challenges facing businesses and consumers, Anonyome Labs provides a platform that enables a next generation approach to security and privacy. A cornerstone of this platform includes limited disclosure digital identities, that we call “Sudos”. Using and interacting with them reduces the amount of personally identifiable information (PII) needed to navigate today’s digital world. Both consumers and businesses maintain everyday relationships, communications, commerce, and more without unnecessary PII disclosure or collection. The platform is complete with all the components necessary to build secure and private market offerings. These scalable components include secure and private calling, messaging, video, browsing, purchasing, and more. The Sudo Platform enables businesses to empower their users through privacy and cyber safety capabilities. We provide a variety of tools that can be rapidly integrated into B2C product and service offerings. To show how the platform can be used, we provide a reference consumer application called MySudo. Sudo Platform The Complete Privacy Toolkit Sudo Platform is a set of easy-to-use privacy solutions that can be integrated into your existing and new products. Sudo Platform APIs and SDKs are quick to learn and simple to use. MySudo Talk, text, email, browse and purchase all in one app Check out the MySudo app, which offers users safety and security in the digital world. Create and manage Sudos for privacy protection online, on the phone, or wherever technology takes you. “Disposable emails, phone numbers and prepaid cards aren’t new. But Sudo does a good job at bringing them all together.” TechCrunch “Sudo is an all-in-one platform for calls, texts, emails and browsers that is customizable and secure.” Fast Company “Never worry about spam again: Sudo supplies disposable phone numbers, email addresses.” Digital Trends From our app store “Can’t live without it. I don’t understand how I manage to survive without this app, it is absolutely indispensable.” comechingones “So easy! I thought this app was so easy to use and It’s so awesome to have an avenue for creating a secure identity account! Good job! I would recommend!” Hippieuser “Awesome!!! Easy to use and private! Win win!!!!” iwishitwasyou katiesweet2010 Let’s chat Want to learn how to integrate our technology into your product stack? Please contact us, we’d love to hear from you.",https://anonyome.com/,,Company,,Company,,,Consumer,Privacy,,,,2014,,https://twitter.com/AnonyomeLabs,,https://anonyome.com/blog/,https://anonyome.com/feed/,,https://www.crunchbase.com/organization/anonyome-labs,,,,,,
Auth0,Okta,Auth0,,Eugenio Pace; Federico Jack; Matias Woloski,,"USA, Washington, Seattle",,,,Auth0,"Auth0 is a cloud identity management SAAS application for the web, mobile, IoT, and internal software","From improving customer experience through seamless sign-on to making MFA as easy as a click of a button – your login box must find the right balance between user convenience, privacy and security.That’s why Okta and Auth0 have joined forces. Because we know together we can help you build a better solution for Customer Identity (CIAM) that will reduce security and compliance risks, improve your UX, and help your developers maximize their time. Basically, we make your login box awesome. Get Gartner’s 2022 overview of leading Access Management vendorsLearn more Let’s take a look at everything you can do. Optimize for user experience and privacy. Use social login integrations, lower user friction, incorporate rich user profiling, and facilitate more transactions. Registration Anonymous User Bot Detection Registration Login Directory SSO Social Integrations Access Progressive Profiling Transactions Step-up Auth Auth Factors convenience privacy security report The Total Economic Impact of Auth0 11.7ᴹ Total benefit 548% ROI <6mo Payback Time powered by Forrester® ↗ whitepaper Build vs Buy: Guide to Identity Management 6 Signs You Need to Move From DIY to an Identity Management Solution video The Auth0 Product Tour A short tour through Auth0’s extensibility and uses for B2B, B2C, and B2E.",https://auth0.com,,Company,,Company,,,Consumer; Enterprise,ID; IAM,,,,2013,,,,https://auth0.com/blog/,https://auth0.com/blog/rss.xml,,https://www.crunchbase.com/organization/auth0,,,,,,
Auth0,,Okta,,Frederic Kerrest; Todd McKinnon,10000+ Organizations; JetBlue; Nordstrom; Siemens; Slack; T-Mobile; Takeda; Teach for America; Twilio,"USA, California, San Francisco",,,,Okta,Everything you need to build or integrate authentication and user management,"Okta is the leading independent identity provider. The Okta Identity Cloud enables organizations to securely connect the right people to the right technologies at the right time. With more than 7,000 pre-built integrations to applications and infrastructure providers, Okta provides simple and secure access to people and organizations everywhere, giving them the confidence to reach their full potential. More than 10,000 organizations, including JetBlue, Nordstrom, Siemens, Slack, T-Mobile, Takeda, Teach for America, and Twilio, trust Okta to help protect the identities of their workforces and customers.<br>",https://okta.com,,Company,,Company,,,Enterprise,IAM,,,,2009,https://github.com/originalmy,https://twitter.com/okta,https://www.youtube.com/OktaInc,https://www.okta.com/blog/; https://developer.okta.com/blog/,https://developer.okta.com/feed.xml,,https://www.crunchbase.com/organization/okta,https://www.linkedin.com/company/okta-inc-/,,,,,
Bonifii,CULedger,Bonifii,,Darrell O'Donnell; John Ainsworth; Julie Esser,Sovrin Steward; Indicio; Over 70 Partners,"USA, Colorado, Denver",,,,Bonifii,"Bonifii is an innovative financial technology company that proactively protects credit union members from becoming victims of financial fraud by providing safe, secure, and convenient identity verification solutions.","Bonifii is a credit union-owned CUSO (credit union service organization) that focuses on delivering innovative applications on a global distributed ledger (DLT) or blockchain platform for credit unions. Blockchain has already been substantiated as a critical element of digital transformation. In working through a national consortium of credit unions and trusted industry partners, CULedger is uniquely positioned to help credit unions serve the digital needs of its members.<br><br>CULedger’s credit union-specific distributed ledger technology gives the credit union industry the edge it needs to remain competitive in the rapidly changing financial services industry. CULedger is not just about having a seat at the table as it relates to this technology. Credit unions will be able to implement the technology and utilize the current and future applications that run on it.<br><br>The development of CULedger was made possible through the efforts of many partners including the 70+ credit unions, CUSOs, and industry partners that made a contribution toward the "research to action" initiative, Best Innovation Group, the Credit Union National Association, the National Credit Union CEO Roundtable, The Mountain West Credit Union Association and Evernym (www.Evernym.com). Evernym developed the Sovrin Platform (www.sovrin.org).",https://bonifii.com/,,Company,,Company,,,Clients,Banking,,,,2017,,,,https://www.bonfii.com/resources-blog,https://www.bonfii.com/resources-blog?format=rss,,https://www.crunchbase.com/organization/culedger,,,,,,
Bonifii,,CULedger,,Darrell O'Donnell; John Ainsworth; Julie Esser,Sovrin Steward; Bonifii,,,,,CULedger,"CULedger is a credit union-owned CUSO (credit union service organization) that is creating the premier platform of digital exchange for financial cooperatives globally. In working through a national consortium made up of credit unions and trusted industry investors, CULedger has pioneered new developments related to global self-sovereign decentralized identity, MemberPassTM, that will further enhance the trust credit unions have with their members.<br><br>CULedger provides advantages to credit unions and their members by reducing risks associated with cybersecurity and fraud, improving member experience, streamlining internal processes and reducing administrative and operational costs. To learn more about MemberPass, visit www.memberpass.com or follow the company on the CULedger Facebook, LinkedIn or Twitter.",,https://culedger.com,Sovrin Steward,Organization,Rebrand,Company,,,Consumer,Banking,,,,2017,,https://twitter.com/CULedger/,https://www.youtube.com/channel/UCPcopipop1XTBdYkM2VHPfw,,,,https://www.crunchbase.com/organization/culedger,https://www.linkedin.com/company/27238176/,,,,,
Danube,,Danube,,Markus Sabadello,Sovrin Steward; DIF; DHS; RWoT; IIW; ESSIFLab,"European Union, Austria, Wien, Vienna",Europe,,IIW; RWoT,Danube Tech,"Danube Tech works on advanced Information and Communication Technologies (ICTs) in the field of digital identity and personal data. Following the NSA surveillance scandal, the fall of the Safe Harbor agreement, the E.U.'s new General Data Protection Regulation (GDPR), and several other developments, questions around control, privacy, and economic value of personal data are leading to new legal frameworks, business models, and technological architectures and protocols.<br><br>Danube Tech and its partners are working on several emerging technologies, including: 1. The XDI protocol, 2. The FreedomBox personal server, and 3. Blockchain-based identifier registration services.<br><br>Grown out of a background of Internet freedom activism and grassroots hacker culture, we continue to explore digital developments at the edge of important political and social questions. We contribute to ongoing discourse about anonymity vs. veronymity, centralization vs. decentralization, as well as sovereign and user-centric digital identity.","Danube Tech works on advanced Information and Communication Technologies (ICTs) in the field of digital identity and personal data. We explore questions around control, privacy, and economic value of personal data that are leading to new legal frameworks, business models, and technological architectures and protocols.<br><br>Danube Tech and its partners are now focused on developing technologies and products for the W3C Decentralized Identifiers (DIDs) standard. We are building the bridges that interconnect all decentralized identity networks globally. This enables interoperable identity applications and services for everyone.",https://danubetech.com/,,Company,,Company,,,Enterprise,ID; Data; Privacy,,Universal Resolver; BTCR; Indy; ERC725,DID; Verifiable Credentials; OAuth; ,2015,https://github.com/danubetech; https://github.com/projectdanube,https://twitter.com/peacekeeper,,https://medium.com/@markus.sabadello,https://medium.com/feed/@markus.sabadello,,https://www.crunchbase.com/organization/danube-tech,https://www.linkedin.com/company/danube-tech,,,,,
Danube,German Blockchain Association,,https://web.archive.org/web/20181117025930/https://www.bundesblock.de/wp-content/uploads/2018/10/ssi-paper.pdf,,,,,,,New Position Paper: Self Sovereign Identity defined,"In a SSI proof-of-concept during the first half of 2018, 3 banks, an insurance company, the Austrian Post, and an institution representing notaries has cooperated to implement a range of use cases based on DIDs, Verifiable Credentials, Sovrin, and the XDI protocol. The use cases included:<br> * digital ID onboarding for existing clients,<br> * SSO for new clients,<br> * sharing of KYC data between organizations,<br> * dynamic data verification (change-of-address),<br> * secure communication (e-mail with ID confirmation),<br> * change of identity service providers,<br> * Personal ID verification in a peer-to-peer marketplace<br><a href=""https://www.Hyperledger.org/blog/2018/08/15/developer-showcase-series-markus-sabadello-Danube-tech"">Developer Showcase Series: Markus Sabadello, Danube Tech</a><br> I have worked on digital identity technologies for a long time, the question of who we are, how we present ourselves, and what do others know about us in the digital world. There’s this concept of user-centric identity, and more recently self-sovereign identity, which places individuals at the center of their online relationships and transactions, and gives us all the ability to create, manage, use, and destroy our online identities according to our own rules.",,https://serverprofis.bundesblock.de/new-position-paper-self-sovereign-identity-defined/,,Paper,,Meta,,,,,,,,2018-11-15,,,,,,,,,,,,,
Danube,UDHR,,,,,,Global,,,The Universal Declaration of Human Rights,"The Universal Declaration of Human Rights (UDHR) is a document that acts like a global road map for freedom and equality – protecting the rights of every individual, everywhere. It was the first time countries agreed on the freedoms and rights that deserve universal protection in order for every individual to live their lives freely, equally and in dignity.
The UDHR was adopted by the newly established United Nations on 10 December 1948, in response to the “barbarous acts which […] outraged the conscience of mankind” during the Second World War. Its adoption recognized human rights to be the foundation for freedom, justice and peace.
Work on the UDHR began in 1946, with a drafting committee composed of representatives of a wide variety of countries, including the USA, Lebanon and China. The drafting committee was later enlarged to include representatives of Australia, Chile, France, the Soviet Union and the United Kingdom, allowing the document to benefit from contributions of states from all regions, and their diverse religious, political and cultural contexts. The UDHR was then discussed by all members of the UN Commission on Human Rights and finally adopted by the General Assembly in 1948.",,https://www.amnesty.org/en/what-we-do/universal-declaration-of-human-rights/,,Paper,,Policy,Cross,,,Humanitarian,,,,1948,,,,,,,,,,,,,
Danube,ICCPR,,,,,,Global,,,International Covenant on Civil and Political Rights,"ICCPR is an international human rights treaty adopted in 1966. The UK agreed to follow ICCPR in 1976. It enables people to enjoy a wide range of human rights, including those relating to:
- freedom from torture and other cruel, inhuman or degrading treatment or punishment
- equality and non-discrimination",,https://www.equalityhumanrights.com/en/our-human-rights-work/monitoring-and-promoting-un-treaties/international-covenant-civil-and,,Paper,,Policy,Cross,,,Humanitarian,,,,1966,,,,,,,,,,,,,
Danube,ICESCR,,,,,,Global,,,"International Covenant on Economic, Social and Cultural Rights","The International Covenant on Economic, Social and Cultural Rights (ICESCR) is a multilateral treaty adopted by the United Nations General Assembly (GA) on 16 December 1966 through GA. Resolution 2200A (XXI), and came in force from 3 January 1976.[1] It commits its parties to work toward the granting of economic, social, and cultural rights (ESCR) to the Non-Self-Governing and Trust Territories and individuals, including labour rights and the right to health, the right to education, and the right to an adequate standard of living. As of July 2020, the Covenant has 171 parties.[3] A further four countries, including the United States, have signed but not ratified the Covenant.",,"https://en.wikipedia.org/wiki/International_Covenant_on_Economic,_Social_and_Cultural_Rights",,Paper,,Policy,Cross,,,Humanitarian,,,,1966,,,,,,,,,,,,,
Danube,CRPD,,,,,,Global,,,Convention on the Rights of People with Disabilities,"The United Nations Convention on the Rights of Persons with Disabilities (CRPD) is an international human rights treaty adopted in 2006 that reaffirms that all persons with disabilities must enjoy all human rights and fundamental freedoms.
It clarifies that all persons with disabilities have the right to participate in civil, political, economic, social and cultural life of the community.",,https://www.edf-feph.org/un-crpd/,,Paper,,Policy,Cross,,,Humanitarian,,,,2023,,,,,,,,,,,,,
Danube,ECHR,,,,,,Europe,,,European Convention on Human Rights,"The European Convention on Human Rights (ECHR) protects the human rights of people in countries that belong to the Council of Europe.
All 47 Member States of the Council, including the UK, have signed the Convention. Its full title is the ‘Convention for the Protection of Human Rights and Fundamental Freedoms’.
Formed in 1949, the Council of Europe is completely separate from the European Union and much larger, with 47 members compared to the EU’s 28. The UK became a Council member 24 years before it joined the EU. The UK’s membership of the Council would be unaffected if it left the EU",,https://www.equalityhumanrights.com/en/what-european-convention-human-rights,,Paper,,Policy,Cross,,,Humanitarian,,,,2017-04-19,,,,,,,,,,,,,
Danube,CFREU,,,,,,Europe,,,Charter of Fundamental Rights of the European Union,"The Charter of Fundamental Rights of the European Union brings together the most important personal freedoms and rights enjoyed by citizens of the EU into one legally binding document. The Charter was declared in 2000, and came into force in December 2009 along with the Treaty of Lisbon",,https://www.citizensinformation.ie/en/government_in_ireland/european_government/eu_law/charter_of_fundamental_rights.html,,Paper,,Policy,Cross,,,Humanitarian,,,,2023-01-31,,,,,,,,,,,,,
Danube,HRHP,,,,,,Europe,,,Human Rights Handbook for Parliamentarians,"Human rights have pervaded much of the political discourse since the Second World War. While the struggle for freedom from oppression and misery is probably as old as humanity itself, it was the massive affront to human dignity perpetrated during that War, and the need felt to prevent such horror in the future, which put the human being back at the centre and led to the codification at the international level of human rights and fundamental freedoms. Article 1 of the Charter of the United Nations declares “promoting and encouraging respect for human rights and for fundamental freedoms for all without distinction as to race, sex, language, or religion” as one of the purposes of the Organization.
The Universal Declaration of Human Rights, adopted by the United Nations General Assembly in 1948, was the first step towards achieving this objective. It is seen as the authoritative interpretation of the term “human rights” in the Charter of the United Nations. The Universal Declaration together with the International Covenant on Civil and Political Rights and the International Covenant on Economic, Social and Cultural Rights, both adopted in 1966, constitute what has become known as the International Bill of Human Rights. Since 1948, human rights and fundamental freedoms have indeed been codified in hundreds of universal and regional, binding and non-binding instruments, touching almost every aspect of human life and covering a broad range of civil, political, economic, social and cultural rights. Thus, the codification of human rights has largely been completed. As the Secretary-General of the United Nations, Mr. Kofi Annan, has recently pointed out, today’s main challenge is to implement the adopted standards",,https://www.refworld.org/docid/46cea90d2.html,,Paper,,Policy,Cross,,,Humanitarian,,,,2005-08-01,,,,,,,,,,,,,
DigitalBazaar,,DigitalBazaar,,Dave Longley; Manu Sporny,IETF; Web Payments IG; VCTF; CCG; DHS; Veres One; W3C; GS1; SecureKey; TradeLens; Sovrin Steward; Founding Sovrin Steward; USC&B,"USA, Virginia, Blacksburg",USA,,,Digital Bazaar,"Digital Bazaar, Inc. develops technology, services, and products that help integrate Linked Data, identity, and payments into the core architecture of the Web.","We have over a decade of extensive experience with web standards at the World Wide Web Consortium (W3C) and the Internet Engineering Task Force including leadership roles in the Web Payments Interest Group as well the Verifiable Claims Task Force and the Credentials Community Group at the W3C.<br><br>Digital Bazaar is deeply involved in the latest Web research and development standards groups including XHTML+RDFa, HTML5+RDFa, Semantic Web, OpenID Connect, and WebID.<br><br>Digital Bazaar also oversees technical development of core Web technologies across a wide variety of technology areas and has been a primary driving force in getting open identity and Linked Data technologies like JSON-LD and RDFa adopted at companies like Google, Microsoft, Yahoo!, Facebook and agencies in the US Federal Government.",https://digitalbazaar.com/,Https://i.imgur.com/v2ZuWeL.jpg,Company,,Company,,,Enterprise,ID; Payments,,Encrypted Data Vaults; Linked Data,XHTML+RDFa; HTML5+RDFa; Semantic Web; OpenID Connect; WebID; JSON-LD; RDFa; Verifiable Credentials; DID,2004,https://github.com/digitalbazaar,https://twitter.com/digitalbazaar,https://www.youtube.com/channel/UCZv6VnzDx2pj_slpqKxTvUQ,,,,https://www.crunchbase.com/organization/digital-bazaar,https://www.linkedin.com/company/digital-bazaar-inc-/,,,,,
Disco,,Disco,,Evin McMullen; Sarah Ruddy,,"USA, New York, NYC",USA,,,Disco.xyz,"Disco is your identity for the metaverse.<br>Our friendly tools make it easy for you to carry your data from web2 to Web3, under your ownership and control. We believe in the power of equality, ownership and joyful experiences. We are building autonomy and freedom for all blockchains, all apps and all people.","Disco brings fun to the Metaverse with self-sovereign identity. Disco enables users to enjoy nuanced Web3 reputation associated to public identifiers across chains and web2, while maintaining privacy and user autonomy. Disco profiles coming Spring 2022",https://www.disco.xyz/,,Company,,Company,Web3,,Consumer,Reputation,,Cryptography; governance frameworks,,2022,,,,https://mirror.xyz/0xaf115b18eE30734f6CeA1C56BE76615df046e010,https://disco.mirror.xyz/feed/atom,,,https://www.linkedin.com/company/disco-xyz/,,,,,
Dock,,Dock,,Elina Cadouri; Nick Macario,,"USA, California, San Francisco",USA,,,Dock,"Dock was founded with a mission to solve universal problems with existing data solutions: data silos and gatekeepers, untrusted and inaccurate information, incompatibilities across platforms, inefficiencies with verifying data, and lack of control and privacy for users.<br><br>In today’s world, accurate and individually-owned data is more important than ever. Our ability to navigate through society depends heavily on being able to accurately capture and prove various pieces of information that represent who we are and our accomplishments.<br><br>These pieces of information can be anything from a passport proving our identity and citizenship, a graduation diploma proving our education, or a vocational license proving our ability to work in a designated field. Digital credentials are virtual representations of these important pieces of data which are essential in our lives and careers, but there are many problems with how this data is captured, shared, and controlled.<br><br>Dock is open and permissionless across our technology, network and governance. By enabling any organization or developer to issue via Dock, we can work together across markets and industries to unlock a better future world powered by secure, individually-owned verifiable credentials.","There is a problem in the digital economy. Paper and PDFs are easy to fake. Verifying the authenticity of a document or certificate is slow and manual. And if you don't verify them, you risk fraud. That's why world-class organisations use Verifiable Credentials to verify documents instantly. Verifiable Credentials are documents that contain a crypto signature: a permanent stamp that allows anyone to confirm you issued that credential. They are fraud-proof and verifiable with one click, creating instant trust between people and organisations in the digital economy. Dock provides organizations with all the infrastructure and tools to issue and verify credentials on the blockchain. Create your identity on blockchain and issue your first Verifiable Credentials in seconds. Certs intuitive no-code dashboard lets you customize and issue certificates in a few clicks. It's the preferred solution for those who want to issue VCs without having to touch any code. "We are confident that Dock is able to support us in scaling up our projects regarding SSI solutions within government and beyond” Do you want to issue Verifiable Credentials from your existing system? Certs API enables developers to easily and instantly issue, verify, manage, and revoke Verifiable Credentials and Decentralized Identities on the Dock Blockchain. “A decentralised option that maintains highest levels individual data privacy and integrity." Build a Verifiable Credentials wallet inside your app, and allow your users to receive, store and manage their credentials and DOCK tokens. Built for React Native applications with added support for Polkadot-JS. Available for iOS and Android. “Together with the Dock team we are bringing digital empowerment to the people.” Dock’s substrate-based blockchain provides an open-source, decentralized, and low-cost platform for organizations and developers to build Decentralized Identity and data applications for the Web3. Easy-to-use and open-source framework especially built for developers and enterprises to develop and scale DID products with cutting-edge innovations and quick upgrades Incorporating standards from the industry-leading World Wide Web Consortium (W3C) and VCDM to facilitate data exchange with other platforms seamlessly Tamper-proof data management that is exceedingly secure and cryptographically verifiable ensuring trust and privacy in data exchange and management Integrated with Parity’s Frontier, deploy smart contacts written on solidity and interact with them using existing Ethereum libraries such as Web3 or ethers.js With the same consensus as Polkadot, Dock’s blockchain is especially designed to build enterprise-grade products with high efficiency, scala
EnergyWeb,,EnergyWeb,,Ana Trbovic,,"European Union, Germany, Berlin",Europe,,,EnergyWeb,We build open-source Web3 technologies that help companies navigate the energy transition,Energy Web technology is powering decarbonization solutions in dozens of countries,https://www.energyweb.org/,,Company,,Company,Energy,,Enterprise,Green energy,,,,2017,,,,https://energywebx.medium.com/,https://medium.com/feed/@energywebx,https://discord.com/invite/psraNwqGqp,https://www.crunchbase.com/organization/energy-web-foundation,https://www.linkedin.com/company/energywebx/,,https://lab.energyweb.org/,,,
Evernym,Avast,Evernym,,Jason Law; Timothy Ruff,Sovrin Steward; Founding Sovrin Steward; DIF; ESSIFLab,"USA, Utah, Draper",USA,,,Evernym,"When you work with Evernym, you work with the world’s leading expert in decentralized identity. With deep skills in digital identity, cryptography, privacy, security and new governance frameworks, we are the original developers of Hyperledger Indy and the creator of the Sovrin Network and the Sovrin Foundation.<br><br>We are passionate about open source and open standards, so there’s no vendor lock-in to our solutions. We believe in true data interoperability and delivering the highest levels of security and privacy in the market, and our software makes it easy and simple to connect, share, and rely on trusted digital information.","While the risk of fraud and data misuse is increasing, decentralized identity and credentials are meeting the demands of businesses across the digital identity value chain with: - Enhanced security - Privacy & user experience with the ability to easily consent - Shareable & verifiable claims without having to disclose sensitive data With this report, access promising use cases, risks and considerations, and expert recommendations on creating value for the fully decentralized future. Gartner®, Innovation Insight for Decentralized Identity and Verifiable Claims, 18 August 2021. Michael Kelley, David Mahdi, Gartner do not endorse any vendor, product or service depicted in its research publications, and do not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.",Http://www.evernym.com,Https://www.evernym.com/wp-content/uploads/2017/06/evernymBarebell_new2.png,Company,,Company,,,Enterprise,ID; privacy; security,VCI,,Verifiable Credentials; DID,2013,,https://twitter.com/evernym,https://www.youtube.com/c/Evernym,https://www.evernym.com/blog/,https://www.evernym.com/feed/,,https://www.crunchbase.com/organization/evernym,https://www.linkedin.com/company/evernym-inc-/,,,,,
Evernym,,Avast,,Jason Law; Timothy Ruff,,"Czech Republic, Prague",,,,Avast,Avast is a security software development company that protects people from threats on the internet.,,https://www.avast.com/,,Company,,Company,Cybersecurity,,Consumer; Enterprise,Virus Protection,,,,1988,,,,https://blog.avast.com/,https://blog.avast.com/rss.xml,,https://www.crunchbase.com/organization/evernym,,,,,,
Evernym,Evernym,,,,Verityflow,,,,,Creating a new verification flow in Verity Flow,"Evernym product manager Candice Ward shows the process of creating a custom verification workflow in Evernym's no-code visual interface, Verity Flow.",,https://www.youtube.com/watch?v=vyuoi_lmxia,,Video,,HowTo,,,,,,,,2021-08-26,,,,,,,,,,,,,
Evernym,Evernym,,,,Verityflow,,,,,Verifying credentials using Verity Flow,"Evernym product manager Candice Ward demonstrates the process of requesting and verifying credentials using Evernym's no-code visual interface, Verity Flow.<br><br>See also: Part 2 - Creating a custom verification prompt: [https://youtu.be/VYuoi_LMxiA](https://youtu.be/VYuoi_LMxiA)",,https://www.youtube.com/watch?v=9d2qmzw4bxy,,Video,,HowTo,,,,,,,,2021-08-26,,,,,,,,,,,,,
Evernym,Evernym,,,,Verityflow,,,,,Verity Flow: Evernym's no-code solution for issuing and verifying digital credentials,"On our August 2021 webinar, Evernym's product team provided a first look at Verity Flow, our new no-code solution for issuing and verifying credentials.<br><br>We covered:<br><br>- An overview of Verity Flow, including a demo and what you can expect from our upcoming release<br>- How it’s used today, by 1,500+ lab accounts within the IATA Travel Pass ecosystem<br>- An update on our product roadmap, including support for the cheqd network and a new identity verification capabiliy",,https://www.youtube.com/watch?v=nafqcqiycjy,,Video,,HowTo,,,,,,,,2021-08-26,,,,,,,,,,,,,
Evernym,PRNewswire,,,,,LONDON,,,,Sovrin Foundation Launches First Dedicated Self-Sovereign Identity Network,"Evernym, Inc. announced today at the Ctrl-Shift Personal Information Economy conference that it has donated the intellectual property for the Sovrin Identity Network—the world's first and only dedicated self-sovereign identity platform—to a newly-formed nonprofit organization. The Sovrin Foundation, which is run by a group of internationally recognized identity experts, has a mission to empower everyone with a digital identity which they fully own and control.","Sovrin Foundation Launches First Dedicated Self-Sovereign Identity Network Sep 29, 2016, 02:00 ET LONDON, Sept. 29, 2016 /PRNewswire-USNewswire/ -- Evernym, Inc. announced today at the Ctrl-Shift Personal Information Economy conference that it has donated the intellectual property for the Sovrin Identity Network—the world's first and only dedicated self-sovereign identity platform—to a newly-formed nonprofit organization. The Sovrin Foundation, which is run by a group of internationally recognized identity experts, has a mission to empower everyone with a digital identity which they fully own and control. ""Imagine a world where fraud is reduced, logins are simpler and more secure, governments can slash red tape, and healthcare practitioners can provide care with patients' immediate consent,"" said Dr. Phillip Windley, Sovrin Foundation's inaugural Chair. ""Beyond these applications, the potential is limitless when global impact is considered. Developing nations will finally have an identity solution to underpin birth registration, land ownership, vaccination and refugee tracking."" The underlying problem Sovrin solves is that the Internet was designed to identify machines, but has no standard way to identify people. This new platform utilizes distributed ledger technology, a close cousin to Bitcoin's underlying blockchain, but specifically tailored to identity. Sovrin imparts not only full control to the user over their identity, but absolute sovereignty: no one can read it, use it, change it, or turn it off without the user's explicit consent. When identity is ""self-sovereign"", it becomes a hub for many types of interactions like secure messaging, data sharing, and the management of consent. These capabilities enable businesses to transition from being identity providers—typically a cost center—to being identity consumers, and putting users in control leads to higher customer satisfaction. ""Governments and private industry waste hundreds of billions a year on inefficient and inaccurate identity proofing measures, which rarely if ever put the consumer first,"" Timothy Ruff, Evernym's CEO, said. ""We recognized that a completely new platform was needed to enable universal digital identity, and for it to be trusted it needs to belong to the world and not to us."" To learn more visit http://www.sovrin.org. About The Sovrin Foundation Founded in September 2016, the Sovrin Foundation is a private-sector, international non-profit body for coordinating the global, stable operation of the Sovrin Identity Network. Supported by a Board of Trustees, Technical Governance Board, Executive Director and Staff, the Sovrin Foundation is the first of its kind. Sovrin's partners include global, national and local businesses, nonprofits, government, and civic organizations, along with developers, volunteers, health providers, donors, and more. For more information about Sovrin, visit http://www.sovrin.org or follow us on Twitter: @SovrinID and #Sovrin. SOURCE The Sovrin Foundation",https://www.prnewswire.com/news-releases/sovrin-foundation-launches-first-dedicated-self-sovereign-identity-network-300336702.html,,Press,,Meta,,,,,,,,2016-09-29,,,,,,,,,,,,,
Evernym,Evernym,,,Samuel M. Smith; Dmitry Khovratovich,,,,,,Identity System Essentials,"The purpose of this white paper is to describe the essential characteristics of an identity system that provides sovereignty, security and privacy. Here the meaning of identity is derived from the characteristics of the identity system, that is, what the identity system provides. Instead of defining identity a priori, this white paper describes an identity system and then defines identity within the context of that identity system. Many of the features of the identity system has been influenced and inspired other proposed systems such as Open Reputation. This paper argues that an identity system that simultaneously provides a high degrees of sovereignty, security and privacy is best obtained via an open platform that employs distributed consensus protocols and modern cryptographic techniques.",,https://www.evernym.com/wp-content/uploads/2017/02/identity-system-essentials.pdf,,Whitepaper,,Meta,,,,,,,,2017-02,,,,,,,,,,,,,
Evernym,Evernym,,,,Aries; Trinsic; IBM; IDramp; Esatus,,,,,Evernym’s Connect.Me,"Connect.Me<br>Our consumer digital wallet app<br>Enable customers and end users to manage all of their digital credentials from the safety of their own phone<br>Engage in structured two-way messaging over secure and private channels<br>Eliminate excess data collection with zero-knowledge proof technology, and other cutting-edge privacy features",,https://www.evernym.com/connectme/,,Product,,Product,,,,,,,,2021-09-27,,,,,,,,,,,,,
Evernym,DHS,,,,,,,,,News Release: DHS S&T Awards $749K to Evernym for Decentralized Key Management,"Managing public and private cryptographic keys in existing public key infrastructure as well as permissioned and permission-less blockchains continues to be a difficult challenge,” said S&T Identity Management Program Manager Anil John. “Through this project, Evernym will push the limits of the emerging decentralized key management system technology to deliver a high level of comfort to the public and American businesses as they integrate blockchain technologies into their technology portfolio.",,https://www.dhs.gov/science-and-technology/news/2017/07/20/news-release-dhs-st-awards-749k-evernym-decentralized-key,,Press,,Press,,,,,,,,2017-07-20,,,,,,,,,,,,,
Evernym,Evernym,,,,Trinsic; IBM; Lissi; esatus,,,,,Evernym’s Verity,"Our flagship product for verifiable credential exchange<br>Issue and verify digital credentials<br>Easily integrate with back-end systems, using our REST API and SDKs in Java, Node.Js, Python, and .NET<br>Build for scale, with enterprise-grade architecture designed to support millions of users.<br>Enable open ecosystems and true data portability, with a solution based on open standards and interoperability",,https://www.evernym.com/verity/,https://evernym.wpenginepowered.com/wp-content/uploads/2021/10/verity-product.png,Product,,Product,,,,,,,,2021-10-10,,,,,,,,,,,,,
Evernym,Globalnewswire,,,,,,,,,IOTA and Evernym Launch Collaboration Aimed at Making the Internet of Things More Secure,,"“Evernym and IOTA are both intensively working toward achieving the same goal,” said IOTA founder David Sønstebø. “That is, a world where distributed ledgers facilitate the secure and efficient exchange of resources and data between all connected entities. This is a natural pairing and the world should pay attention to the exciting products that result from it.”",https://globenewswire.com/news-release/2017/08/31/1106292/0/en/IOTA-and-Evernym-Launch-Collaboration-Aimed-at-Making-the-Internet-of-Things-More-Secure.html,,Press,,Press,,,,,,,,2017-08-31,,,,,,,,,,,,,
Evernym,Globalnewswire,,,,,,,,,Evernym rolls with auto industry association MOBI to promote SSI in automotive and IoT,,"Cars, like people, have a digital identity problem that Evernym, a technology company focused on digital identity, wants to help solve. Cars that connect online will soon need to assert their own identities and be able to verify people’s identities in ways unthinkable just a few years ago. Is this replacement component a safe one? Can I let it access the car’s network? Is this person authorized to change my settings or drive me?",https://globenewswire.com/news-release/2018/10/05/1617425/0/en/Evernym-rolls-with-auto-industry-association-MOBI-to-promote-SSI-in-automotive-and-IoT.html,,Press,,Press,,,,,,,,2018-10-05,,,,,,,,,,,,,
Evernym,Evernym,,,,Hyperledger Foundation; Sovrin,,,,,Evernym's contributions to Hyperledger and Sovrin,,Evernym's contributions to Hyperledger and Sovrin. Video contents are listed here: https://wiki.hyperledger.org/display/indy/Evernym+Sprint+Demos,https://www.youtube.com/playlist?list=PLRp0viTDxBWGLdZk0aamtahB9cpJGV7ZF,,Meta,,Playlist,,,,Development,,,,2020-05-22,,,,,,,,,,,,,
Evernym,Globalnewswire,,,,,,,,,15 Industry Leaders Join Evernym’s Global Accelerator to Build the Future of Digital Identity.,,"Founding members of the Accelerator include industry leading organizations ATB Financial, IAG, Irish Life, the International Federation of Red Cross, Spark New Zealand, Truu and three provincial and state governments. Collectively, these organizations represent the interests of 100's of millions of individuals worldwide.",https://globenewswire.com/news-release/2018/11/07/1647044/0/en/15-Industry-Leaders-Join-Evernym-s-Global-Accelerator-to-Build-the-Future-of-Digital-Identity.html,,Press,,Press,,,,,,,,2018-11-07,,,,,,,,,,,,,
Factom,,Accumulate,,,,,,,,Accumulate Network,"Accumulate’s story starts with the founding of Factom in 2014, a data publishing layer atop major blockchains. In 2021, Factom was acquired by Inveniam Capital Partners, bringing along lead engineers Paul Snow and Jay Smith. Inveniam Capital Partners created the Defi Devs subsidiary to be lead developers in the Accumulate community.<br><br>The Accumulate protocol is based on many of the best concepts that came of the Factom protocol, including data and identity focus while combining the components in a new and unique configuration.<br><br>The Accumulate protocol is designed by Paul Snow. Paul Snow is the Chief Blockchain Scientist at Inveniam and Defi Devs. Previously, he was the CEO and chief architect of the Factom protocol and co-author of the Factom White Paper, developing and implementing a “multi-leader” consensus algorithm for the blockchain network. Of note, he was founder and chief architect for DTRules, an open-source project providing decision table-based rules engines. He is listed as inventor on many of Factom’s 40+ patents, both issued and in progress, which serve as a foundation for Accumulate.",,https://accumulatenetwork.io/,,Company,,Company,Web3,,,Data,,Blockchain,"DID,Verifiable Credentials",2021-08,,https://twitter.com/accumulatehq,,https://accumulatenetwork.io/blog/,https://accumulatenetwork.io/feed/,https://discord.gg/X74hPx8VZT,https://www.crunchbase.com/organization/accumulate-358f,https://www.linkedin.com/company/accumulatenetwork/,https://accumulatenetwork.io/whitepaper/,https://docs.accumulatenetwork.io/,,,
Gataca,,Gataca,,Irene Hernandez; Samuel Gómez,ESSIFLab,"USA, Massachusetts, Boston",Europe,,,Gataca,"Gataca is a cybersecurity company founded in Boston, MA, at the heart of MIT’s entrepreneurship and innovation ecosystem. It started as an academic research study seeking to reduce the risk of doing business online. As victims of the Equifax data breach later that year, the topic became very Personal.<br><br>We built Gataca because we knew there had to be a better way to protect our data.",,https://gataca.io/,,Company,,Company,Enterprise,ID,,Personal Data,,,DID,2018,,https://twitter.com/gataca_id,https://www.youtube.com/channel/UCaoK-LYmCPiXThYpLOShgvg/,https://gataca.io/blog/,,,https://www.crunchbase.com/organization/gataca-4a8f,https://www.linkedin.com/company/gataca/,https://developer.global.id/documentation/index.html,https://developer.global.id/,,,
Gataca,Gataca,,,,,,,,,"Decentralized Finance & Self-sovereign Identity: A tale of decentralization, a new paradigm of trust",We are aware that DeFi’s growth is explosive and inevitable yet its growth needs to be sustainable and responsible. This can be done with SSI.,,https://gataca.io/blog/decentralized-finance-self-sovereign-identity-a-tale-of-decentralization-a-new-paradigm-of-trust/,,Post,,Explainer,,DWeb,DeFi,,,,,2021-05-07,,,,,,,,,,,,,
Gataca,Gataca,,,,,,,,,SSI Essentials: Everything you need to know about Decentralized Identity,"Solving the identity paradox: the tradeoff between privacy, security, & user experience",,https://gataca.io/blog/ssi-essentials-everything-you-need-to-know-about-decentralized-identity/,,Post,,Explainer,,,,,,,,2021-11-29,,,,,,,,,,,,,
Gataca,Gataca,,,,,,,,,GATACA joins EU Commission’s Early Adopters Program as SSI provider in the Spanish group,"In Spain, three universities will pioneer the issuance of digital Academic Diplomas. The issuance will be performed 100% online, where students will authenticate themselves using a digital ID previously issued by FNMT (the Royal Mint of Spain) and stored in their mobile wallets.",,https://gataca.io/blog/gataca-joins-the-european-commission-s-early-adopters-program-as-the-ssi-technology-provider-in-the-spanish-group/,,Post,,Meta,,,,Real World,,,,2021-04-12,,,,,,,,,,,,,
Gataca,CyberNews,,,,,,,,,"Jose San Juan, GATACA: “blockchain technology has become the protagonist of the world we live in”","For the past 4 years, GATACA has focused the majority of its efforts on building an interoperable, secure, and user-friendly product for the European region. We not only plan to continue to focus on the needs of our clients and regulatory, as well as standardization demands from the market but to take our SSI tech to the next level.",,https://cybernews.com/security/jose-san-juan-gataca-blockchain-technology-has-become-the-protagonist-of-the-world-we-live-in/,,Interview,,Meta,,,,,,,,2023-04-24,,,,,,,,,,,,,
Gataca,iGrantio,,Twitter,,ValidatedID; Danube; Waltid; DXCTechnology; CIMEA_Naric; identyum; ThalesDigiSec; Posteitaliane,,,,,Congrats to the 11 wallet providers for being conformant to @EU_EBSI,We are glad to be among the first few along with[@ValidatedID](https://mobile.Twitter.com/ValidatedID)[@Danube](https://mobile.Twitter.com/Danube)[@GATACA_ID](https://mobile.Twitter.com/GATACA_ID)[@walt_id](https://mobile.Twitter.com/walt_id)[@DXCTechnology](https://mobile.Twitter.com/DXCTechnology)[@CIMEA_Naric](https://mobile.Twitter.com/CIMEA_Naric)[@identyum](https://mobile.Twitter.com/identyum)[@ThalesDigiSec](https://mobile.Twitter.com/ThalesDigiSec)[@posteitaliane](https://mobile.Twitter.com/posteitaliane),,https://mobile.twitter.com/igrantio/status/1532036324882104321/photo/1,,Tweet,,Meta,,,,,,,,2022-07-01,,,,,,,,,,,,,
Gataca,Gataca,,,,,,,,,This is how GATACA achieves blockchain interoperability,blockchain agnosticism is possible due to our DID registry component: all incoming activity is delegated to the DID registry with specific connections to each blockchain so that the rest of our technology components do not have to participate in the process. Other components need not know where the information persists from; they delegate that special knowledge to the DID registry and continue to perform their regular activities as usual.,,https://gataca.io/blog/this-is-how-gataca-achieves-blockchain-interoperability,,Post,,Standards,,,,,,DID Registry,,2021-03-2021,,,,,,,,,,,,,
Gataca,eSSIFlab,,,,,,,,,Verifier Universal Interface by Gataca España S.L.,This draft version can be found at [https://Gataca-io.GitHub.io/verifier-apis/](https://Gataca-io.GitHub.io/verifier-apis/)and has been built using ReSpec.<br>This draft version for VUI includes today 6 APIs:<br><br>- Presentation Exchange<br>- Consent Management<br>- Schema resolution<br>- Issuer resolution<br>- ID resolution<br>- Credential status resolution<br>,"Verifier Universal Interface (VUI) is an interoperability working group that aims at building a complete set of standard APIs for Verifier components in SSI ecosystems As different technology providers build SSI solutions, it becomes critical to ensure interoperability between these solutions. Available standards for SSI still have important gaps, leading us to an ecosystem of full-stack providers whose approach to interoperability is building proprietary plug-ins for each one of the other available solutions. This approach to interoperability is not scalable. The underlying problem is that building standards take time. That is the reason that we propose a practical and focused approach to enable scalable interoperability in the SSI community. We propose to start with a specific SSI component, namely the Verifier component, and lead the definition of the minimum set of standard APIs necessary to implement or interoperate with such module. That is, a role-centric approach to standardization at API level. To date, 12 organisations are contributing to this initiative. The VUI working group has already drafted a first version of a generic spec that integrates existing standards and interop efforts and fills the gaps to provide a complete set of APIs. This draft version can be found at https://bit.ly/3h5VE7P and has been built using ReSpec. This draft version for VUI includes today 6 APIs: - Presentation Exchange - Consent Management - Schema resolution - Issuer resolution - ID resolution - Credential status resolution Next steps As next steps, the Working Group (WG) needs to take this ground work to a more mature level. That is, to further define the specification by achieving consensus in the broader community, and bridging perspectives from DIF, W3C, EBSI, and Aries. The WG is organized in Working Packages (WP), one for each interface. Any participant can lead or contribute to WP, which shall integrate at least 2 Implementors and 1 Integrator. Implementors are responsible for defining the API, a set of interoperability tests, and service endpoints for Integrators to execute those tests. The WG has launched a survey in the broad SSI community and two of the 6 interfaces have been selected as initial WPs: Presentation Exchange Issuer Resolution Ready to contribute? To subscribe to this WG please refer to https://groups.io/g/vui Country: Spain Further information: https://Gataca.io Team: Gataca Spain GitLab: https://gitlab.grnet.gr/eSSIF-lab/infrastructure_2/Gataca",https://essif-lab.eu/verifier-universal-interface-by-gataca-espana-s-l/,,Spec,,Standards,,,,,,Verifier API,,2021-04-09,,,,,,,,,,,,,
GlobalID,,GlobalID,,Alka Gupta; Greg Kidd; Mitja Simcic,,"USA, California, San Francisco",USA,,,Global ID,"At GlobaliD, we’re building a universal identity solution that is easy to use, ties users to unique names and transcends borders and institutions.",,https://www.global.id/,,Company,,Company,Enterprise,ID,SSI,,VCI,,,2016,https://github.com/globalid,https://twitter.com/myglobal_id,https://www.youtube.com/channel/UCnMJDT8IXrg4Y5RDP4W0aOw,https://medium.com/global-idd,https://medium.com/feed/global-idd,,https://www.crunchbase.com/organization/global-id,https://www.linkedin.com/company/global-id-inc/,,,,,
GlobalID,GlobalID,,Medium,,Future Proof,,,,,Everyone will have an ID wallet,"how ID wallets work within the digital identity ecosystem, briefly explains the trust triangle, and previews the GlobaliD Wallet which will be released later this year","FUTURE PROOF EP 18 — Everyone will have an ID wallet In this episode, we speak with Justin Downey, product marketing manager at GlobaliD about ID wallets. Justin explains how ID wallets work within the digital identity ecosystem, briefly explains the trust triangle, and previews the GlobaliD Wallet which will be released later this year. Past episodes: - EPISODE 17 — Digital wallets of tomorrow will be PRIVATE - EPISODE 16 — How XUMM Wallet is changing the game - EPISODE 15 — Olympic hopeful Lila Lapanja is a GlobaliD ambassador - EPISODE 14 — What we learned at Solana Breakpoint - EPISODE 13 — DeFi and Identity: Compliance in a decentralized world - EPISODE 12 — The future of GlobaliD Groups - EPISODE 11 — The XRP Card and the future of communities - EPISODE 10 — How to decentralize identity and empower individuals - EPISODE 09 — Understanding GlobaliD’s identity platform - EPISODE 08 — Owning your identity and data with VP of Design Antoine Bonnin - EPISODE 07 — Understanding the future of fintech with Ayo Omojola - EPISODE 06 — Establishing trust and safety in tomorrow’s networks - EPISODE 05 — How ZELF combines the power of payments and messaging - EPISODE 04 — The future of blockchain with the creator of Solana - EPISODE 03 — Should we trust Facebook? - EPISODE 02 — JP Thieriot on why Uphold isn’t delisting XRP - EPISODE 01 — The SEC’s crypto turf war and why XRP isn’t a security Have a question for us? A topic you’d like covered? A guest you’d like to see? Let us know!",https://medium.com/global-id/episode-18-everyone-will-have-an-id-wallet-da5ac358ad60,,Episode,,Explainer,,,,,,,,2022-09-14,,,,,,,,,,,,,
GlobalID,GlobalID,,Medium,,Future Proof,,,,,How to decentralize identity and empower individuals,"If the internet decentralized information and crypto decentralized money and payments, then verifiable credentials will decentralize identity. In this episode, we chat with Dev Bharel, the software architect leading the charge around verifiable credentials at GlobaliD.","FUTURE PROOF EP 10 — How to decentralize identity and empower individuals If the internet decentralized information and crypto decentralized money and payments, then verifiable credentials will decentralize identity. In this episode, we chat with Dev Bharel, the software architect leading the charge around verifiable credentials at GlobaliD. Past episodes: - EPISODE 09 — Understanding GlobaliD’s identity platform - EPISODE 08 — Owning your identity and data with VP of Design Antoine Bonnin - EPISODE 07 — Understanding the future of fintech with Ayo Omojola - EPISODE 06 — Establishing trust and safety in tomorrow’s networks - EPISODE 05 — How ZELF combines the power of payments and messaging - EPISODE 04 — The future of blockchain with the creator of Solana - EPISODE 03 — Should we trust Facebook? - EPISODE 02 — JP Thieriot on why Uphold isn’t delisting XRP - EPISODE 01 — The SEC’s crypto turf war and why XRP isn’t a security Have a question for us? A topic you’d like covered? A guest you’d like to see? Let us know!",https://medium.com/global-id/episode-10-how-to-decentralize-identity-and-empower-individuals-3e154612a85,,Episode,,Explainer,,,,,,,Verifiable Credentials,2022-09-16,,,,,,,,,,,,,
GlobalID,GlobalID,,Medium,,Future Proof,,,,,Understanding GlobaliD’s identity platform,within the context of a self-sovereign identity that means that i as the holder of that Credential i'm the only one that gets to decide who gets to see it which is a pretty wild concept,"FUTURE PROOF EP 09—Understanding GlobaliD’s identity platform In this episode, we chat with Vadim Slavin, Director of GlobaliD’s Credentials Platform, who provides an insightful overview of how GlobaliD’s identity platform works and what makes it unique. Past episodes: - EPISODE 08 — Owning your identity and data with VP of Design Antoine Bonnin - EPISODE 07 — Understanding the future of fintech with Ayo Omojola - EPISODE 06 — Establishing trust and safety in tomorrow’s networks - EPISODE 05 — How ZELF combines the power of payments and messaging - EPISODE 04 — The future of blockchain with the creator of Solana - EPISODE 03 — Should we trust Facebook? - EPISODE 02 — JP Thieriot on why Uphold isn’t delisting XRP - EPISODE 01 — The SEC’s crypto turf war and why XRP isn’t a security Have a question for us? A topic you’d like covered? A guest you’d like to see? Let us know!",https://medium.com/global-id/episode-09-understanding-globalids-identity-platform-b241a63ff5e0,,Episode,,Explainer,,,,,,,,2022-09-16,,,,,,,,,,,,,
GlobalID,GlobalID,,Medium,,GlobaliD 101,,,,,Bring Your Own Identity,"At first, accessing all of your accounts on the internet meant you had to create a username and password for each company or service you were trying to interact with.<br><br>Now, you can access many websites by using your existing social media accounts from Facebook, Twitter or LinkedIn. You can even log in with your Google and Apple accounts as well.","GlobaliD 101: Bring Your Own Identity So far, in the GlobaliD 101 series we’ve explored: - Part 1: What a smart and humanistic approach to digital identity would like - Part 2: The Trust Triangle — the system of issuers, holders, and verifiers that illustrates how identity works (and how it’s broken, today) - Part 3: Why the ID Wallet is the first step toward achieving a new vision for digital identity - Part 4: Why every company is an identity company At first, accessing all of your accounts on the internet meant you had to create a username and password for each company or service you were trying to interact with. Now, you can access many websites by using your existing social media accounts from Facebook, Twitter or LinkedIn. You can even log in with your Google and Apple accounts as well. This concept is called Bring Your Own Identity (BYOI or BYO Identity): - A form of digital authentication in which an end user’s username and password is managed by a third party. - The approach leverages Single-Sign On (SSO) technology to make authentication more simple and convenient for users. It’s also beneficial for companies since it allows visitors to quickly register using their existing credentials. An improved sign-on experience can result in as much as a 45% increase in customer registrations. The simplicity of BYO Identity means businesses convert more of their website visitors into customers instead of losing them when they’re asked to create a new account. But there are drawbacks as well: - Many users worry they’re trading convenience for privacy. Every time you log in to a third-party website using Facebook or Google, they gain access to your data and leverage it to sell ads. - It’s not the most secure authentication method. Anybody can create a social media account, but these companies don’t verify your attributes. So, using social identities to log in to third-parties means companies can’t be 100% certain about the identity of their customers. Even with these concerns, BYO Identity is a step in the right direction towards a future where interoperable and portable identities are commonplace. There is a real opportunity to combine technology that is being developed with the concept of BYO Identity that will create a new identity framework where you own and control your data. - By creating an account with an identity service provider who leverages verifiable credentials technology, you will confirm your attributes are real, and companies will rest easy knowing you’re identifying yourself truthfully. - Your identity will be decentralized, not federated. Identity service providers like GlobaliD don’t have access to your data, so they can’t store it. You’ll be able to browse, log in and transact without your data being leveraged by Big Tech. - This makes the process of identity convenient, and portable. In the future, many identity companies will be built on this decentralized approach using verifiable credentials. Rather than being stuck with a certain provider or platform, you’ll be able to easily transfer your identity from one service provider to another. If you’d like to learn more about our current BYO identity tools for individuals and businesses, like our Digital ID Wallet or Global Onboarding, visit our website or contact our sales team. Follow us on Twitter, LinkedIn and YouTube to learn more about GlobaliD. You can also subscribe to the GlobaliD Insider to stay up-to-date regarding the latest company developments and more in the world of self-sovereign identity.",https://medium.com/global-id/globalid-101-bring-your-own-identity-5b9927008190,,Post,,Explainer,,,,,
GlobalID,GlobalID,,Medium,,GlobaliD 101,,,,,Device-based identity,"That way, your sensitive Personal data is stored locally on your own device rather than hosted on some company’s server that becomes a target for hackers.","GlobaliD 101: Device-based identity - Part 1: What a smart and humanistic approach to digital identity would like - Part 2: The Trust Triangle — the system of issuers, holders, and verifiers that illustrates how identity works (and how it’s broken, today) - Part 3: Why the ID Wallet is the first step toward achieving a new vision for digital identity - Part 4: Why every company is an identity company - Part 5: What is Bring Your Own Identity? - Part 6: Reusable Identity Historically, our digital identities have been based on what we know. Do you know your username, email, and password? Then you can log in. Do you know your social security number, home address, and mother’s maiden name? Then you can sign up for the service. You can probably see why this is a problematic way to deal with something as important as your identity. If someone nefarious finds out what you know, not only could they access your existing accounts, they could open up new ones in your name. With data breaches on the rise at a mammoth scale, that proposition becomes likelier by the day. Anyone who has had their identity stolen knows just how painful the process of getting things back in order can be. For some, it unfortunately becomes a lifelong pursuit. A much more secure way for managing our digital identities is to base it on what we have. For instance, do you have access to your smartphone? It’s immediately clear why such a framework is far more secure than the former. Wouldbe criminals would need to physically have your phone in their possession. They’d also need a way to get in — a tough ask if you have a PIN or fingerprint security set up. That’s something that might be possible for the FBI but likely outside the wheelhouse of most fraudsters. Traditional digital identities still based on what we know have gotten the memo. It’s why two-factor authentication is highly recommended if you want to keep your accounts secure. Now, it’s also about what you have. But that transition is still only a half measure. Eventually, it makes sense to shift toward a completely device-based identity. That way, your sensitive Personal data is stored locally on your own device rather than hosted on some company’s server that becomes a target for hackers. With device-based identity, you’re in complete control of your data as well as your private keys. This also opens the door for additional features that should become commonplace in the future such as identity portability and reusability. We’ll be able to bring our identities with us from one service to the next. The reputation and social connections you create on one platform will be easily transferable if you ever decide to venture elsewhere. We’ll also be able to verify our identities once and never again, re-using that verified identity for any additional services we sign up for. That minimizes the amount of data we share with other parties while still allowing businesses to trust who their customers are who they say they are. Best of all, it reduces friction for everyone. No more selfies. No more taking photos of your passport. Set up your identity once, and you’re good to go. If you’d like to learn more about GlobaliD, visit our website, contact our sales team or follow us on Twitter, LinkedIn and YouTube.",https://medium.com/global-id/globalid-101-device-based-identity-c6096a5b0890,,Post,,Explainer,,,,,,,,2022-10-05,,,,,,,,,,,,,
GlobalID,GlobalID,,Medium,,GlobaliD 101,,,,,Every company is an identity company,"At first, every company was a tech company. Every business needed a digital strategy. Back in 2017, Goldman Sachs’ CEO famously stated that the storied investment bank was actually a tech company: “We are a technology firm. We are a platform.”<br><br>Not long after, every company was a fintech company. Every business needed a way to manage money and payments. As Andreessen Horowitz’s Angela Strange wrote in 2019, “I believe the next era of financial services will come from seemingly unexpected places… Fintech is eating the world.”<br><br>Fast forward to today, and every company is an identity company. Every business needs to connect with customers and users as well as manage their data, privacy, and trust in a compliant way.<br>","GlobaliD 101: Every company is an identity company In the first three parts of the GlobaliD 101 series, we’ve explored: - Part 1: What a smart and humanistic approach to digital identity would like - Part 2: The Trust Triangle — the system of issuers, holders, and verifiers that illustrates how identity works (and how it’s broken, today) - Part 3: Why the ID Wallet is the first step toward achieving a new vision for digital identity At first, every company was a tech company. Every business needed a digital strategy. Back in 2017, Goldman Sachs’ CEO famously stated that the storied investment bank was actually a tech company: “We are a technology firm. We are a platform.” Not long after, every company was a fintech company. Every business needed a way to manage money and payments. As Andreessen Horowitz’s Angela Strange wrote in 2019, “I believe the next era of financial services will come from seemingly unexpected places… Fintech is eating the world.” Fast forward to today, and every company is an identity company. Every business needs to connect with customers and users as well as manage their data, privacy, and trust in a compliant way. In other words, every company is a verifier as part of the Trust Triangle. The problem is that most companies are focused on their core business — they’re not experts in the domain of identity, security, and data management. With the way digital identity works today, this becomes an incredibly expensive exercise, not only for businesses and institutions but also for society at large. Home Depot is in the business of selling home improvement supplies both in retail stores and online, but since 2014, the company has spent nearly $200 million in relation to a data breach that impacted over 52 million of its customers. We’ve all seen the headlines — Home Depot is hardly alone in this. Businesses and institutions have taken on much of the cost of an archaic approach to digital identity: - $1 million per year spent on password support costs alone - $6 million average loss from credential stuffing - $7-$30 million spent on data protection compliance - 6%-9% of bank revenue spent on compliance - $60 million per year spent by financial institutions on KYC (Know Your Customer) - $163 billion in U.S. unemployment fraud in 2021 That’s just the tip of the iceberg. Identity needs don’t just increase expenditure and bloat for established firms, they also serve as barriers to entry for new upstarts, serving as a bottleneck for innovation. There’s also the flipside to this, where companies and institutions that want to maintain a more frictionless experience for users must face the reality of diminished trust on their platforms — from bots to fake news, contributing to society’s growing trust deficit. What if there was another way? What if companies didn’t have to choose between focusing on their core business and becoming an identity company? What if companies could trust their customers and users without having to collect and store sensitive Personal information? What if platforms didn’t have to pick between real users and a more frictionless experience? What if companies could empower their users along the way? That’s the GlobaliD vis
GlobalID,GlobalID,,Medium,Heather Dahl; Ken Ebert; Indicio,GlobaliD 101,,,,,How digital identity should work. Part 1:,"In this episode, we’re joined by CEO Heather Dahl and CTO Ken Ebert from Indicio, the market leader in developing trusted digital ecosystems. Heather and Ken discuss how new identity-based technology can help people, governments and companies develop greater digital trust in a modern society.","GlobaliD 101: How digital identity should work What is your identity? It’s the ability to represent to the world who you are. That can cover everything from what you wear to who you associate with to what country you are from. Your identity is a collection of attributes that describe you. In practice, proving your identity is also the key to unlocking your social and economic potential — physically and digitally. Society has always been built on trust, and sometimes, we need to know who we’re dealing with. As such, your identity is core to who you are and what you’re able to do, whether that’s buying something online, opening a bank account, or starting a business. The problem is that the way we deal with identity hasn’t caught up to the modern world. Part of the reason is that our most credible forms of identifying documents like driver’s licenses and passports still live in the analog world. The pandemic further shone a light on those limitations with places like the U.S. still reliant on paper vaccination cards, which are inefficient, difficult to verify, and easy to counterfeit. One of the issues with analog identifying documents is that not everyone has them. The reality is that our current system excludes 1.7 billion people from basic financial services, many of whom lack traditional forms of identity. For instance, migrant workers may not even have a home address. Things aren’t much better in today’s digital world, where an abundance of online accounts means that our identity and Personal data are scattered across servers vulnerable to attack. Outside of just giving away your email and phone number or accepting tracking cookies on your browser, some services collect more official forms of identity. Have you ever had to send a picture of your driver’s license or insert your passport number when buying something online? The result? In just the first half of 2019, an astounding 4.1 billion records were compromised. Meanwhile, we don’t own the digital identities we create. The Facebooks and Googles of the world do and profit mightily from our data. And because they own our data on their proprietary platforms, we can’t easily bring our identity and data with us if we decide to go somewhere else. The reputation you created on Facebook Marketplace as a long time seller is stuck on Facebook. If you ever decide to sell on Ebay, you’re starting from zero. The fragmentation of your digital identity extends well beyond popular websites. A pillar of the United States traditional financial system is the credit score — a system entirely predicated on centralized digital identity that you have no control over. Anyone who’s moved to the U.S. from abroad understands the challenge of trying to get a mortgage or even open a bank account — even if you had great credit in your home country. Do you want to know the worst part? The digital identities described above aren’t even that credible in the first place. Most social media platforms are more concerned with expanding their user base than verifying accounts are owned by real people, contributing to society’s growing trust deficit. What we need is a human-centric approach to digital identity, one that is easier, safer, and cheaper than the one we have today. We need a digital identity that works for people and organizations alike. Your digital identity should be: - Self-sovereign. We should own and control our identity and data. Further, we should be able to decide who we share our data with. - Private, secure and encrypted. Our data should be private and safe, always. You should be confident that only you have access to the information yo
GlobalID,GlobalID,,Medium,,GlobaliD 101,,,,,ID wallets,Why the ID Wallet is the first step toward achieving a new vision for digital identity,"GlobaliD 101: ID wallets So far in the GlobaliD 101 series, we’ve explored: - Part 1: What a smart and humanistic approach to digital identity would like - Part 2: The Trust Triangle — the system of issuers, holders, and verifiers that illustrates how identity works (and how it’s broken, today) Now, we’re getting to the exciting part. We know identity is broken. We also know what great digital identity that works for you, the individual, looks like. But how do we get there? The first step is to make digital identity incredibly convenient, fun, and useful for end users. These are the people who will go out and interact with their communities, purchase goods and services, and build businesses. In the physical world, we rely on identifying documentation. That might be your driver’s license, your insurance card, or your passport. In our daily lives, we’ll keep the most commonly used forms of ID in our wallet. In the digital future, things won’t look all that different. You’ll keep digital forms of relevant documents in your digital ID wallet. It’s easy to understand the benefits of digitization: - It’s convenient. All your relevant documents are in one accessible place. The only thing you’ll need to keep in your actual wallet is cash. As the digital identity ecosystem develops, your interactions and transactions will become seamless. - It’s yours. This is your ID wallet. You own and control your identity and your data. - It’s secure. If you lose your wallet, it’s gone, and your information is out there. That’s not the case with a locked smartphone. Plus, you’ll have a backup. Another aspect is the ability to selectively share only relevant data. If you’re buying a bottle of wine, you don’t need to share your entire driver’s license. You don’t even need to share your actual date of birth. You only need to share the fact that you’re over 21 (for those in the U.S.). Big Tech companies like Apple are already making progress on this front, piloting a program that allows users to keep their driver’s license in their Apple Wallet. The difference with Apple’s approach, of course, is that their solution isn’t portable or interoperable. In regular person terms, it just means that you’re stuck on Apple’s closed ecosystem — no surprise. While progress is being made, these are still early days. Apple’s pilot, for instance, will be rolled out in a limited number of states. All of which means that people are still sending photos of their driver’s license to their AirBnb host for identity verification. That’s crazy insecure! What if instead, you could securely and selectively share your ID with an expiring link? Your name and photo will be visible but other private details will be blurred out. Your Airbnb now believes you are who you say you are because they also trust the issuer of your digital credential. Likewise, you don’t have to worry that a copy of your full license is on a stranger’s phone forever. Everyone rests easy, and you enjoy the heck out of your vacation. Need to provide a copy of your ID to an AirBNB host? Just send them a link to your driver’s license which you’ve stored in your ID wallet. You can make your name and photo visible, while everything else is blurred out. That way the host only sees what you want them to. You can also set a time limit for how long your ID is available. That way nobody has a copy of your license indefinitely. The same applies across all your online interactions and transactions. No more taking photos of your ID for each new platform or service. No more digging through the safe for your passport. No more calling the customer support because you lost your insurance card. Life is just easier with a digital ID wallet. Venture into the digital future confidently What’s even more exciting is where we go from here. With people using a trusted ID wallet, businesses (verifiers) can rethink how
GlobalID,GlobalID,,Medium,,,,,,,What is the trust triangle?,"The Trust Triangle — the system of issuers, holders, and verifiers that illustrates how identity works (and how it’s broken, today","In the first part of the GlobaliD 101 series, we gave an overview of how our identity systems haven’t caught up to the modern world. We also provided suggestions of how digital identity should work.<br>The thing is, identity isn’t something your average person thinks about much. Typically, it’s a means to an end. If you want to take a trip to Europe, you need to bring your passport. Want to celebrate with a bottle of wine? You need to show your driver’s license.<br>In part 2 of the GlobaliD 101 series, we’re going to explain how the process of identity actually works, and we’re going to do it with a really nifty concept we call the Trust Triangle.<br>Here’s how the Trust Triangle works: Any identity framework is built on three pillars — issuers, holders, and verifiers. Together, these three pillars form the Trust Triangle.",https://medium.com/global-id/globalid-101-what-is-the-trust-triangle-260e85e1c640,,Post,,Explainer,,,,,,,,2022-06-21,,,,,,,,,,,,,
GlobalID,GlobalID,,Medium,,,,,,,Why self-sovereign identity matters,"your digital identityrepresents you as a unique real-life person in a secure digital format. In fact, we likely have many different virtual identities across a spectrum of platforms and services.","Why self-sovereign identity matters It’s one thing to identify yourself in person with an ID. Identifying yourself online? That’s a whole different story. Here’s what you need to know about digital identity, today — as well as why you should be super excited about the momentum surrounding the self sovereign identity (SSI) movement. Table of contents: In most cases in the real world, you can easily and reliably prove your identity by presenting your driver’s license, passport, or credit card. A police officer, bank clerk, or liquor vendor can clearly confirm your details by glancing over the document — or in higher security incidents, could further scan the document to guarantee authenticity. In all, the process only takes a moment and by the end of it, your ID is returned to you and back in your wallet. It’s not an easy protocol to replicate online — when we’re only present as a digital entity. On the internet, your digital identity represents you as a unique real-life person in a secure digital format. In fact, we likely have many different virtual identities across a spectrum of platforms and services. The hope is that all these disparate identities link back to the person they’re supposed to represent — in this case, the real you. As more and more of our social interactions and economic transactions migrate to the digital realm, so too have the stakes increased — and with that, comes more sophisticated criminals and scammers. As the threat of cyber attacks and data breaches continues to balloon, it’s never been more critical to have a holistic comprehension of what exactly your digital identity is and the role it plays. NOTE: While a digital identity can also represent entities like institutions or applications, for the purposes of this piece, we will only refer to digital identity in the context of Personal identities. 1. Digital identity 101 One way to think about a digital identity is that it’s a digital representation of a real-life person’s set of identifying attributes. That could mean Personal information such as your date of birth, your home address, or your mother’s maiden name. Or it could mean a secret passcode, a photograph, or even facial biometric data. Those identifying attributes are then organized in a way such that a software application is able to recognize and authenticate that you are the person you are claiming to be. In other words, a digital identity allows us to build trust online such that we can interact and transact much like we do in the real world. I) A deeper dive on identifiable attributes As our parents may have told us when we’re young, we’re all special and unique individuals. Every human being has a specific name, birth date, demographic, and biometric profile. We also have various documentation linked to us — such as a social security number, government-issued ID, or passport, but also things like your insurance policies, medical records, or utility bills. And then online, we have email addresses and social media accounts. All of these are identifiers that can be linked to you as a person. But there is another dimension of digital identity. While navigating the internet, our activity — with or without our knowledge — is often tracked. (You’ve probably heard of or are familiar with the term “cookie.”) And because that activity can be linked to the identifies mentioned above (email, social accounts, etc.), our online behavior (or shadow data) can be traced back to us. That could mean the websites you browse, your search history, things you’ve downloaded, or even items purchased. This kind of tracking allows platforms and services to deliver algorithmic content feeds, targeted ads, or in general, simply a more bespoke user experience. The downside, of course, includes no
GlobalID,GlobalID,,Medium,,Future Proof,,,,,Telling our story with the new GlobaliD website,about the brand new GlobaliD website and how it contextualizes our role in the world of digital identity while allowing us to tell our story more effectively.,"FUTURE PROOF EP 20 — Telling our story with the new GlobaliD website Trey Steinhoff, Product Marketing Director at GlobaliD, joins us to talk about the brand new GlobaliD website and how it contextualizes our role in the world of digital identity while allowing us to tell our story more effectively. Visit https://www.global.id to explore the new site. Past episodes: - EPISODE 19 — Making decentralized identity mainstream - EPISODE 18 — Everyone will have an ID wallet - EPISODE 17 — Digital wallets of tomorrow will be PRIVATE - EPISODE 16 — How XUMM Wallet is changing the game - EPISODE 15 — Olympic hopeful Lila Lapanja is a GlobaliD ambassador - EPISODE 14 — What we learned at Solana Breakpoint - EPISODE 13 — DeFi and Identity: Compliance in a decentralized world - EPISODE 12 — The future of GlobaliD Groups - EPISODE 11 — The XRP Card and the future of communities - EPISODE 10 — How to decentralize identity and empower individuals - EPISODE 09 — Understanding GlobaliD’s identity platform - EPISODE 08 — Owning your identity and data with VP of Design Antoine Bonnin - EPISODE 07 — Understanding the future of fintech with Ayo Omojola - EPISODE 06 — Establishing trust and safety in tomorrow’s networks - EPISODE 05 — How ZELF combines the power of payments and messaging - EPISODE 04 — The future of blockchain with the creator of Solana - EPISODE 03 — Should we trust Facebook? - EPISODE 02 — JP Thieriot on why Uphold isn’t delisting XRP - EPISODE 01 — The SEC’s crypto turf war and why XRP isn’t a security Have a question for us? A topic you’d like covered? A guest you’d like to see? Let us know!",https://medium.com/global-id/episode-20-telling-our-story-with-the-new-globalid-website-c38278b3e14c,,Episode,,Meta,,,,,,,,2022-09-14,,,,,,,,,,,,,
GlobalID,GlobalID,,Medium,,Indicio,,,,,GlobaliD connects to the Indicio Network,"The Indicio Network will enable the issuance and verification of credentials on the GlobaliD platform and in the app, allowing individuals to port their credentials for authentication and authorization into any participating use case scenario — including vaccine passports.","GlobaliD connects to the Indicio Network GlobaliD, the trust platform that allows anyone to verify identities, create and join groups, communicate, and make payments, today announced that it will be using the Indicio Network as part of their mission to give users full control and ownership of their portable identity and data. The Indicio Network will enable the issuance and verification of credentials on the GlobaliD platform and in the app, allowing individuals to port their credentials for authentication and authorization into any participating use case scenario — including vaccine passports. In addition to developers building capabilities for signup, verification, messaging, wallet, and cards; the GlobaliD consumer app and web experience allows anyone to create and manage groups that support these same functions natively without the need to code a third-party offering. These verifiable credentials are core to GlobaliD’s Trust Platform — in contrast to less trusted social media, messaging, conferencing, and other legacy apps and offerings in the marketplace. “To address the widespread trust deficit in our society, we need private, secure, and transparent forms of identity in a portable and persistent manner,” says Greg Kidd, co-founder and CEO of GlobaliD. “GlobaliD is the portable and preferred solution for situations where trust is encouraged or required.” Addressing the world’s trust deficit — one identity at a time Decentralized identity, sometimes referred to as ‘self-sovereign identity’ (SSI), is an alternative to the current centralized and federated systems that collect and control user identity information. Thought of as a way to return the internet back to its open roots, this democratizing framework puts individuals back in control of their digital lives, allowing them to manage their own identity and data without reliance on a third-party. This peer-to-peer interaction is not only safe and secure, avoiding the creation of honeypots of large amounts of data collected by multiple entities, it’s also the most privacy-preserving approach to online interactions and compliant with global data regulations. “Unlike other proprietary solutions that claim privacy and security within a single siloed use case, GlobaliD’s portability framework, powered by Indicio, ensures that trusted credentials are both re-usable and user controlled,” says Kidd. “With GlobaliD, individuals no longer need to rely on corporations or governments for garnering levels of trust needed to act in everyday life situations.” Trust as a service Indicio’s mission is to not only create and maintain the Indicio Network for companies like GlobaliD, but also to provide the essential professional services for enterprises around the world to build decentralized identity solutions. “GlobaliD’s app, platform, and SDKs are a fast-track to a more secure digital world because they make verifiable credentials simple and easy to use across a range of vital services,” says Heather Dahl, CEO of Indicio. “The real upshot is that people can protect their privacy and share their information at a distance — two things that are increasingly important to the efficiency of the global economy in the grip of a worldwide pandemic.” Learn more about the Indicio Network and Indicio.tech’s range of services for global enterprises to build decentralized identity solutions at Indicio.tech. Go to Global.iD to claim your GlobaliD, get verified, create and join groups, communicate, pay and get paid online. Indicio.tech is a professional services firm specializing in decentralized identity architecture, engineering, and consultancy. Indicio provides expert guidance to a global
GlobalID,GlobalID,,Medium,,,,,,,The future of COVID credentials on GlobaliD,"With our new platform, we’ll also be releasing a brand new COVID credential. Users will be able to validate the authenticity of their digital vaccine record from around the world and store the proof of the validation as a credential in their GlobaliD app.","The future of COVID credentials on GlobaliD With many places such as restaurants, schools, and gyms now checking for COVID credentials in the U.S., we wanted to remind our users that GlobaliD currently has a quick and easy method for storing your vaccination record card with your digital identity. Simply add the COVID-19 Vaccination Record Card self declaration (Identity tab→ [+] → Personal) in your GlobaliD app. You will be asked to take photos of your vaccination record card. Only you have access to the stored imagery, which you can share as necessary to prove that you’ve gotten your vaccination. Of course, there are limits to this approach. The main issue is that there isn’t a convenient way to verify the authenticity of the vaccination card, a growing problem as some companies, schools, as well as the government have implemented vaccination mandates. This implementation was always going to be a stop-gap solution. And so today, we’re super excited to talk about the future of where the GlobaliD credentials platform is going. The new and improved GlobaliD credentials platform The existing GlobaliD verifications platform is undergoing a major upgrade — a new self-sovereign identity (SSI) framework, of which the first implementation has already been built. The primary benefit of this new system is interoperable, portable, verifiable credentials that groups can issue and that users can carry with them across platforms and borders. This new framework will not only be much more scalable but also industry backed — thanks to the work of the Linux Foundation’s Cardea Project, which is working on global standardization around COVID credentials. (GlobaliD is a founding member and part of the steering committee.) In case you missed the announcement, this is what the Cardea Project is all about: Cardea is a complete ecosystem for the exchange of privacy-preserving digital credentials, open sourced as a project in Linux Foundation Public Health. Launched by Indicio.Tech, Cardea provides an easily verifiable, trustworthy, unalterable proof of health tests or vaccination that can be shared in a privacy-preserving way. Cardea easily integrates with existing health systems to ensure trusted data sources for credentials and uses decentralized identity technology to enable better control of data for individuals. With our new platform, we’ll also be releasing a brand new COVID credential. Users will be able to validate the authenticity of their digital vaccine record from around the world and store the proof of the validation as a credential in their GlobaliD app. The user would then be able to present this proof in the interoperable format within the Cardea ecosystem and beyond. However, GlobaliD will not stop there. Because GlobaliD also enables verification of government IDs, verification of ownership of the vaccine digital record will also be possible by comparing Personal information from both documents in a privacy preserving way. Indicio.Tech, the firm that launched Cardea (and also a GlobaliD partner), is already working on active pilot implementations in Aruba and Canada. An interoperability hackathon On September 9, GlobaliD will be participating in an interoperability hackathon — Cardea’s Interop-athon: Cardea, the COVID credential project hosted at Linux Foundation Public Health, is going to host an “Interop-athon” on September 9, 8:00 am to 12:00 pm Mountain Time. As Cardea is now being commercially deployed to share COVID-19 test results, vaccination, and trusted traveler credentials, it is important to facilitate and showcase the interoperability among these projects. To this end, Cardea will host a four-hour interoperability “hackathon style event”. The maintaine
GlobalID,GlobalID,,YouTube,Metaco Talks,,,,,,The Sovereignty Stack: Re-thinking Digital Identity for Web3.0 w/ Greg KIDD [METACO TALKS #23],"Greg is a serial entrepreneur who is probably best known for founding and taking public Dispatch Management Services Corp, the world’s largest on demand dispatch network for urgent deliveries. In a highly interesting career so far, Greg was also Chief Risk Officer at Ripple Labs and a senior analyst for the Board of Governors of the Federal Reserve in Washington. In his latest venture Global ID, Greg is acting on his long-held belief that people’s identity should be truly portable and owned by individuals themselves rather than corporations or governments.",,https://www.youtube.com/watch?v=cygggz2pt1i,,Video,,Meta,,,,,,,,2021-10-04,,,,,,,,,,,,,
GlobalID,GlobalID,,Medium,Calvin Burrows,anchain.ai,,,,,Introducing PRIVATE,PRIVATE is a new technical framework developed in collaboration with AnChain.AI that carves out a path toward regulatory compliance for non-custodial wallets while preserving user privacy. (PRIVATE stands for Privacy Preservation through Resolution of Identity via Verification and Attestation for Travel Rule CompliancE),"Introducing PRIVATE We’re thrilled to announce the publication of the PRIVATE white paper. PRIVATE is a new technical framework developed in collaboration with AnChain.AI that carves out a path toward regulatory compliance for non-custodial wallets while preserving user privacy. (PRIVATE stands for Privacy Preservation through Resolution of Identity via Verification and Attestation for Travel Rule CompliancE) Until now, efforts around regulatory compliance in the digital asset space have focused on centralized, custodial solutions. That includes Coinbase’s recently announced TRUST platform, a coalition that also includes industry heavyweights such as Fidelity, Circle, and Gemini. That’s a great start. The explosion of mainstream and institutional interest in digital assets, fueled in part by the rapid rise of DeFi and NFTs last year, has shone a bright spotlight on what is still a nascent space. But in order for these innovative new ecosystems to make a long-term, positive impact for end users, they’ll need to comply with existing and upcoming regulations. SEC Chief Gary Gensler argued last summer that developments in decentralized finance likely fall under the scope of his agency’s oversight. That begins with addressing regulations for custodial services such as exchanges, but it also requires answering the question of non-custodial wallets, which, today, serve as the primary portal into the Web3 universe. Why non-custodial wallets matter Non-custodial wallets rest at the heart of how blockchain technology works. They’re software applications — or in some cases, hardware devices — that allow you to directly interact with their corresponding blockchain. You can hold funds, receive tokens, or initiate transactions. In essence, it’s a digital wallet where you, the user, directly control your digital assets. It’s not so different from having cash in your wallet or assets stored away in a safe in your house. Contrast that with custodial wallets, which act more like your typical bank account. A service provider, such as a crypto exchange like Coinbase, manages your funds for you. Because these services mirror things we’re already used to, the path toward regulatory compliance is also more straightforward. A service provider that is already managing user funds has direct touchpoints for also managing a user’s identity and trust. The same cannot be said for non-custodial wallets, which represent a unique framework for how we understand the management of digital value and as such, require a specialized approach to regulatory compliance while preserving the very tenets of privacy and self-sovereignty which DeFI services are based around. That requirement became all the more pressing last October, when the Financial Action Task Force (FATF) updated their recommendations, which encompassed everything from DeFi to stablecoins to wire transfers. Specifically, recommendation 179c updated their guidance on non-custodial wallets. The updated guidance requires that customer information be collected for virtual asset transfers in order to enforce anti-money laundering rules like sanction screening and transaction monitoring. That’s where PRIVATE comes in. Enter PRIVATE The PRIVATE framework’s secret sauce is decentralized identity. Perhaps unsurprisingly, decentralized identity and decentralized finance are a natural fit. The first benefit is privacy. Identity verification can be achieved without revealing a wallet’s true owner. As such, PRIVATE allows for regulatory compliance while fully preserving user privacy. The second benefit is control. Rather than relying on a corporation or government agency, users own thei
GlobalID,GlobalID,,Medium,,,,,,,Building a more inclusive and equitable future,"When we first launched the GlobaliD Walletpowered by Uphold back in June of 2020, the goal was clear. Our vision has always been that anyone, anywhere should be able to create and own their self-sovereign digital identity. And along with that identity, they should get a wallet, providing them access to basic financial services.","Building a more inclusive and equitable future When we first launched the GlobaliD Wallet powered by Uphold back in June of 2020, the goal was clear. Our vision has always been that anyone, anywhere should be able to create and own their self-sovereign digital identity. And along with that identity, they should get a wallet, providing them access to basic financial services. These are the bare necessities of anyone trying to operate in the modern world, and the release of the original GlobaliD Wallet was a huge step toward achieving that vision. But there have also been limitations when it comes to wallet access, where users living in certain countries or states have not been able to participate in the full GlobaliD experience. This is no fault of Uphold, which continues to expand its services to more and more jurisdictions. Instead, it’s the nature of any custodial offering in a highly regulated space. What we’ve learned over the last two years is that in order to truly achieve our vision, we need to transition to a non-custodial solution for the GlobaliD Wallet. That way, anyone who creates an identity with GlobaliD can get a non-custodial GlobaliD Wallet. Beyond access, moving to a non-custodial solution gives us more control over our own destiny with exciting prospects for new products and features — including future debit card programs. It also means our users will be able to own and control their money along with their identity, furthering our mission toward building a more self-sovereign future. So what will these changes look like? 1. Effective July 15, 2022, you will need to access your wallet directly through Uphold rather than GlobaliD. Rest assured, the contents of your wallet won’t change. - On July 15, 2022, the GlobaliD Wallet powered by Uphold will be removed from the GlobaliD app. - GlobaliD Wallet users will still be able to access their wallet through Uphold’s website and app. - If you don’t have separate login credentials with Uphold, use the email address associated with your GlobaliD to login to Uphold using the “forgot password” flow to establish a password there. 2. The new non-custodial GlobaliD Wallet will soft launch in the near future — stay tuned. - This is still a work in progress and will be a staggered release so stay tuned, but this will be a pivotal step towards achieving our vision of providing anyone, anywhere with an identity and a wallet. 3. Debit card programs tied to the custodial GlobaliD Wallet including the GlobaliD and XRP Mastercard® Debit Card will cease operation on July 15, 2022. - As both of these debit cards are tied to the custodial GlobaliD Wallet powered by Uphold, they will also cease operation on July 15, 2022. - We have plans for future card programs, but it’s too early to discuss those details at this time. - XRP Rewards will be ending along with the debit card program. Your XRP Rewards will continue to accumulate through July 15 and will be available in your Uphold account after the card program ends. 4. The XRP Army Group on GlobaliD will live on. - Despite the XRP Card program ending, we will continue to support the XRP Army Group on GlobaliD. - As a core group of early adopters on the platform that have made a huge contribution to GlobaliD’s ongoing success, we will continue to engage with the XRP Army Group. Group members will receive exclusive early access to new products and features such as the new non-custodial GlobaliD Wallet and potential future card and rewards programs. Making these changes wasn’t an easy decision, but we believe that it’s the right strategic move in order to build a best-in-class identity and wallet o
GlobalID,GlobalID,,Medium,,,,,,,GlobalID Introduces Trustees for Key Recovery,"Trustees can be friends or family members from your contact list. Once selected, each Trustee is granted a shard of your private key. Restoring your lost Identity requires approval from the majority of your Trustees.","Introducing GlobaliD Trustees — Account recovery without a private key No one likes losing their phone. Recovering access to your accounts and sensitive data can range from straightforward to downright difficult. In some cases, if you’ve lost your private key, you’re just out of luck. At GlobaliD, that’s not good enough — so we’re flipping the script. Rather than rely on “what you know,” it’s about “who you know.” With GlobaliD Trustees you can recover your Identity even if you don’t know your private key. Trustees can be friends or family members from your contact list. Once selected, each Trustee is granted a shard of your private key. Restoring your lost Identity requires approval from the majority of your Trustees. Here’s how it works: - Select 3 Trustees to act as custodians for your Identity - If you lose access to your Identity, simply initiate a restore request - Contact your Trustees to exchange recovery codes - Once you have majority approval, you’re all set! To see GlobaliD Trustees in action, a few of us internally whipped up a quick video to show you the flow: Special thanks to Chalen, a UX Designer at GlobaliD (and video wunderkind), for producing, shooting, and editing the video! Try GlobaliD Trustees for yourself — download GlobaliD on iOS or Android. If you have any questions, please contact us at: support@global.id Further reading:",https://medium.com/global-id/introducing-globalid-trustees-account-recovery-without-a-private-key-66142a21cba6,,Post,,Product,,,,,,,,2021-06-08,,,,,,,,,,,,,
Hyland,Thoma Bravo,Hyland,,Packy Hyland,,"USA, Ohio, Westlake",USA,,,Hyland,"Hyland is privately held company and a leading content services provider. We enable thousands of organizations to focus on what they do best and deliver better experiences to the people they serve.<br><br>The power of connection drives Hyland. From connecting technology systems and data to connecting co-workers, teams and global communities, Hyland believes in transforming digital interactions into meaningful outcomes for customers, partners and our own employees.<br>","- Planning your 2023 digital transformation efforts? This 5-minute self assessment provides unique, tailored recommendations on the technologies that can best transform your business processesStart now! Hyland is a Customers' Choice Thanks to high ratings from our end-users, Hyland is recognized as a 2022 Gartner® Peer Insights™ Customers' Choice for Content Services Platforms - At Hyland, we believe technology should transform the way you work, so you can be more informed, empowered and connected through every interaction and in every relationship with everyone you serve. DISCOVER HYLAND Explore Hyland's expertise in your industry Digital transformation is more crucial now than ever. Here's what you'll need to modernize your processes: "There’s so much more to OnBase than making the documents electronic. The solution has provided so many opportunities for us, and the reporting mechanism has been fabulous.""OnBase and Guidewire provide the foundation for us to compile data-driven analysis and models which enables us to provide better care to the claimant, allowing them to recover and return to work faster." “We created efficiencies, increased accuracy and lowered costs through structured processing. This allows us to continue to move quickly to provide great service to our members.” I have 100% more confidence in the security of [HR] information. Hyland news - Hyland names Bob Dunn Vice President of Global Partner Programs - Hyland named one of top companies in Cleveland by LinkedIn - Hyland Healthcare announces support for AWS for health initiative - Hyland joins Gartner Peer Insights Customer First Program for content services platforms - Hyland named a Leader in Content Platforms Evaluation Popular blog posts - Unstructured data: A missing link to healthcare interoperability - 3 reasons OnBase and Episys are better together - 3 examples of how digitizing HR leads to organizational success - Make the jump to Hyperdrive by soaring through the cloud - 4 ways a content services platform improves HR compliance and security",https://www.hyland.com/,,Company,,Company,Enterprise,Credentials,,Content,Hyland Credentials,,,1991,,,,https://blog.hyland.com/,https://blog.hyland.com/feed/,,https://www.crunchbase.com/organization/hyland-software,https://www.linkedin.com/company/hyland-software/,,,,,
HylandCreds,Hyland,HylandCreds,,,LearningMachine,,USA,,,Hyland Credentials,"Your organization will find that an engagement with Hyland Credentials is a lot more than buying software, we address the needs of your whole organization. We look forward to working with you to make secure, digital credentialing an enduring part of your institution’s legacy.","Hyland Credentials. Get a complete system to issue digital credentials in a blockchain-secured format that is easily shareable and instantly verifiable anywhere in the world. Overview A new generation of digital credentials offers transformative convenience and security for all stakeholders through the use of open standards and blockchain-based verification. Blockchain Security Blockchains offer a new public infrastructure for verifying credentials in a manner far more durable, secure, and convenient than relying upon a single authority. Blockcerts Benefits The open standard for blockchain-based records ensures interoperability, recipient ownership, vendor independence, and choice of any blockchain. Industry Solutions Every sector issues credentials with specific needs and form factors. Hyland Credentials has unique solutions that enable your organization to develop branded templates, automate credential issuance, and learn from your credential data. We help organizations transform the way they issue credentials. MIT MIT offers digital diplomas to all graduating students, including undergraduate, graduate, and PhD-level programs. Malta Malta implemented a nation-wide initiative for educational credentials to be offered as Blockcerts across their various education providers. FSMB Federation of State Medical Boards was the first professional medical organization to issue blockchain-based records.",https://www.hylandcredentials.com/,,Product,,Company,,ID,,,,Credentials,,2020-02-05,,https://twitter.com/HylandCredent,,https://www.hylandcredentials.com/blog/,,,https://www.crunchbase.com/organization/learning-machine,,,,,,Http://community.blockcerts.org
HylandCreds,HylandCreds,,,,,,,,,Badges and Blockcerts,"Education and training providers have long been wrestling with the legacy of the credit hour and how to adapt credentialing to a modern world that values skills more than time spent in the classroom. This is in part why the industry has seen an explosion of traditional and alternative providers that are experimenting with new credential formats appropriate for the information age. One of the questions we most frequently encounter at Learning Machine from these providers is: What are the differences between different credentials formats? The implicit question behind that one is: When should I use different types of digital credentials, and why?","Badges and Blockcerts In education and workforce development, it’s important to understand the differences between digital credential formats and how to combine them for greatest impact. Education and training providers have long been wrestling with the legacy of the credit hour and how to adapt credentialing to a modern world that values skills more than time spent in the classroom. This is in part why the industry has seen an explosion of traditional and alternative providers that are experimenting with new credential formats appropriate for the information age. One of the questions we most frequently encounter at Learning Machine from these providers is: What are the differences between different credentials formats? The implicit question behind that one is: When should I use different types of digital credentials, and why? To answer these questions, Learning Machine Research is currently preparing a “Digital Credentials Comparison Report” with the Federation of State Medical Boards which outlines the technical differences between credential formats and their pragmatic implications. Findings from this Report will be presented by the FSMB and Learning Machine at the IMS Global Learning Consortium quarterly summit on February 6, 2019. In the meantime, this blog post presents a quick summary of the differences between two of the most popular new digital credentials formats: Open Badges and Blockcerts. This should help leaders at credentialing institutions make informed decisions about when and why to use each type of digital credential. Open Badges 2011 saw the birth of Open Badges, which digitally and visually convey the achievement of a specific skill. Similar to the Scouts movement, which uses a small fabric symbol to represent specific achievements, digital badges were designed to convey a singular achievement through a digital image and a hosted set of data. Initially spearheaded by the Mozilla Foundation, the Open Badges standard is now maintained by the IMS Global Learning Consortium, ensuring interoperability between platforms. The atomization of achievement enabled by digital badges is intended to open up new and novel pathways toward larger educational or professional goals. Carving up learning and achievement into “bite-size” elements facilitates the pursuit of education beyond traditional 2- and 4-year programs and toward a paradigm of lifelong learning from multiple education and training providers. In this way, badges are perfect for low-stakes credentials, or “micro-credentials.” While insufficient for situations which require high-stakes validation (such as, for example, verifying a passport at a border), micro-credentials can effectively reward milestones of Personal achievement and be combined with other achievements to eventually become important elements of a high-stakes credential. In many ways, digital micro-credentials have been an early signal indicating the desire on the part of education providers and employers to digitize all types of credentials. However, the security limitations of digital badges have limited the range of appropriate use cases. For instance, because badge data and badge display are hosted separately, the display could easily be tampered with. Further, because recipients do not control any cryptographic keys connected to their badges, they don’t really have technic
HylandCreds,HylandCreds,,,,,,,,,Digital Identity,"A framework for organizing the categories of digital identity and an analysis of where disruptive innovation is most likely to succeed. [...] Learning Machine has made the strategic choice to disrupt paper documents with verifiable digital records (software), rather than competing directly within the traditional identity space. The following analysis explains why. Note that some startup challengers will be named as exemplars in their categories, which is not meant to imply any criticism of those companies. In fact, many of these companies are collaborating behind the scenes on data standards that will form a common foundation for future interoperability.","Digital Identity A framework for organizing the categories of digital identity and an analysis of where disruptive innovation is most likely to succeed. Digitizing people’s identity to streamline their interactions with a digitally connected world is a movement full of opportunity, but also fraught with danger. While creating convenience and expanding access to services is universally desired, asymmetrical power relationships can lead to predatory practices. Whether this is a government centralizing data or a company driven by profit and expansion, the misuse of Personal data is a growing cause of concern. This concern has resulted in a movement that uses concepts like “self-sovereignty” to denote a raft of practices intended to protect individuals: data minimization, decentralization, consent, ownership, and limited access are just a few. This is a noble and timely movement, but one in which startups are challenging very powerful and wealthy incumbents. Incumbents generally are not motivated to disrupt themselves, so what strategy can effectively disrupt the entrenched digital identity market? As Clay Christensen famously wrote 20 years ago, disruptive innovation is a process by which a new thing transforms an existing market with simplicity, convenience, and affordability where complication and high cost were the norms. This type of innovation can be hard to spot at first due to a lack of features or immediate usefulness, but it contains something new and valuable that sustains its growth over time. Just look at how portable camera phones seemed worthless at first, and then they grew to disrupt the entire camera industry. With disruptive innovation in mind, let’s look at the digital identity problem space from a business strategy perspective. This starts by recognizing that digital identity is not one monolithic sector, but rather a collection of different categories in competition with each other. Access management, regulatory compliance, and Internet accounts are typically considered the three constitutive parts of the identity space. These sectors are where all the money is spent, where research and development are targeted, and where most public attention is focused. However, at Learning Machine, we believe there is an important fourth category: Documents. Together, these categories form an easy-to-remember acronym: ACID. Learning Machine has made the strategic choice to disrupt paper documents with verifiable digital records (software), rather than competing directly within the traditional identity space. The following analysis explains why. Note that some startup challengers will be named as exemplars in their categories, which is not meant to imply any criticism of those companies. In fact, many of these companies are collaborating behind the scenes on data standards that will form a common foundation for future interoperability. We wish all companies fighting for self-sovereignty to have success. Access Access Management facilitates secure login to various ecosystems. This service is ultimately about providing login security, which necessarily creates layers of difficulty. Examples: - Incumbent: Microsoft Active Directory, Okta - Challengers: Uport, Everynm Analysis: Providing login IDs that are rooted to a blockchain and recipient-owned is an altruistic goal because it seeks to limit the leakage of P
HylandCreds,HylandCreds,,,,,,,,,Flexible Systems,"Top-down initiatives to reconstruct entire sectors like digital identity are too brittle to succeed. Flexible systems require a different mindset. [...] unlike every other sector (media, communications, engineering, finance, etc.), official records largely rely on old formats like paper, wax, and PDF for certification, all of which are hard to verify and easy to fake. This is big reason why public blockchains are exciting, because they have the power to prove the authenticity, ownership, and integrity of a natively digital record. The combination of strong cryptography and public blockchains provide a new technical infrastructure that gives people the ability to manage their own records of achievement in a format that is digital, easily shared, and instantly verifiable using a global verification network.","Flexible Systems Top-down initiatives to reconstruct entire sectors like digital identity are too brittle to succeed. Flexible systems require a different mindset. Official records are one of the most powerful forms of social currency. They allow people to demonstrate proof of their abilities, accomplishments, and experiences in a way that helps them gain entrance to new realms of economic possibility. However, unlike every other sector (media, communications, engineering, finance, etc.), official records largely rely on old formats like paper, wax, and PDF for certification, all of which are hard to verify and easy to fake. This is big reason why public blockchains are exciting, because they have the power to prove the authenticity, ownership, and integrity of a natively digital record. The combination of strong cryptography and public blockchains provide a new technical infrastructure that gives people the ability to manage their own records of achievement in a format that is digital, easily shared, and instantly verifiable using a global verification network. Of course, exciting new frontiers can also bring out some impatient instincts. The Instinct to Centralize Anytime the world gets a powerful new technology with the potential to make old dreams come true, the instinct is to harness the power by immediately attempting to pre-architect all desired outcomes in one step. This tempting instinct creeps into both the strategic and technical arenas, ultimately distracting from long-term transformation with a short-term eagerness. Strategic Mistakes Centralization can be powerful and effective in many ways, and so it’s no surprise that strategic plans for new technologies often begin with the word “Universal” — as in universal ID cards, universal academic records, and so on. The problem with instituting this type of top-down control is that it presumes to understand all possible situations, now and in the future, for how the system must operate. This type of vision is not only brittle, it ignores the unique traits of the technology and imposes non-existent limitations. Let’s look at two examples. A universal ID card for a country usually proposes to place all Personally identifiable information in one government controlled system to access a variety of social benefits. While this might feel efficient for a government, overconsolidation of data creates a honey pot that ultimately threatens the safety of citizens and misses a larger opportunity: public blockchains make it possible for citizens to transact and share specific attributes about themselves, without the vulnerability of storing all their data within a single database. A universal academic record proposed by schools typically sounds like this: 1. Write data to a secure common student record 2. Participate in verification revenue over time 3. Accelerate admissions and matriculation with a standard set of definitions. This is basically the Clearing House model, which isn’t new and doesn’t require a blockchain. This mindset also misses a profound reality that education now comes from a proliferation of alternative providers over a lifetime, and that the blockchain enables every student to act as their
HylandCreds,HylandCreds,,,,,,,,,Hosted ≠ Verified,"Have you ever seen a person’s certification listed on LinkedIn, and then followed the link to the actual credential? It typically resides on the domain of a software vendor, or on the domain of the issuing institution, with the intention of communicating authenticity. While hosted credentials provide convenience for both credential holders and verifiers, hosting is not enough to provide a secure basis for verification.","Hosted ≠ Verified Credentials hosted on an institution’s domain may be convenient, but hosting alone is not sufficient to provide security, reliability, or longevity for recipients and verifiers. Credentialing has been undergoing a renaissance in recent years, encouraged by the unbundling of education and a proliferation of new education providers targeting niche outcomes. This trend has yielded an explosion of digital certificates, micro-credentials, badging, and other innovative symbols of accomplishment. Have you ever seen a person’s certification listed on LinkedIn, and then followed the link to the actual credential? It typically resides on the domain of a software vendor, or on the domain of the issuing institution, with the intention of communicating authenticity. While hosted credentials provide convenience for both credential holders and verifiers, hosting is not enough to provide a secure basis for verification. Easy to Spoof Many of these new credentials are simply a web page. However, as we all know from email phishing scams, websites are easy to fake and a slightly altered domain name can be hard to spot. If a motivated imposter wanted to set up a website to make fake credentials look real, this wouldn’t require much effort. The case of Open Badges is slightly different. These are typically image files with information attached, and easily shareable as a discrete object. However, when verification occurs, it is not the visible badge which is being checked. Rather, verification is checking the hosted version of that badge, not the display that is in hand. This means the display of a badge could be completely changed and it would still successfully verify. This is what we mean when we say a credential is not “tamper evident.” In both cases, what you have are credential displays that are easily spoofed. While this level of security may be fine for temporary or low-stakes accomplishments, it’s fundamentally problematic for higher-stakes credentials like diplomas, transcripts, identity documents, and licenses. Below are two major drawbacks of relying on hosted credentials for long-term verification. Inconsistent Availability Beyond being an untrustworthy display, websites simply aren’t reliable for the long term. Sites go down, links get moved, and so on. For instance, when Open Badge vendors go down, none of the credentials issued through those platforms will remain usable or even visible. Imagine applying for a job and only having a 404 error page when the employer clicks on your credential. It’s hard to believe that some educational institutions are trusting startups for hosting credentials that need 100% availability. Unlikely to Survive Even if your organization chooses to host everything itself, the maintenance of online records is a huge responsibility, and the risk of going down, causing harm, and suffering reputational damage is likely. Plus, very few organizations will last for a lifetime. Don’t you want your graduates to have the confidence that proof of their accomplishments will work for the long term, even if your organization should change or disappear? This is certainly the case with credentials that have value beyond getting one near-term job. In short, hosting credentials provides a convenient way for people to share a link, but it doesn’t provide confidence for verifiers. If new credentials are going to gain the gravitas of traditional records, they will have to grow into a more secure format. This is why Learning Machine provides a Blockcerts-compliant issuing system designed for issuing digital reco
HylandCreds,HylandCreds,,,,,,,,,Remaking Credentials,"When desktop computers came into the workplace 25 years ago, the problem of paper remained. How could print layouts be shared and displayed across a variety of electronic machines and operating systems? The most prominent solution that emerged was Adobe’s Portable Document Format (PDF), a proprietary solution released in the 1990’s as a way to share documents that included text formatting and in-line images. Even though more features were added over time, in essence, PDFs operated as a paper analogue for computers.","Remaking Credentials As we move from a world of discrete paper repositories to a world of interconnected digital systems, we need official records that are natively digital to reap the full benefits of electronic exchange. When desktop computers came into the workplace 25 years ago, the problem of paper remained. How could print layouts be shared and displayed across a variety of electronic machines and operating systems? The most prominent solution that emerged was Adobe’s Portable Document Format (PDF), a proprietary solution released in the 1990’s as a way to share documents that included text formatting and in-line images. Even though more features were added over time, in essence, PDFs operated as a paper analogue for computers. As the adoption of PDFs became more widespread, this format was adopted by some organizations as an alternative to paper for embodying and conferring official records to recipients. Since PDFs are not hard to alter/edit, they needed to be “sealed.” So, digital signatures from the issuing institution were added, which rely on a centralized party, like Adobe, to verify the entity behind the signature. While this method gained modest traction, it hasn’t created a new normal for the peer-to-peer exchange of official records. In fact, the Apostille (notary) process is still the standard for transmitting official records internationally. Further, plenty of vendors have entire business models to be the trusted middleman for sending or verifying records. The end result of PDFs has been a failure for trusted records. Desktop computers may be able to display them, but little else. People must still pay money and wait a long time to have their records sent. Relying parties must spend time and money to make sure these records are legitimate. Basically, these PDFs are no more functional than paper — they are very large files (slow), not enriched with metadata, and not easily machine readable. All of this prevents the transformational benefits and efficiencies of a truly electronic exchange. PDFs + Blockchain? With the rise of decentralized systems, blockchains have become famous for enabling a new level of security and peer-to-peer exchange for digital assets. Not to miss a marketing opportunity, some software vendors have added blockchain timestamping to their PDF credential service. This is a process by which a document is registered on a blockchain, at a specific point in time, to prove that a certain version existed. The question here is what added value does timestamping actually provide in this scenario? Very little. Blockchains were made to enable decentralized systems where digital assets are cryptographically owned by recipients and function peer-to-peer without relying upon any vendor or third party. So, unless a software provider has gone to lengths that make both of those goals real, no fundamental benefit is being realized from using a blockchain. The vendor still provides all of the assurances, and the blockchain is simply providing redundancy. Further, proprietary approaches that aren’t open-source, or based on open data standards, are doomed to a short lifespan. Even when a PDF has been digitally signed and blockchain timestamped, it doesn’t suddenly become useful as a software object, beyond the mere ability to view it. Official records as stand-alone objects are completely uninspiring. We need to do better and we have the technology to do so. Official records can be made as software to interrelate wi
HylandCreds,HylandCreds,,,,,,,,,Why Use a Blockchain?,"Everyone wants digital records to be shareable and verifiable, but it is only now that we have the technical infrastructure to reliably accomplish that goal. The innovation that makes this possible is blockchain-enabled networks that synchronize around a single truth. While digital signatures and public key infrastructure (PKI) are important pieces of a secure credentialing solution, it is the addition of a decentralized verification network that adds the highest level of security, longevity, and recipient ownership to digital records.","Why Use a Blockchain? Blockchains offer a new public infrastructure for verifying credentials in a manner far more durable, secure, and convenient than relying upon a single authority. Everyone wants digital records to be shareable and verifiable, but it is only now that we have the technical infrastructure to reliably accomplish that goal. The innovation that makes this possible is blockchain-enabled networks that synchronize around a single truth. While digital signatures and public key infrastructure (PKI) are important pieces of a secure credentialing solution, it is the addition of a decentralized verification network that adds the highest level of security, longevity, and recipient ownership to digital records. Traditional solutions for verifying digital records, including PKI, have typically relied on a trusted third party (TTP) to transmit or provide verification. This might be a vendor, an issuer, or a certificate authority. Unfortunately, in these cases, the TPP operates within limited jurisdictions and precariously maintains a single point of failure. This means that if the TTP is ever compromised, loses their records, or stops functioning, verification is no longer possible. Some minimize the risk of such a failure, but catastrophic failures happen all the time across every geographic region, leaving people stranded and exposed. Disaster Examples: - War: In Syria, civil war left major institutions of government and education destroyed. Millions of people can no longer prove who they are or what their skills are because the only institutions who could verify this information are no longer functioning, or have lost their records. - Natural: In 2017, Hurricane Maria hit Puerto Rico. Critical infrastructure was wiped out by the hurricane, causing loss of high-stakes records. These included vital records (birth, death, and marriage certificates), driver’s licenses, property titles, and address and tax records. - Technical: In the United States, the Equifax hack demonstrated how a single honey pot of Personal information, like social security numbers, can leave citizens completely exposed. The point is that disasters are common and can happen anywhere, to any trusted third party. Entrusting a single entity with the power to protect and verify those records creates a brittle system with poor security and longevity. It is insufficient for high-stakes records that need to be accessed and verified reliably for a lifetime. A better alternative is having this same trusted authority backed up thousands of times, across the globe, and accepted across jurisdictions because the data isn’t controlled by any single company or government. That is what public blockchains have enabled. Even better, using an open standard (like Blockcerts) to anchor records to blockchains creates an ecosystem of globally portable, interoperable records that can easily be recovered if disaster strikes. Blockchains and Decentralization Every decade or two, a new computing platform comes along that changes how we live. Personal computers, the Internet, and smartphones are all examples of fundamental innovation. What’s hard to comprehend about new platforms is that they are initially inferior to older platforms in most ways, but they also bring about some profound new capabilities. Today, decentralized software, enabled by blockchains, are the fundamental innovation. While these platforms are sometimes counterintuitive and lack many features, they offer som
HylandCreds,HylandCreds,,,,MIT; Learning Machine,,,,EDUCAUSE 2018,Credential (n.),"Blockcerts was publicly announced at EDUCAUSE in 2016 to an immense room of attendees consisting of CIOs, Registrars, and IT professionals — a presentation which, over the last two years, kicked off a wave of experimentation, press, and interest for using blockchains as a new infrastructure of trust.<br>Further, MIT has been using the Learning Machine Issuing System to issue official diplomas as Blockcerts to graduates at all levels across the Institute. This October we returned EDUCAUSE 2018 with Mary Callahan, MIT Registrar, to share a progress report on issuing blockchain-based digital diplomas to graduates over the last year and half.","Credential (n.) From the Latin credere: “to believe, trust” Paper documents have been used throughout history to represent aspects of an individual’s identity or qualifications, providing the bearer of that credential a certain amount of credit when asserting a claim. Today, these take the form of birth certificates, academic records, titles, deeds, licenses, and various other instruments that allow people to authentically represent something about themselves to the world. Unfortunately, these paper documents have been losing currency due to being easy to fake and hard to verify. While various seals, watermarks, and complexity have been added over the years, we stand at a moment in history where fraud is rampant and bearer instruments have lost most of their efficacy. Former FBI agent Allen Ezell, and John Bear, Ph.D., have written a book that focuses on corruption within academic credentialing titled, “Degree Mills: The Billion-Dollar Industry That Has Sold Over a Million Fake Diplomas,” a book that will crumple any belief which maintains trust in traditional formats. Of course, loss of trust in these formats has resulted in byzantine processes for the transmission and verification of records that is inconvenient and expensive for everyone involved. This is why MIT and Learning Machine started working together in 2016, to make a new kind of digital record that restores trust in credentials like academic records. The result was launching Blockcerts.org — the open standard for securing digital records by using a blockchain as a global notary system to verify authenticity. The goal of this resource is to provide people with the ability to store their own records and use them directly in the world when they see fit. Further, relying parties can use the open-source verifier to instantly check these credentials, a process that generates a hash of the local document and compares it to a hash on the blockchain. When everything matches, and it has not expired or been revoked, the credential is verified. EDUCAUSE Blockcerts was publicly announced at EDUCAUSE in 2016 to an immense room of attendees consisting of CIOs, Registrars, and IT professionals — a presentation which, over the last two years, kicked off a wave of experimentation, press, and interest for using blockchains as a new infrastructure of trust. Further, MIT has been using the Learning Machine Issuing System to issue official diplomas as Blockcerts to graduates at all levels across the Institute. This October we returned EDUCAUSE 2018 with Mary Callahan, MIT Registrar, to share a progress report on issuing blockchain-based digital diplomas to graduates over the last year and half. Chris Jagers, Learning Machine CEO, kicked off the presentation by talking about the power of open standards as well as explaining the technology behind public decentralized blockchains. Driven by inclusion, security, and trust across borders, open decentralized blockchains provide a new public infrastructure similar to the Internet — a network not controlled by any company or government. Mary Callahan, Senior Associate Dean and MIT Registrar, followed by presenting a summary of experience and data from issuing digital diplomas over the last year, all of which was organized by four core motivations: to empower students with ownership, reduce fraud, incr
HylandCreds,DHS,,,,LearningMachine,,,,,DHS Awards 159K for Infrastructure to Prevent Credential Fraud,"Phase 1 award project “Leveraging **Learning Machine**’s Commercial Offering in Public Infrastructure for Fraud Prevention” will adapt their current commercial technology using the open-source Blockcerts standard to support emerging global World Wide Web Consortium (W3C) security, privacy and interoperability standards such as decentralized identifiers (DID) and verifiable credentials for credential issuance and verification solutions. The proposed approach enables credential user and DID provider independence from vendor-specific accounts to access credentials and promotes holder control and interoperability.","FOR IMMEDIATE RELEASE S&T Public Affairs, 202-254-2385 WASHINGTON – The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has awarded $159,040 to Learning Machine Technologies, Inc. based in New York, to develop blockchain security technology to prevent credential fraud. Government agencies issue, validate, and verify credentials for a variety of purposes. For example, DHS operational components, such as U.S. Customs and Border Protection, the Transportation Security Administration, and U.S. Citizenship and Immigration Services, issue, validate or verify eligibility requirements; licenses and certifications for travel, citizenship, and immigration status; employment eligibility; and supply chain security. Current processes are often paper-based, do not facilitate data exchange and use among systems, making them potentially susceptible to loss, destruction, forgery and counterfeiting. S&T is exploring the application of blockchain and distributed ledger technology (DLT) to issue credentials digitally to enhance security, ensure interoperability and prevent forgery and counterfeiting. Learning Machine Technologies’ Phase 1 award project “Leveraging Learning Machine’s Commercial Offering in Public Infrastructure for Fraud Prevention” will adapt their current commercial technology using the open-source Blockcerts standard to support emerging global World Wide Web Consortium (W3C) security, privacy and interoperability standards such as decentralized identifiers (DID) and verifiable credentials for credential issuance and verification solutions. The proposed approach enables credential user and DID provider independence from vendor-specific accounts to access credentials and promotes holder control and interoperability. “Standards-based interoperability is critical to implementing innovative, fraud resistant approaches to digital issuance of currently paper-based credentials.” said Anil John, S&T's Silicon Valley Innovation Program (SVIP)Technical Director. “By adapting their existing platform to build support for emerging W3C global standards, Learning Machine will enable organizations to deploy solutions without vendor or platform lock-in concerns.” The Phase 1 award was made under S&T’s SVIP Other Transaction Solicitation Preventing Forgery & Counterfeiting of Certificates and Licenses seeking blockchain and DLT solutions to fulfill common needs across DHS missions. SVIP is one of S&T’s programs and tools to fund innovation and work with private sector partners to advance homeland security solutions. Companies participating in SVIP are eligible for up to $800,000 of non-dilutive funding over four phases to develop and adapt commercial technologies for homeland security use cases. For more information on current and future SVIP solicitations, visit https://www.DHS.gov/science-and-technology/svip or contact DHS-silicon-valley@hq.DHS.gov. For more information about S&T’s innovation programs and tools, visit https://www.DHS.gov/science-and-technology/business-opportunities. ###",https://www.dhs.gov/science-and-technology/news/2019/11/12/news-release-dhs-awards-159k-prevent-credential-fraud,,Post,,Meta,,,,,,,,2019-11-12,,,,,,,,,,,,,
HylandCreds,Hyland,,,,LearningMachine,,,,,Hyland acquires blockchain-credentialing provider Learning Machine,"Hyland, a leading content services provider, announced its acquisition of Learning Machine, an innovator in blockchain-anchored digital credentialing solutions. The acquisition was effective February 1, 2020.","Hyland acquires blockchain-credentialing provider Learning Machine Hyland, a leading content services provider, announced its acquisition of Learning Machine, an innovator in blockchain-anchored digital credentialing solutions. The acquisition was effective February 1, 2020. Learning Machine is a pioneer in leveraging blockchain technology to authenticate documents and content. Its credentialing solution facilitates the creation and sharing of blockchain-secured digital records that are recipient owned, vendor independent and verifiable anywhere. The Learning Machine Issuing System allows any organization to easily design their records, import recipient data, issue records and manage the entire credentialing lifecycle. The system allows governments, companies and educational institutions to issue blockchain records at scale, rooted in any blockchain they choose. “This acquisition is a major step toward our goal of revolutionizing the way organizations electronically exchange trusted records,” said Bill Priemer, president and CEO of Hyland. “The addition of Learning Machine’s digital credentialing solutions to Hyland’s content services platform will enable our customers to generate and manage digital documents that are both easily shareable and instantly verifiable.” “The use of blockchain technology for digital credentialing has become an increasingly urgent need as governments, educational institutions and organizations seek to combat fraud, mitigate risk and relieve administrative burdens associated with the exchange of content,” said Chris Jagers, CEO of Learning Machine. “This acquisition creates significant value for Learning Machine customers who will gain the full benefit of Hyland’s notable support, partnership and accountability.” One of the most prevalent uses of the Learning Machine technology today is the issuing of digitally secured diplomas and transcripts for and by higher education institutions. With over 900 of these institutions already leveraging the Hyland content services platform, these customers stand to benefit from Learning Machine’s ability to share and deliver authenticated content. Additionally, Hyland looks forward to accelerating the diversification of Learning Machine solutions across the vertical markets and geographies in which Hyland is already well positioned to help organizations deliver better experiences to the people they serve. Hyland will continue to support Learning Machine’s current solutions and customers as it integrates the technology into existing platform offerings. For more information about Hyland and its leading content services platform, visit Hyland.com. For more information about Learning Machine’s digital credentialing system, visit LearningMachine.com. Hyland is a leading content services provider that enables thousands of organizations to deliver better experiences to the people they serve. Find us at Hyland.com. About Learning Machine Learning Machine is a leading provider of blockchain credentialing solutions based on the Blockcerts open standard, enabling customers around the world to issue verifiable digital records at scale. Find us at LearningMachine.com.",https://news.hyland.com/hyland-acquires-blockchain-credentialing-provider-learning-machine,,Post,,Meta,,,,,,,,2020-02-05,,,,,,,,,,,,,
HylandCreds,Hyland,,,,,,,,,"Hyland, Dataswift and Case Western Reserve University partner to advance web-based verifiable credential storage","The initial phase of the partnership involved building a web-based interface that enables users to easily store and manage their verifiable credentials by uploading them to a user-owned, encrypted Personal data account (PDA), an innovative privacy-preserving solution developed by Dataswift, another strategic partner of xLab. That account is the storage system of a Personal data server legally owned by users themselves and comes with a Data Passporting function that can be called upon by any application, allowing users to license their data on demand, quickly and securely, with any relevant party.","Hyland, Dataswift and Case Western Reserve University partner to advance web-based verifiable credential storage Students in CWRU’s xLab assist in developing credential storage in Personal data accounts Hyland, Dataswift and students from Case Western Reserve University’s xLab initiative have partnered to advance the development of open standards for blockchain-anchored digital credentials. “This partnership has incredible potential, as digital credentials become increasingly accepted as an easy, secure way to share information,” said Valt Vesikallio, SVP, global services at Hyland and an executive sponsor of the project. “We’re excited to be sharing in this work with students at Case Western Reserve University, a world-class institution in our back yard.” The partnership has been beneficial for all parties, as Case Western Reserve students have gained valuable real-world experience in their field of study, while the University has gained partner companies that expand co-curricular opportunities for its students. Hyland, meanwhile, has expanded its potential pipeline of future developers and hopes to expand the number of CWRU’s students and eventual graduates working at the company. “Our students are proud and excited to work on such a meaningful project and with a well-known and highly regarded company in Hyland,” said Youngjin Yoo, the faculty director of the university’s xLab. “They’re aware of the potential value and impact of credentials and are playing a key role in the development of these real-world use cases, experience that will help them in their future careers as well.” The initial phase of the partnership involved building a web-based interface that enables users to easily store and manage their verifiable credentials by uploading them to a user-owned, encrypted Personal data account (PDA), an innovative privacy-preserving solution developed by Dataswift, another strategic partner of xLab. That account is the storage system of a Personal data server legally owned by users themselves and comes with a Data Passporting function that can be called upon by any application, allowing users to license their data on demand, quickly and securely, with any relevant party. Currently, sharing such private documents securely is difficult, costly and time-consuming, and often relies on third parties that alienate the user from ownership of their own data. CWRU’s xLab was founded in 2019 with the aim of fueling the transformation of Northeast Ohio’s digital economy and building digital intelligence in the region. It partners with Northeast Ohio corporations to assist in the implementation of business models for the new digital economy, by way of a multi-year strategic engagement. Students work on company-specific digital innovation challenges in a class instructed by a digital design faculty member. “We’re excited to be working with Case Western Reserve University students on this important endeavor,” said Natalie Smolenski, Head of Business Development for Hyland Innovation. “This is a step forward for self-sovereign identity; the technology makes it much easier for data owners to share their Personal records securely online and for third parties to access and verify the documents they need.” Hyland is a leading content services provider that ena
HylandCreds,HylandCreds,,,,DHS; LearningMachine,,,,,Learning Machine wins DHS Grant to align Blockcerts with the W3C specifications for Verifiable Credentials and Decentralized Identifiers.,"Today, **Learning Machine** is proud to announce that we have won Phase-1 funding for our response to the open call “Preventing Forgery & Counterfeiting of Certificates and Licenses through the use of Blockchain and Distributed Ledger Technology.” The purpose of the call was to develop vendor-neutral technology solutions that prevent the forgery and counterfeiting of official records for immigration, travel, visas, and other use cases pertaining to national and citizen security. Our grant application addressed DHS requirements by proposing an upgrade to the Blockcerts open standard, making it capable of issuing W3C Verifiable Credentials.","Future Proof Learning Machine wins DHS Grant to align Blockcerts with the W3C specifications for Verifiable Credentials and Decentralized Identifiers. When Blockcerts was incubated at MIT, it was the first open-source project in the world that demonstrated how to create, issue, and verify a digital record using a blockchain to ensure the integrity of that record. At the time, Bitcoin was widely considered the most viable blockchain, and the W3C Verifiable Credentials specification was still nascent. Nevertheless, the project moved forward with a commitment to the principles of openness, synchronization with other data standards, recipient control, vendor independence, and viability for any blockchain. Since the launch of Blockcerts, major strides have been made in the Self-Sovereign Identity (SSI) space thanks to the diligent work of groups like the W3C, Rebooting Web of Trust, the Internet Identity Workshop, and the Decentralized Identity Foundation, all of which have built upon 20+ years of hard work from many different companies, organizations, and individuals. Today, with the emergence of the Verifiable Credentials specification, Decentralized Identifiers (DIDs), a Universal Resolver, and other important components of self-attesting digital credentials, the world has a set of tools and specifications which lay the groundwork for a growing consensus about methods and formats that can reliably assert a digital claim. Most importantly, these standards are not owned by any one vendor or institution, making them an infrastructure that enables open innovation. The W3C credential standards are analogous to TCP/IP or GPS: open protocols that enabled the internet and geolocation revolutions. Governments are playing an increasingly critical role in the verifiable credentials ecosystem by funding fundamental research. An important example of governments taking the lead in this way is the Silicon Valley Innovation Program, part of the U.S. Science & Technology directorate within the Department of Homeland Security. SVIP offers a variety of grants to help develop new technologies and accelerate their time to market. Today, Learning Machine is proud to announce that we have won Phase-1 funding for our response to the open call “Preventing Forgery & Counterfeiting of Certificates and Licenses through the use of Blockchain and Distributed Ledger Technology.” The purpose of the call was to develop vendor-neutral technology solutions that prevent the forgery and counterfeiting of official records for immigration, travel, visas, and other use cases pertaining to national and citizen security. Our grant application addressed DHS requirements by proposing an upgrade to the Blockcerts open standard, making it capable of issuing W3C Verifiable Credentials. The open-source reference implementation, targeted for 2020, will include: - Updating the Blockcerts schema to a Verifiable Credentials-based format - Updating the Blockcerts signature/verification scheme to conform to the latest JSON-LD signature suite format - Updating Blockcerts credential issuance and verification - Incorporating a cost-efficient DID method for issuers All of these upgrades to the Blockcerts open standard will also be included in Lear
HylandCreds,Hyland,,,,Hyland,,,,,Study: Optimizing use of content is critical to enhancing customer experiences,"According to a new commissioned study conducted by Forrester Consulting, organizations recognize that “content is critical to improving the customer experience, but few are able to leverage its full potential.”","Forrester Study | March 2019 Content At Your Service: How modern content services platforms power digital transformation Study: Optimizing use of content is critical to enhancing customer experiences According to a new commissioned study conducted by Forrester Consulting, organizations recognize that “content is critical to improving the customer experience, but few are able to leverage its full potential.” If your organization struggles with using its content, you’re probably familiar with the roadblocks at the heart of the issue, like a lack of budget and difficulty migrating content from older systems. But with new technology trends changing the paradigm for user and customer interactions, your organization can’t afford not to pursue a better digital transformation strategy. What can you do? Forrester, a leading consulting and research firm, make a case for using a content services approach to digital transformation in this new study. It will help your organization define what a successful content services strategy looks like through four competency pillars: - Agile adaptivity - Intelligent automation - Tailored solutions - Reimagining business models and processes Is your organization ready to experience higher revenue gains, while providing better experiences for employees and customers? Forrester offers insights and a set of key recommendations, so you will be ready to begin your content services-enabled digital transformation today. Download the study>> Download the study *By submitting this form you are opting into receiving emails from Hyland Software, Inc. Please view our privacy policy for further information.",https://www.hyland.com/en/learn/it-programs/forrester-content-at-your-service-wp,,Study,,Meta,,,,,,,,2023-01-01,,,,,,,,,,,,,
HylandCreds,WebOfTrustInfo,,,,RWot9; Learning Machine; Blockcerts,,,,,"Blockcerts v3 release, a Verifiable Credentials implementation","As the standards around Verifiable Credentials are starting to take form, different flavors of ""verifiable credentials-like"" data structures need to make necessary changes to leverage on the rulesets outlined and constantly reviewed by knowledgeable communities such as the W3C. The purpose of this paper is to identify all of the changes needed for Blockcerts to comply with the Verifiable Credentials (VCs) and Decentralized Identifiers (DIDs) standards and to expand upon the additional benefits of using a blockchain in combination with Verifiable Credentials. This paper is meant to act as an explainer in which a formal specification can be created.<br>This paper proposes multiple implementation options for several properties. The intention is that we can engage the Blockcerts / Verifiable Credential communities and see what fits best.",,https://github.com/WebOfTrustInfo/rwot9-prague/blob/master/draft-documents/BlockcertsV3.md,,Proposal,,Standards,,,,,,,"Blockcerts,Verifiable Credentials",2016-12-31,,,,,,,,,,,,,
HylandCreds,HylandCreds,,,,,,,,,A Passport to Greater Opportunity,"One of the earliest challenges of statecraft was developing a legible view of its populations. Translating local complexities into simple and summary descriptions was necessary to enable traditional state functions like taxation and planning. This need to describe impelled various standardization efforts, including permanent last names, land registries, and population surveys, which gave society a visible shape that could be centrally recorded and used within legal frameworks to wield state power.","A Passport to Greater Opportunity Verifiable digital credentials are a critical component of addressing global workforce challenges related to education and mobility — all while following the principles of Good ID. One of the earliest challenges of statecraft was developing a legible view of its populations. Translating local complexities into simple and summary descriptions was necessary to enable traditional state functions like taxation and planning. This need to describe impelled various standardization efforts, including permanent last names, land registries, and population surveys, which gave society a visible shape that could be centrally recorded and used within legal frameworks to wield state power. Migration has historically challenged these standardization efforts and contributed to the reasons governments sought to limit movement. However, as today’s nation-states transition from local industrial economies to a global digital economy, priorities are changing. Building a modern workforce that is competitive and attractive requires a citizenry empowered with digital tools, continuous skills development, opportunity-driven mobility, and the flexibility to compete on a global scale. The pull of this economy is already evident within the field of education. Today, nearly 5 million students travel outside their countries of origin to be educated, a number which is expected to grow to 7 million by 2030. HolonIQ’s visualization of UNESCO data below illustrates the complexity of this student flow between nations. What tools can help sustain this trend? At Learning Machine, we believe verifiable digital credentials offer a critical solution. Blockchains and Digital Identity Official credentials represent an important part of who we are and how we interact with the world. Specific domains like education and employment, as well as digital identity more broadly, are the realms in which people must build a record about themselves in order to access opportunities. However, today over a billion people globally still have no way to prove their identities. This is particularly daunting considering that every type of service in the 21st century–including access to government services–will have to be accessed digitally. The challenge ahead is to develop the wisdom and will to create new identity systems that are transformationally inclusive without being radically invasive. Historically, greater state control has often directly diminished citizens’ rights, a trade-off considered to a certain point necessary to achieve administrative aims. Yet, recent massive breaches of Personal data and trust have ignited a public demand for options that better protect Personal privacy. The urgency to implement better identity systems has given rise to movements like Good ID and Self-Sovereign Identity. These initiatives advocate for approaches that enable individuals to reliably assert Personal claims via a digital Medium, without violating their own privacy, security, or ownership of data. The rise of public blockchains is notable because the technology breaks the old pattern of sacrificing rights for protection. Decentralized blockchains simultaneously increase public security and individual privacy by assuring the authenticity of digital assets. Operating as a global notary, blockchains offer instant mathematical verification of digital asset ownership and integrity, like money or credentials. This results in a reduction of fraud while increasing efficiency, conservi
IBM,,IBM,,Thomas J. Watson,DIF; SecureKey; Indy; Sovrin Foundation; Mooti,"USA, New York, Armonk",USA,,,IBM,"We bring together all the necessary technology and services, regardless of where those solutions come from, to help clients solve the most pressing business problems.","IBM joined DIF because we believe it will take open community and standards to achieve the vision of self-sovereign identity. For example, members of DIF are focused on the establishment of an open web platform standard within the W3C standards organization called Decentralized Identifier (DID). A DID will provide a standard global resource naming scheme for identity.<br><br>There is a global Internet standard for naming resources called a uniform resource identifier or URI. When you type https://www.IBM.com into your browser, a URI ensures you always end up at IBM’s website. Similarly, we need one standard to identify an individual, as well.<br>",https://www.ibm.com/us-en/,,Company,,Company,Enterprise,IT,,,,,Verifiable Credentials; DID,1911-06-06,https://github.com/IBM,https://twitter.com/IBM,https://www.youtube.com/ibm,https://www.ibm.com/blogs/blockchain/,https://www.ibm.com/blogs/blockchain/feed/atom/,,https://www.crunchbase.com/organization/ibm,https://www.linkedin.com/company/ibm/,,,,,
IBM,IBM,,,Philip Duffy,,,,,,Building a digital trust ecosystem for mining in British Columbia,"The Mines Digital Trust Ecosystem wallet uses verifiable credentials which are enhanced digital versions of physical credentials. The Mines Digital Trust Ecosystem is built on technology that is highly transparent, secure, tamper-proof, and immutable. From the moment information is stored, it cannot be changed. Credentials can be revoked and re-issued as business processes dictate.","Share this post: Responsible practices to preserve our planet require innovation, agility, and collaboration. Consumers, investors, producers, and governments around the world are choosing to do business with those that demonstrate a commitment to sustainability. In the mining sector, British Columbia is committed to increased transparency and trust related to where products come from and how they are produced. This includes provenance related attributes for supply chain, tracing, and environmental, social and governance (ESG) reporting. “While there is tremendous progress already underway in this space [Responsible Sourcing Blockchain Network]” says Alex Kaplan, Global Leader for IBM Digital Credentials. “What I’m most excited about is what comes next and where we could go together.” Charting the course The government of British Columbia is leading the way by creating a digital service and convening an ecosystem that brings together producers, purchasers and investors of those raw materials to scale trusted credentialing in the mining space. As part of this initiative the government is convening the digital trust ecosystem led by BC’s Ministry of Energy, Mines, and Low Carbon Innovation (EMLI). In partnership with broader digital trust efforts from the BC Ministry of Citizens’ Services, there is extensive digital trust work taking place within the province. Learn how IBM Blockchain helps government agencies respond to new disruption Blockchain technology is part of the core infrastructure of this initiative because is a catalyst for sustainable development as it enables the trusted exchange and automation of minerals data across all participating members. Leveraging the technical and consultative expertise of IBM Blockchain, a pilot digital trust ecosystem is being activated that will allow BC natural resource producers to share verifiable evidence of where materials came from and the producer’s certified sustainable environmental, social and governance (ESG) practices including the reduction of greenhouse gas emissions. In addition, IBM and EMLI are partnering to create a long-term vision of the how the technology and ecosystem will address market needs and a governance model to accelerate future adoption. The founding members of the digital trust community will be working together over the coming months to build a governing charter for the ecosystem and its process, support onboarding, and expand the services. Making it real: Digital credentials in action This collaboration will use the existing OrgBook BC service. OrgBook BC started in 2017 as an early collaboration and exploration with IBM and Digital ID & Authentication Council of Canada (DIACC) around registries data, then evolved to begin using verifiable credentials, leveraging Hyperledger Aries and Indy technologies. The BC government and IBM helped found and contributed to the Trust Over IP (ToIP) Foundation focused on digital trust. ToIP launched in May 2020 as a confluence of efforts in the digital identity, verifiable credential, blockchain technology, and secure communications spaces to converge and create an interoperable architecture for decentralized digital trust. “Simply put,” says Ryan Forman, Executive Director, Strategic Initiatives Branch, EMLI, “the province of BC is leveraging their investment in open source distributed ledger technology, involvement in the ToIP, and industrial emissions data to enable mining operators to easily share third-party verified information about company performance.” The vision is to enable multiple sectors of the econom
IBM,IBM,,,Kal Patel,,,,,,Moving forward with Digital Health Passes,"We envision a future that will include multiple Health Pass solutions, giving organizations and consumers the ability to choose which to utilize. This is why my team and I have put an emphasis on the interoperability of our solution. In addition, easy communication between state and federal health systems will reduce necessary investment and increase access to Digital Health Passes. In the near future we envision a user from any state being able to use their Health Pass in New York or any other state of their choice.","Share this post: Having two daughters as nurses during the early stages and height of the pandemic made for tough weeks and months for myself and my family. The uncertainty of the virus and the inability to secure PPE for my daughters was a time I hope to never relive. The past year of course has brought unforeseen changes to daily life as we knew it for all of us. Effects of the COVID-19 pandemic span the globe, and no one has been untouched by the impact of this disease. Fortunately, the last five months has brought hope, with vaccines from multiple companies proving to be highly effective and the distribution of doses steadily ramping up. Both private and public sectors have pivoted and worked diligently to assuage the challenges we have all endured. With a significant portion of the U.S. population vaccinated and many more having received their first dose at this point, we must now shift our thinking to how we can responsibly and efficiently reopen economies. This will be crucial in getting citizens back to work, enabling business to take advantage of pent-up demand, and ultimately restoring economic prosperity to the many who have been financially impacted by COVID-19. Learn how innovative companies and individuals use blockchain for social good Impact and moving the needle I have been a technologist my whole life, and the capabilities of new industry and public partnerships in helping humanity continues to amaze me. Technology has played a crucial role in assisting schools and offices to swiftly transition to remote work and education. It’s now time for us to take advantage of these advancements once again, by responsibly bringing back employees, students, and consumers. I am the IBM Delivery Executive for the NY Digital Health Pass — Excelsior. Digital Health Passes are powerful technology-enabled solutions that can help restore normalcy for society. IBM’s Digital Health Pass, underpinned by blockchain, leveraged in NY sits at the nexus of data security and healthcare. Users are able to verify their health status without sharing Personal health data with any third party. There has been tremendous hype around Digital Health Passes or “vaccine passports”, but we have converted vision to reality. Our partnership with the state of New York has brought Excelsior Pass, a New York State branded Health Pass, to the market. The first state Health Pass to be rolled out in the United States. Making vision a reality with Excelsior Pass Imagine the streets and restaurants of New York City humming again. Baseball stadiums refilled with fans for summer games, and Broadway back to entertaining the flood of tourists and New Yorkers that flock to see iconic shows. If you live in NY, the Excelsior Pass could be the ticket to this and much more in the summer of 2021. The state of New York contracted IBM to implement a Digital Health Pass to aid state officials in expediting the reopening of businesses. Over the last two months my team and I have worked to make this a reality. And it’s been amazing to work on a solution that will likely help millions of people and businesses. This undertaking sits at the intersection of healthcare and technology, two sectors I am deeply passionate about. The Excelsior Pass launched on 25 March, making the tool available to all 19 million New Yorkers and all businesses across the state. The application has three components, the portal, wallet, and scanner. Those who have been vaccinated or tested can visit t
IBM,NYTimes,,,,,,,,,New York’s Vaccine Passport Could Cost Taxpayers $17 Million,"The state’s contract with IBM details a Phase 2 of the Excelsior Pass, which could include uses that some advocates say raise privacy concerns.","New York’s Vaccine Passport Could Cost Taxpayers $17 Million The state’s contract with IBM details a Phase 2 of the Excelsior Pass, which could include uses that some advocates say raise privacy concerns. New York officials introduced the Excelsior Pass app earlier this year as the country’s first government-issued vaccine passport, designed to help jump-start the state’s economy. But newly obtained documents show that the state may have larger plans for the app and that the cost to taxpayers may be much higher than originally stated. The state’s three-year contract with IBM — obtained by an advocacy group and shared with The New York Times — to develop and run the pass establishes the groundwork for a future where at least 10 million people in the state would have an Excelsior Pass. It would provide them with a QR code that would not only verify their vaccination status but could also include other Personal details like proof of age, driver’s license and other health records. The total cost could end up being as high as $17 million, much more than the $2.5 million the state had initially said it cost to develop the program. The contract also requires IBM to deliver to the state a “road map” to scale the digital health pass to 20 million individuals — the entire population of New York. The ambitious vision contrasts with the limited uses for the pass that the state has so far described to residents. Roughly two million New Yorkers have downloaded the pass as of Monday, the state said, up from 1.1 million two weeks before. Tens of thousands of people who want passes, the state said, have been unable to download them because of a variety of technical delays, user mistakes and data entry errors. The contract estimates that two-thirds of the adult population of the state will download passes by 2024. The contract also reserves $2.2 million for the optional implementation of a Phase 2 of the project, the nature of which is not disclosed. The state expects that the federal government will reimburse all funds. More on the Coronavirus Pandemic - New Subvariant: A new Omicron subvariant, known as XBB.1.5, is surging in the northeastern United States. Scientists say it remains rare in much of the world, but they expect it to spread quickly and globally. - Travel: The European Union advised its 27 member nations to require negative Covid-19 tests for travelers boarding flights from China to the region, amid a surge in coronavirus cases in the country. - Misinformation: As Covid cases and deaths rise in parts of the United States, misleading claims continue to spread, exasperating overburdened doctors and evading content moderators. - Free at-Home Tests: With cases on the rise, the Biden administration restarted a program that has provided hundreds of millions of tests through the Postal Service. Vaccine passports have become a political flash point in the nation’s recovery from the virus, with some states, including Georgia, Alabama, Arizona and Florida, banning their use over concerns regarding the sharing of Personal information. But New York has taken a different approach. Gov. Andrew M. Cuomo approved the contract under pandemic emergency powers he was granted by the Legislature last year, which allowed him to skirt normal procurement laws. Since the contract was signed in March, legislators have scaled back the governor’s powers. Thousands are already flashing the pass at Yankees and Mets games and comedy clubs in New York, as well at the door of a small number of bars and restaurants, to prove their vaccination status or show recent test results. The program is voluntary and optional: Paper cards, the state has said, must also be accepted as proof of vaccination. The pass may also become largely obsolete when the state makes most virus restrictions optional in the coming
IBM,IBM,,,Glenn Finch,IBM Digital Health Pass,USA: NYS,,,,Opening New York State for business with the power of blockchain,Excelsior Pass Plus expands travel and commerce opportunities for New Yorkers by enabling compatibility with New York State’s Excelsior Pass platform which has generated three million passes since its launch in March that provide digital proof of vaccination or a negative test result.,"Share this post: What excites me the most about being part of the team at IBM is the work we do for our clients that truly makes a difference in individual lives and provides for smarter and safer interactions with each other and our planet. The urgency to reopen all areas of the economy safely as we navigate the global pandemic is a recent example. People are eager to get back to gathering with others and doing all the things that are part of daily life — from going to the office, restaurants, sporting events and concerts, to traveling within the U.S. and abroad. So, they need an easy, trusted way to show proof of vaccination. That’s why I’m so excited to share with you that recently we were privileged to be part of a First-of-a-Kind partnership that launched Excelsior Pass Plus across the state of New York to support the safe and secure return of tourism and commerce to New York. Trusted proof of vaccination Excelsior Pass Plus expands travel and commerce opportunities for New Yorkers by enabling compatibility with New York State’s Excelsior Pass platform which has generated three million passes since its launch in March that provide digital proof of vaccination or a negative test result. New Yorkers will be able to display their Excelsior Pass Plus at hundreds of businesses and locations. This includes Broadway theatres, Madison Square Garden, Barclays Center, Yankee Stadium, and many other major venues that require proof of vaccination, as well as when traveling to areas where SMART Health Cards are accepted. Accelerate your COVID-19 response with new levels of trust and visibility Excelsior Pass Plus is a result of the strategic partnership between New York State and a coalition of public and private organizations which will enable New Yorkers to safely access and retrieve a verifiable, secure digital copy of their COVID-19 vaccination record using the SMART Health Cards Framework — making their interstate and international travel and commerce experiences safer, contactless and more seamless. Digital credentials with blockchain Health credentials — another term for “health cards” or “health pass” — are easier for everyone to work with when they’re digital and there’s no worry of damaging, tampering with or losing a paper card. Perhaps an even more compelling reason to go digital is the recent rise in fraudulent vaccination cards being intercepted by U.S. federal agents. Digital credentials are the answer — but this highly Personal information has to remain private and secure. So, organizations are turning to blockchain as a proven way to enable a secure and trusted digital credentials platform and improve services. New York State’s Excelsior Pass Plus leverages IBM Digital Health Pass powered by IBM Digital Credentials, a blockchain-based platform that anchors digital credentials in trust and provides individuals and organizations with the core capabilities they need to securely issue, manage and verify digital credentials. Proof of vaccination or a negative test result is auditable, traceable and verifiable — in seconds. Protecting their privacy, individuals remain in control of their own Personal data that they store in an encrypted wallet on their smartphone and share, at their choosing, with an organization through a secure QR code as trustworthy proof of health status. New Yorkers now have a better way to move forward and do what’s important to them, with confidence their credentials are safe and valid. Meanwhile, the open, secure architecture of IBM Digital Credentials allows other states to join the effort based on their own criteria for ultimate flexibility and interope
IBM,IBM,,,Anthony Day,,,,,,3 key areas of enterprise blockchain adoption in 2021,"Government policies vary on the topic, standards are only just starting to emerge, and citizens and enterprises are rightly focused on preserving privacy and equality with our national and international responses. IBM is supporting countries like Germany as well as the State of New Yorkto issue trusted, privacy-preserving credentials.","Share this post: Many businesses are seeing the COVID-19 pandemic as a watershed for technology and innovation investment. Technology budgets have been reprioritised with a laser focus on near-term return on investment as a necessity for most. At the same time remote working, lockdowns and supply chain challenges have accelerated digital transformations that otherwise might have taken a decade to achieve. Organisations also face mounting pressure to enhance their sustainability and ESG performance to such a level that small, incremental change will not be sufficient. So where does this leave the role of blockchain? We see enterprise and government clients focusing on the following three areas: provenance, identity and tokenization, and at a recent Blockchain Opportunity Summit we learned about three contemporary examples of just how blockchain technology can help to address some of the world’s most challenging issues. Let’s take a look. Register for the Blockchain Opportunity Summit Provenance — Group Renault’s XCEED compliance platform Automotive supply chains are about as complex as it gets, with large OEMs needing to manage a global, multi-tiered network of suppliers and yet maintain visibility and adherence to an ever-increasing array of standards. Recently Groupe Renault along with Faurecia, Knauf Industries, Simoldes, and Coşkunöz, in association with IBM, have announced a new partnership to scale XCEED (eXtended Compliance End-to-End Distributed), a blockchain-based platform that can trace the compliance of thousands of parts assembled in a vehicle in near real time. The initial focus countries will be France, Spain and Turkey, but the platform is open to any OEM. It is easy to onboard suppliers of any size, and protects companies’ confidentiality, intellectual property and data ownership while ensuring Renault, its customers and regulators can get full transparency of parts and materials used across the life of a vehicle. It’s a far cry from leafy greens and other food supply chain applications, showing the successful application of blockchain in increasingly complex supply chain use cases. Identity — IBM Digital Health Pass COVID has escalated the consideration of digital health data and self-sovereign identity to a level never seen previously. Having worked with governments, airlines, sports and entertainment venues, large employers, academia, and many others over the last 12+ months, it is clear that verification of health credentials is a highly challenging and controversial topic. Government policies vary on the topic, standards are only just starting to emerge, and citizens and enterprises are rightly focused on preserving privacy and equality with our national and international responses. IBM is supporting countries like Germany as well as the State of New York to issue trusted, privacy-preserving credentials. It’s also important to note that “health passports” exist on a spectrum of sophistication and in most cases do not yet include tethering to a verifiable Personal ID capability, so a second form of identity is required alongside the certificate to authenticate the holder. Furthermore, many national solutions (and public perceptions) are focused on vaccination certifications, where we need to be looking broader to include testing, proof of recovery or other methods to allow for inclusion of those who haven’t, won’t or can’t vaccinated against COVID-19. Public-private partnerships will be essential if we are to achieve this at speed and scale. Tokenization — IPwe’s marketplace for Intellectual Property (IP) The recent announcement with IPwe was exciting fo
IBM,IBM,,,Anouk Brumfield,,Global,,,,Automating workplace vaccination verification — a path out of the pandemic,The Department of Labor’s Occupational Safety and Health Administration (OSHA) recently released a rule on requiring all employers with 100 or more employees to ensure their workforce is fully vaccinated or require any workers who remain unvaccinated to produce a negative test result on at least a weekly basis before coming to work. This rule impacts ~80 million workers — every company in the S&P 500,"Share this post: Workplace vaccination mandates are coming for employers. In the United States, The Department of Labor’s Occupational Safety and Health Administration (OSHA) recently released a rule on requiring all employers with 100 or more employees to ensure their workforce is fully vaccinated or require any workers who remain unvaccinated to produce a negative test result on at least a weekly basis before coming to work. This rule impacts ~80 million workers — every company in the S&P 500 and most companies in the Russell 2000. By now, we all know that implementing a workplace vaccination policy requires balancing employee privacy with responsible return to work employer initiatives. Policy that makes sense, keeps things simple and addresses questions like: - What should I accept as proof of vaccination? - How do I know if it’s valid? - How do I make this process as simple as possible for my workforce and visitors? - How should I manage requests for medical and religious exemptions? - How do I keep up with changing requirements for booster shoots & the growing list of approved vaccines? Transforming digital identity into trusted identity Getting ready for the mandate We have built a new verification solution (Workplace Credentials) to help employers quickly collect and validate vaccination credentials, process exceptions and religious/medical exemptions to support their unique return to workplace processes and privacy policies. It automatically calculates a score of 0 to 100 for each submitted proof of vaccination based on employer specific policies and can operate stand alone or integrated with workplace applications like Workday, PeopleSoft, Work.com and ServiceNow. This solution is already in use by companies and government in the United States and Canada. Verification solution in action To explain how this works, I would like to give you an example. Sarah, who is the HR manager and her team define the workplace policy for vaccinations (1) and configures the application rules to reflect government guidance and company policy (2). Michael, who is the employee of this company receives an email from his employer explaining the policy to return to the workplace and need to provide proof of vaccination (3). Michael will then sign in with his workplace username and password and is directed to the application (4) and enters information about the vaccination he received and uploads his proof document which can include CDC card, record from the state Immunization Information Systems (IIS), digital SMART health card (5). Once his credentials have been evaluated informing him that he is all set to return to the workplace he receives an email (6), and the HR and badging systems are updated to reflect his status (7). As the employer’s HR manager, Sarah receives regular progress updates as employees submit their proof of vaccination (8) On the journey, together Of course, no two companies are alike, and this kind of flexibility is needed in workplace vaccine verification policies so employers can specify what’s important to them in determining an overall score, which of course can vary in the places around the world that they operate in. What I hear as well in our client discussions, is a need for speed and simplicity in deployment, not only for an employer’s responsible workplace practices and peace of mind, but also to achieve compliance in their ability to do business with their clients, especially government. Our implementation time for the above solution is approximately three weeks, so really a
IBM,IBM,,,Tim Olson,,Global,,,,Blockchain for trusted security labels,"A blockchain-based self-sovereign identity (SSI) network in conjunction with W3C verifiable credentials would provide an open, governable, system-independent means of issuing, holding, presenting, and verifying trusted security labels for any entity at scale — person or non-person. These blockchain-based security labels may be used by both MLS and non-MLS systems as a trusted basis for access control and authorization decisions to reduce risk exposure.","Share this post: Blockchain makes it possible to securely and at-scale identify and label any subject and object entity with cryptographically verifiable security credentials. When literally everything is labeled with verifiable, authoritative, machine-readable security credentials (such as classification level, access category and others), multi-level security (MLS) systems can enforce mandatory and discretionary access controls and other MLS-specific isolation. They can also audit policies that enable information of different classifications and access categories to be stored, accessed, and processed on shared storage, compute, and networking infrastructure while simultaneously assuring the data and other resource objects are only accessed by authorized subjects. Trusted security labels reduce infrastructure costs, promote assured information sharing, and provide a means to comply with ever-expanding data privacy and security rules and regulations. Learn more about blockchain today The problem: Shared infrastructure and unlabeled data elevates security risk exposure As businesses look to cut costs and increase efficiencies by migrating their applications to the cloud, digitizing their operations, making data-driven analytics-based decisions, and monetizing their data, they increase their security risk exposure by: - Multi-tenant cloud infrastructures that share compute, storage, and networking resources amongst multiple different organizations - Multiple incompatible classifications of data collected, processed, stored, and accessed. Different classifications such as Personally identifiable information (PII), public, sensitive, confidential, proprietary and others, require different storage, handling, audit and access controls. - Proliferation of data protection controls, audit requirements and non-compliance penalties - Expanding digital business networks — partnering with organizations and service-providers of unknown or uncertain security risks. Can they be trusted to protect your shared data? Historically, the government and other risk conscious industries that generate and handle highly classified and sensitive data, have relied on secure computing platforms and multi-level security (MLS) systems to facilitate secure sharing of data. A foundational security control for MLS is OS-level mandatory access control (MAC) that enforces security access policies using security labels applied to all system resources and users. By comparing the security label of the accessing subject to the accessed object, the OS either allows or denies access. Using MAC and other MLS-specific security controls, data of different classifications and access categories can be co-located on the same storage, compute, and network infrastructure yet subjects are only able to see and access appropriately labeled objects. All object accesses are logged and auditable. But MLS is complex and difficult to implement and maintain for a number of reasons including: - Modern systems are large and complex. The number of objects and subjects and their potential interaction combinations makes it difficult to create and maintain labels and policies using traditional OS-provided utilities. Technical documentation recommends minimizing the number of categories and labels for performance reasons. - Modern systems are networked — they don’t work in isolation. They need to work with subjects and objects located remotely. But availability and trustworthiness of external entities and externally supplied labels is suspect. - A high degre
IBM,IBM,,,Milan Patel,,,,,,How do we start tackling the existing identity problem,,"Identity and control of Personal identity is top of mind, given recent events as well as the European Union’s General Data Protection Regulation (GDPR). A lot of our identity is shared without our explicit consent, gets stored in locations we are unaware of, and when compromised creates tremendous setbacks. Almost everything we do in the digital world is user name and password driven. With decentralized identity, you reduce risk by associating credentials typically used for in-person interactions, as instruments for virtual interactions where it is difficult to verify who or what is on the other side of the screen. Offline, in-person identification is also riddled with fraud as people falsify and use expired documents which puts everyone at risk. Decentralized identity enables more secure and trusted exchanges of identity in the physical world. IBM has made some recent announcements over the past few months regarding the vision and recent activity in this identity space, and we are working with partners to shape our focus on trusted identity solutions. Listen to my recent podcast, where I talk about where identity is going and how blockchain and emerging identity networks are driving change. I also get into some of the business and legal aspects that are essential in transforming identity explained in this video. Imagine a new way Imagine applying for a loan and quickly being vetted by banks by only sharing the information that is pertinent, removing the majority of manual verification. This would reduce costs, and the application time from weeks to days. Imagine going into a new country and becoming ill due to something you ate and being able to receive healthcare at a local clinic because you are able to identify yourself with a globally accepted identifier. You are able to provide not only who you are, but also your medical history so physicians know exactly what medicine to give. Imagine going to a bar where all that is required is a credential from the DMV, which indicates only that you are over 21 and a photo ID. You don’t have to provide unnecessary information such as your address or exact birthdate. Imagine data controllers and enterprises that can mitigate the liability of holding Personal identifiable information, by only requesting the required information to establish trust in a relationship. GDPR will require these data controllers to justify why the information is being collected and for how long it needs to be held. Decentralized identity allows data controllers to remain relevant and meet regulation requirements as data privacy becomes further regulated. Imagine replacing your physical wallet with a digital one, for online and offline interactions. This digital wallet sits on devices at the edges of the network, such as your phone and laptop. You control where credentials get stored and have the ability to manage them with your devices. Trusted, known issuers within the identity network cryptographically attest and issue credentials directly into your digital wallet. You can then control what pieces of information are shared about you, who it is shared with, and only with your explicit consent. Why now? The advent of blockchain technology, along with various public breaches in identity, has created an opportunity to transform how relationships between people and institutions are established and maintained. Blockchain enables point-to-point cryptographic exchanges of identity at the edges of the network, at the devices. If a world existed where individuals controlled their identity, the creation of digital certificates would not be at scale with public key infrastructure (PKI) rooted within certificate authorities. As key generation sits with identity owners in a decentralized PKI model, rooting trust will require a web of relationships with the ability to scale, blockchain provides immutability of identity owner and key relationships, instilling that trust in every relationship. How and what information is provided i
IBM,IBM,,,Kal Patel,,,,,,internet’s next step: era of digital credentials,"Imagine being able to rid your wallet of a driver’s license, an insurance card, a student or employee ID and more. Imagine not having to worry about losing your passport and vaccination records on a trip abroad, or about authenticity of designer shoes you just purchased","Share this post: Imagine being able to rid your wallet of a driver’s license, an insurance card, a student or employee ID and more. Imagine not having to worry about losing your passport and vaccination records on a trip abroad, or about the authenticity of the designer shoes you just purchased. This and much more is possible with the introduction of verifiable digital credentials. Credentials have been around for decades, if not centuries. The idea of obtaining documentation that proves a qualification, competence or authority is not, by itself, a novel idea. In fact, it is these long established, deeply seeded practices we often think may not be transformed by the shifts in technology. Yet it is precisely those daily activities that we habitually continue doing without much thought that can be, and in many instances already are, profoundly impacted by digitizing credentials. In short, the era of digital credentials is here. The internet has been around for decades, and I’ve been using a smart phone for years. Why is this the first I’m hearing of digital credentials? These are likely some of the questions that come to mind when initially hearing about digital credentials. The truth is, while the internet and smart phones have made significant progress over the last two decades, the blockchain technology enabling verifiable digital credentials has only recently matured to meet the required standards for broadscale application and adoption. Transform digital identity into trusted identity with blockchain Using blockchain technology, IBM Digital Credentials gain permissionability, immutability, and verifiability. Digital credentials, or even just attributes of a credential, can be shared using QR codes or private and public keys. In most credentialing use cases, there will be three participants — the issuer, the holder, and the verifier. The issuer will instate the credential to the blockchain, thereby certifying the qualification or the validity of an assertion. The holder can then store that credential in their digital wallet. When need be, the holder can physically or digitally present credentialed information to a verifier who needs to validate that the holder’s credential is trustworthy. Digital credentials eliminate the hassle of managing multiple physical documents, mitigates fraud risk, and allows holders to selectively share only necessary data with the requesting verifier. The applications of a secure and trusted issuer-holder-verifier transaction pattern are boundless and will positively impact every industry. First wave and future use cases The adoption of digital credentials will come in waves, with the initial implementation of more apparent use cases. As the benefits are realized by the entities involved with the initial waves of adoption, we believe companies and governments with fringe use cases will take a chance on digital credentials. We see the primary use cases being related to occupational and professional licensure, recreational permits, learning credentials and vaccine verifications. As these initial use cases take hold, we anticipate credentials for verifying the authenticity of physical products to be a subsequent phase of adoption. This would give individuals and institutions the ability to verify the authenticity of parts, clothing items, sports equipment and more. Some of the primary uses cases include medical credentials, driver’s licenses, and health records. Medical credentials are a prime candidate to be digitized, immutable and verifiable. In the medical industry, the verification of records for new physicians is time consuming and cost ineffective. The process of verifying a new member of a hospital often takes 12-25 or more inde
IBM,IBM,,,Dan Gisolfi,Sovrin,Global,,,,Self-sovereign identity: Why blockchain?,"Several years ago, the Sovrin vision was introduced using a dot metaphor to describe a future whereby individuals would be able to take back control of their identity and participate at a peer-to-peer level with their online and offline relationships. Today the landscape of supporting open communities — network, code and standards — to achieve this vision has begun to mature at a rate whereby early adopters can begin to validate applicability and build that most important bridge across the technology adoption lifecycle chasm.","One of the most common questions I get when talking to customers and analysts about the self-sovereign identity (SSI) movement is, “Why blockchain?” This question tends to stem from the notion that data associated with a person’s identity is destined to be stored, shared and used for verification on some form of distributed ledger technology. My hope is that this article with help to debunk that notion and provide a basic foundational understanding of how distributed ledger technology is being used to solve our identity infrastructure dilemma and resolve the impacts of the internet lacking an identity layer. Busting the myth of on-chain PII One of the most common myths surrounding blockchain and identity is that blockchain technology provides an ideal distributed alternative to a centralized database for storing Personally identifiable information (PII). There are several flavors of this perception: (a) use blockchain to store the data; (b) use a blockchain as a distributed hash table (DHT) for PII data stored off-chain. Yes, blockchain can technically support the placement of PII on the chain or used to create attestations on the chain that point to off-chain PII storage. Just because technology can be applied to solve a specific problem does not mean that it is the proper tool for the job. This misconception about PII storage in the early stages of the blockchain technology adoption lifecycle is so pervasive that it recently inspired a Twitter thread dedicated to the debate on why putting hashed PII on any immutable ledger is a bad Idea. From GDPR compliance, to correlation, to the cost of block read/write transactions, the debate continues. Blockchain technology is much more than a distributed storage system. My intent herein is to help the inquisitive identity solution researcher debunk beliefs about PII storage approaches by gaining an understanding for how blockchain can be used as an infrastructure for identity attestations. My hope is this article will offer a helpful aid towards that education and awareness. The SSI initiative is a perfect counterpunch to detrimental PII management practices. A SSI solution uses a distributed ledger to establish immutable recordings of lifecycle events for globally unique decentralized identifiers (DIDs). Consider the global domain name system (DNS) as an exemplar of a widely accepted public mapping utility. This hierarchical decentralized naming system maps domain names to the numerical IP addresses needed for locating and identifying computers, services or other connected devices, with the underlying network protocols. Analogous to the DNS, a SSI solution based on DIDs is compliant with the same underpinning internet standard universally unique identifiers (UUIDs) and provides the mapping of a unique identifier such as DID, to an entity — a person, organization or connected device. However, the verifiable credentials that are associated with an individual’s DID and PII are never placed on a public ledger. A verifiable credential is cryptographically shared between peers at the edges of the network. The recipient of a verifiable credential, known as a verifier, in a peer to peer connection would use the associated DID as a resource locator for the sender’s public verification key so that the data in the verifiable credentials can be decoded and validated. No PII on ledger, then why blockchain? So, what problem is blockchain solving for identity if PII is not
IBM,IBM,,,Dan Gisolfi ; Milan Patel ; Rachel Radulovich,Sovrin,Global,,,,Decentralized Identity Introduction,"An ecosystem model whereby users generate and manage their own digital identity without relying on a central repository.<br>• Identity is derived through Distributed certified credentials<br>• Trust Frameworks: Global Public and Domain Specific (Business, Legal, Technical)<br>• Built-for security and scale: push identity to the edges of the networks<br>• Built using Hyperledger Indy",,https://www.ibm.com/downloads/cas/opeqyel7,,Presentation,,Explainer,,,,,,"Indy,Sovrin","DID,Verifiable Credentials",2018-09-10,,,,,,,,,,,,,
IBM,IBM,,,,,Global,,,,Finance Use Case,"David Vincent wants to apply for a loan online. His bank’s<br>know-your-customer process for obtaining a loan needs to be<br>compliant with federal regulations. As such, David is required to<br>present a government-issued citizen ID and proof of employment.<br>Let’s compare how David could use a Decentralized Identity Network<br>or a Consortium Identity Network to make the process easier and more<br>secure for him, seamlessly protecting his identity.",,https://www.ibm.com/downloads/cas/wg5edxn9,,Presentation,,Explainer,,,Finance,,,,"DID,Verifiable Credentials",2018-08-21,,,,,,,,,,,,,
IBM,IBM,,,,,Global,,,,Government Use Case,"Laura Barnes has graduated from college and has her first job. She’s<br>decided to lease and insure a new car. The car dealer and insurance<br>company both require Laura to present proof of employment and a<br>driver’s license.<br>A few weeks after getting her new car, she gets pulled over for a<br>traffic volition. The officer asks her to present proof of her driver’s<br>license, auto registration and insurance. Let’s compare how Laura<br>could use a Decentralized Identity Network or a Consortium Identity<br>Network to make the process easier and more secure for her,<br>seamlessly protecting her identity.<br>In a Decentralized Identity Network, the participants would be…",,https://www.ibm.com/downloads/cas/ebywbqvn,,Presentation,,Explainer,Public,,,,,,"DID,Verifiable Credentials",2018,,,,,,,,,,,,,
IBM,IBM,,,,,Global,,,,Healthcare Use Case,"Alice arrives at the clinic and needs to provide the order, her proof of insurance and her driver’s license. In a Decentralized Identity Network, the participants would be...",,https://www.ibm.com/downloads/cas/r9ywplkl,,Presentation,,Explainer,,,Healthcare,,,,"DID,Verifiable Credentials",2018,,,,,,,,,,,,,
IBM,IBM,,,,Sovrin,,,,,Towards Self Sovereign Identity,Credit goes to the Sovrin foundation and Hyperledger Indy who produced most of the slides (or some variation) in this presentation.,Activate your 30 day free trial to unlock unlimited reading. Activate your 30 day free trial to continue reading. Credit goes to the Sovrin foundation and Hyperledger Indy who produced most of the slides (or some variation) in this presentation. Credit goes to the Sovrin foundation and Hyperledger Indy who produced most of the slides (or some variation) in this presentation.,https://www.slideshare.net/alehors/towards-self-sovereign-identity-20180508,,Presentation,,Explainer,,,,,,"Indy,Sovrin","DID,Verifiable Credentials",2018-05-08,,,,,,,,,,,,,
IBM,IBM,,,,,,,,,Innovation Insight for Decentralized Identity and Verifiable Claims: A Gartner Report,"While the risk of fraud and data misuse is increasing, decentralized identity and credentials are meeting the demands of businesses across the digital identity value chain with:<br><br>Enhanced security<br>Privacy & user experience with the ability to easily consent<br>Shareable & verifiable claims without having to disclose sensitive data<br>With this report, access promising use cases, risks and considerations, and expert recommendations on creating value for the fully decentralized future.",,https://www.ibm.com/account/reg/us-en/signup?formid=urx-51223,,Report,,Explainer,,,"Security, Privacy",Machine Readable,,,,2021-08-18,,,,,,,,,,,,,
IBM,IBM,,,,,,,,,What is a vaccine passport?,A vaccine passport is a physical or digital health credential to confirm a person has been vaccinated for a particular contagious disease to enable travel.,"Let’s start with vaccine passports – also called digital health passports or green certificates. Many travelers are familiar with the yellow card, or Carte Jaune, which is an official vaccination record created by the World Health Organization. This document, named for the yellow paper it's traditionally printed on, is a public health tool that has been used for international travel since the 1930s and is typically carried with a passport. It shows customs authorities that a traveler has been vaccinated against certain diseases, such as yellow fever, typhoid or cholera. Although vaccination cards like yellow cards are still being used and remain a popular way to document immunizations, many governments are considering creating modern, digital vaccine passports that are harder to forge. With the public health threat posed by the COVID-19 pandemic, multiple countries are exploring whether vaccine passports and health passes could serve as proof of COVID-19 vaccination to restore confidence in international travel and help people resume their normal activities. Israel was the first country to issue a modern vaccine passport with the launch of Green Pass in February 2021. As of May 2021, Israel, China, Bahrain and Japan are the only countries that have issued vaccine passports to vaccinated people for international travel and other uses. Australia and multiple countries in the European Union, such as Denmark and Greece, have committed to developing programs, while other countries are still weighing their options. In the United States, the Biden administration and leaders at the Centers for Disease Control and Prevention (CDC) have stated the federal government will not support or issue vaccine passports for Americans. Vaccine passports are taking advantage of the increasing prevalence of new, secure digital credentialing technology. Beyond vaccine passports for international travel, it’s also being applied in other settings. For example, organizations that gather people in groups are looking for digital alternatives to both paper vaccination cards and test results. In some cases, this means identifying whether individuals have been tested or vaccinated in a voluntary and privacy-preserving manner. Digital health passes – not to be confused with vaccine passports – are a voluntary, convenient option for individuals to share their health status, such as if they have been vaccinated or tested negative for COVID-19. Rather than having to remember to carry around multiple documents, people with digital health passes can share a scannable QR code on their smartphone or print a paper copy of their credential that confirms their status, while Personal information remains securely encrypted in a digital wallet on the individual’s phone. With COVID-19 vaccine rollouts underway around the world, digital health passes are one of many tools governments, private companies, nonprofits and industry groups are considering to help people return to their favorite activities. For example, in March 2021, New York State launched Excelsior Pass, a free, secure and voluntary digital health pass to support the safe reopening of New York. Even after the COVID-19 pandemic subsides, digital credentialing technology will remain a useful tool for individuals to show they have received any necessary vaccinations or other aspects of their health status. Digital credentials could also become a useful way for schools to manage student vaccination records or for employers to oversee any medical clearances or vaccinations required for job sites. With a digital health pass, people don’t have to worry about carrying around sensitive health records, like vaccine certificates, that could get misplaced. All they would need is their smartphone or a printed certificate that can be easily reprinted from a computer or mobile device if lost. The technology u
IBM,IBM,,,,,,,,,indy-ssivc-tutorial,"A turnkey, Docker-based tutorial for help developers get acquainted with Self-Sovereign Identity and Verifiable Credentials.",,https://github.com/ibm-blockchain-identity/indy-ssivc-tutorial,,Code,,HowTo,,,,,,"Python,Apache-2.0",,2019-03-14,,,,,,,,,,,,,
IBM,IBM,,,Sharath Kumar R K; Corville Allen; Marie Wallace; Manjula Hosurmath,,,,,,Get started with IBM Digital Health Pass,"How can you bring people back to physical locations such as the workplace or airports without compromising on safety protocols? And, how can you ensure that the information being shared is secure? IBM Digital Health Pass can help. Digital Health Pass is an open standards-based platform that allows the secure, privacy-preserving, and verifiable exchange of data between organizations and their patients, employees, customers, and citizens, to drive agile and responsive businesses. Data is exchanged as verifiable credentials that, in combination with sophisticated cryptographic and obfuscation techniques, makes data tamper-proof so that it can be trusted by all parties<br>",,https://developer.ibm.com/tutorials/getting-started-on-ibm-digital-health-pass/,,Post,,HowTo,,,,,,,"DID,Verifiable Credentials",2022-02-22,,,,,,,,,,,,,
IBM,IBM,,,,,NYS,,,,New York State and IBM Digital Health Pass Pilot,,,https://newsroom.ibm.com/new-york-state-and-ibm-digital-health-pass-pilot,,Press,,Meta,,,COVID,Pilot,,,"DID,Verifiable Credentials",2021-03-11,,,,,,,,,,,,,
IBM,ID2020,,Medium,,Good Health Pass Collaborative; Airports Council International (ACI); Commons Project Foundation; Covid Credentials Initiative; Evernym; Hyperledger; International Chamber of Commerce (ICC); Linux Foundation Public Health; Lumedic; Mastercard; Trust Over IP Foundation,,,,,Good Health Pass a new Cross Sector Initiative to restore Global Travel,"ID2020announced the launch of theGood Health Pass Collaborativealong with more than 25 leading individual companies and organizations in the technology, health, and travel sectors — including the Airports Council International (ACI), Commons Project Foundation,Covid Credentials Initiative, Evernym,Hyperledger, IBM, International Chamber of Commerce (ICC),Linux Foundation Public Health, Lumedic, Mastercard,Trust Over IP Foundation, and others.","Good Health Pass: A New Cross-Sector Initiative to Restore Global Travel and Restart the Global Economy Today, ID2020 announced the launch of the Good Health Pass Collaborative along with more than 25 leading individual companies and organizations in the technology, health, and travel sectors — including the Airports Council International (ACI), Commons Project Foundation, COVID-19 Credentials Initiative, Evernym, Hyperledger, IBM, International Chamber of Commerce (ICC), Linux Foundation Public Health, Lumedic, Mastercard, Trust Over IP Foundation, and others. The Good Health Pass Collaborative is an open, inclusive, cross-sector initiative to create a blueprint for interoperable digital health pass systems that will help restore global travel and restart the global economy. The COVID-19 pandemic has impacted every segment of the global economy, but none as profoundly as travel and tourism. Last year, airlines lost an estimated $118.5 billion USD with related impacts across the economy in excess of $2 trillion USD. In conjunction with the announcement, the Collaborative also released its first white paper, entitled, Good Health Pass: A Safe Path to Global Reopening. Collaboration Among a New Ecosystem of Players “There’s one thing the world agrees on — we need to address the health concerns today to support a return to normalcy,” said Ajay Bhalla, President of Cyber & Intelligence at Mastercard. “Delivering a global, interoperable health pass system can only happen if we come together in a way that meets the needs of everyone involved. This Collaborative will be critical in helping to define how we connect the pieces that will bring travel back safely, spark job creation and jumpstart the world’s economic engine.” Various efforts are currently underway to develop digital health credentials systems — both vaccination and test certificates — for international travel. Yet, despite this race to market, it is unlikely that a single solution will be implemented universally — or even across the entire travel industry. Thus, it is critical that solutions are designed from the onset to be interoperable — both with one another and across institutional and geographic borders. The Good Health Pass Collaborative is not intended to supplant existing efforts but rather to help weave them together, fill gaps where they may exist, and facilitate collaboration among a new ecosystem of stakeholders, many of whom have never worked together before. “Fragmentation is a risk we simply cannot ignore,” said ID2020 Executive Director Dakota Gruener. “To be valuable to users, credentials need to be accepted at check-in, upon arrival by border control agencies, and more. We can get there — even with multiple systems — as long as solutions adhere to open standards and participate in a common governance framework. But without these, fragmentation is inevitable, and travelers — and the economy — will continue to suffer needlessly as a result.” Global Travel & Digital Health Credentials COVID-19 test results are already required for entry at some airports and at international borders. But existing paper-based certificates are easy to lose, unnecessarily expose sensitive Personal information, and
IBM,SecureKey,,,,,,,,,IBM and SecureKey Technologies to Deliver Blockchain-Based Digital Identity Network for Consumers,"IBM (NYSE: IBM) and SecureKey Technologies today announced they are working together to enable a new digital identity and attribute sharing network based on IBM Blockchain. The network will be designed to make it easier for consumers to verify they are who they say they are, in a privacy-enhanced, security-rich and efficient way. When launched later this year, consumers can use the network to instantly verify their identity for services such as new bank accounts, driver’s licenses or utilities.","Las Vegas – IBM InterConnect – 20 March 2017: IBM (NYSE: IBM) and SecureKey Technologies today announced they are working together to enable a new digital identity and attribute sharing network based on IBM Blockchain. The network will be designed to make it easier for consumers to verify they are who they say they are, in a privacy-enhanced, security-rich and efficient way. When launched later this year, consumers can use the network to instantly verify their identity for services such as new bank accounts, driver’s licenses or utilities. To create a highly secure, global and enterprise-ready ecosystem for sharing identity requires both advanced federated identity technology and blockchain technology specifically designed for regulated industries. Together SecureKey and IBM are developing a digital identity and attribute sharing network using IBM’s Blockchain service which is built on top of the Linux Foundation’s open source Hyperledger Fabric v1.0. As a permissioned blockchain, the Hyperledger Fabric is an essential component in delivering services that comply with regulations where data protection and confidentiality matter. The network is currently in the testing phase in Canada, and once it goes live later in 2017 Canadian consumers will be able to opt-in to the new blockchain-based service using a mobile app. Consumers – or network members – will be able to control what identifying information they share from trusted credentials to the organizations of their choice, for those organizations to quickly and efficiently validate the consumer’s identity and arrange new services. For example, if a consumer has proven their identity with their bank and a credit agency, they can grant permission to share their data with a utility to create a new account. Since the bank and the credit agency have already gone through extensive verification of the consumer’s identity, the utility can choose to rely on the fact that the information is verified, and the consumer can be approved for new services. “What IBM is building with SecureKey and members of the digital identity ecosystem in Canada, including major banks, telecom companies and government agencies, will help tackle the toughest challenges surrounding identity,” said Marie Wieck, general manager, IBM Blockchain. “This method is an entirely different approach to identity verification, and together with SecureKey, we have a head start on putting it on the blockchain. This is a prime example of the type of innovation permissioned blockchain networks can accelerate.” Hyperledger Fabric is by far the most advanced permissioned-blockchain technology available today, in my opinion, both in protecting user data and allowing us to work within the context of industry and country privacy laws,” said Greg Wolfond, founder and CEO, SecureKey Technologies. “Among the many contributors to Hyperledger Fabric including SecureKey, IBM is a standout innovator that has proven that they can rapidly bring blockchain solutions to production. We are very excited to enter into this formal agreement that will benefit consumers around the world. Canada’s leading banks, including BMO, CIBC, Desjardins, RBC, Scotiabank and TD joined the digital identity ecosystem in October, 2016, investing $27M collectively in SecureKey. The Digital ID and Authentication Council of Canada (DIACC) and the Command Control and Interoperability Center for Advanced Data Analyt
IBM,IBM,,,,,,,,,Digital Health Pass,"the digital wallet can allow individuals to maintain control of their Personal health information and share it in a way that is secured, verifiable, and trusted. Individuals can share their health pass to return to the activities and things they love, without requiring exposure of the underlying Personal data used to generate the credential.",,https://www.ibm.com/products/digital-health-pass,,Product,,Product,,,COVID,,,,"DID,Verifiable Credentials",2022-06-03,,,,,,,,,,,,,
IBM,IBM,,,,Verity,,,,,IBM Security Verify,"Modernized, modular IBM Security™ Verify solution provides deep, AI-powered context for both consumer and workforce identity and access management. Protect your users and apps, inside and outside the enterprise, with a low-friction, cloud-native, software-as-a-service (SaaS) approach that leverages the cloud. For legacy, on-prem apps, the Verify Access version provides a smooth path to cloud, so you can transition at your own pace.",,https://www.ibm.com/products/verify-identity,,Product,,Product,,,,,,,,2020-07,,,,,,,,,,,,,
IBM,IBM,,,,Verity,,,,,IBM Verify App,"With IBM Verify Credentials, you can begin your journey of exploring the benefits of decentralized identity. We have provided an interactive experience centered around the challenge of proving your identity while opening a financial account. Additionally, we will walk you through the development of your first end-to-end decentralized identity solution.<br><br>You will first obtain two credentials: one issued by a fictional government and one from IBM HR, your fictional employer. You will then use those credentials to open a financial account with BigBlue Credit Union.<br><br>Once you’ve experienced this interactive exploration, you can build your own decentralized identity applications that emulate other issuances and verifications of credentials.<br>","With IBM Verify Credentials, you can begin your journey of exploring the benefits of decentralized identity. We have provided an interactive experience centered around the challenge of proving your identity while opening a financial account. Additionally, we will walk you through the development of your first end-to-end decentralized identity solution. You will first obtain two credentials: one issued by a fictional government and one from IBM HR, your fictional employer. You will then use those credentials to open a financial account with BigBlue Credit Union. Once you’ve experienced this interactive exploration, you can build your own decentralized identity applications that emulate other issuances and verifications of credentials. Step 1: Prepare Create your account to deploy and manage agents. Then download the mobile app via TestFlight or Google Play Store to manage credentials on mobile devices and the IBM Verify Credentials Chrome Extension to interact with the ecosystem from your desktop. Step 2: Explore Once you establish an account and configure the mobile app and browser extension, use provided sample apps to get your first verifiable credential from a government institution and IBM HR. You will then use that issued credential to prove who you are to BigBlue Credit Union. Step 3: Develop Clone the IBM Verify Credentials Samples to start developing your decentralized identity application. The samples, combined with the OpenSSI Web SDK, provide a simplified experience to programmatically issue and verify credentials. Step 4: Promote When you develop a decentralized identity application, the next step is to tell everyone about what you’ve done – and the value you’ve discovered. Ask your peers to obtain a decentralized identity from the application you built!",https://www.ibm.com/docs/en/sva/9.0.2.1?topic=verify-application,https://doc.ibmsecurity.verify-creds.com/img/prepare-explore-develop-promote.png,Product,,Product,,,,,,,,2021-03-05,,,,,,,,,,,,,
IBM,IBM,,,,,Global,,,,IBM Digital Health Pass,"Built on IBM Blockchain technology, Digital Health Pass is designed to enable organizations to verify health credentials for employees, customers and visitors entering their site based on criteria specified by the organization. It can allow an individual to manage their information through an encrypted digital wallet on their smartphone and maintain control of what they share, with whom and for what purpose. It’s one solution in our Watson Works suite of workplace solutions.
","Overview What is IBM Digital Health Pass? IBM® Digital Health Pass is designed to help businesses efficiently verify multiple types of COVID-19 health credentials for employees, customers, fans and travelers entering their site based on their own criteria. Privacy is key. The digital wallet can allow individuals to maintain control of their Personal health information and determine what they share, with whom and for what purpose. Get advice for your industry Employers How your COVID-19 taskforce can bring employees back to the workplace with IBM Digital Health Pass (02:27) Employers To help address COVID-19, Digital Health Pass offers an end-to-end vaccination and COVID-19 test verification solution that is compliant with employee privacy and trust. Sports and entertainment Sports and entertainment Stadiums, amusement parks and concert venues can welcome fans by setting the criteria for COVID-19 health credentials and entry requirements. Travel and transportation Travel and transportation Cruise ships, airlines, hotels and travel authorities could implement Digital Health Pass to verify COVID-19 health credentials for travelers prior to a visit. Public health Public health As federal, state and local agencies roll out COVID-19 testing and vaccination programs, verifiable digital credentialing can help support businesses. Colleges and universities Colleges and universities Digital Health Pass can provide students, faculty and visitors with a convenient option to share COVID-19 test results or vaccination status. Why Digital Health Pass? Trust and transparency Privacy and security Data-driven Flexible and agile Features With Digital Health Pass, your organization can: Respect user privacy The technology minimizes the need for you to collect or store Personal data and helps you meet HIPAA, GDPR and CCPA regulations. Choose a trusted end-to-end solution Comprehensive technology includes verification of vaccinations and COVID-19 tests, test scheduling, access to testing partners* and near real-time reporting. Verify multiple credentials Use the IBM Verify app to confirm different types of COVID-19 health credentials, such as IBM Digital Health Pass, Good Health Pass, SMART® Health Card and EU Digital COVID Certificate. How it works Digital Health Pass is designed for various entities For individuals An individual can receive vaccination and COVID-19 test credentials, load them into their smartphone and share their health credentials with an organization. For verifiers Check the health and safety of employees and individuals upon entrance—whether it’s the workplace, a stadium, airport or elsewhere. Next steps Learn how you can manage and execute verification policies for COVID-19. Disclaimer *Participating businesses need to be registered with the Digital Health Pass network",https://www.ibm.com/watson/health/resources/digital-health-pass-blockchain-explained/,,Product,,Product,,,COVID,,,,Verifiable Credentials,2021-05-24,,,,,,,,,,,,,
IBM,IBM,,,,,,,,,indy-tutorial-sandbox,"A turnkey, Docker-based sandbox that enables quick and easy exploration of Hyperledger Indy concepts.",,https://github.com/ibm-blockchain-identity/indy-tutorial-sandbox,,Code,,Resources,,,,,,"Makefile,Apache-2.0",,2019-03-14,,,,,,,,,,,,,
IBM,IBM,,,,,,,,,openssi-websdk,Official libraries for using IBM Verify Credential Account Service APIs.<br><br>Currently supported languages include:Node.js,,https://github.com/ibm-blockchain-identity/openssi-websdk,,Code,,Resources,,,,,,"Javascript,Apache-2.0",,2022-06-01,,,,,,,,,,,,,
IBM,IBM,,,,,,,,,trust-your-supplier,"This repository is meant to demonstrate how the Decentralized Identity concepts can be demonstrated in an ecosystem where a supplier collects a digital credential from an LEI issuer, and leverages the credential to build a relationship (and further credentials) from an IBM Food Trust Network founder, the Trust Your Supplier Network and the IBM Food Trust Network.
Play with these samples to learn how to integrate the openssi-websdk into your own website.
For more information on the technology enabling these samples, take a look at our docs.",,https://github.com/ibm-blockchain-identity/trust-your-supplier,,Code,,Resources,,,,,,"Javascript,Apache-2.0",,2020-08-20,,,,,,,,,,,,,
IBM,IBM,,,,,,,,,verify-creds-samples,Sample issuer/verifier apps built using the openssi-websdk,,https://github.com/ibm-blockchain-identity/verify-creds-samples,,Code,,Resources,,,,,,"Javascript,Apache-2.0",,2022-06-14,,,,,,,,,,,,,
IBM,IBM,,,Luc Desrosiers; Ricardo Olivieri,,,,,,Oracles: Common architectural patterns for Hyperledger Fabric,"In a previous article, we showed you two mechanisms for implementing off-chain logic that maintain trust, visibility, and transparency as qualities of service for a blockchain network. The first approached extended smart contracts by having peers in the blockchain network invoke third-party services collocated with them, while the second approach extended smart contacts by having these invoke a third-party trusted service that resides outside of the blockchain network. These third-party trusted services are commonly referred to as oracles. In this article, we explore the second approach further by presenting three common architectural patterns that can be used in the context of a Hyperledger Fabric network.",,https://developer.ibm.com/articles/oracles-common-architectural-patterns-for-fabric/,,Post,,Resources,,,,,,"Fabric, Oracles","DID,Verifiable Credentials",2019-03-11,,,,,,,,,,,,,
IBM,IBM,,,,IBM Blockchain Pulse,,,,,Blockchain newsletter: Emerging coronavirus variants spur blockchain innovations in healthcare,"Get a first look at the Gartner report for decentralized identity and verifiable claims. Access promising use cases, risks and considerations, and expert recommendations on creating value for a fully decentralized future.","Share this post: Get a first look at the Gartner report for decentralized identity and verifiable claims. Access promising use cases, risks and considerations, and expert recommendations on creating value for a fully decentralized future. Here’s your complimentary access to Gartner’s Innovation Insights. Delta variant refocuses attention on vaccine passports The surge of COVID-19 cases due to the Delta SARS-CoV-2 variant is driving organizations to expand the use of vaccine passports with interoperability and extensibility in mind. Compatibility with open standards organizations and frameworks can enable cross-border recognition for vaccine passports. The same technology can provide user control over access to other health records, from lab test results to genomic data. A travel technology company has integrated digitized credentials like airline tickets with IBM Digital Health Pass to simplify travel. Receive your free access of Gartner’s Innovation Insights Outside of healthcare, using the core blockchain-based self-sovereign verified credentialing technology behind our vaccine passport, governments can offer broader services like digital driver’s licenses or other digital identities and organizations can offer digital employee identification. Identity and credentials outside of healthcare The need to have identification information and credentials in digital form is pressing, because modern information systems are geared to digital formats. However, we’re in a time when identities are often stolen and credentials can be counterfeited. To move forward securely and confidently, you need the kind of full-featured support offered by IBM Blockchain. Blockchain and healthcare efficiency Industry leaders Aetna, Anthem, Cleveland Clinic and IBM are joining forces to launch Avaneer Health, a new venture that uses blockchain technology to improve efficiencies in the American healthcare system. The project is an outgrowth of the 2019 Healthcare Utility Network collaboration between Aetna, PNC Bank, IBM, Anthem and HCSC. Watch, read and listen White paper: Digital health credentials for COVID-19 and beyond Read this recent Frost & Sullivan report to learn how digital credentials are helping organizations and economies re-open safely and why they’re here to stay. Event: Blockchain Expo North America 2021 Attend this virtual conference September 29–30 to explore blockchain innovations. Catch Shyam Nagarajan, Executive Partner, IBM Blockchain Services on the Day 1 Keynote and Ryan Rugg, Americas Blockchain Partner, IBM, on the Day 2 panel on central bank digital currencies. Webinar: Validating Personal identity information with digital credentials Join our webinar: Proving you are you – Digital credentials powered by blockchain, which will be held Wednesday, October 13 at 12:00 PM (EDT), also available for later playback. Blog: Opening New York State for business with blockchain Read the story of the Excelsior Pass Plus, IBM Blockchain and digital credentialing coming together to help New York re-open its economy. Our solutions and how to get started No matter where you are in your adoption journey or what industry you’re in, we’re here to help you use blockchain technology to reach your business goals. Still not sure where to start? Schedule time to talk with one of our experts specific to your industry, and they can help guide you in the right direction. We’ll be back next month with more news you can use from IBM Blockchain. In the meantime, if someone forwarded you this email and you’d like to subscribe, sign up here. Blockchain solutions that transform industries Join blockchain innovators who are transforming industries around the world. Let’s put sma
IBM,IBM,,,Jerry Cuomo,,,,,,"Paving the Road to Self-Sovereign Identity with Blockchain, Open Standards",,"October 10, 2017 | Written by: Jerry Cuomo Categorized: Blockchain | security Share this post: Imagine a world in which you always have peace of mind that your Personal information is safe. Imagine a world in which your information cannot be shared without your clear, explicit consent at the time of the transaction; where you decide who can access what information, when, and for how long. In this world, you can even later choose to revoke that privilege. You are in control. Every person, organization, or thing can have its own truly-independent digital identity that no other person, company, or government can take away. Today, we are not in control of our identity. Our Personal information lives in centralized repositories outside of our control. Information is often shared without our awareness. On a daily basis, we see stories of security breaches and identity theft that erode our confidence and trust. At IBM we are focused on leading a global shift to decentralized identity that is built on blockchain technology. Blockchain provides distributed ledger technology as the foundation for decentralized identity. In this solution, trust is not rooted in any single point of control but is shared across participants in a network where each person has varying degrees of permission to view data. Beyond just the technology, however, we must work as a community to establish standards and evolve regulations to work in a decentralized world. That is why today we are excited to announce IBM has joined the Decentralized Identity Foundation (DIF) as a complement to our current stewardship in the Hyperledger Project. Today, the Hyperledger Project has also announced that they are joining DIF as we together join like-minded organizations such as Microsoft, Evernym, the Sovrin Foundation, and others who aspire to make the vision of self-sovereign identity a reality. IBM joined DIF because we believe it will take open community and standards to achieve the vision of self-sovereign identity. For example, members of DIF are focused on the establishment of an open web platform standard within the W3C standards organization called Decentralized Identifier (DID). A DID will provide a standard global resource naming scheme for identity. There is a global Internet standard for naming resources called a uniform resource identifier or URI. When you type https://www.IBM.com into your browser, a URI ensures you always end up at IBM’s website. Similarly, we need one standard to identify an individual, as well. In addition to a distributed ledger and global standards, one of the most significant contributions of blockchain based identity management will be to enable verifiable claims. Verifiable claims are tamper-proof, cryptographic statements of truth. For example, let’s say “Sam” is applying for a car loan with “Acme Bank.” The Bank needs to know that Sam is trusted and can afford the car. Today, he would fill out a loan application and provide his Personal information. In the new world of self-sovereign identity, this is no longer necessary. If Sam’s employer is a provider of verifiable claims in the blockchain identity network, the employer can attest that Sam is employed with them and makes more than $50,000 a year. Since he does business with three other banks and these banks are also providers on the network, he can give consent for his employers and the three banks to validate his claim with Acme Bank. Acme can issue a new loan to Sam with minimal information all shared with Sam’s explicit consent. Using this process not all Personal information needs to be shared, such as his exact salary, instead, the network validates that it is above a certain threshold. Today, we are at a transformative juncture in Personal identity made possible by blockchain and open standards through the work of organizations like DIF and the Hyperledger Project. IBM is already pioneering new digital identity and attribute sharing networks built o
IDramp,,IDramp,,Mike Vesey,,"USA, Iowa, Indianola",USA,,,IDramp,"The Identity Fabric for Cloud Directed Business<br>As your company grows, IDramp adapts to your changing needs.",,http://idramp.com,,Company,,Company,Enterprise,ID,SSI,,VCI,,,2016,https://github.com/idramp,https://twitter.com/identityramp,https://www.youtube.com/channel/UCjAZo4oNMynl7nha0Iq-6VA,https://idramp.com/id-news/,https://idramp.com/feed/,,https://www.crunchbase.com/organization/idramp,https://www.linkedin.com/company/identity-ramp/,,,,,
IDramp,IDramp,,,,Oracle,,,,HGF 2021,"Hyperledger Forum Recap – Identity Proofing, and Passwordless User-friendly Digital Identity","IDramp presented with Oracle at [Hyperledger Global Forum](https://events.linuxfoundation.org/Hyperledger-global-forum/)June 2021. The event focused on enterprise use of blockchain technologies using the 15 projects that fall under the Hyperledger “greenhouse”. Keynotes and speakers shared their insights on the current state of enterprise blockchain adoption across several hot topics including central bank digital currencies (CBDCs), non fungible tokens (NFTs), and most importantly– identity.","Hyperledger Forum Recap – Identity Proofing, and Passwordless User-friendly Digital Identity IDramp presented with Oracle at Hyperledger Global Forum June 2021. The event focused on enterprise use of blockchain technologies using the 15 projects that fall under the Hyperledger “greenhouse”. Keynotes and speakers shared their insights on the current state of enterprise blockchain adoption across several hot topics including central bank digital currencies (CBDCs), non fungible tokens (NFTs), and most importantly– identity. IDramp CEO, Mike Vesey presented with Mark Rakhmilevich, Senior Director, Blockchain Product Management at Oracle. In their session, titled “Identity Proofing Solution Combining HL Indy and Fabric”, Mike and Mark presented the benefits and ease of integrating an identity proofing solution based on Hyperledger Indy, Hyperledger Fabric, while leveraging the Oracle blockchain and how using two separate distributed ledgers makes the solution stronger. A few key points they discussed: - Adding verifiable credentials to proven identities transforms existing identity processes as we know, protecting the privacy of the user. - A properly implemented privacy-preserving system also has the byproduct of creating a secure and easy to use identity, something that is lacking in many existing systems today. - A tight identity proofing system can eliminate bad actors, reduce fraud and really strengthen the customer experience. - This is a repeatable process that customers, employers and other end users can go through to gain access to different services and that it actually provides a much better customer experience by taking out a lot of the complexity of usernames passwords across different interfaces for different systems. When asked by a session attendee about the types of verification, Mike described how the system can scale in multiple verticals, “The framework that we showed here is very flexible and so it can easily be adopted to leverage whatever additional back-end verification might be necessary depending on where you’re creating the identity right if you are in opening a bank account if you are going to getting a library card, there’s all kinds of different requirements and each organization can decide the level of verification necessary and then plug in those mechanisms.” They concluded the presentation with a demonstration, highlighting the Hyperledger Fabric piece of the solution that leverages the Oracle blockchain platform, which is Fabric based. Using the context of the public sector, they showed how a government can affect multiple services by using consistent identity and processes. A key requirement for agencies and departments in the public sector is the ability to authenticate users against a single set of credentials for multiple applications. They don’t want to have the users having to set up identities for each application separately in its own silo. There needs to be an environment where a single set of credentials can be used across multiple applications. The demo showed how this type of decentralized identity system can be deployed using existing investments and can help downstream systems gather information and make better decisions. Mike went on to say, “The really important takeaway from the presentation and the demonstration here is how the mix of technologies to form a really simple solution, right for the services it’s very easy
IDramp,IDramp,,,,Doc Searls; Katherine Druckman,,,,,IDramp Identity Solutions – Reality 2.0 Podcast,"Doc Searls and Katherine Druckman talk to Mike Vesey, CEO of IDramp, about verifiable credentials, decentralization, and real-world identity solutions.","IDramp Identity Solutions – Reality 2.0 Podcast Doc Searls and Katherine Druckman talk to Mike Vesey, CEO of IDramp, about verifiable credentials, decentralization, and real-world identity solutions. About About Reality 2.0 Podcast – Join Privacy and Open Source advocates, Doc Searls and Katherine Druckman, as they navigate the new digital world, covering topics related to digital privacy, cybersecurity, digital identity, as well as Linux and open source and other current issues. Doc Searls – is co-author of The Cluetrain Manifesto (Basic Books, 2000, 2010), author of The Intention Economy: When Customers Take Charge (Harvard Business Review Press, 2012), a fellow of the Center for Information Technology & Society (CITS) at the University of California, Santa Barbara, and an alumnus fellow of the Berkman Klien Center for Internet & Society at Harvard University. He continues to run ProjectVRM, which he launched at the BKC in 2006, and is a co-founder and board member of its nonprofit spinoff, Customer Commons. He was recently editor-in-chief of the long-running premier open source publication, Linux Journal. Katherine Druckman – Katherine is a digital privacy and open source software enthusiast and advocate, longtime Digital Director for the late and highly esteemed Linux Journal, as well as a decorative arts history and wine enthusiast. She is currently an enthusiastic Drupal engineer. Mike Vesey, IDramp CEO – Mike has created several companies that provide transformational digital solutions for the global enterprise. He has developed award-winning products in unified communications, service operations, security, and data management. Mike co-founded WebCentric Communications in order to develop innovative telecommunications solutions for modernizing call center integration. WebCentric was awarded a patent for its ‘click to dial’ technology, which is widely used in call centers today. Mike went on to co-found DBVisions Inc to develop an enterprise grade content management and data security platform. The DBVisions platform was eventually acquired by a leading content management system provider. Michael then founded VCI Inc to focus on identity and security integration. VCI developed the first enterprise Single Sign on solution for Microsoft Live Meeting and a range of related collaboration products. VCI was the exclusive Microsoft partner for deploying Live Meeting into global enterprise environments. VCI has developed and maintained complex identity management integrations with some of the world’s largest organizations. Mike’s success led him to design IDramp, a decentralized integration fabric focused on identity orchestration, password elimination, and service delivery. The platform includes support for groundbreaking Self Sovereign Identity, verifiable credentials, and distributed ledger networks that make it easy for organizations to implement state-of-the-art Zero Trust identity protection. Orchestrate your systems today Contact us for a demo on the IDramp suite of tools and services",https://idramp.com/idramp-and-identity-solutions-reality-2-0-podcast/,,Post,,Explainer,,,,,,,,2022-02-21,,,,,,,,,,,,,
IDramp,IDramp,,,Mike Vesey,,,,,,Lessons From the School of Cyber Hard Knocks Podcast,"Passwords and zero-trust and pink locker rooms, oh my! In this episode, Mike discusses IDramp, what self-sovereign identity is, why we still have passwords today, zero-trust, what the near future holds, pink locker rooms!, his path to IDramp, and as always, his toughest lesson learned.","Lessons From the School of Cyber Hard Knocks Podcast This podcast is about successful cyber leaders and their toughest lessons in the cyber battlegrounds. School of Cyber Hard Knocks Podcast – IDramp CEO Mike Vesey: Pink Locker Rooms Passwords and zero-trust and pink locker rooms, oh my! In this episode, Mike discusses IDramp, what self-sovereign identity is, why we still have passwords today, zero-trust, what the near future holds, pink locker rooms!, his path to IDramp, and as always, his toughest lesson learned. For more School of Cyber Hard Knocks Podcast episodes please visit Runsafe Security Orchestrate your systems today Contact us for a demo on the IDramp suite of tools and services",https://idramp.com/school-of-cyber-hard-knocks-podcast-mike-vesey-pink-locker-rooms/,,Episode,,Explainer,,,,,,,,2021-12-30,,,,,,,,,,,,,
IDramp,IDramp,,,,,,,,,Orchestrate your identity management strategy,"It’s time to stop buying expensive bridges to Failureland. It’s time to shift our perspective on identity management away from what clearly doesn’t work and won’t work and instead, employ technologies that make the systems we have work better. It is time to focus on the technologies that simplify identity management, can be easily integrated, and provide a path to evolution at a pace and cost that meet business and government needs.","Orchestrate your identity management strategy Public sector has often lagged behind the marketplace when it comes to digital innovation. But when it comes to identity management, it’s now a leader, placing identity management at the center of zero trust initiatives. As Carole House, the Cybersecurity and Secure Digital Innovation director for the White House National Security Council, told a recent virtual conference, “Identity sits at the heart of any zero trust implementation.” But does zero trust sit at the heart of current commercial solutions dominating the marketplace, used by the federal government? We don’t think so. While identity management is supposed to be a solution, it’s increasingly turned into its own, special kind of headache: It’s often difficult to deploy and operate, is too rigid to encompass the diversity of essential business applications and is underpowered to meet emerging security approaches like zero trust and integrate with new services. Worse, the solution to what should already be a solution to this mess is to re-platform every few years, convinced that, this time, it will be different. You hold out hope that it will be finished on time, it will reduce friction and not add to the poor user experience, that it will meet all your business needs and accommodate new services and technologies — and while doing all this, it won’t cost a fortune. It’s time to stop buying expensive bridges to Failureland. It’s time to shift our perspective on identity management away from what clearly doesn’t work and won’t work and instead, employ technologies that make the systems we have work better. It is time to focus on the technologies that simplify identity management, can be easily integrated, and provide a path to evolution at a pace and cost that meet business and government needs. This approach is called identity orchestration. Why more of the same legacy management won’t work For the past two decades, digital businesses have used monolithic centralized and federated platforms to manage identity. Known as “walled gardens,” these platforms absorb, hold, and control immense amounts of customer data. As platforms, they are complicated to operate and slow to change. Unsurprisingly, an industry of identity providers has created many variations on these systems, all promising to deliver newer and better solutions and all competing against each other with essentially, the same product features. In parallel, cloud applications are embedding identity management features in their centralized directories, making digital identity harder to manage and protect. Modern businesses are now using multiple cloud providers and hundreds or even thousands of online services. A single centralized identity management platform strategy is no longer viable. Businesses need to manage many identity management features across many service providers. They need to reduce the risks of identity data sprawl across multiple centralized directories. They need consistent trust policies that provide a secure, smooth customer experience across all services. Adopting and removing new features and services must change at the speed of business. For all these reasons, the generation of the centralized, monolithic, walled-gardens garden is not sustainable. New versions of the same centralized approaches don’t solve the underlying problems in digital identity management: fragile security, the reliance on centralized storage of Personally-identifying information (PII) for verification, and all the privacy and co
IDramp,IDramp,,,,,,,,,Zero Trust & Decentralized Identity Podcast,"They explore low-code/no-code orchestration services, what to consider when making long-term complex identity decisions, and what the US is doing to protect Americans from sophisticated cyber threats after the White House issued Executive Order 14028 on Improving the Nation’s Cybersecurity.","Zero Trust & Decentralized Identity Podcast On this week’s State of Identity, host Cameron D’Ambrosi welcomes Mike Vesey, CEO at IDramp for an action-packed discussion surrounding zero-trust frameworks, identity orchestration, and interoperability. They explore low-code/no-code orchestration services, what to consider when making long-term complex identity decisions, and what the US is doing to protect Americans from sophisticated cyber threats after the White House issued Executive Order 14028 on Improving the Nation’s Cybersecurity. Host : Cameron D’Ambrosi, Managing Director at Liminal Guest: Mike Vesey, CEO at IDramp About State of Identity (SOI) – is the identity industry’s leading podcast. Each week host Cameron D’Ambrosi brings together the greatest minds in identity for an open discussion on the present and future technologies, companies, people, and paradigms that define who we are in the modern world, and how the world defines us. This podcast was first published for liminal.co. To visit the original post CLICK HERE. Orchestrate your systems today Contact us for a demo on the IDramp suite of tools and services",https://idramp.com/zero-trust-decentralized-identity-podcast/,,Episode,,Explainer,,,,,,,,2022-05-23,,,,,,,,,,,,,
IDramp,IDramp,,,,Trust Stamp,,,,,Truststamp partners with IDramp to transform multi-factor biometric authentication,"Trust Stamp (Nasdaq: IDAI, Euronext Growth: AIID ID), the Privacy-First Identity CompanyTM providing AI-powered trust and identity services used globally across multiple sectors, announces a partnership with IDramp, a leader in decentralized identity orchestration products and services. Together, they will launch an innovative biometric multi-factor authentication (“MFA”) offering that can be augmented with a range of leading access management, social sign-on, and bring-your-own identity services, all through IDramp’s no-code platform.","Atlanta, GA, May 19, 2022 (GLOBE NEWSWIRE) — Trust Stamp (Nasdaq: IDAI, Euronext Growth: AIID ID), the Privacy-First Identity CompanyTM providing AI-powered trust and identity services used globally across multiple sectors, announces a partnership with IDramp, a leader in decentralized identity orchestration products and services. Together, they will launch an innovative biometric multi-factor authentication (“MFA”) offering that can be augmented with a range of leading access management, social sign-on, and bring-your-own identity services, all through IDramp’s no-code platform. Built on the Company’s advanced biometric tokenization technology, Trust Stamp’s transformative approach to Biometric MFATM streamlines trust assurance with a simple selfie. With a global rise in cybercrime associated with digital operations, the high security and ease of use of Biometric MFATM make it a powerful addition to authentication processes at all levels of risk, from standard account access to financial transaction authentication. Paralleling Trust Stamp’s streamlined privacy-first identity offerings, IDramp delivers dynamic Zero Trust identity orchestration through passwordless credentials on a no-code basis. Organizations can leverage leading identity solutions across providers from one location, enabling rapid custom implementation of robust multi-factor authentication flows. IDramp simplifies identity orchestration across disparate systems to strengthen and accelerate identity assurance. Trust Stamp Chief Commercial Officer Kinny Chan comments, “IDramp uniquely complements Trust Stamp’s own Biometric MFA and custom end-to-end identity workflow solutions with a platform that enables frictionless migration between identity providers. By unifying top identity services in one no-code platform, IDramp delivers the best in identity authentication while addressing complex and evolving assurance needs across individual touchpoints for efficient, fraud-resistant digital operations. Trust Stamp’s biometric authentication and tokenization technology delivered through IDramp’s platform fills a pressing market need for robust security, flexibility, and speed in establishing trust. This partnership expands the reach of our biometric technology to deliver meaningful value to IDramp’s impressive client base. With a shared focus on data privacy, protection, security, and usability, we look forward to our continued strategic work with the IDramp team.” IDramp CEO Mike Vesey comments, “Our customers manage digital ID across a wide variety of disparate environments. They need robust fraud protection that is flexible and easy to use. Trust Stamp transforms digital identity with world class biometric security, bullet proof data protection, and state-of-the-art fraud detection. Combined with IDramp’s decentralized orchestration platform, Trust Stamp will plug and play into any combination of multi-cloud, multi-IDP, and even Web3.0 environments. This powerful combination provides unmatched agility and superior Zero Trust fraud protection for any digital ecosystem. Zero code, no passwords, and no expensive, slow-moving migrations required.” About Trust Stamp Trust Stamp, the Privacy-First Identity CompanyTM, is a global provider of AI-powered identity services for use in multiple sectors including banking and finance, regulatory compliance, government, real estate, comm
IDramp,TalkCMO,,,,Qiqochat,,,,,IDramp and QiqoChat Announce Verifiable Credentials for Online Collaboration,"QiqoChat has really stepped up in this time of need to provide an incredible online event user-experience, enabling a re-creation of the IIW experience throughout our Covid travel restrictions. This week they announced the launch of a Verifiable Credentials integration with the QiqoChat platform.","IDramp and QiqoChat have launched the world’s first implementation of verifiable Personal identity credentials for virtual conferences and collaboration. This new form of digital identity provides QiqoChat customers with a self-sovereign privacy-focused solution protected by state-of-the-art cryptographic blockchain security. QiqoChat participants can now have full control over their digital identity but what are the other benefits? Verifiable credentials allow people to bring their own identity to any online service. User experience is improved by eliminating usernames and passwords. Privacy is increased by removing any need to share Personal data with 3rd party services like Google or Facebook. Security is fortified by not storing Personal data in central databases. All Personal data remains on the user device. Cost and liability are reduced by removing the need for monolithic identity infrastructure. Performance is increased by removing the need to move all user authorization traffic through one centralized location. Read More: Strengthening the Foundation for CMO – CFO Relationship “Qiqochat is leading the way in adoption of verifiable credentials. It is an innovative collaboration platform focused on emulating in person experiences online. Personal credentials share that goal by making your digital identity verifiable and private. Just like your driver’s license or birth certificate. Verifiable credentials are a perfect compliment to QiqoChat or any online service. IDramp allows service providers to adopt verifiable credentials quickly without the need to re-platform or develop code. IDramp is built on open standards for verifiable credentials and is compatible with all other standards-based providers. Deploying verifiable credentials to QiqoChat required only a few hours of configuration and testing but the impact is profound,” said Mike Vesey, CEO of IDramp. “The community of professionals working on data privacy & consumer protection has been an early adopter of QiqoChat. During regional and global conferences, they have used the platform to share ideas and deliberate about the future of user-centric identity. Through these conferences, we’ve learned how solutions like IDramp can be tremendously empowering for Internet users. We are thrilled to implement this initial partnership with IDramp so that we can begin to explore what becomes possible when we let users take control of their own identity on our platform.” – Lucas Cioffi, CEO of QiqoChat",https://talkcmo.com/news/idramp-and-qiqochat-announce-verifiable-credentials-for-online-collaboration/,,Press,,Meta,,,,,,,,2021-01-05,,,,,,,,,,,,,
IDramp,IDramp,,,,Oracle,,,,,Passwordless Credential Orchestration Manager is Now Available in the Oracle Cloud Marketplace,"This new service offers password elimination, identity proofing, and orchestration capabilities for any Oracle ecosystem.","Enable Passwordless Zero Trust for Oracle services and applications today IDramp Announces Passwordless Credential Orchestration Manager is Now Available in the Oracle Cloud Marketplace DES MOINES, Iowa, November 24, 2021 – IDramp, a leading provider of Zero Trust identity orchestration services, today announced their new Passwordless Credential Orchestration Manager (PCO) service is now available on the Oracle Cloud Marketplace. This new service offers password elimination, identity proofing, and orchestration capabilities for any Oracle ecosystem. It operates with Oracle Cloud Infrastructure (OCI) and applications using Oracle blockchain. The Oracle Cloud Marketplace provides a broad range of partner solutions for accelerating and optimizing cloud and hybrid deployments. Oracle customers can easily secure their applications using zero-trust passwordless identity orchestration from PCO. IDramp PCO uses verifiable credential cryptography to remove the need for usernames and passwords that are prone to identity theft. It simplifies delivery of services by providing unified trust policies and rapid deployment of applications across disparate systems. Oracle customers can create verifiable digital credentials using PCO using Oracle Identity Cloud or any other OCI data source. PCO is a Zero Trust identity fabric that is easy to connect with all OCI applications and third-party services. PCO allows OCI assets to be more portable, stronger, and easier to access. The Passwordless Credential Orchestration Manager is an ideal solution for Oracle customers wanting a simpler, safer, and more efficient way to access the breadth of applications and services offered by Oracle and Oracle Cloud Marketplace. “It frees them from password vulnerabilities, big-bang migrations, and being tied to a single provider,” said Mike Vesey, CEO of IDramp. “Oracle customers use anywhere from a few to hundreds of applications, each offering unique business solutions. Now they can deploy these vital services with cutting-edge Zero Trust security and unprecedented flexibility that moves at business speed.” The Oracle Cloud Marketplace is a one-stop shop for Oracle customers seeking trusted business partners that offer unique business solutions to extend Oracle Cloud Applications. Oracle Cloud Infrastructure is a next-generation enterprise cloud that delivers next-generation security across a comprehensive portfolio of services and applications. The IDramp Passwordless Credential Orchestration Manager is also available as a stand-alone product that works with any leading platform or diverse cloud environment. The PCO system architecture and design stem from decades of experience in enterprise identity, security, and service delivery. IDramp is a pioneer in using verifiable credentials for decentralized Zero Trust in the enterprise. With deep roots in the open-source community, IDramp is also a founding member of the Trust over IP Foundation, member of the Linux Foundation Cardea steering committee, member of the Good Health Pass Collaborative, a Steward of the Sovrin Foundation, and a node operator on the Indicio Network. About IDramp With IDramp, you can orchestrate passwordless identity using decentralized zero trust technologies that work with existing identity systems. Secure the future with IDramp today. Orchestrate your systems today Contact us for a demo on the IDramp suite of tools and services",https://idramp.com/idramp-passwordless-credential-orchestration-manager-is-now-available-in-the-oracle-cloud-marketplace/,,Product,,Product,,,,,,,,2021-11-29,,,,,,,,,,,,,
Indicio,,Indicio,,Frances Donegan-Ryan; Heather Dahl; Ken Ebert,,"USA, Washington, Seattle",USA,,,Indicio,"Indicio is Empowering Trust<br><br>Indicio provides companies the ability to create and manage Trusted Data Ecosystems for the exchange of high-value information and data assets, the creation of marketplaces, and the development of new business models around trusted data. <br><br>Specializing in financial, healthcare, and travel markets, Indicio’s global decentralized network and its software and information management products enable customers all over the world to issue, hold, and verify data through encrypted digital credentials. <br><br>Our software and infrastructure allows companies to confirm data authenticity repeatedly and efficiently from its source without the expense or risk of direct integrations. Privacy-by-design architecture simplifies data compliance and deploys continuous Zero-Trust security, boosting bottom-line profit, mitigating costly risks, and enhancing an institution’s reputation for information privacy.<br><br>Contact us for quick implementation of trusted digital ecosystems today.","Indicio’s public benefit mission is to advance decentralized identity. How did we do in 2022?By Trevor Butterworth... Employment verification made easy Issue, verify, and scale tamper-proof, privacy-preserving digital employee credentials. Build, innovate, and scale with Indicio on Google Cloud One click procurement to begin creating, sharing, and verifying data. The next step in scaleable self-sovereign identity from the leaders in open-source decentralized identity Prove Anything A complete starter kit to easily adopt open source decentralized verifiable digital credentials, integrate them into your existing systems, and build complete Trusted Digital Ecosystems that you fully own Issuer and Verifier Simple software to connect, issue, and verify credentials; APIs available Maintenance and Updates Managed updates and comprehensive testing to ensure maximum performance Mobile App and Mediator Software for users to download, store, and use a credential on mobile devices Decentralized Ledger Network Run on the Indicio Networks or any public or private Hyperledger Indy-based network Verifiable Credential Templates for creating verifiable credentials using open source standards Support and Training Continuous customer support and field-leading training from industry experts Machine Readable Governance Agent software to establish trusted issuers and automate information flows via governance files Indicio implements gold standard credential types, such as Anoncreds for privacy-preserving selective disclosure and predicate proofs. Indicio uses JSON-LD for publicly shareable credentials Introducing Holdr+ Indicio’s new mobile app to hold, connect, and communicate using your verifiable digital credentials What will you do with verifiable digital credentials? Indicio customers are using verifiable credentials to… Click on image to enlarge - Lower KYC and onboarding costs - Create seamless travel experiences - Manage and share trusted device and asset data - Portable health information without direct integration Success story: An award-winning verifiable credential solution for travel SITA, the leading global provider of technology to the air transport industry, and the island of Aruba’s Health Department chose Indicio to develop a privacy-preserving digital health credential for visitors to prove they had tested negative for COVID-19. Watch the demonstration video by SITA to see how verified data created a Trusted Digital Ecosystem. Indicio provides everything you need to take advantage of verified credential technology, decentralization, and trusted data Customized Solutions Adopt verifiable credentials at your own pace, built from open standards on open source technology, without being locked-in to a particular vendor or relying on expensive solutions. The Indicio Network A MainNet designed for mission critical deployments, TestNet for building, TempNet for stress testing, and a DemoNet for demonstrations.
Indicio,Indicio,,,,,,,,,Become a Node Operator,"we’ve seen a rapid rise in demand for robust, stable, and professionally maintained networks to support decentralized identity solutions. It’s not a surprise: decentralized identity’s moment has arrived. That’s why we’ve been hard at work creating Hyperledger Indy networks upon which developers all over the world are building, testing, and launching their solutions.","Join the growing list of forward-thinking companies and organizations across the globe who are actively building the future of digital identity. This is your chance to be a part of the newest and most dynamic network in decentralized identity technology, open for innovative developers and companies eager to bring their solutions to market. At Indicio, we’ve seen a rapid rise in demand for robust, stable, and professionally maintained networks to support decentralized identity solutions. It’s not a surprise: decentralized identity’s moment has arrived. That’s why we’ve been hard at work creating Hyperledger Indy networks upon which developers all over the world are building, testing, and launching their solutions. Powering these networks are Node Operators— companies and teams from around the world and from various industries who are designing and launching decentralized identity solutions. What is a Node Operator? At the heart of a decentralized identity ecosystem lies the distributed ledger— a distributed database made up of multiple copies of a ledger, hosted by various nodes. In practice at Indicio.tech, this means companies and organizations, together as a community, volunteer to run a copy of the ledger on a server that is under their authority. On the Indicio Network, we call these “Node Operators.” Together, these copies make up a verifiable data registry, from which credential issuers and verifiers can prove important information. Set your solutions up for success by becoming a Node Operator Be where the action is happening We’re creating a community of doers, made up of companies worldwide who are creating digital identity solutions for use cases of all kinds, including banking, education, supply chain, travel, and humanitarian efforts. As a node operator, you’ll be on the frontline of the innovation, playing a leading role in this world-changing digital transformation. Get access to resources Node Operators are eligible to receive a complementary business support package for their first year in the program, including architectural guidance, best practice checks, an account-dedicated Slack channel, and a dedicated network engineer monitoring your environment and assisting you with your needs. We also help our node operators prepare their presentations and marketing materials for webinars and informational events. Learn by doing There’s no better way to get trained on how a decentralized identity ecosystem works than to play a critical role in the ecosystem itself. Supporting one of the nodes on the network gets your team a front-row view of how a network functions from the inside. We’ve seen firsthand how operating a node speeds up a company’s ability to develop and deploy their own solutions. Take part in community events Indicio hosts community events, such as monthly Node Operator sync-ups and spotlights, giving our Node Operators a platform to showcase, demonstrate, and discuss their solutions. We help keep our node operators up-to-speed by discussing new open source tools, improvements, network updates, and standards progress, as well as help them identify business opportunities. Make identity simpler The decentralized identity world can be daunting for newcomers and veterans alike. There are myriads of working groups, governance bodies, standards organizations, and cross-industry initiatives. While these all play a vital role in the development and adoption of the technology, they can often lead to “information overload” and distract your team from developing a refined, commercial-ready product. We’re here to help our Node Operators make sense of the
Indicio,Indicio,,,,,,,,,Indicio launches blockchain-enabled network for identity,"“Our clients asked for a stable, fully-staffed network based on Hyperledger Indy— one that could provide the Service Level Agreements their customers need for mission-critical workloads,” said Heather Dahl, CEO of Indicio. “Today, we are excited to announce that this MainNet is open for business.”“This is the network we need to accelerate adoption of passwordless zero trust ecosystems for enterprise customers” said Mike Vesey, President of[IDramp](https://IDramp.com), a leader in decentralized identity and a Genesis Node Operator on the Network.","Professionally-staffed MainNet supports mission-critical, enterprise-grade decentralized identity market solutions Technology provider Indicio.tech, a public benefit corporation advancing decentralized identity software and solutions, today announced the public availability of the Indicio MainNet, a professionally-staffed decentralized identity network designed for global enterprises that need a reliable platform to develop and scale identity services and products. The development of the Hyperledger Indy-based network follows on the successful deployment of the Indicio TestNet, a market leader in decentralized identity networks. The Indicio MainNet uses distributed ledger technology—multiple identical databases spread across different nodes—to enable the use of privacy-preserving verifiable digital credentials. This provides the foundation for flexible, portable, and permanent digital identities that are always under the control of the identity holder—the individual—and which provide an evolutionary leap forward in security. “Our customers asked for a stable, fully-staffed network based on Hyperledger Indy— one that could provide the Service Level Agreements their customers need for mission-critical workloads,” said Heather Dahl, CEO of Indicio. “Today, we are excited to announce that this MainNet is open for business.” “This is the network we need to accelerate adoption of passwordless zero trust ecosystems for enterprise customers” said Mike Vesey, President of IDramp, a leader in decentralized identity and a Genesis Node Operator on the Network. “Our customers are developing service delivery ecosystems that require world class support, and leading edge features managed by a team with deep technical experience. The Indicio network provides exactly that.” “The Indicio Network enables GlobaliD to deliver a digital identity platform that puts you in control of your identity and your data,” says Mitja Simcic, CTO of GlobaliD, one of the first companies to use Indicio’s MainNet. “Most digital identity platforms take ownership and control of your digital identity and your data for their own purposes. For instance, social media companies make money from selling your data to unauthorized third parties. Indicio is creating an ecosystem for providers that are working to make this practice obsolete. This network is bringing real change to real people, all over the world.” The Value of Decentralized Identity Decentralized identity allows individuals to control their own data and solves the privacy and security issues that undermine current models for handling identity online. This privacy-preserving model for identity, where everyone controls their own information, makes it easy for companies and organizations to comply with data privacy laws, makes business partner integrations more secure, and does away with the need for third-parties to manage and hold Personally identifiable information (PII). It is important to note that as part of Indicio’s governance, no Personal data, such as names, addresses, or birth dates, are written to any of the Indicio Network ledgers. Instead, machine-readable cryptographic information identifies the issuer of the credential and the details that demonstrate the credential is authentic. With just a few writes to the Indicio MainNet, millions of credentials can be issued, all pointing to the same few ledger writes making
Indicio,Indicio,,,,,,,,,Indicio Tech: Why we converted to a public benefit corporation,"The idea of a benefit corporation begins with long-simmering dissatisfaction in the argument that the only responsibility or duty a company had was to increase its profits, a claim that had been forcefully made by University of Chicago economist Milton Friedman in the New York Times magazine in 1970.","In December, Indicio.tech reincorporated as a public benefit corporation, joining a worldwide movement committed to align profit with a positive material impact on society. For Indicio, it has always been clear that decentralized identity benefits the public—that is what brought us, the founders, together. It solves a massive structural flaw in the architecture of life online: The lack of an effective way to encode uniqueness and thereby verify individual identity; and it does so in a way that removes the need for third parties to control and store Personally identifying information. Decentralized identity allows people to give meaningful consent to sharing their data in a maximally private and secure way. It answers the deep disquiet over the misappropriation of Personal data that has been given a voice in data privacy regulation—and it makes compliance with such laws easy. All of these are public “goods.” Now, add in decentralized identity’s capacity to help those who have no formal, legal identity, those who are stateless, those who are refugees—a number estimated at over a billion people—to prove that they exist, secure access to health and financial services, and establish rights over property. To dream this big we have to formulate achievable, incremental steps to get there. We have to create the technology and infrastructure that can realize these public goods; we have to make the tech interoperable and, wherever possible, open source. We have to make it as easy as possible to understand, use, and adopt. We have to build use cases and help others build use cases to reveal its value. As Indicio grew, and as we saw decentralized identity as an ecosystem that needed to be seeded and cultivated, the public benefit corporate model became more and more compelling as a way of ensuring that our beliefs and values were baked into this mission. But we also saw the benefit corporation as a way of encoding a positive and inclusive culture inside our company. If each team member is genuinely valued for the work they do, they will give their best to our customers, they will become the most effective advocates for our mission. A brief overview of the benefit corporation movement The idea of a benefit corporation begins with long-simmering dissatisfaction in the argument that the only responsibility or duty a company had was to increase its profits, a claim that had been forcefully made by University of Chicago economist Milton Friedman in the New York Times magazine in 1970. Arguing that only an individual had responsibilities, and a corporation couldn’t be a person, Friedman defined a new era of shareholder supremacy in business. In practical terms, the easiest way to see whether a business was acting responsibly was to see if its share value was increasing, a simple metric that had profound consequences for the way a business or corporation was run. The CEO’s job became defined by what he or she did to increase their company’s share price. Shareholders didn’t need to buy into the reasons why the business was founded, or the vision of its founders, or even the value the company provided its customers and society: share price higher, company good. There was no obligation to think, strategically, outside the short-term, or to consider the welfare of community, the environment, or the company’s employees. Dissatisfaction with the inflexibility of this model from the business side and growing public interest in economic and environmental sustainability and social responsibility helped to open up a legal middle way between for-profit and nonprofit corporations. The “benefit” corporation was the result and the first bene
Indicio,Indicio,,,Tim Spring ,Anonyome,,,,,Node Operator Spotlight: Anonyome,"Each of the capabilities of the Sudo Platform is attached to a persona. This includes masked email and masked credit cards, private telephony, private and compartmentalized browsing (with ad/tracker blocker and site reputation), VPN, password management, decentralized identity and more.","A distributed ledger is a database that has copies distributed across a network of servers (nodes), all of which are updated simultaneously. A network like this is the foundation of decentralized identity, a way of generating robust trust and collaboration free of the security risks of centralized databases. We call the companies and organizations that support an Indicio Network node on a server that is under their control “Node Operators.” Recently we caught up with Paul Ashley, CTO and Co-CEO of Anonyome Labs, a current Node Operator of Indicio, to discuss their current projects, some goals for the future, and where they think decentralized identity is heading. Tell us about Anonyome: how did it start, where did it start, and who makes up your team? The goal of Anonyome Labs is to shift the control of Personal information back to normal users. Everything we do is recorded, collected, mined, profiled, stored, targeted and sold. The balance of power has shifted to the cabal of tech giants and data miners who overtly or covertly monitor and control what is seen, clicked, and cared about. At Anonyome Labs we build the tools that shift control of Personal and private information from the big data miners back to the user. Anonyome Labs was founded in 2014 and is headquartered in Woodside California, with teams in Salt Lake City, Utah and Gold Coast, Australia. Anonyome Labs has about 70 employees – the teams have deep enterprise and consumer expertise across identity, cyber security, authentication, authorization, privacy and cryptography – with hundreds of granted patents. What are some of the products/services (Self Sovereign Identity or not) that you currently offer? Who are your target customers? What sets you apart from the competition? Anonyome Labs created the Sudo Platform to provide enterprise software developers with capabilities to add persona (Sudo) based identity, privacy and cyber safety features to their applications. The Sudo Platform provides to these enterprise software developers mobile and web SDKs, sample apps, documentation and UI Kits to accelerate their application development. Each of the capabilities of the Sudo Platform is attached to a persona. This includes masked email and masked credit cards, private telephony, private and compartmentalized browsing (with ad/tracker blocker and site reputation), VPN, password management, decentralized identity and more. In addition, Anonyome Labs created the MySudo mobile application to put the same identity, privacy, and cyber security capabilities into the hands of normal users for their interactions with the online and offline world. Each user is able to create a number of personas (Sudos) and with each of them have access to various Sudo Platform capabilities. What Self Sovereign Identity /Decentralized Identity products/services are on your roadmap? A key offering of the Sudo Platform is Decentralized Identity based services. This includes both client (Edge Agent) and server (Cloud Agent) offerings. This allows the enterprise to become a Decentralized Identity Verifiable Credential Issuer and/or Validator. And it allows the enterprise’s users to take part in a decentralized identity ecosystem – by giving them a mobile wallet/agent to manage decentralized identities, connections and verifiable credentials. What motivated your work in Decentralized Identity? Why did you become a node operator? What appeals to you in this field? We believe that Decentralized Identity is the most important innovation in identity to help normal users have control over their Personal information as they interact with the online world. Given Anonyome’s focus on privacy and cyber safety, it was a natural
Indicio,Indicio,,,Tim Spring ,IDramp,,,,,Node Operator Spotlight: IDramp,"Recently we caught up with Karl Kneis, COO of IDramp, and Eric Vinton, Chief Business Officer of IDramp, one of the first companies to become an Indicio Node Operator, to discuss their current projects, some goals for the future, and where they think decentralized identity is heading.","A distributed ledger is a database that has copies distributed across a network of servers (nodes), all of which are updated simultaneously. A network like this is the foundation of decentralized identity, a way of generating robust trust and collaboration free of the security risks of centralized databases. We call the companies and organizations that support an Indicio Network node on a server that is under their control “Node Operators.” Recently we caught up with Karl Kneis, COO of IDramp, and Eric Vinton, Chief Business Officer of IDramp, one of the first companies to become an Indicio Node Operator, to discuss their current projects, some goals for the future, and where they think decentralized identity is heading. Tell us about IDramp: how did it start, where did it start, and who makes up your team? IDramp was born from years of frontline experience in enterprise identity management and service delivery. With IDramp we wanted to reduce the pain and vulnerabilities that surround digital identity passwords, platform migration, operation, and service delivery. The cost and resource requirements of managing and replacing identity platforms can be astronomical. Operation requires special skills and complex customization. Migrations can take years to complete and often fail. Service delivery can be slow and require premium resources. — Our experience found that adapting decentralized, Zero-Trust identity principles will reduce cost while increasing security and accelerating the speed of service delivery. We founded IDramp to help remove passwords, automate expensive tasks, reduce the need for advanced skills, and simplify the adoption of new solutions, all while improving overall security through decentralized Zero Trust. Instead of reinventing identity management platforms every few years with mammoth projects, organizations can use IDramp to enjoy continuous adoption of new services and solutions at the speed of business. Decentralized verifiable credentials can easily be adapted to any service or system for advanced Zero-Trust protection and password elimination. No coding or long term platform projects are required. People appreciate the improved privacy and simplified experience of passwordless ecosystems. Security authorities appreciate the reduced data liability and the stronger protection of Zero Trust credentials. Our team’s deep experience working through generations of multinational digital identity projects gives IDramp a unique perspective. We excel at solving complex problems with simple effective solutions that improve the bottom line. What are some of the products/services (Self Sovereign Identity or not) that you currently offer? Who are your target customers? What sets you apart from the competition? Our premier product is the IDramp platform. It caters to the public sector, enterprise and SMB customers across all industries. It provides service orchestration with zero-trust decentralized identity, and password elimination. While IDramp is a zero-code solution we also provide robust APIs that can be used to extend capabilities into any custom application or ecosystem experience. The APIs offer a limitless palette of design opportunities for application development. We also provide a free digital identity wallet to securely share Personal information, such as education certifications, health data, or employment credentials. The wallet provides multi-wallet stewardship capabilities that allow people to manage credentials for other people or things.This feature can be used to manage family credentials, or eldercare use cases, for example. IDramp is built on open standards for interoperability. It operates automatically across any standards-
Indicio,GlobalID,,Medium,,,,,,,Making decentralized identity mainstream w Heather Dahl and Ken Ebert (Indicio),"how new identity-based technology can help people, governments and companies develop greater digital trust in a modern society.","FUTURE PROOF EP 19 — Making decentralized identity mainstream In this episode, we’re joined by CEO Heather Dahl and CTO Ken Ebert from Indicio, the market leader in developing trusted digital ecosystems. Heather and Ken discuss how new identity-based technology can help people, governments and companies develop greater digital trust in a modern society. Past episodes: - EPISODE 18 — Everyone will have an ID wallet - EPISODE 17 — Digital wallets of tomorrow will be PRIVATE - EPISODE 16 — How XUMM Wallet is changing the game - EPISODE 15 — Olympic hopeful Lila Lapanja is a GlobaliD ambassador - EPISODE 14 — What we learned at Solana Breakpoint - EPISODE 13 — DeFi and Identity: Compliance in a decentralized world - EPISODE 12 — The future of GlobaliD Groups - EPISODE 11 — The XRP Card and the future of communities - EPISODE 10 — How to decentralize identity and empower individuals - EPISODE 09 — Understanding GlobaliD’s identity platform - EPISODE 08 — Owning your identity and data with VP of Design Antoine Bonnin - EPISODE 07 — Understanding the future of fintech with Ayo Omojola - EPISODE 06 — Establishing trust and safety in tomorrow’s networks - EPISODE 05 — How ZELF combines the power of payments and messaging - EPISODE 04 — The future of blockchain with the creator of Solana - EPISODE 03 — Should we trust Facebook? - EPISODE 02 — JP Thieriot on why Uphold isn’t delisting XRP - EPISODE 01 — The SEC’s crypto turf war and why XRP isn’t a security Have a question for us? A topic you’d like covered? A guest you’d like to see? Let us know!",https://medium.com/global-id/episode-19-making-decentralized-identity-mainstream-1d9d8734a14f,,Episode,,Explainer,,,,,,,,2022-09-14,,,,,,,,,,,,,
Indicio,Indicio,,,,,,,,,Identity Blockchains and Energy Consumption,"A decentralized network using a blockchain-based distributed ledger means you can use [Peer DIDs](https://identity.foundation/peer-did-method-spec/)to move most “transactions” and their cryptographic proofing off ledger. This means that for those peer-to-peer interactions, identity blockchains don’t need to do any ledger transactions at all.","Bitcoin has given blockchain the carbon footprint of Godzilla; but when it comes to identity, blockchain-based distributed ledgers are light on energy use and long on benefits Blockchain has become synonymous with cryptocurrency, and crypto is rapidly becoming to energy consumption what crack cocaine once was to addiction. Headlines about bitcoin miners stealing electricity to “Bitcoin consumes ‘more electricity than Argentina” have generated much heat but not always a lot of light (this article from Harvard Business Review offers a nuanced view of the energy consumption controversy). The problem is that this mental shortcut can leave the impression that the energy intensive computation required to validate bitcoin transactions — which is known as “proof of work”— is a process required by all blockchains, thereby making the technology environmentally unfriendly in general It isn’t and here’s why: - An identity blockchain like the Indicio Network uses signatures rather than mathematical computation to generate proof. No complex mathematical processes are needed. You either accept the signature or you don’t. - A write to the ledger (and one write can be the basis for millions of identity credentials) or a look up on the ledger uses no more energy, and possibly less, than browsing a web page. - A decentralized network using a blockchain-based distributed ledger means you can use Peer DIDs to move most “transactions” and their cryptographic proofing off ledger. No Personally identifying information is written to the public ledger– ever. This means that for those peer-to-peer interactions, identity blockchains don’t need to do any ledger transactions at all. As most of our digital interactions are on a one-to-one basis, there is no need for them to take place on the blockchain; the blockchain is simply the root of trust for the identities of the parties issuing credentials: once these identities have been looked up and confirmed by each party, everything else happens peer-to-peer. And with Peer DIDs, each communication is cryptographically unique — a huge advancement in privacy and security requiring no more energy than, say, using encrypted email. Although harder to quantify, the energy saved from using a technology that enables you to trust information online is also something to be taken into account. The same goes for more efficient and effective usability and much better risk mitigation. But the point doesn’t require this detailed analysis to hold true: All blockchains are not Bitcoin and identity blockchains using Peer DIDs are low energy consumers. That’s why we run the Indicio Network and believe in and advocate for this technology: and that’s why it would be a huge loss if a low energy use of blockchain were to be mistakenly seen as having the carbon footprint of Godzilla.",https://indicio.tech/identity-blockchains-and-energy-consumption/,,Post,,Explainer,,,,,,Bitcoin,PEER:DID,2021-10-19,,,,,,,,,,,,,
Indicio,YouTube,,,,,,,Biden's Cybersecurity Executive Order,,Houston we have a Problem – An Identity Problem in the Oil and Gas industry,"- President Biden’s cybersecurity executive order<br>- The security landscape for global enterprises<br>- Decentralized identity, what it is and how it fortifies existing data infrastructure<br>- Case study: applying zero trust and decentralized identity to energy",,https://www.youtube.com/watch?v=iat3gyryfpe,,Video,,Explainer,,,,,,,,2021-08-24,,,,,,,,,,,,,
Indicio,Indicio,,,,GlobalID,,,,,21 Industry leaders from five continents join Indicio Network consortium to drive global adoption of decentralized identity,"[GlobaliD](https://global.id/), USA; [Uphold](https://uphold.com/), Portugal; [ID Ramp](https://IDramp.com/), USA; [Cynjatech](https://www.cynja.com/), USA; [Finclusive](https://finclusive.com/), USA; [Xertify](https://xertify.co/), Colombia; [Snowbridge Inc.](https://www.snowbridge.se/), Taiwan; Entrustient, USA; [Bot Ventures, Inc](https://botventures.io/)., Canada; [BlockSpaces](https://blockspaces.io/), USA; [Blockster Labs](https://blockster.global/), [Anonyome Labs](https://Anonyome.com/), Australia; [Selfd.id](https://selfd.id/), Romania; [Liquid Avatar Technologies](https://liquidavatar.com/), Canada; [Snapper Future Tech](https://snapperfuturetech.com/), India; [Lorica Identity](https://loricaidentity.com/), USA; [BizSecure](https://bizsecure.com/), USA; [Networks Synergy](https://www.synergy.kz/), Kazakhstan; Absolutely Zero Cyber, USA; [Cysecure](https://cysecure.us/), USA; [VERSES Labs](https://www.verses.io/), USA","Indicio.tech, a public benefit corporation, today announced the twenty-one companies backing its global network for blockchain-based decentralized identity. With each company hosting a copy of Indicio’s public ledger, the Indicio Network enables companies and organizations around the world to provide privacy-preserving ways of proving identity and authenticity to people, businesses, and even the Internet of Things. “We’re thrilled to be a founding Node Operator on the Indicio Network,” said Greg Kidd, co-founder and CEO of GlobaliD. “Indicio’s enterprise grade network is a core part of GlobaliD’s vision for giving individuals ownership of their digital identity in a privacy-preserving way. With verifiable credentials, which are reusable and user-controlled, users and groups can carry their trusted credentials wherever they go.” “Our customers require an enterprise-grade network to enable Zero Trust identity and passwordless authentication,” said Mike Vesey, CEO of IDramp, also a founding Node Operator. “Indicio’s dedicated service and support provides the reliability and performance expected for production-ready decentralized services. This dynamic community of experts is helping transform the future of digital trust for business.” The Indicio Network is composed of three networks, a MainNet, for deploying products and services, a TestNet for development, and a DemoNet for pilot and product demonstration—all three networks host the latest monitoring and service tools. “Together, we’re working to build a better digital world,” said RJ Reiser, Chief Business Development Officer, Liquid Avatar Technologies. “Indicio Node Operators are creating a transformational change in digital identity, one that empowers users to manage, control, and even benefit from their digital identity and online data.” Indicio Node Operators are spread over five continents: GlobaliD, USA; Uphold, Portugal; ID Ramp, USA; Cynjatech, USA; Finclusive, USA; Xertify, Colombia; Snowbridge Inc., Taiwan; Entrustient, USA; Bot Ventures, Inc., Canada; BlockSpaces, USA; Blockster Labs, Anonyome Labs, Australia; Selfd.id, Romania; Liquid Avatar Technologies, Canada; Snapper Future Tech, India; Lorica Identity, USA; BizSecure, USA; Networks Synergy, Kazakhstan; Absolutely Zero Cyber, USA; Cysecure, USA; VERSES Labs, USA Great companies interested in becoming an Indicio Network Node Operator can apply here.",https://indicio.tech/21-industry-leaders-from-five-continents-join-indicio-network-consortium-to-drive-global-adoption-of-decentralized-identity/,,Post,,Meta,,,,,,,,2021-07-06,,,,,,,,,,,,,
Indicio,Bonifii,,,,,,,,,Bonifii increases financial inclusion with GlobaliD digital wallet and Indicio Network,"Bonifii, the financial industry’s first verifiable exchange network for financial cooperatives, today announced the Bonifii credential, a decentralized digital identity that provides underserved individuals with access to traditional banking services in a way that maximizes their privacy and security. Bonifii created the digital credential in partnership with GlobaliD, a trust platform and digital wallet. The credential is underpinned by the Indicio Network, a global network built on Hyperledger Indy for decentralized digital identity using distributed ledger technology (DLT).","Bonifii increases financial inclusion with GlobaliD digital wallet and Indicio Network Privacy-preserving credential helps onramp underbanked to traditional banking services Denver, CO — (October 25, 2021) — Bonifii, the financial industry’s first verifiable exchange network for financial cooperatives, today announced the Bonifii credential, a decentralized digital identity that provides underserved individuals with access to traditional banking services in a way that maximizes their privacy and security. Bonifii created the digital credential in partnership with GlobaliD, a trust platform and digital wallet. The credential is underpinned by the Indicio Network, a global network built on Hyperledger Indy for decentralized digital identity using distributed ledger technology (DLT). The Bonifii credential transforms the way new accounts are created by streamlining the delivery of information needed to open an account at a traditional financial institution. By enabling an end-to-end digital online application process, the credential offers a secure and meaningful entry point into accounts with financial institutions for millions of underbanked people, giving them a pathway to achieving financial stability. “Now, financial institutions that use the Bonifii credential can achieve higher levels of assurance than traditional application methods. The identity of the account applicant can be verified from a variety of attributes that create trust and assurance,” said John Ainsworth, CEO and President of Bonifii. “This type of digitally verifiable KYC reduces fraud, increases financial inclusion, and provides friction-free interactions between account holders and financial institutions.” The FDIC reported in 2019 that over 12 percent of Hispanic households, nearly 14 percent of Black households, and over 16 percent of American Indian/Alaska Native households in the U.S. don’t have access to a mainstream checking account. The FDIC also reports that while these figures have been trending downward, the number of unbanked households will likely increase in the aftermath of the ongoing Covid-19 pandemic. “Real financial inclusion will only be possible with fraud-resistant mechanisms that can adapt to peoples’ real-life situations and economic activities,” said Ainsworth. “Bonifii combines the availability of the GlobaliD wallet and services that run on the publicly available Indicio Network to ensure secure, privacy-preserving, scalable access to millions of underbanked people. This combination of technology also minimizes the risk of illicit activity, reduces the widespread problem of fraud, and simplifies the challenge of compliance within the U.S. financial system.” “Our partnership with Bonifii and Indicio is about the three i’s—inclusion, innovation, and interoperability,” said Greg Kidd, co-founder and CEO of GlobaliD. “With a simple, universal credential, anyone can now access traditional financial services—all of which is powered by a fundamentally self-sovereign solution.” Bonifii chose to partner with GlobaliD due to their deep experience in secure, private, portable, digital identity and payments, their experience with the Indicio Network, and their existing use of digital money transaction platform Uphold. Uphold also relies on GlobaliD to sign up and login their customers. In turn, Uphold provide
Indicio,Indicio,,,,,,,,,Decentralized Identity opens the doors for safe travel and tourism,Machine readable governance enabled businesses and venues to trust that tourists had been tested on arrival by Aruba’s health department. Visitors using the digital Aruba Happy Traveler Card could be swiftly and reliably verified with a phone app. This freed both businesses and the government from the burden of mechanically collecting data with the attendant risk of error or fraud.,"Learn how Indicio and SITA worked together using privacy-preserving technology to reshape contactless health information sharing. Proof of testing or vaccination has become central to how we reopen travel to countries, admit visitors, and bring tourism economies back to life. Providing privacy and control for people is the key to establishing public confidence in a system for proving one’s health status. A digital proof of a Covid negative test or vaccination must be designed to protect individual privacy. It should enable a medical or test center to directly provide that information to an individual—and involve no one else storing or managing their data. It should be tamper proof and incapable of being faked. And it should be easy to download and quick to use. This is why Indicio.tech, a public benefit corporation that provides decentralized identity software solutions, and SITA, the leading global technology provider for the air transport industry, have used open source, privacy-by-design technology to build a solution that allows airports, airlines, and all elements of the tourist economy to use verifiable digital credentials to safely and securely return to life. How to reopen travel and tourism and preserve privacy Trusted data ecosystems use distributed ledger technology, cryptography, and a new way to provide an individual with control of their digital information. This means identity credentials that contain health information are issued directly to that person’s digital wallet, without any handoff to or management by third-parties. Trusted organizations can quickly issue millions of credentials without any of the information they contain being collected and stored in a third-party database. Then, when the person decides they want to share all or just part of the information, such as the specific details of their test status, the authenticity and original source of that information can be definitively proven. This makes the digital credential compliant with health and data privacy law (HIPAA, GDPR). The advantages of a Trusted Data Ecosystem are that it can: - Replace paper cards with fully digitized identity information - Increase efficiency by automating many tasks involved in presenting Personal health status - Ensure consent and control when sharing Personal data - Allow a user to select which information they want to disclose while obscuring the rest - Enhance security through privacy-by-design, user-friendly digital records, and tamper-evident distributed ledger technology - Avoid the problem of fraudulent health cards or paper forms from being presented - Scale to include millions of participants, including employees, travelers, and residents, with just a few writes to a public ledger and an inexpensive mobile application - Speed recovery of reopening venues and countries Open and manage public spaces Indicio’s identity ecosystem is built using Cardea, a complete ecosystem for the exchange of privacy-preserving digital credentials, open sourced as a project in Linux Foundation Public Health. Based on Hyperledger Indy and Aries open source technology, its flexible design means it can be easily adapted and deployed by any company, government, or organization that needs a privacy preserving digital credential for managing access. Indicio’s implementation of Cardea for SITA and the Government of Aruba features a mobile interface in the form of a mobile app for users and a second mobile app for use by venues to receive and verify credentials from users. Software called mediator agents and enterprise agents allow for scaling and au
Indicio,Indicio,,,,Aruba Health Department; SITA,,,,,Finalist for CRN Social Impact Award,Indicio worked with SITA and the Aruban government to develop a decentralized identity solution for managing Covid testing and vaccination for travelers to the tourism-dependent island.,"Indicio a Finalist in CRN Awards for social impact By Tim Spring The CRN Tech Impact awards are given to IT vendors, distributors, and resellers for their social and environmental impact. This year, Indicio is a finalist in the Social Impact Project Category for its work with SITA, the world’s leading provider of IT to the air transport sector, on verifiable credentials for travel. Indicio worked with SITA and the Aruban government to develop a decentralized identity solution for managing Covid testing and vaccination for travelers to the tourism-dependent island. The goal was to avoid the need for airlines or governments to directly integrate with health care providers, while providing travelers with a tamper-and-fraud proof, privacy-preserving way to prove their health data (and thereby comply with health data privacy requirements). After successful trials, the code was donated to Linux Foundation Public Health as a privacy-preserving way for public health authorities to share health data. Known as the Cardea Project, the codebase continues to be developed to address other health data sharing needs. As a Public Benefit Corporation, Indicio has made the advancement of decentralized identity its public benefit mission. The social impact of Cardea is enormous. There is now a complete open source decentralized ecosystem for issuing, holding, and sharing health data in a privacy-preserving way. At the same time, SITA’s application of the same digital technology promises to transform our experience of travel from check in to border control. To read more about some of the work that was done you can read the original press release here or read the Cardea white paper. Other finalists in the social impact category are Epson UK and Clevertouch Technologies and Interactive AV Solutions. For the full list of categories and finalists, visit CRN. Indicio is honored to be nominated and looks forward to the announcement of the winners in September. In the meantime, to keep up with Indicio be sure to subscribe to our newsletter for more news and updates from our community!",https://indicio.tech/the-crn-tech-impact-awards/,,Post,,Meta,,Travel,COVID,,,,,2022-06-23,,,,,,,,,,,,,
Indicio,Indicio,,,,,,,,,How to Create a Trusted Digital World,"We’ve completed what we set out to do two years ago: finish the technology’s foundation and create a full, open source ecosystem around it. You can issue, share, and verify data through verifiable digital credentials today. You can layer this on top of your existing identity and access management systems now.","After announcing our oversubscribed seed round, we reflect on what we achieved and what’s to come By Heather Dahl It was a race toward the next big thing—except it felt like everyone was jogging in circles. All of the talk was about decentralized identity solving all the big online problems—verification, privacy, security—but where were the solutions? We had been talking and jogging for years and the finish line for the technology wasn’t getting closer. It was time to up the pace, to lead a group of talented, like-minded individuals—and to get the technology to a stage where enterprises and organizations could start implementing working solutions. That was the sense of opportunity and need that drove the creation of Indicio two years ago. There was a lot to do. It would have been overwhelming if we hadn’t broken it down into a roadmap of small steps, each building on the other, each extending the technology, each adding a community of builders, each bringing more customers and collaborators into the mix, and all feeding a virtuous cycle of innovation and growth. The initial investment was conservative; but customer revenue was instant and scale was rapid. We focused on building solutions, starting with our customers’ simplest problems and use cases. And when those solutions worked, and our customers saw what the technology could deliver, they asked for more and to deliver new features; they began to think of new applications and opportunities. The success of decentralized identity technology lay in each of our customers being successful. Each successful customer deployment was a victory, each advanced the technology, and each created new opportunities. This was our strategy: the more we built solutions, the more customers we’d have, and the more they’d ask us to do. It worked; indeed, the investment community liked this strategy so much, our seed round ended up oversubscribed. Actionable data now Normally, a startup would use a seed round to launch a business; but we were already up and running: we had customers, products, and services. That’s what excited our investors: if we had come so far on so little, how much faster would we go with more? Well, we’re excited too. We’ve completed what we set out to do two years ago: finish the technology’s foundation and create a full, open source ecosystem around it. You can issue, share, and verify data through verifiable digital credentials today. You can layer this on top of your existing identity and access management systems now. We’ve also developed machine-readable governance to simplify managing complex information flows and governance processes offline and in ways that meet the needs of regulatory authorities. Governance for decentralized identity has often been a sticking point in the marketplace because it reads like a bigger problem than the problem decentralized identity is supposed to solve. Not any more. Even the language around this technology has shifted to resonate with what the market understands and needs. It’s not just about engineers talking to engineers anymore; it’s about the value we create in trusted digital interaction, the efficiencies that come with verification, and the protean capacity of the communication protocols to manage this interaction in new, secure ways; it’s about actionable data and digital relationships. In short, we’ve made it easy and cost-effective to begin a powerful process of digital transformation that creates trust. These flexible, customizable “Trusted Digital Ecosystems” can be deployed rapidly by being layered on top of your existing identity systems. This means creating digital transformation in weeks rather than
Indicio,IDramp,,,,,,,,,IDramp Offers Market-Ready Decentralized Identity Platform on the Indicio Network,"IDramp, a leader in decentralized identity products and services, announced today that it now provides market-ready solutions leveraging the Indicio Network, a professionally-run decentralized network for identity.<br>IdRamp provides enterprise and government customers with digital wallets via the Passport mobile application, and on-boarding services with the IDramp Service Delivery Platform. The company has established itself as a market leader in decentralized identity. IDramp selected the Indicio Network for its reliability and expert support services.","IDramp Offers Market-Ready Decentralized Identity Platform on the Indicio Network IDramp provides enterprise and government customers with digital wallets via the Passport mobile application, and on-boarding services with the IDramp Service Delivery Platform. The company has established itself as a market leader in decentralized identity. IDramp selected the Indicio Network for its reliability and expert support services. IDramp has long recognized the complexity of an ever-growing collection of disconnected protocols, standards, regulations, and technologies. The IDramp Service Delivery Platform offers decentralized identity that simplifies the experience, removing centralized data, allowing businesses to focus on their business rather than managing technology. “Part of what adds value to our customers is quick and easy integration into their various legacy ecosystems,” says Mike Vesey, CEO of IDramp. “Without having to lift and shift anything, businesses and organizations of all shapes and sizes can use decentralized identity to improve user experience by eliminating any need for passwords, increasing privacy by removing the need to share Personal data with 3rd party services like Twitter or Facebook and improving data protection by not storing Personal data in central databases. This reduces cost by reducing investments in monolithic identity platforms. Having an enterprise grade network to deliver decentralized services for our customers is critical. We are excited to have Indicio Network providing IDramp customers with a dependable, reliable, and robust enterprise ready network with experienced staff at the helm. Indicio provides the best-in-class distributed network that our customers need.” Indicio’s fully-monitored decentralized identity network debuted in July with experienced concierge-class expert support to help companies design, build, and bring decentralized identity products to market quickly. As a Genesis Node Operator, IDramp helped launch the Indicio Network, contributing dedicated server space, ongoing governance contributions, and community leadership. The IDramp platform allows for the simple management of decentralized identity verifiable credentials in one easy-to-use platform that can be linked to virtually any existing application. These credentials are tamper-proof, and with simple security reporting and flexible APIs, improving business productivity and security oversight. “We are thrilled to see the growing Indicio community begin to run their customer workloads on our network,” says Heather Dahl, CEO of Indicio. “IDramp offers solutions that help people move from a world of centralized digital existence with a multitude of logins, passwords, and profiles in someone else’s database, to one where identity is digital and decentralized, yet controlled by the individual. Decentralized identity allows us to protect our privacy and share our information at a distance – two things that are increasingly important to the efficiency of the global economy, and critically important in the context of a worldwide pandemic.” “IDramp and Indicio are helping to grow a community focused on delivering decentralized identity solutions that will drive adoption of this empowering technology,” says Karl Kneis, COO of IDramp. “Now IDramp can provide a suite of simple-to-use, professional grade tools and services, all connected to a
Indicio,Indicio,,,,New York VC Network,,,,,Indicio named by New York VC Network in their list of the most exciting early-stage teams,Indicio is proud to have been named by [New York VC Network](https://www.vcnet.nyc/)in their recently compiled list of the most exciting early-stage teams that they’ll be following closely this year!,"Indicio is proud to have been named by New York VC Network in their recently compiled list of the most exciting early-stage teams that they’ll be following closely this year! By Tim Spring This exclusive list is made up of recently founded companies that are now raising their Seed or Series A and have applied to theVC matching program in the past six months. Based on the space the teams are working in, they are divided into 5 categories: HealthTech, Fintech, B2B Solutions, Consumer Tech, and Top Scorers in ESG. The New York VC Network Rating Committee consists of current and former VCs, angel investors, exited entrepreneurs, and Fortune 500 employees in M&A roles. The rating for companies is primarily based on two criteria. The first is the team’s past track record, mostly relying on founder profiles, past achievements, and their ability to gather a talented team around them. The second is the company’s current traction/scalability, based on the chosen market, current traction, and ability to scale. The focus here was not on raised capital, but for insight these companies had already raised $3.4M on average (the median being $1.4M) and continued to receive more after applying. More information on the full list, including companies, full company profiles, and contact information are available in the full announcement from New York VC Network.>",https://indicio.tech/indicio-named-by-new-york-VC-network-in-their-list-of-the-most-exciting-early-stage-teams/,,Post,,Meta,,,,,,,,2022-01-28,,,,,,,,,,,,,
Indicio,Indicio,,,,,,,,,Indicio Named Finalist in IDC’s Inaugural Best in Future of Digital Infrastructure North America Awards,"The finalists have effectively used digital infrastructure across on-prem, edge and public cloud platforms to transform their most important business processes and to launch new digital business innovations. They are to be congratulated for their vision and industry leadership!","Indicio Named Finalist in IDC’s Inaugural Best in Future of Digital Infrastructure North America Awards By Tim Spring Seattle WA – September 14, 2021 – Indicio today announced it has been named a finalist in the inaugural IDC Future Enterprise, Best in Future of Digital Infrastructure North America Awards in the Ubiquitous Deployment category. The new awards were designed to highlight companies that demonstrate innovation and excellence in using cloud-centric computing to enable digital infrastructure resiliency, ensure consistent and ubiquitous workload placement and cost optimization across hybrid or multiple clouds, and take full advantage of autonomous operations. The Indicio Network is the world’s only professionally-managed, enterprise-grade Hyperledger Indy-based network for decentralized identity. Indicio facilitates a consortium of 23 diverse, forward-thinking companies on five continents that are driving the use of decentralized identity to improve privacy and security in fintech, healthcare, travel, and the Internet of Things (IOT). Node Operators include GlobalID, Liquid Avatar, IDramp, Bonifii, BizSecure, Entrustient, Blockspaces, Lorica Identity, and Networks Synergy. Learn more about the Indicio Node Operator Consortium membership. “Being named a finalist in the IDC Future of Enterprise awards recognizes not just the accomplishments of Indicio’s dedicated professionals who designed and built the network, but of everything our network’s Node Operator community has done to support its establishment and maturity in such a short period of time,” said Heather Dahl, CEO, and co-founder of Indicio.tech. “We created this network to enable businesses use the power of decentralized identity to create Trusted Data Networks. These transform the way we authenticate, share, and verify data in a secure, privacy-preserving way so that information from people and connected things can be trusted. We’re seeing our Node Operators apply this technology to an extraordinary range of use cases—and they’re able to do that because they have a professionally supported enterprise-grade decentralized network to build on.” Finalists joining Indicio in the Ubiquitous Deployment category are Toyota Financial Services for their Digital Infrastructure Transformation and US Air Force Cloud One. These organizations were recognized for their help to improve business agility and resiliency using outcome-driven infrastructure governance and portability enabled by subscription-based infrastructure consumption strategies and shared cloud management control planes. These initiatives often allow internal IT staff to offload infrastructure maintenance and support across widely dispersed locations by shifting to remote and intelligent vendor support and continuous technology refresh agreements. “We were overwhelmed by the number of thoughtful and strategic initiatives submitted and congratulate all the finalists named in our inaugural IDC Future Enterprise Best in Future of Digital Infrastructure North American Awards program,” said Mary Johnston Turner, Research Vice President for the Future of Digital Infrastructure – Agenda research efforts at IDC. “The finalists have effectively used digital infrastructure across on-prem, edge and public cloud platforms to transform their most important business processes and to launch new digital business innovations. They are to be congratulated for their vision and industry leadership!” Indicio Node Operators are responsible for supporting a copy of the Indicio ledger on the Indicio Network as well as guiding strategy and ecosystem development. The number and business a
Indicio,Indicio,,,,,,,,,Indicio.Tech Incorporates as a Public Benefit Corporation,"Indicio joins companies such as Patagonia and Kickstarter in embracing a corporate model that aligns shareholders and stakeholders around a shared mission to deliver a material benefit to society, not only through products and services and how they are made and delivered, but through prioritizing the welfare of employees, diversity and inclusion, and environmental impact.","New structure supports the company’s mission, values, and its belief that identity technology should serve the public interest. Decentralized identity is a transformational technology that can protect an individual’s privacy, enable their consent in data sharing, and provide a pathway to formal identity for hundreds of millions of people currently without any legal means of proving who they are. Indicio.tech was founded to advance decentralized identity through providing the kind of professional services and critical infrastructure that can catalyze adoption of this technology. Today, in recognition of the role it can play in building and shaping a technology for the greater good, Indicio, announces that it has reincorporated as a public benefit corporation (PBC). Indicio joins companies such as Patagonia and Kickstarter in embracing a corporate model that aligns shareholders and stakeholders around a shared mission to deliver a material benefit to society, not only through products and services and how they are made and delivered, but through prioritizing the welfare of employees, diversity and inclusion, and environmental impact. “When it comes to our digital lives, it is hard to think of a technological advance more beneficial to the public than decentralized identity,” says Heather Dahl, CEO of Indicio. “It will transform people’s digital lives by giving them control over who they are online and who they share information with. It will create identity for the hundreds of millions of people who currently lack formal, legal identity, which means giving them a way to access financial and health services. The advances in identity technology help us recover some of the lost, early idealism of the internet as a benefit to everyone. And while we know one company can’t save the world, we can take a stand about how the world can be a better place. Decentralized identity is our stand.” As a Delaware PBC, the company will operate under the same management structure and corporate and tax laws it does today and with the same commitment to strong growth and profitability. “Decentralized identity needs a variety of business models to rapidly scale,” says Dahl. “And we think for Indicio, the PBC model combines the best attributes of the traditional for-profit corporation with the public mission orientation of a nonprofit. We need to be agile. We need to be sustainable. We need to be innovative. And we need all of these qualities to be directed, without compromise, toward advancing decentralized identity.” “For Indicio, becoming a PBC means honoring the idealism of the open source community that brought decentralized identity technology into existence,” says Ken Ebert CTO. “This means open sourcing the infrastructure that we build, and by making interoperability the compass point that directs how we build for others. Indicio has already begun doing this by open-sourcing its monitoring tools package and the company is about to release more tools and services that will make it easier for companies to develop and use decentralized identity solutions.” As a PBC, Indicio will continue to pioneer architectural solutions and deliver superlative development and engineering support to its list of global customers, and it will do so by cultivating a company culture where employees and interns can get the professional development and mentoring they need in order to consistently deliver their best. “When we reflect on the values that inspired our launch, propelled our growth, and delivered for our customers, we want to bake them into our company,” says Dahl.
Indicio,Indicio,,,,,,,,,Paving the way to safer travel,"Indicio.tech, together with SITA and the Aruba Health Department, are trialing the Aruba Health App, a pilot that makes it easy for visitors to share a trusted traveler credential – based on their health status – privately and securely on their mobile device. This credential will provide access to participating hospitality sites on the island.","SITA, INDICIO PAVE WAY TO SAFER TRAVEL EXPERIENCE WITH LAUNCH OF ARUBA HEALTH APP Using blockchain, the app creates a secure travel credential that is accepted by airlines, hotels and hospitality partners without sharing private health information ORANJESTAD – 5 May 2021 – Indicio.tech, together with SITA and the Aruba Health Department, are trialing the Aruba Health App, a pilot that makes it easy for visitors to share a trusted traveler credential – based on their health status – privately and securely on their mobile device. This credential will provide access to participating hospitality sites on the island. Aruba is focused on rebuilding its tourism industry in the wake of the COVID-19 pandemic while ensuring that the risk of infection from people visiting the island is minimized. The island has been less impacted by the pandemic than many other countries globally and is open to most tourists. To ensure their safety, and those of the island’s residents, all tourists are required to provide a negative PCR test taken 72 hours before flying. Using the Aruba Health App, visitors to the island who have provided the required health tests to the Aruba government will be issued with a unique trusted traveler credential, using blockchain technology. This credential then can be verified by hotels, restaurants, and entertainment venues through the unique QR code on a visitor’s mobile device without sharing any private data. The digital credential also enables the Aruba government to restrict visitors from leaving their hotel rooms until they have received a negative PCR test result. Unlike immunity passports, these verifiable digital credentials are part of a technology known as decentralized identity, an evolutionary leap forward in individual privacy protection and security. It allows users to share only a trusted verification that they have the relevant documentation to complete their transaction, without having to share Personal information. This credential can be used across the journey. This trial is yet another step towards SITA developing a more durable, secure travel credential that could combine all travel documents such as passport, visa and health information into a single credential that puts the traveler’s privacy first. This credential will provide verification that a traveler has the right documentation, making border crossings more automated, with checks done before departure. Diana Einterz, SITA President for the Americas, said: “Giving travelers the ability to share verifiable health data with relevant stakeholders throughout their journey will help expedite the industry’s recovery. It is vital to ensure we open borders safely and securely, and this trial puts us one step closer to single travel token that will give passengers more control and convenience by allowing them to securely share their credentials with governments, airports and airlines from their mobile device.” A recent poll from IATA highlighted that 78% of passengers who took part in the survey would only use a travel credential app if they have full control over their data. Heather Dahl, CEO of Indico, said: “With the decentralized identity ecosystem we’ve built with SITA for Aruba, we’ve created a path to a better future. We can reopen economies and restart travel without people having to give up their privacy. We’re not just solving a pandemic problem, we’re solving a privacy and security problem. That’s because this technology was designed from the outset to respect a person’s right to control their own data and identity. Aruba and SITA have taken a global lead on privacy-first identity technology for trav
Indicio,Indicio,,,,Privatyze,,,,,Privatyze collaborates with Indicio to build a decentralized data marketplace,"“In a data-driven economy, we need a marketplace for data that’s inclusive and not exploitative,” said Heather Dahl, CEO of Indicio. “That means that participants can meaningfully consent to data transactions and do so in a way that enables zero-trust security. This just isn’t possible without decentralized solutions, and we are excited to work with Privatyze on building this solution.","The Privatyze team is excited to announce a collaboration with IndicioID to develop a robust, decentralized data marketplace. By Tim Spring Privatyze, an innovative startup for privacy-respecting data monetization solutions, has announced a collaboration with Indicio, a global leader in developing the infrastructure for trusted data ecosystems, to help guide the Privatyze team as they develop a robust, decentralized data marketplace using the Indicio Network. The new Privatyze platform will provide an open and secure peer-to-peer environment for market participants to trade data directly, with full user consent and support for enrollment and discovery. The result will be a more efficient, secure, and transparent platform than any offered by traditional data markets. Users can be compensated for the use of their data. It will mean that those with data to trade will be in complete control of the process, removing the data privacy and security problems of third-party data control. The use of verifiable credentials to manage authentication and decentralized identifiers to generate unique P2P encryption for every transaction will provide the zero-trust level of assurance needed for participation. “We are excited to partner with Indicio to deliver a world-class data monetization platform that meets the stringent security and privacy requirements of our customers,” said Madison Majeed, CEO of Privatyze. “With the rise of big data and the increasing demand for secure ways to monetize this information, this partnership represents an important step forward in the decentralization of data and the evolution of privacy-respecting technologies.” “In a data-driven economy, we need a marketplace for data that’s inclusive and not exploitative,” said Heather Dahl, CEO of Indicio. “That means that participants can meaningfully consent to data transactions and do so in a way that enables zero-trust security. This just isn’t possible without decentralized solutions, and we are excited to work with Privatyze on building this solution. This collaboration represents an important step towards the development of decentralized data markets and will help to promote data ownership, transparency, and privacy protection for all participants. About Privatyze: Privatyze is a San Diego based technology startup on a mission to end the Surveillance Data Economy, and siloed-centralized data monopolies, known to many as Surveillance Capitalism. To do this they’re enabling everyday people to take ownership of their digital footprint, data, and privacy and turn it into a valuable digital asset. Privatyze is empowering users to take control of their data by giving them the freedom to collect and store their own data and information, verify its validity, and take it to the marketplace; where they can claim their piece of the $300 billion big data and digital advertising industries. Privatyze was grown out of Launch Factory which brings together talented founders, elite advisors, seed capital, vetted technology, and an accelerator program to give entrepreneurs the unfair advantage they’re looking for. Launch Factory partner Bill Orabone said, “Privatyze is capitalizing on exactly the type of wide-ranging, big thinking opportunity we seek. Everyone knows that data privacy is a huge problem and Privatyze’s approach hits directly at its center.” Learn more about Privatyze at Privatyze.io About Indicio: Indicio builds software and infrastructure needed to create and manage Trusted Data Ecosystems for the exchange of high-value informat
Indicio,Indicio,,,,,,,,,What Indicio’s Seed Funding Means for Decentralized Identity Technology,"Our [new funding](https://apnews.com/press-release/AccessWire/technology-business-4dbf651613d76693bc479321f7b041f5)will be used to refine the open-source, decentralized-identity technology stack. We have the basic technology for a functional ecosystem, now we improve that functionality by adding all the features, user interfaces, and management tools that make it easier to deploy, use, and monitor.","Maturity and universality are now the goals Since the launch of Indicio two years ago, we have focused on identifying and filling in the gaps in decentralized identity technology that limited its functionality. Launching an open-source mobile agent and developing machine-readable governance were critical to delivering real-world solutions. As we saw how these solutions worked to solve problems, we came to understand how these components worked in concert to deliver what we now call a Trusted Digital Ecosystem. A Trusted Digital Ecosystem is our shorthand for the simultaneous impact of decentralized identity technology on authentication, communication, governance, privacy, and security. A Trusted Digital Ecosystem can be simple—indeed, as we advise our customers, it’s always better to start by solving the simplest use case first, see how the technology works, and then expand. Therefore, having a core set of interoperable components is essential. They can be arranged to manage increasingly complex interactions in any kind of informational ecosystem, and to facilitate interaction across ecosystems. Technology stack: From basic to universal Our new funding will be used to refine the open-source, decentralized-identity technology stack. We have the basic technology for a functional ecosystem, now we improve that functionality by adding all the features, user interfaces, and management tools that make it easier to deploy, use, and monitor. We will add new engineering team members to help design, implement, and test this new software. These engineering efforts will synergize with Indicio’s future technology roadmap which will focus on expanding the adoption of Trusted Digital Ecosystems in the marketplace. Our goal is for Trusted Digital Ecosystems to serve as complete solutions in many vertical markets and to be as easy to deploy as they are easy to use. Continuing our open-source community support The new funding will also enable us to continue and extend our work with the open-source community by providing leadership to working groups, code maintenance and review, and our own direct code contributions. We see open source as the key to both expanding decentralized identity and to continued innovation. At the same time, and following on our successful training workshops for the Hyperledger Foundation, we believe that ongoing education is critical. We have created the most comprehensive, hands-on training available in decentralized identity, whether in the basics or in the more technical aspects of the stack, and we will continue to refine these offerings—as well as develop new courses focused on how to implement complete solutions. Indicio has also pioneered “interop-a-thon” events, where companies and organizations come together to test their products and solutions for interoperability. With two interop-a-thons under our belt (hosted through the Cardea Project at Linux Foundation Public Health), we are more certain than ever of their importance to finding glitches, spurring adoption of standardized protocols, and fostering confidence in the technology. Interop-a-thons also provide a chance to see the future potential of verifiable credential systems that are interoperable, where, for example, a credential issued by a government can be used in a wide variety of contexts and thereby gain in value to issuers, users, and verifiers alike. It’s one thing to claim this as a possibility; it’s another to see it happen. We will devote more resources in the coming year to interop-a-thons because they are one of the clearest
Indicio,SITA,,,,Aruba Health Department,,,,,"SITA, Indicio pave way to safer travel experience with launch of Aruba Health App","SITA, together with [Indicio.tech](https://Indicio.tech/)and the Aruba Health Department, are trialing the Aruba Health App, a pilot that makes it easy for visitors to share a trusted traveler credential – based on their health status – privately and securely on their mobile device. This credential will provide access to participating hospitality sites on the island.","SITA, together with Indicio.tech and the Aruba Health Department, are trialing the Aruba Health App, a pilot that makes it easy for visitors to share a trusted traveler credential – based on their health status – privately and securely on their mobile device. This credential will provide access to participating hospitality sites on the island. Aruba is focused on rebuilding its tourism industry in the wake of the COVID-19 pandemic while ensuring that the risk of infection from people visiting the island is minimized. The island has been less impacted by the pandemic than many other countries globally and is open to most tourists. To ensure their safety, and those of the island’s residents, all tourists are required to provide a negative PCR test taken 72 hours before flying. Using the Aruba Health App, visitors to the island who have provided the required health tests to the Aruba government will be issued with a unique trusted traveler credential, using blockchain technology. This credential then can be verified by hotels, restaurants, and entertainment venues through the unique QR code on a visitor’s mobile device without sharing any private data. The digital credential also enables the Aruba government to restrict visitors from leaving their hotel rooms until they have received a negative PCR test result. Unlike immunity passports, these verifiable digital credentials are part of a technology known as decentralized identity, an evolutionary leap forward in individual privacy protection and security. It allows users to share only a trusted verification that they have the relevant documentation to complete their transaction, without having to share Personal information. This credential can be used across the journey. This trial is yet another step towards SITA developing a more durable, secure travel credential that could combine all travel documents such as passport, visa and health information into a single credential that puts the traveler’s privacy first. This credential will provide verification that a traveler has the right documentation, making border crossings more automated, with checks done before departure. Diana Einterz, SITA President for the Americas, said: “Giving travelers the ability to share verifiable health data with relevant stakeholders throughout their journey will help expedite the industry’s recovery. It is vital to ensure we open borders safely and securely, and this trial puts us one step closer to single travel token that will give passengers more control and convenience by allowing them to securely share their credentials with governments, airports, and airlines from their mobile device.” A recent poll from IATA highlighted that 78% of passengers who took part in the survey would only use a travel credential app if they have full control over their data. Heather Dahl, CEO of Indicio, said: “With the decentralized identity ecosystem we’ve built with SITA for Aruba, we’ve created a path to a better future. We can reopen economies and restart travel without people having to give up their privacy. We’re not just solving a pandemic problem; we’re solving a privacy and security problem. That’s because this technology was designed from the outset to respect a person’s right to control their own data and identity. Aruba and SITA have taken a global lead on privacy-first identity technology for travel, and their pioneering efforts are laying the foundation for a fairer world to come.” Dangui Oduber, Aruba’s Minister of Tourism, Public Health and Sport, said: “The Aru
Indicio,Indicio,,,,,,,,,Indicio’s Associateships: A starting point for the next generation of professionals,"Learning new skills in a new industry and technology is always good for growth, both Personally and professionally. It’s particularly important for those in college to be able dip their toes into different worlds off campus and get a sense of the kind of work they want—or don’t want—to pursue in life.","“I can’t think of anything I’ve done that I’ve been more proud of.” By Tim Spring Learning new skills in a new industry and technology is always good for growth, both Personally and professionally. It’s particularly important for those in college to be able dip their toes into different worlds off campus and get a sense of the kind of work they want—or don’t want—to pursue in life. Indicio is committed to finding and cultivating the next generation of technical and business professionals through our part-time Associates Program. Associates work side-by-side with experienced staff on all our key projects. It’s an intense learning experience with a ton of opportunities to learn new skills and take on responsibilities. Our unique position as an early-stage startup means there is much to do and our associates quickly get to see the impact of their work. It is not uncommon for new associates to be given a crash course on decentralized identity, maybe some relevant exercises to bring them up to speed, and then have them working on client projects within a week or two of accepting an offer. The team is, of course, always behind them to help with the quick transition and any questions they might have, but we believe our associates have what it takes to fix any problems a client may experience, and to interact with them to ensure our reputation for customer satisfaction at every step of the way. Specifically, this year saw the implementation of a more structured 90-day review and mentorship program that we are particularly excited about. While mentorship programs are fairly common, at Indicio we don’t require our associates to stay inside their team and, in fact, we encourage them to experience other parts of the business. An associate on the technical team might have a mentor in finance to give them a more well rounded view of the business and help with their career development. We hold 90-day reviews so associates and their managers can mark progress towards more long term goals and provide a chance for the associate to both receive and give feedback on the program. What former Indicio associates say about their experience “The Associate Program at Indicio has been great for me. I got the position while I was still in school, and I was able to work while I finished my degree. When I started, I only knew javascript, and I’d never worked on a mobile app before. I learned React Native on the job, and now I work on apps every day. After school, I went from associate to full-time without missing a beat, so the Indicio Associate Program totally jump started my career.” — Sabrina Jensen, Mobile Software Engineer, Indicio, former associate “I’ve appreciated the balance of challenge and support I’ve received as an Indicio associate. I’ve been able to work on client projects, take ownership of my tasks, learn new technical skills, and more with the help of a mentor and a team who is happy to answer questions and help out with issues.” — Char Howland, Software Engineer, Indicio, former associate “My associate experience at Indicio has been phenomenal. Initially, I was a little nervous; this was my first time programming for work rather than just for school. Beyond that, it was my first “office job” and my first time working from home. A few weeks into the program, after I’d gone through the orientation and trainings, I was given what turned out to be my favorite project I’ve ever worked on. Without going into too much detail, I was given a very basic structure and some project requirements and told to get to work. Of course, the team was super willing to offer help and g
Indicio,AccessWire,,,,,,,,,"Indicio Launches Proven, A Complete Trusted Digital Ecosystem For Sharing Actionable, Trustworthy Data","Indicio Proven is how you get actionable data without sacrificing privacy or security, said Heather Dahl, CEO of Indicio. ""What makes data actionable is that it can be trusted. You can prove its source. You can prove it hasn't been faked or tampered with. Decentralized identity has long been seen as the solution to the interconnected problems of verification, privacy, and security. With Indicio Proven, the marketplace now has a range of ready-to-use products to implement that solution and create Trusted Digital Ecosystems for sharing and verifying data at any scale.""","Indicio Launches Proven, A Complete Trusted Digital Ecosystem For Sharing Actionable, Trustworthy Data Authenticate and share high-value data, make it immediately actionable, preserve privacy and enhance security with Indicio Proven™, a complete, open source solution for using decentralized verifiable credential technology. SEATTLE, WA / AccessWire / July 20, 2022 / Indicio, the market leader in developing Trusted Digital Ecosystems to verify and exchange high-value information, today announced the launch of Indicio Proven™, its flagship solution for authenticating and sharing high-value data while preserving privacy and enhancing security. Indicio Proven is an off-the-shelf, end-to-end system that delivers open source technology to help companies, organizations, and public sector agencies deploy and configure their own interoperable trusted digital ecosystems using verifiable credentials. Proven data means actionable data. Indicio Proven is a solution that moves at the speed of business. Traditional processes for verifying digital data and identity are complex, costly, and ineffective at dealing with the challenges of digital commerce in an age of increasing fraud and friction. Proven can be quickly integrated into existing systems in a cost effective way. Companies can develop customer-centric solutions to meet the demands of an evolving digital marketplace. ""Indicio Proven is how you get actionable data without sacrificing privacy or security,"" said Heather Dahl, CEO of Indicio. ""What makes data actionable is that it can be trusted. You can prove its source. You can prove it hasn't been faked or tampered with. Decentralized identity has long been seen as the solution to the interconnected problems of verification, privacy, and security. With Indicio Proven, the marketplace now has a range of ready-to-use products to implement that solution and create Trusted Digital Ecosystems for sharing and verifying data at any scale."" Indicio Proven makes decentralized identity technology simple. It provides complete scalable components needed to get up and running fast: - Issuer and Verifier Agents: Simple software to connect, issue, and verify credentials; integration APIs available - Mobile App and Mediator: Software to enable users to download, store, and use a credential on mobile devices - Machine-Readable Governance: Agent software to establish trusted issuers and automate information flows via governance files - Distributed Ledger Network: Configuration and deployment on existing Indicio Networks or any Hyperledger Indy-based distributed ledger network or a custom, public or private network - Verifiable Credential Schema: A flexible template for creating a verifiable credential using open source and interoperable standards - Support and Training: Continuous customer support, field-leading training covering every aspect of Proven and Trusted Digital Ecosystems - Maintenance and Updates: Managed updates and comprehensive testing to ensure maximum performance Indicio Proven is built on the Hyperledger Indy and Hyperledger Aries codebases, the most widely used open source code for interoperable, decentralized identity solutions, leveraging AnonCreds and W3C credentials - and with years of contributions from Indicio and the active developer community, the most robust and advanced. This makes Proven interoperable with othe
Indicio,Indicio,,,,,,,,,Indicio expands workshops and introduces a new certification program,"Looking to get up to speed in decentralized digital identity and verifiable credentials? Our custom trainings and workshops are designed to provide key insights into fundamental use cases, dive deep into the impact of the technology, and offer both technical and nontechnical audiences the opportunity to ask the questions they need to continue their education in decentralized identity. Because nothing beats learning by doing.","Responding to strong demand, Indicio now offers certification upon completion of its virtual, instructor-led decentralized identity training. Technology provider Indicio.tech, a public benefit corporation advancing decentralized identity, today announced a new professional certification program. Program participants completing Indicio’s popular instructor-led workshops, including the newest workshops on the open source Hyperledger Aries Mediator Agent and Mobile Agent, are awarded certificates of completion issued in the form of a verifiable credential. “We first envisioned Indicio training as the gateway to understanding decentralized identity,” says Heather Dahl, CEO of Indicio. ”Decentralized technology, its terminology, and its technical process can be confusing to grasp on your own, even though the actual process of issuing, holding, and verifying credentials is surprisingly easy. So our thought was that we should give people the opportunity to learn about decentralized identity through hands-on activities guided by an experienced instructor. It turned out that this delivered the ‘aha’ moment for workshop participants and inspired them to want to know more.” “Building this into a certificate program recognizes the need and the demand for systematic training in our field,” says Dahl. “And it only makes sense the certificate is issued in the form of a verifiable credential, using the EntTrustient platform, an innovator in credentials for governments, education, employment, travel, health, and finance industries.” “We’re thrilled to support the issuance of Indicio’s training credentials for participants who’ve successfully demonstrated skills attainment and program completion.” says Tim Dutta, Chairman, and CEO of Entrustient, “Indicio’s workshops are designed to enable the next generation of trained professionals to be fluent in decentralized identity technology. By using Entrustient’s innovative, redundant, and decentralized distributed blockchain ledger platform, recipients of these credentials will now have full agency and the ability to provide a proof presentation of their earned accomplishments, to any third-party verifying organization that relies on certifications from Indicio, the original credential issuer.” Expanding decentralized identity curriculum The evolution of Indicio’s training workshops comes as companies and organizations are increasingly seeing decentralized identity as the solution to the longstanding challenge of verifying identity online, a critical process that has only become more urgent with the impact of the Covid pandemic on all aspects of our lives. Designed for participants ranging in technical experience, skill level, and area of specialization, Indicio’s workshops provide the groundwork needed for both business and engineering team members to build and run decentralized networks and the applications that run on them. Participants will receive a Certification of Completion and a verifiable credential that can be shared with peers and networks across social platforms and add ‘Decentralized Identity’ to their resumes. Indicio’s instructor-led workshops provide: - Hands-on learning covering each step of decentralized identity: These courses cover topics ranging from the fundamentals to network operations and agent mediation, with more courses expected to be added throughout the year. Additionally, self-paced labs and demos are also available providing further hands-on experience. - Certificate of completion: The instructor-
Indicio,Indicio,,,,,,,,,Prove it all with Indicio Proven,"Sometimes called “self-sovereign identity,” or “user-centric identity,” or “reusable identity,” the open source technology behind Proven provides an authoritative way to authenticate any data without having to check in with the source of that data — or go through a third party.","Indicio launches its marketplace solution to using and scaling verifiable digital credentials using open source technology. By Trevor Butterworth Today, we launch Proven™ — a complete, decentralized ecosystem for using verifiable credentials to create, share, and verify data of any kind while preserving privacy and enhancing security. It means the future’s here. Sometimes called “self-sovereign identity,” or “user-centric identity,” or “reusable identity,” the open source technology behind Proven provides an authoritative way to authenticate any data without having to check in with the source of that data — or go through a third party. “Verifiable credentials are a new foundation for trust in digital interaction,” says Heather Dahl, CEO of Indicio. “They are a simple, powerful solution to the internet’s missing verification layer for people — but they go way beyond that. They can be used to verify the identity of devices and digital objects; they can verify any kind of data associated with an identity. And they deliver breakthrough privacy and security features. This technology does so much that we say it creates “Trusted Digital Ecosystems.” Proven is designed to be a complete starter kit for creating your own Trusted Digital Ecosystem. It contains all the components needed to create, share, and verify data through verifiable credentials, along with continuous upgrades and customer support from Indicio’s experienced engineering team from integration through implementation. “We wanted to make it easy to start using verifiable credentials by giving people an off-the-shelf solution,” says Ken Ebert, CTO of Indicio. “To do that the product had to be complete. It couldn’t leave the customer searching for components and struggling with compatibility. It couldn’t leave the customer dependent on proprietary tech or struggling to master open source codebases. As leaders in the open source community, we believe open source is critical for adoption, scale, and innovation, but an unfamiliar codebase is still going to be a heavy lift for any development team. Proven removes this obstacle, while remaining fully open source so a customer can develop on it to meet their needs.” “We all believe in the power of this technology to solve chronic problems in digital interaction,” says Dahl, “but we also see Proven as a gateway to opportunity. We’ve seen our customers win awards for building Trusted Digital Ecosystems. Now, we want to seed that innovation as widely as possible. With our experience as market leaders in decentralized identity, we know what works. We know what’s needed. Proven is it.” To learn more about how you can implement Proven, you can get in touch here.",https://indicio.tech/prove-it-all-with-indicio-proven/,,Product,,Product,,,,,,,,2022-07-20,,,,,,,,,,,,,
Indicio,Indicio,,,,,,,,,Introducing the Indicio DemoNet—a new decentralized network for product demonstration,"The Indicio DemoNet joins the[Indicio TestNet](https://Indicio.tech/Indicio-testnet/), which is used for developing new technology releases, and the[Indicio MainNet](https://Indicio.tech/Indicio-mainnet/), which hosts mission-critical products and services. With the DemoNet, Indicio now provides a full suite of networks for decentralized identity development and deployment.","Business-critical decentralized identity product demonstrations now have a dedicated platform at Indicio. Indicio.tech, a public benefit corporation providing hosting and build services for decentralized identity ecosystems, today announced it has launched a new decentralized network to support business-critical demonstrations. The Indicio DemoNet joins the Indicio TestNet, which is used for developing new technology releases, and the Indicio MainNet, which hosts mission-critical products and services. With the DemoNet, Indicio now provides a full suite of networks for decentralized identity development and deployment. “The DemoNet completes our network offerings, filling an important gap in the journey from proof of concept to pilot to deployment,” said Heather Dahl, Indicio CEO. “Companies and organizations need a dedicated platform to demonstrate and showcase their technology before it makes the leap to public and commercial release. This is a critical moment for development teams, and Indicio has their back.” Typically, a company will develop on the TestNet, demonstrate on the DemoNet, and then launch on the MainNet. Unlike the TestNet, which is subject to repeated resets, the DemoNet provides the stability needed for product demonstrations. Indicio’s ecosystem of networks speeds up the time to launch—everything is in one place and supported by our industry leading team of engineers. The launch of the DemoNet comes after Indicio’s recent announcement of Cardea, a complete open-source project for verifiable health credentials that is now housed at Linux Foundation Public Health. Indicio now provides businesses and organization with a full ecosystem of decentralized identity products, all built on the Hyperledger community’s open source tools, a dynamic, collaborative Node Operator community supporting its networks, and a wide range of training and support services. Contact us to learn more.",https://indicio.tech/introducing-the-indicio-demonet-a-new-decentralized-network-for-product-demonstration/,,Post,,Resources,,,,,,,,2021-05-20,,,,,,,,,,,,,
Indicio,Indicio,,,,,,,,,One woman’s open-source journey to decentralized identity,"Noha Abuaesh, a Bahrain-based computer scientist, has been exploring decentralized identity for the last year, often with assistance from Indicio.tech’s open-source tools and free communications channels.","Noha Abuaesh, a Bahrain-based computer scientist, has been exploring decentralized identity for the last year, often with assistance from Indicio.tech’s open-source tools and free communications channels. She took a moment to answer some questions about her work and her journey in the decentralized identity space. (The conversation has been edited for length and clarity) What’s your background and how did you come to be interested in decentralized identity? I graduated computer engineering in 2007. My graduation project was in robotics. I worked as a technical writer for a while before I completed a master’s in computer science in 2014. My thesis was on embedded systems. Then, I became a dedicated homemaker until late 2018, when I decided to explore my career possibilities. I felt like one of the seven sleepers, (who slept for about 300 years to avoid persecution; they appear in both the Quran and Christian tradition —ed.) if you know their story. Because in the insane world of computer science, if you snooze for four years—or even less—it can feel like you have been sleeping for centuries! I really didn’t know where to start. Long story short, I took a couple of professional courses, then a nanodegree on blockchain development. I built some projects on Ethereum and Bitcoin. But it wasn’t until last year when I came through a LinkedIn post on self-sovereign identity. I was intrigued. So, I started reading about it, took an edX course on self-sovereign identity and Hyperledger technologies. I was blown away with the potential of this field. I knew I wanted to continue there. I thought, if I am to plan for the next five years of my career, I want to be in this area. What kind of decentralized identity work are you doing now? I am now building my first SSI wallet using Hyperledger Indy, experimenting with what can be done with it and exploring its possible use cases. It is command line-based, just a proof-of-concept kind of a thing. I can work on the interface later (or maybe never). There are many cool general-purpose SSI wallets out there with pretty cool user interfaces. What are your goals in exploring decentralized identity? Anyone who learns about decentralized technology knows the enormous potential it has in many different applications. Decentralized identity will touch the lives of billions of people in the future. It promises to be the magic wand to a lot of the problems many people are living with now. Who doesn’t want to be part of that? I am looking to be a field expert in this area, inshallah. I am really hoping I can do something with it for the good of humanity. What Indicio resources have you used in your explorations? I used Indicio’s TestNet. They have a strong support system. They also have documentation with very clear steps for what to do and what to expect when you run your software development kit. I couldn’t find that anywhere else. I made use of that and other articles as well. At some point, I left a note on their website, not really expecting anything. I was surprised to find their response in my mailbox a couple of days later. They offered a FREE 30-minute session to answer my questions! What have been your challenges or obstacles to overcome? Installing the Indy SDK on Windows was challenging for me. Either because it is the very first thing I faced when I decided to work on this, or because it really is a cumbersome process. Nevertheless, I got that working at the end, thank God. The community is relatively small. At first, my questions didn’t seem to get any attention when I posted them in the public help group. When you compare that with other developer communities that, sometimes, answer your questions within an hour or two, well — it was disappointing. It is really tough whe
Indicio,Indicio,,,,,,,,,Why the Indicio TestNet is the Best Way to Explore Decentralized Identity,"The Indicio Network contains three networks: a MainNet for hosting solutions, a DemoNet for demonstrating products, and a TestNet for development and experimentation. We’ve made the TestNet free for developers to use — making it ideal for exploring, building, testing, and demonstrating your ideas.","The Indicio TestNet is a robust platform that’s free to use for developers, making it the best way to dive into the powerful technology behind decentralized identity. By Tim Spring The Indicio Network contains three networks: a MainNet for hosting solutions, a DemoNet for demonstrating products, and a TestNet for development and experimentation. We’ve made the TestNet free for developers to use — making it ideal for exploring, building, testing, and demonstrating your ideas. Using the open-source technology of Hyperledger Indy, Ursa, and Aries, the Indicio TestNet has a stable 100% uptime, is monitored by professional staff, and offers limited technical support (for greater technical support we offer a range of highly competitive plans). Why Indicio? There are several decentralized networks that offer some form of testing network. But here’s why the Indicio TestNet is the best option: - It’s free - It’s professionally staffed and monitored: We don’t rely on volunteers to keep our networks running — our networks are supported by engineers whose job is to ensure they are always stable and accessible. - It’s stable: We understand the critical importance of network stability; the Indicio TestNet clocks at 100% uptime. - Tools are already set up for ease of use: We have a monitoring tool and a scanning tool already implemented; they can tell you which nodes are live and what has been recently written to the network at a glance. - Cross-network test ready: We see a future of interoperable credentials and networks. Our TestNet is ready to test your interoperability with other products from other networks. Issue and verify on multiple networks, explore the possibilities! - Straightforward governance: We believe in simple and streamlined governance with clear principles and rules. You’re here to build — not hear us philosophize! - Node Operator Program: For those that want to really dive into decentralized identity we offer the unique opportunity to host a node on the network. This will give you hands- on experience running part of the network as well as significantly more technical support. See the perks here: https://Indicio.tech/node-operator-program/ - Community resources: Because our network is based on open-source technology, we have a repository of additional resources we can point new users to for general information and assistance. This provides a more immediate place to seek help with your project in addition to the more hands on support offered by our technical team. The Indicio Network contains three networks: a MainNet for hosting solutions, a DemoNet for demonstrating products, and a TestNet for development and experimentation. We’ve made the TestNet free for developers to use — making it ideal for exploring, building, testing, and demonstrating your ideas. Using the open-source technology of Hyperledger Indy, Ursa, and Aries, the Indicio TestNet has a stable 100% uptime, is monitored by professional staff, and offers limited technical support (for greater technical support we offer a range of highly competitive plans). Why Indicio? There are several decentralized networks that offer some form of testing network. But here’s why the Indicio TestNet is the best option: - It’s free - It’s professionally staffed and monitored: We don’t rely on volunteers to keep our networks running — our networks are supported by engineers whose job is to ensure they are always stable and accessible. - It’s stable: We understand the critical importance of network stability; the Indicio TestNet clocks at 100% uptime. - Tools are already set up for ease of use: We have a monitoring tool and a scanning t
Indicio,Indicio,,,,,,,,,Indicio completes Hyperledger Indy DID Method—A Milestone in the Evolution of DID Interop,The Indy DID Method paves the way for Hyperledger Indy credentials to scale globally by allowing Indy networks to seamlessly interoperate and create a “network-of-networks” effect.,"The completion of the Indy DID Method by Indicio paves the way toward a network of networks. Verifiable credentials issued on multiple networks can now be verified by any agent that supports did:indy, affirming Hyperledger Indy and Hyperledger Aries as the most advanced framework for interoperable, decentralized identity By Ken Ebert Network interoperability has taken a major leap forward with the release of the Indy DID Method for Hyperledger Indy-based networks. With this new upgrade, completed by Indicio, verifiable credentials issued on a specific Hyperledger Indy network can now be resolved by any agent supporting the did:indy method regardless of which Hyperledger Indy network the verifying agent might use to anchor its issuing DIDs, schemas, or credential definitions. The Indy DID Method paves the way for Hyperledger Indy credentials to scale globally by allowing Indy networks to seamlessly interoperate and create a “network-of-networks” effect. The Indy DID Method was also needed to bring Hyperledger Indy—the most popular open-source codebase for creating robust distributed ledger networks for identity—into sync with the more recent World Wide Web Consortium (W3C) Decentralized Identifier (DID) Specification. The Indy DID Method originally began as a community development effort within Hyperledger Indy. Earlier this year, the government of British Columbia, Canada, announced a “Code with Us” challenge, to push the effort to completion. The challenge was won by Indicio and, thanks to the hard work of our talented engineers, the Indy DID Method is now available to the entire Indy community. It’s hard to understate why this is a really important step forward for decentralized identity adoption. It means adding the potential of scale to every deployment, which is something we and all our customers want. With interest in verifiable credential technology increasing every day, the timing could not be better. It’s also important to recognize that this is the kind of the rapid innovation that can be achieved in open source technology when a nonprofit-led community, a government, and an enterprise collaborate. We are enormously grateful to the government of British Columbia for sponsoring this “Code with Us” challenge. We also applaud it: This is a model for open source infrastructural innovation that governments everywhere should learn from and follow. The next step is for networks and agent frameworks to incorporate did:indy into production software stacks. This community adoption will increase the viability of the Indy and Aries project stack and position it to be the globally dominant way to issue and share verifiable credentials in a multi-ledger world. *** The Indicio team would like to thank BC Gov for funding this work and Dominic Wörner, another contributor to the Code With Us challenge, for his work on Indy VDR. - Where to find the work:PR to Indy Node: https://GitHub.com/Hyperledger/indy-node/pull/1740PR to Indy VDR: https://GitHub.com/Hyperledger/indy-vdr/pull/84Indy HIPE about did:indy: https://GitHub.com/Hyperledger/indy-hipe/tree/main/text/0164-did-indy-methodDemo: https://GitHub.com/Indicio-tech/did-indy-demo - Where to ask questions:Daniel Bluhm (Indy Node questions)Discord: dbluhm#9676GitHub: https://GitHub.com/dbluhmDominic Wörner (Indy VDR questions)Discord: domwoe#9301https://GitHub.com/domwoe",https://indicio.tech/indicio-completes-hyperledger-indy-did-method-a-milestone-in-the-evolution-of-decentralized-identity-network-interoperability/,,Post,,Standards,,,,,,,DID:Indy,2022-05-10,,,,,,,,,,,,,
Indicio,Indicio,,,,TOIP,,,,,Machine Readable Governance is the Key to Scaling Decentralized Trust,"We’re not convinced that “constraint” is the right theoretical approach for an emerging technology, especially one that is being deployed in different sectors for different use cases. To underscore this, we want to address a particular constraint implied by ToIP’s design concepts that is likely to be fatal to any deployment.","Where do you put a trust registry in a decentralized digital ecosystem? Not where it turns into a wrench The Trust over IP Foundation has just published a long document describing a set of design principles “to inform, guide, and constrain the design of… decentralized digital trust infrastructure.” We’re not convinced that “constraint” is the right theoretical approach for an emerging technology, especially one that is being deployed in different sectors for different use cases. To underscore this, we want to address a particular constraint implied by ToIP’s design concepts that is likely to be fatal to any deployment. This follows from the design concept of “transitive trust,” which can be summarized by the deduction that If A trusts B and B trusts C, then A can trust C. In other words, if a Verifier trusts an Issuer, it should logically trust a Holder bearing a digital credential that is verified as being from that Issuer. This is how passports work. To scale this “trust triangle” for ecosystems where there are many, many issuers of digital credentials, ToIP proposes that the triangle must become a “governance trust diamond,” where a governance authority rules on which Issuers can be trusted by Verifiers. This sounds reasonable and straightforward; someone, inevitably, is going to set the rules for an ecosystem and we need to acknowledge that someone in the architecture. How could any verifier know all the possible issuers of a particular kind of credential (say a lab test result) in anything but a very small network? Wouldn’t the simplest way be to ping a trust registry or a rules engine under the control of a governance authority to get that information? Yes and no. Yes, because all ecosystems are going to need governance; no, because governance handled through a centralized trust registry or rules engine will, at best, be inefficient, and at worst, be unworkable. If it doesn’t work offline, it doesn’t work. The fundamental problem with a centralized trust registry is that it’s dependent on real-time calling and this makes the whole system dependent on being able to make those calls. What happens when the connection goes down — or the Internet connection is weak or intermittent? You can’t have a trusted ecosystem that is only capable of delivering trust some of the time. There is, however, a simple solution to this fatal system error—decentralize the governance so that the trust registry rules are cached locally, in the software for issuers, holders, and verifiers. This means these rules will work offline. We call this “machine-readable governance.” Instead of calling the trust registry to verify in real time, governance authorities publish their rules in files that can be quickly uploaded and propagated across participants in a network. This has the added benefit of making verification quicker as there is no need to check in with an intermediary. Think of machine-readable governance as a “smart” trust registry — it makes the governance authority portable. There’s also another significant benefit to using machine-readable governance: it allows for more complex governance interactions such as “A trusts B and B trusts C, but A only trusts C for some purposes or in some contexts.” A machine-readable governance file makes these “if this, then that” governance rules easy to implement without any sharing of private information with a trust registry. Diamond of Trust or Ring of Power? We understand that in any ecosystem for verification and data sharing, there needs to be a governance function—where people get to enact governance as t
Indicio,Indicio,,,,,,,,,Scale Your Decentralized Identity Solution by Upgrading to the Indy DID Method,"Again, the Indy DID Method is not an optional upgrade. It’s a major development that delivers interoperability.","Indicio takes the stress out of managing this essential upgrade with two new integration packages By James Schulte The Hyperledger Indy DID Method is a major step forward in interoperability. As Indicio’s CTO, Ken Ebert put it, “The Indy DID Method paves the way for Hyperledger Indy credentials to scale globally by allowing Indy networks to seamlessly interoperate and create a ‘network-of-networks’ effect.” But this can only happen if all those currently using Hyperledger Indy and Hyperledger Aries update their operating systems, nodes, and agents to use the new Indy DID method. We can’t overemphasize this enough: If you want interoperability between Indy networks, you really have to have this. These code changes build in the resolution of DIDs, schemas, and other ledger objects to the network which contains them.Without these code changes it is very difficult to support multiple networks. We understand this can be a time consuming process and, in the case of upgrading agents, it could be a heavy lift. So why not let the authors of the code implement it for you? Enter Indicio’s DID:Indy Integration Service Packages! Two packages: One for agents and one for networks Upgrading customer agents is the most complex part of the process and where you’ll benefit most from knowledgeable implementation. We’ll also provide all the training you need to use the new update. Agent Package - Cloud Agent updates for issuers, verifiers, and holders - Mobile Agent updates for holders We can also upgrade your networks if you want to save time—or you don’t have a network operations person to do this work for you. Networks Package - Full network operating system updates - Node software updates for each running node Again, the Indy DID Method is not an optional upgrade. It’s a major development that delivers interoperability. We’re here to make it simple and stress free. Contact us for further information!",https://indicio.tech/scale-your-decentralized-identity-solution-by-upgrading-to-the-indy-did-method/,,Post,,Standards,,,,,,,DID:Indy,2022-05-23,,,,,,,,,,,,,
Indicio,Indicio,,,,,,,,,The Perfect Signature Style is the Enemy of the One that Works Today,BBS+ signature styles are not going to be ready for deployment anytime soon. This is precisely why you should build today and in a way that allows you to add them later.,"BBS+ signature styles are not going to be ready for deployment anytime soon. This is precisely why you should build today and in a way that allows you to add them later. Sam Curren, Senior Architect New technology is inevitable: some of it will be evolutionary, some of it will be revolutionary; some of it will eat your business, and some of it might change the world and make life better. How do you know when to wait and when to jump? This is the dilemma for many people looking at decentralized identity right now. Is it ready to be implemented, are there “off-the-shelf” products I can use—or will it all be so much better next week or in a month or in a year? The dilemma seems to divide the decentralized identity community. Standards groups and initiatives advocate for the best possible solution, in the hope that it will eventually exist, while companies building solutions—like Indicio—say “build now because what we have works and works well and can be added to later. The ‘better’ may never come but the good—especially if open source—will continually get better and be relatively easy to upgrade.” But we believe our position is not just a matter of business logic: There’s a massive downside to letting failing technology—our current centralized and federated ways of managing identity—continue to fail businesses and consumers, citizens and governments. This downside is vastly greater than any of the differences between decentralized identity technologies that can be used today, those in development, and those hypothesized as being available sometime in the future. Don’t turn BBS+ into a minus This issue is not abstract. Right now, there is much discussion around JSON-LD BBS+ being “the” standard for managing verifiable credential key signatures in decentralized identity systems. The Good Health Pass, for example, recommends BBS+ for Covid digital credentials. BBS+ is good and Indicio is excited about adding it to its options for customers building decentralized solutions. But we can’t do so because BBS+ is still under development and it’s unclear when the final version will be available. Meanwhile, we have JSON-ZKP-CL Signatures that provide the ingredient BBS+ is working to add: privacy preserving predicate (zero-knowledge) proofs and blinded identity binding. Predicate proofs mean that you are able to generate a proof of something—such as age—without having to disclose the actual information, and they are a boon to preserving privacy. When thinking about BBS+, it is important to remember that credential format is just one part of a larger system that must be developed. Governance, Issuance and Verification agents, Holder apps, and more all need to be implemented; user experience must be developed; business relationships created: Decentralized identity is an ecosystem of infrastructure, software and governance working together as a product. All of these things can be deployed using existing production-ready credential formats. And the gains made now will translate into the future adoption of BBS+. The bigger point is this: Decentralized identity is at a breakthrough point. Governments in Canada and Germany have decided that verifiable credentials are the way forward; pilots and consumer products are being unveiled on a weekly basis. This is not the moment to say, “let’s wait; ” this is the moment to say “let’s scale.” At Indicio, we’ve shown how to make decentralized ecosystems work to solve real problems for lots of customers. In building, we’ve advanced the tech. In advancing the tech, we’ve built more solutions. This is the virtuous cycle of innovation and scale that we’re creating. We will add BBS+ into our products when it is available. But until then, we’re going to build solutions that BBS+ can
Indicio,Indicio,,,,,,,,,Trust Registry or Machine-Readable Governance?,"The world will move towards decentralized identity if we make it easy for them to do so—and easy means, above all, fast. The solution is machine readable governance—a smart way of implementing rules for how to manage trust.","The world will move towards decentralized identity if we make it easy for them to do so—and easy means, above all, fast. The solution is machine readable governance—a smart way of implementing rules for how to manage trust. If you want a high-speed train to go fast, you need the right kind of track. It needs to be laser-straight, have few, if any, crossings, and be free of slower freight trains. Unfortunately, the U.S. has, mostly, the wrong kind of rails: lots of crossings, lots of freight trains, and lots of curvy and unaligned tracks. One section of the Northeast Corridor can’t handle train speeds above 25mph. And while billions will soon be spent on new high-speed trains that are lighter, more capacious, and more energy efficient, they will still run on the same rails at the same speeds. As we race ahead with decentralized identity networks—Ontario’s announcement of its Digital ID program is the most visible sign yet that we are in an accelerating phase of a paradigm shift on identity—we face lots of infrastructural choices, the answers to which could put us in an Amtrak-like bind. If you think of a decentralized identity network as a set of rails that allow information to be issued, shared, and verified, this process should be as frictionless and fast as possible; and it is, because it is powered by software—called agents— that enable consent and trust at every point in the system. Once you decide that an issuer of a verifiable credential is trustworthy, verifying their credentials is straightforward. You can also apply all kinds of rules at the agent level to govern more complex information requirements in a frictionless, automatic way. A verifier agent could be programmed to accept only certain kinds of tests from a laboratory, or only tests from approved laboratories at a national or international level. The ability to do this instantaneously is essential to adoption. This is why machine-readable governance, which takes place at the agent layer, is integral to the successful deployment of any kind of decentralized trusted data ecosystem: It’s a real-time way to handle governance decisions—the Boolean choreography of ‘if this, then that’— in the most frictionless way possible. This also means that a network can organize itself and respond as locally as possible to the constant flux of life and changes in information and rules. Not everybody wants the same thing or the same thing forever. Machine-readable governance therefore functions as a trust registry—literally a registry of who to trust as issuers and verifiers of credentials—and as a set of rules as to how information should be combined, and for whom, and in which order. It can also power graphs—sets of connections—between multiple registries. This means that different authority structures can conform to existing hierarchical governance structures—or to self-organize. Some entities may publish their ‘recipe’ for interaction including requirements for verification, while others may simply refer to other published governance. When everyone knows each other’s requirements, we can calibrate machine-readable governance to satisfy everyone’s needs in the most efficient way possible. Choreographing this complex workflow at the agent level delivers the speed needed by users. The elements of machine-readable governance Machine-readable governance is composed of elements that help to establish trust and enable interoperability: trusted participants, schemas (templates for structuring information in a credential), and rules and flows for presenting credentials and verifying them. Machine-readable governance can be hierarchical. Once a governance system is published, other organizations can adopt and then amend or extend the provi
Jolocom,,Jolocom,,Joachim Lohkamp,W3C; DIF; INATBA; ESSIFLab; EBSI; T-Labs; IOTA,"European Union, Germany, Berlin",Europe,,,JoloCom,"Jolocom builds global infrastructureto support decentralized digital identity management.Smart agents own and control the data that defines them, a prerequisite for self-sovereign identity. ",,https://www.jolocom.com,,Company,,Company,Enterprise,ID,SSI,,Smart Wallet,"Ethereum,BigchainDB","Verifiable Credentials,DID,Social Linked Data",2002,https://github.com/jolocom,https://twitter.com/getjolocom,https://www.youtube.com/channel/UCmpF6TdeLM2H6XcpZI2ceBg,https://stories.jolocom.com/,https://stories.jolocom.com/feed,,https://www.crunchbase.com/organization/jolocom,https://www.linkedin.com/company/jolocom/,https://jolocom-lib.readthedocs.io/en/latest/,,,,
Jolocom,Jolocom,,,,Solid,,,,,Trusted Data Sharing with Social Linked Data (Solid) and Ethereum,"At the core of Solid is the WebID, which Jolocom integrates with the Ethereum blockchain, to build a self-sovereign digital identity that allows you to represent yourself and to enrich your data with semantic meaning. Besides that and storing data, it also lets other applications ask for your data. Solid authenticates the DApps (Decentralized Applications) through Access Control Lists (ACLs) and if you’ve given access permission to the requester of the data, the Solid server delivers it.","Trusted Data Sharing with Social Linked Data (Solid) and Ethereum This post intends to give the reader a perspective on how Jolocom brings trusted data sharing to IoT (AGILE is a H2020 project). It should provide essential value to the user, not only but also in context of the internet of things, and not least to benefit from the EU’s General Data Protection Regulation (GDPR). The original idea of the World Wide Web To start with, the vision of Jolocom aligns with the original idea of the World Wide Web, which was distributed: everyone would have their own node (e.g. home page), everyone would share their content (e.g. blog posts), and everyone would own their own data. The web consisted of nodes connected through links with no center. Jolocom wants to help reclaiming this vision that everyone owns their own node (digital identity) and that every node can communicate with any other node, with no intermediation (e.g. centralized platform). The dominating power of a few Today a handful of companies dominate vast parts of the web’s activities — Facebook for social networking, Google for searching, Paypal for payments or eBay for auctions, Samsung/IBM for IoT — and they actually own the data their users have provided and generated. Ergo these companies have unprecedented insight and power over us. They can influence and nudge us without our knowledge, which gives them not only a huge competitive advantage, but also interferes with fundamental values of society and the right for privacy. Social Linked Data (Solid) and Blockchain (Ethereum) Jolocom uses a decentralized software architecture that is very promising. It was initiated by Tim Berners-Lee who invented the web and gave it to us as a gift, free and open source. His new project is called Solid (“social linked data”) and it allows you to own your own data, while also using it with only the applications you want to use. With Solid, you simply store your data in your own Personal Data Store (PDS; in Jolocom’s case: a Solid Server), which is hosted wherever you wish. At the core of Solid is the WebID, which Jolocom integrates with the Ethereum blockchain, to build a self-sovereign digital identity that allows you to represent yourself and to enrich your data with semantic meaning. Besides that and storing data, it also lets other applications ask for your data. Solid authenticates the DApps (Decentralized Applications) through Access Control Lists (ACLs) and if you’ve given access permission to the requester of the data, the Solid server delivers it. Here’s a concrete example.You might store data from your IoT devices or sensors in your own PDS: the sort of data about yourself that would normally be uploaded directly from your IoT device to a third party. That way if someone built a new DApp, to offer specialized services to people, you could join it by using your WebID. To share information with others (individuals or organisations), you simply give them permission to access the appropriate information in your PDS. The data in your PDS would remain your own, in every sense of the word: fully under your control, stored where you choose, and usable only by an Organization’s WebID that you’ve given permission to. The fantastic thing about Solid is that it does all this without having to centralize information in hands that we can’t- and too often also should not — fully trust. General Data Protection Regulation (GDPR) Users are becoming increasingly aware of the need
Jolocom,Jolocom,,,,T-Labs; BigchainDB; IOTA; Riddle+Code,,,,,PRESS RELEASE: T-Labs (Deutsche Telekom) announces project with major blockchain startups,"Benefiting from the expertise in Berlin, T-Labs partnered with BigchainDB, IOTA, Jolocom and Riddle & Code to abstract the complexity of blockchain development for enterprises. With the prototype developers can combine different DLTs to enable decentralized storage, identity management, smart contracts and payments. This allows enterprises to build a decentralized back-end in a matter of minutes.","PRESS RELEASE: T-Labs (Deutsche Telekom) announces project with major blockchain startups The blockchain group, from the Deutsche Telekom Innovation Laboratories (T-Labs) launched its prototype operating stack service this week at the Bosch Connected World (BCW) 2018 conference and hackathon. The service was created to simplify the decision-making process for developers wondering which blockchain technology to use… Dear Reader, We have moved this article to Jolocom Logbook, our official new blog since 1st July 2020. For the full story, visit Jolocom.io/blog/press-release-t-labs-deutsche-telekom-announces-project-with-major-blockchain-startups",https://stories.jolocom.com/press-release-t-labs-deutsche-telekom-announces-project-with-major-blockchain-startups-e6ac451d8b3,,Press,,Ecosystem,,,,,,,,2020-07-04,,,,,,,,,,,,,
Jolocom,DWebMeetup,,archive,,,,,,DWebMeetup,Jolocom's lightning talk at DWeb meetup - Self-sovereign Identity In Germany,"A brief video introduction to use cases, strategies and challenges of the four German SDI projects.","Due to a planned power outage on Friday, 1/14, between 8am-1pm PST, some services may be impacted. Search the history of over 778 billion web pages on the Internet. Capture a web page as it appears now for use as a trusted citation in the future. Please enter a valid web address 112 Views Uploaded by Unknown on March 26, 2021",https://archive.org/details/jolocom-at-dweb-march-self-sovereign-identity-in-germany,,Video,,Ecosystem,,,,,Recap,,,2021-03-26,,,,,,,,,,,,,
Jolocom,Jolocom,,,,,,,,,5 years of decentralizing identities,"Joachim kicked off the conversation with a recap of Jolocom stemming from its initial founding in 2014. Why did Joachim decide to found Jolocom as a decentralized identity company? Read the full story here. Beyond the tech, Joachim also touched on the importance of community and building the space into a vibrant network of individuals committed to the values of decentralization. In this spirit, this was also the year he worked with Brewster Kahle and Wendy Hanamura of the Internet Archive to found Get Decentralized.<br>","We were elated to do just that with 50+ partners, friends, teammates — new and former — community members and +1s of all kinds at our new home in Betahaus Kreuzberg. 2014 Joachim kicked off the conversation with a recap of Jolocom stemming from its initial founding in 2014. Why did Joachim decide to found Jolocom as a decentralized identity company? Read the full story here. Beyond the tech, Joachim also touched on the importance of community and building the space into a vibrant network of individuals committed to the values of decentralization. In this spirit, this was also the year he worked with Brewster Kahle and Wendy Hanamura of the Internet Archive to found Get Decentralized. 2015-2016 Eugeniu then came on to speak about early Jolocom products from a developer’s point of view. Where we originated with the Freedom Box, a privacy-oriented Personal server running SOLID (social linked data) to enable Personal data storage wherever you wish, to our development of our first lightweight wallet, Little Sister (the opposite of Big Brother), to the decentralized identity Wallet, library, and protocol that Jolocom is proud to showcase today. It was during this time (January 2016) that we joined the Agile Horizon 2020 project to provide a trusted data sharing provider using SOLID and Ethereum for IoT devices. Want to learn more about our early work with Horizon 2020 and our tech of the day? Check here. 2017 Kai then expanded by providing an overview of some of our more recent work with partners and other community members like: - Deutsche Telekom T-Labs and Riddle&Code to build a fully decentralized emobility ecosystem - Stad Antwerpen, the Flemish government innovation procurement department, VICTOR, and Digipolis to bring decentralized identity services to municipal employees and citizens in Flanders - INATBA, the International Association of Trusted Blockchain Applications, of which Kai is a newly elected Board Member - Bundesblock, of which Joachim was a founding member, and with whom we authored the Self-Sovereign Identity Position Paper #SSIPaper with other leaders in the SSI space Many, many more were mentioned during the event. For more information on who we are working with, visit our partners page. 2018 Ira took the stage next to talk about design at Jolocom. Key to creating products usable by people are good UX and UI. Ira highlighted how she created a new visual identity for Jolocom with input from the team and built the interfaces you see when you interact with Jolocom — both online and off! — today. Ira also gave an introduction to #DWebDesign, one of three DWeb meetup communities. For more and upcoming DWeb Design events, visit the DWeb Berlin page on Meetup. For more on past events and words from Ira, check out our Design stories. 2019 Evolved from the GetD community but with its rebrand and launch in March 2019, DWeb continues to be a thriving community with chapters in Berlin and San Francisco with new branches (soon to be!) cropping up in Toronto and more. Ellie elaborated on Jolocom’s work as curators of the DWeb Berlin community with a look back at some of our past events, and a look ahead at the culminating event — DWeb Camp — slated to take place July 2019. Registration is open now. For more: Lastly, the newest members of our team introduced themselves and what they do here at Jolocom. On the development side that meant a brief hello from Charles, Sean Li and Mina, our newest developer from Cairo and from S
Jolocom,Jolocom,,,,,,,,,Eight Years of Jolocom,"On our 8th birthday, we are grateful to look back on milestones, developments, and challenges that we have overcome. Beyond the tech, we believe in the importance of community and building a space for individuals and companies that are committed to the values of decentralization. We are happy to share our story. ","Jolocom’s role is to empower everyone and everything capable of having a self-sovereign identity to freely communicate and share information with each other. Based on this principle, our company was founded back in 2014. While a lot has changed since then, our mission still remains the same. Read the full story of why Joachim Lohkamp decided to found Jolocom as a decentralized identity company here. On our 8th birthday, we are grateful to look back on milestones, developments, and challenges that we have overcome. Beyond the tech, we believe in the importance of community and building a space for individuals and companies that are committed to the values of decentralization. We are happy to share our story. We especially and sincerely thank all of our partners, communities, advisors and individuals who have been contributing to what Jolocom is today. 2015-2016 These years saw the development of our first lightweight wallet, Little Sister (the opposite to Big Brother), the decentralized identity Wallet, library, and protocol. It was during this time (January 2016) that we joined the Agile Horizon 2020 project to provide a trusted data sharing provider using SOLID and Ethereum for IoT devices. Want to learn more about our early work with Horizon 2020 and our tech of the day? Check here. 2017 As cannot be stressed often enough, we strongly believe in the spirit of community and are thus proud to work with a bunch of partners that inspire and motivate us further. Some of those include: - Deutsche Telekom, T-Labs and Riddle&Code to build a fully decentralized emobility ecosystem - Bundesblock, of which Joachim was an intitator and founding member, and with whom we authored the first of its kind Self-Sovereign Identity Position Paper #SSIPaper, with many leaders from the SSI space - Stad Antwerpen, the Flemish government innovation procurement department, and Digipolis to bring decentralized identity services to municipal employees and citizens in Flanders - INATBA, the International Association of Trusted Blockchain Applications, of which Kai is a Board Member For more information on who we are working with, visit our partners page. 2018 Jolocom released its technical whitepaper, a comprehensive introduction to the Jolocom Protocol for digital identity. Those principles also found their way into our next edition of the SmartWallet (replacing the alpha version from March 2017), which was released in March 2018, running on our decentralized identity protocol. Furthermore, we joined the “Blockchain on the Move” Project, partnering with the Flemish government, the goal being to return control over their identity data back to citizens. 2019 One of our principles is that of interoperability. To apply it in practice, we took part in an interoperability focused proof of concept. The scope of the project was to achieve interoperability across a multistep use case, called OSIP 2.0. In the same year, we had the pleasure of traveling to the headquarters of Deutsche Telekom in Bonn for the official launch of Xride. This fully decentralized e-mobility pilot was initiated by T-Labs and built in collaboration with Riddle & Code, Bundesdruckerei, Simple Mobility, and Jolocom. Find out more about our role in this project here. Started in 2014, the DWeb community took off in February 2019 and soon formed a thriving network of Nodes with Jolocom as the leader of DWebBLN Node (formerly Digital Identity Meetups Berlin). 2020 Starting the new decade right, Jolocom participated as SSI technology provider in 4 of 11 competing regional showcase projects developing ecosystem solutions. The Schaufenster Sichere Digitale Identitäten (SDI) innovation competition was funded by the German Fe
Jolocom,Jolocom,,,,,,,,,FAQ,"We get a lot of question in regard to what we are doing and what our solution is all about. We think now is a good time to do our first round of FAQ. This post is intended to be a living document. We will update it frequently to keep it current and relevant. So in case you have questions that are not covered here or on our webpage, feel free to drop it as a comment directly under this post or contact us via Twitter.","FAQ We get a lot of question in regard to what we are doing and what our solution is all about. We think now is a good time to do our first round of FAQ. This post is intended to be a living document. We will update it frequently to keep it current and relevant. So in case you have questions that are not covered here or on our webpage, feel free to drop it as a comment directly under this post or contact us via Twitter. Questions covered are: - What Problem does Jolocom solve? - Who is the target group? - What is the SmartWallet? - What are claims and verified claims? Where is the difference and why should I care? - How does Jolocom treat my data and what is the Personal store? - If developers are interested, what can they use? - What are the advantages for services/apps/dapps? - What do you store on the Blockchain? - How can I verify my information? - Can I also verify my own claims or from others?…coming soon - Can I find the app on appstore? - What is your Roadmap? …coming soon - How can I contribute? …coming soon Let’s get started! 🚀 What problem does Jolocom solve? It’s 2017. When we look around us we see a world which is dominated by data slavery. In this world a few big companies own a big share of your data. Although you are the one generating this data, you don’t control it nor own it, and you are definetly not the one monetizing it. You pay with your privacy and navigate the chaotic digital lanscape with numerous usernames and passwords suppling the data silos of big corporations with a never ending stream of your Personal data. At Jolocom we want to change this. We think that we need to move away from data slavery to a world of data sovereignty where you are in control of your data. Taking control of your data starts with your Personal information — with your identity. We are developing a solution to realise this vision. Who is the target group? Jolocom’s user facing app is the SmartWallet. This app is geared towards data conscious people who want to take back control of their data footprint and effortless navigate the digital world. What is the SmartWallet? The SmartWallet is our app facing the user. Think of the SmartWallet like your normal physical wallet where you carry your IDs and money, but with smart functionalities on top. The SmartWallet is an app that lets you manage your identity related data like email address, phone number, or ID card. Get an overview over your Personal details and verified information easily with our app. Like with the physical wallet in the real world, you can use the SmartWallet in the digital world to identify yourself or pay for things (currently only ether are supported). So next time when you would like to register with a car sharing company, you can use the SmartWallet app and log in with one click instead of creating usernames and passwords. Privacy lies at our heart, so we make sure that your data stays private and you are always aware and in control which data you share with whom. So in the case of the car sharing company, you would be prompted with a screen which shows exactly the information requested by the company, leaving you the choice to accept or decline their request. All your data is stored and managed in your ‘Personal store’ which you control. Jolocom has no access to this store, nor does anybody else without your permission. In case you grant access to another party to information in your store, like your drivers’ license in our car sharing company example, you can always revoke it. Moreover, you can always quickly and easily check which service has access to which data. This provides you
Jolocom,Jolocom,,,,,,,,,ID-Ideal as an integrated solution,"The starting point is the fact that every user has 70 digital identities online. Why not introduce one single secure digital ID solution to merge all of those identities? ID-Ideal is one way of many, offering an integrated solution or a middle way so that many identities can be supplemented by a single, secure digital ID solution.","In the ID-Ideal project, Jolocom brings sovereign identities and SSI into a single wallet. To improve efficiency and interoperability in the digital space, Jolocom presents the ID-Ideal project. The starting point is the fact that every user has 70 digital identities online. Why not introduce one single secure digital ID solution to merge all of those identities? ID-Ideal is one way of many, offering an integrated solution or a middle way so that many identities can be supplemented by a single, secure digital ID solution. The project is part of the competitive innovation program “Showcase Secure Digital Identities” (SSDI) funded by Germany’s Federal Ministry for Economic Affairs and Energy (BMWi) and one of four projects that qualified for the implementation phase. Jolocom is a partner in three of the four SDI implementation projects, to which it will lend its expertise in self-sovereign identity and years of experience in developing digital identity wallets. Other projects include “ONCE” and the “SDIKA” project. The SDI projects are special because they bring competitors around the table who are working together on one solution. In addition, they achieve interoperability, so that the use of digital identification no longer remains inefficient. ID-Ideal’s implementation phase began in May 2021. Current developments relating to the European eIDAS regulation are also taken into account, with the clear aim of providing future-orientated solutions on the subject of digital identities. Citizens should be able to act from the comfort of their home – be it when changing their place of residence, applying for a care center or other notifications of changes. The solution should not be used regionally but across Germany and Europe. Based on the so-called ID-Ideal Trust Framework, the technical, legal, and semantic interoperability of services and applications is regulated. The aim is to stimulate the creation of an ID ecosystem. If many ID services can coexist, the overarching exchange of digital evidence becomes possible. This is how we actively create trust between actors inside the digital space – one of the basic principles of Jolocom. The idea behind ID-Ideal is to create a basis for existing and future identity services. To achieve this, interoperability between the individual ecosystems is necessary. For this reason, the project mainly focuses on key aspects: A) Trust Framework: harmonize various ID services and create standards for secure digital identities B) High relevance to everyday life and very good usability to increase the incentive C) Establishing a TrustNest initiative: an open community that promotes certification, exchange, and further development Would you like to find out more about the ID-Ideal project? You can findits official homepage here: https://id-ideal.hs-mittweida.de/ and more information at the BMWi: https://www.digitale-technologien.de/DT/Navigation/DE/ProgrammeProjekte/AktuelleTechnologieprogramme/Sichere_Digitale_Identitaeten/Projekte_Umsetzungsphase/IDideal/IDideal.html Partner HTW Dresden, Hochschule Mittweida, Landeshauptstadt Dresden, Stadtverwaltung Leipzig, Stadtverwaltung Mittweida, Jungheinrich AG, EXXETA AG, EECC GmbH, Fraunhofer FIT, Jolocom GmbH, AUTHADA GmbH, evan GmbH, KAPRION Technologies GmbH, Stromdao GmbH, SQL Projekt AG",https://jolocom.io/blog/id-ideal-as-an-integrated-solution/,,Product,,Product,,,,,IDIDeal,,,2021-11-17,,,,,,,,,,,,,
Jolocom,Jolocom,,,,,,,,,Jolocom goes Consulting,"Our consultant focus is of course on decentralized digital identity (aka Self Sovereign Identity). Our advantage is that Jolocom has been able to build up enormous know-how through projects over the past 7 years. Not only was knowledge in the technology area built up, but also an extensive network through active work in committees (e.g. W3C, DIF, INATBA, ESIF / EBSI), associations (e.g. federal bloc) and consortia (e.g. shop window projects digital identities).","Jolocom macht jetzt auch Beratung? Eigentlich macht Jolocom schon immer Beratung. Neben der technischen Kompetenz, den Projekten und den Aktivitäten in Gremien, Verbänden und Vereinen haben wir unsere Kunden in den letzten 7 Jahren natürlich auch beraten. Aufgrund des Wachstums von Jolocom haben wir uns dazu entschlossen, die Beratung weiter auszubauen, um unsere Kunden noch besser unterstützen zu können und die Bereiche klarer zu trennen. Im Folgenden ein Auszug aus den Aktivitäten der letzten 7 Jahre: Was kann Jolocom, was andere nicht können? Unser Beraterfokus liegt natürlich auf Dezentraler Digitaler Identität (aka Self Sovereign Identity). Unser Vorteil liegt darin, dass Jolocom in den letzten 7 Jahren enormes know-how durch Projekte aufbauen konnte. Es wurde nicht nur Wissen im Technologiebereich aufgebaut, sondern auch ein umfangreiches Netzwerk durch aktive Arbeit in Gremien (z.B. W3C, DIF, INATBA, ESIF/EBSI), Vereinen (z.B. Bundesblock) und Konsortien (z.B. Schaufensterprojekte Digitale Identitäten). Jolocom deckt alle Bereiche und Ebenen ab, von erstem Kontakt mit dem Thema digitale Identitäten, Erstellung der Strategie, Auswahl der Technologie bis zu einer Implementierung. Dies ermöglicht eine effiziente Beratung aus erster Hand ohne zeit- und kostenintensive Umwege. Beratung vom Anfang bis zum Ende Betrieb ohne Umwege. Unsere Prinzipien – offene Plattform Wir sind davon überzeugt, dass eine dezentrale Identität eine offene Plattform mit einheitlichen Standards sein muss, unabhängig von einer einzelnen Lösung. Produkte und Lösungen müssen interoperabel sein. Nur so können die Potentiale der Technologie für den Einzelnen, für den öffentlichen Bereich und die Privatwirtschaft umgesetzt werden. Dieser Grundsatz leitet uns in der Beratung und in der Erstellung unserer frei verfügbaren Plattform. In der Beratung sind wir daher technologieunabhängig und verfolgen das Ziel, dass ein Vendor lock-in oder andere Abhängigkeiten vermieden werden. Was bietet Jolocom Consulting? Diesen Beratersatz kennen sie sicher: “Jeder Kunde ist individuell”. Das stimmt auch. Wir haben trotzdem Kategorien von Beratungstätigkeiten definiert, um die Orientierung zu erleichtern. - Your soil – Aufbau von Wissen: “Verfügt ihr Unternehmen über das benötigte Wissen, um die Auswirkung und Chancen von dezentralen Identitäten richtig abzuschätzen?” Der Wissensaufbau ist wichtig bevor man sich über Anwendungsfälle den Kopf zerbricht. Das Wissen kann durch Vorträge, Workshops oder Coaching Session vermittelt werden. - Your ideas – Ideen und Anwendungsfälle: “Welche SSI Anwendungsfälle können helfen Geschäftsprozesse zu vereinfachen oder Neue zu entwickeln, und sind diese umsetzbar?” In dieser Phase können wir mit Ihnen Anwendungsfälle erarbeiten, bewerten und reihen. - Grow ideas – Ausarbeitung und Planung: “Was brauche ich und was bedeutet es einen Anwendungsfall umzusetzen?” Haben sie eine vielversprechende Anwendung identifiziert können wir bei Strategieentwicklung, Business Case Erstellung, Budget- und Projektplan, Architekturerstellung, Buy/Build/Join Entscheidungen, Lieferantenauswahl, Ausschreibung, Konsortienbildung/-suche/-beitritt, etc. unterstützen. - Implement ideas – Umsetzung: “Wie kann ich sicherstellen, dass die Implementierung so läuft wie geplant?” Jolocom Consulting unterstützt sie, egal für welche Produkte oder technischen Partner sie sich entscheiden. Jolocom Consulting unterstützt bei Projekt-/Konsortienmanagement und als Spezialist, damit die
Jolocom,Jolocom,,,,SSI Position Paper,,,,,A universal identity layer we can only build together,"We have recently published a paper that aims to take the first step towards the discussion of self-sovereign identity based on a shared consensus. A shared consensus of the concept and terminology as well as important topics such as standardization, privacy and security. That paper is Self-Sovereign Digital Identity: A position paper on blockchain enabled identity and the road ahead. Our decision to write it as a community was first motivated by the lack of objective material on the topic and then the resulting confusion and skepticism we ran into discussing it.","We have recently published a paper that aims to take the first step towards the discussion of self-sovereign identity based on a shared consensus. A shared consensus of the concept and terminology as well as important topics such as standardization, privacy and security. That paper is Self-Sovereign Digital Identity: A position paper on blockchain enabled identity and the road ahead. Our decision to write it as a community was first motivated by the lack of objective material on the topic and then the resulting confusion and skepticism we ran into discussing it. ‧ ‧ ‧ A typical question for a self-sovereign identity company: “It sounds like you are all doing the same thing, how will this ever work?” Over the last two years, we have seen more and more companies join the community wanting to build a decentralized identity solution, where individuals truly own and control their data. With more actors, the question of competition came up frequently. We have since been busy explaining the idea of a universal identity layer both as Jolocom but also as a community. A great illustration of the difference between the universal identity layer and competing identity platforms is that of email and messengers. Your email account allows you to send messages to everyone, no matter whether they use Gmail, GMX, Posteo, a company email or something else. When you open a messenger app on your phone, the world looks totally different – you can only communicate with people that also use that exact messenger. As a result, people have to use multiple messenger apps to stay connected with their friends. This can get out of hand quickly, leaving you with numerous siloed apps that ultimately all do the same thing: they send a message (text, emoji, photo, etc.) to a friend. The world of digital identity looks a lot like the messenger world today, forcing users to create multiple siloed identities throughout their digital life. The idea of a universal identity layer is to build for identity what email has provided for communication — a protocol that can be used by everyone based on open and interoperable standards. A universal identity layer is only possible if we collectively build and maintain the building blocks of self-sovereign identity as an open source commons for everyone to benefit from. The #SSIpaper is published at a very important time in the development of self-sovereign identity. With the emergence of the Decentralized Identity Foundation in 2017 and the earlier efforts by W3C and others, we are now leaving the stage of research and proof of concepts and rapidly entering a new phase of beta versions and, soon, production systems. To achieve the vision of a universal identity layer, we need to make sure that these systems don’t just allow their users to own and control their identity but also work openly, hand-in-hand across all associated technical layers.For self-sovereign identity to be credible and trustworthy, it can’t be owned or controlled by any company. It must be built and maintained by a global community that shares the vision of a decent, decentralized web. While we see great efforts towards interoperability and active discussion in the self-sovereign identity community, the wider world is very much at the beginning of this journey.Self-sovereign identity offers something radically different: a new type of platform that’s not strong because of excl
Jolocom,Jolocom,,,,,,,,,"A Decentralized, Open Source Solution for Digital Identity and Access Management","The protocol logic encodes a granular, claim-based model of identity that is highly generalized and unrestrictive in scope in order to accommodate a multiplicity of potential use cases and broad range of subjects of identity (users), including individual persons as well non-person entities like organizations (e.g. companies, governmental bodies), IoT devices (e.g. hardware/software agents), and autonomous agents (e.g. DAOs).",,https://jolocom.io/wp-content/uploads/2019/12/jolocom-whitepaper-v2.1-a-decentralized-open-source-solution-for-digital-identity-and-access-management.pdf,,Whitepaper,,Resources,,,,,,,,2019-12,,,,,,,,,,,,,
Lissi,Neosfer GmbH,Lissi,,,,"European Union, Germany",,,,Lissi,We provide software tools for trusted interactions between organisations and their customers.,,https://lissi.id/,,Company,,Company,Enterprise,ID,SSI,,,,,2019-06,,https://twitter.com/lissi_id,,https://lissi-id.medium.com/,https://medium.com/feed/@lissi-id,,,https://www.linkedin.com/company/lissi/,,,,,
Lissi,Lissi,,Medium,,,,,EIDAS,,eIDAS and the European Digital Identity Wallet,"The vast majority of citizens regularly use the internet. According to statista, for 16–24-year-olds, the European average of daily internet users amounts to 95 per cent in 2020. Even for the age group of 55–64 years, the percentage of daily users is as high as 69 per cent on an EU average. Hence, access to digital services is expected. This includes services offered by governments and the private sector alike.","eIDAS and the European Digital Identity Wallet: Context, status quo and why it will change the world. In 2021 the European Commission announced the European digital identity wallet. This article explains the basic concepts, highlights the significance of this development and provides an overview of the status quo. The vast majority of citizens regularly use the internet. According to statista, for 16–24-year-olds, the European average of daily internet users amounts to 95 per cent in 2020. Even for the age group of 55–64 years, the percentage of daily users is as high as 69 per cent on an EU average. Hence, access to digital services is expected. This includes services offered by governments and the private sector alike. The difference between foundational and contextual identity When speaking about “digital identity” we need to differentiate between a foundational and contextual identity. A foundational identity has a legal context and uniquely identifies a natural person. A contextual identity exists depending on a particular context and is not directly subject to government regulations. While a person generally only has one foundational identity, he or she can have hundreds of contextual identities. Foundational Identities are also referred to as government-issued, eID, regulated-, foundational-, base-, or core identity. Foundational or regulated identities are issued by an authoritative body of a government. A classic example is a passport. It grants rights and privileges in a global context and is subject to a highly regulated environment. The Pan Canadian Trust Framework defines a foundational identity as followed: “A foundational identity is an identity that has been established or changed as a result of a foundational event (e.g., birth, person legal name change, immigration, legal residency, naturalized citizenship, death, organization legal name registration, organization legal name change, or bankruptcy)” PCTF V1.4. Contextual identity: also referred to as non-regulated-, private- or pseudonymous identity. The Pan Canadian Trust Framework defines a contextual identity as followed: “A Contextual Identity is an identity that is used for a specific purpose within a specific identity context (e.g., banking, business permits, health services, drivers licensing, or social media). Depending on the identity context, a contextual identity may be tied to a foundational identity (e.g., a drivers licence) or may not be tied to a foundational identity (e.g., a social media profile)”. Hence, one needs to know the context of the identity in question to understand who we are talking about. If we just say “follow @earthquakebot to get immediate information about earthquakes 5.0 or higher” you don’t know where to go and search for this bot. The context, which is missing is that the bot exists within the authoritative domain of the Twitter platform. However, on other platforms, this name might already be taken or used for other purposes. Identification and authentication Before we dive deeper into the topic of the eIDAS regulation we want to explain two key concepts, which the regulation is aiming to improve: identification and authentication. Identification asks: Who are you? This implies the person or organisation you are interacting with doesn’t know you yet and has a legitimate reason or even the obligation to identify the natural person it’s interacting with. Current means of identification include officially notified eID means as well as offerings from the private market such as postal service, video- or p
Lissi,Lissi,,Medium,,,,,EIDAS,,EUDI Wallet: Illustration of the eIDAS roles and functions,In the graphic below we reorganised and regrouped the stakeholders to map the requirements for the eIDAS toolbox architecture onto a SSI framework (Self-Sovereign Identity framework).,"EUDI Wallet: Illustration of the eIDAS roles and functions In June 2021, the EU Commission presented a new draft on eIDAS regulation. The aim is to provide all citizens and businesses in the EU with digital wallets with which they can not only identify and authenticate themselves, but also store a variety of other documents (such as diplomas) and present them in a verifiable manner. In recent months, a group of experts has now presented a first outline for the architecture of an “eIDAS Toolbox” describing the reference architecture. The current version of the toolbox of the revised eIDAS regulation already defined new roles within the framework as well as their functions. In the graphic below we reorganised and regrouped the stakeholders to map the requirements for the eIDAS toolbox architecture onto a SSI framework (Self-Sovereign Identity framework). The graphic shows very clearly how well the requirements for the eIDAS toolbox can be implemented with SSI technology. This is also supported by the paper “Digital Identity: Leveraging the SSI Concept to Build trust” by the European Union agency for cybersecurity ENISA. We also added the arrow from the different issuers to the trust registries, since they need to provide information to these registries. Until the end of the year member states are now requested by the EU Commission to implement first pilot use cases on top of the reference architecture. We expect many member states to implement use cases on top of an architecture similar to above graphic. We used the graphic below as basis for our infographic, which was published as part of the current eIDAS Toolbox document on page 8. We would be delighted to hear your feedback. Do you think the reorganisation makes sense? Which roles or functions are missing? Your Lissi team",https://lissi-id.medium.com/eu-id-wallet-illustration-of-the-eidas-roles-and-functions-6cb7bb6bca39,,Post,,Explainer,Public,,,,EUDI Wallet,,,2022-03-04,,,,,,,,,,,,,
Lissi,Lissi,,Medium,,,,,EIDAS,,Trust in the digital space,"Would we rather have a high level of security or self-sovereignty? Unfortunately, the two aspects are at different ends of the spectrum. If we only allow pre-verified and approved parties to retrieve identity data, as currently envisaged by the [eIDAS regulation](https://Lissi-id.Medium.com/eidas-and-the-european-digital-identity-wallet-context-status-quo-and-why-it-will-change-the-2a7527f863b3), this severely restricts usage","Trust in the digital space This article describes why and how the Lissi Wallet Beta, available for iOS and Android, uses certificates to authenticate organisations. This article is also available in German. The problem Imagine you go to an event and just before the entrance you see a QR code with the heading “Check-in here” along with the organiser’s logo. As you scan the QR code with your Wallet, you are asked for your payment information, among other things. But should you present this information? When we communicate with third parties over the internet, it is not always clear whether the other party is really who they say they are. This problem also exists with established communication channels such as websites and emails, among others. Phishing refers to the fraudulent tapping of data to gain access to bank accounts or similarly sensitive accounts or information. A permanent communication channel that allows users to identify the communication partner to enable a trustworthy exchange of information is essential to protect users from phishing. Context is important We often base our trust in an interaction on the context in which we are communicating. For example, we trust a link in an internal employee portal more than a link in a promotional email. The principle is the same when a contact wants to connect with users and the connection request is displayed in the wallet. Depending on the context in which the connection request is initiated, a different level of trust can be assigned. The context helps us to establish trust but is not sufficient on its own. Often the context is missing or attackers specifically try to exploit it. Authentication of organisations Wallet users must be able to check the authenticity of organisations they connect to. However, the organisation must first be identified and verified. Once the organisation has the required certificates it can be validated in the user’s wallet. Hence, before the wallet can verify the organisation, a trusted party must certify the organisation. Certification authorities are organisations that are entrusted with signing digital certificates. They verify the identity and legitimacy of the organisation and the person requesting a certificate. If the check is successful, a signed certificate is issued. This certificate can then be verified by the user’s application such as a browser or wallet to authenticate the organisation. Trust on different levels An encrypted communication channel between individuals and organisations allows sensitive information to be exchanged without third parties being able to read it. However, this is not sufficient, as the identity of the other party must be verified beforehand. To ensure that the contact is really a public authority, for example, we use certificates to verify their identity. Consequently, there are two levels of trust. On the lower level, there is a cryptographically secured communication channel. This is supplemented by certificates issued by different certificate authorities or trust domains. Certificates and trust domains The basis for trustworthiness is that the certification authority implements organisational and technical measures at an appropriate security level and establishes rules for all participants in the trust domain. The specific requirements for the certificates depend on the use case and the legal framework in which a transaction takes place. Thus, the certificates used can differ depending on the level of trust required for each use case. Regulated certificate authorities act as issuers of certificates that c
Lissi,Lissi,,Twitter,,,,,EIDAS,,@lissi_id The European Digital Identity #Wallet #EUDI will have a modular framework,"for the user interface, data storage, cryptographic protocols, sensitive cryptographic material and eID mean modules. ""[Requirements and Solution CNECT/LUX/2022/OP/0011](http://etendering.ted.europa.eu/cft/cft-documents.html?cftId=10237)""",,https://mobile.twitter.com/lissi_id/status/1536645378451333127,https://pbs.twimg.com/media/fvncyiqwaaa-gzx?format=jpg&name=4096x4096,Tweet,,Explainer,,,,,EUDI Wallet,,,2022-06-14,,,,,,,,,,,,,
Lissi,Lissi,,Medium,,Digital Technologies Forum,,,,,Digital Technologies Forum now includes the Lissi demo,[german] Digital Technologies Forum is a networking platform and exhibition space for selected research projects and innovations in the field of digital technologies from Germany. The forum offers outstanding research projects a platform for more visibility and promotes exchange and knowledge transfer at national and international level.,"Lissi Demonstrator im Forum Digitale Technologien Über das Forum Digitale Technologien Das Forum Digitale Technologien ist Vernetzungsplattform und Ausstellungsfläche für ausgewählte Forschungsprojekte und Innovationen im Bereich digitaler Technologien aus Deutschland. Das Forum bietet herausragenden Forschungsprojekten eine Plattform für mehr Sichtbarkeit und fördert den Austausch und den Wissenstransfer auf nationaler und internationaler Ebene. Die Veranstaltungen und Demonstratoren des Forums fokussieren sich auf die technischen Schnittstellen und gesellschaftlichen Spannungsfelder aktueller Technologietrends: Internet of Things, Big Data, Künstliche Intelligenz und Sicherheit und Vertrauen im Digitalen Raum. Der Showroom des Forums bietet eine Ausstellungsfläche für Projekte aus den Technologieprogrammen des Bundesministeriums für Wirtschaft und Klimaschutz sowie weiterer Förderprogramme des Bundes. Mehr Informationen über das Forum digitale Technologien gibt es auf der Website. Lissi Demo im Showroom des Forums Die Lissi Demo ist Teil des Themenbereichs “Vertrauen im Digitalen Raum”. Sie veranschaulicht mehrere Anwendungsfälle aus Sicht der Nutzenden und gibt einen praxisnahen Einblick in die Interaktionen. Sie können die Demo hier selber ausprobieren: https://Lissi.id/demo Die Demonstration veranschaulicht, wie Anwendungsfälle und Nachweise aus dem hoheitlichen und privatwirtschaftlichen Bereich miteinander kombiniert werden können. Das Lissi Team der main incubator GmbH ist Konsortialleiter des IDunion Konsortiums. IDunion ist eines der vier Projekte im Schaufenster Digitale Identitäten, welches vom Bundesministerium für Wirtschaft und Klima gefördert wird. Die vier geförderten Schaufensterprojekte werden von der Begleitforschung unterstützt. Ziel von IDunion ist es, ein Ökosystem für vertrauensvolle digitale Identitäten zu schaffen, welches mit europäischen Werten betrieben wird und weltweit nutzbar ist. Dabei werden digitale Identitäten für natürlich Personen, juristische Personen, sowie Dinge (IoT) berücksichtigt. Über Lissi: Lissi bietet einfache Anwendungen für Organisationen, um vertrauenswürdige Interaktionen mit Nutzenden zu ermöglichen. Dazu gehört das Lissi Wallet sowie unsere Anwendungen für Organisationen.",https://lissi-id.medium.com/lissi-demonstration-im-forum-digitale-technologien-82d5f0c07a5d,,Post,,Meta,,,,,Lissi Connect,,,2022-04-27,,,,,,,,,,,,,
Lissi,Lissi,,Medium,,GAIA-X,,,,,Lissi demonstrates authentication for Gaia-X Federation Services,"Gaia-X creates an open, federated digital ecosystem for data infrastructure for decentralized cloud and edge workloads and data sharing capabilities. As part of the core services, the so-called Gaia-X Federation Services (GXFS) are targeting the areas of Identity & Trust, Federated Catalogue, Sovereign Data Exchange and Compliance as open-source reference implementations.","Lissi demonstrates authentication for Gaia-X Federation Services You can use the Lissi Wallet for the Authentication (Login) into the Gaia-X Federated Services Platform here: https://Lissi-demo.gxfs.dev/ Collaboration between Gaia-X Federation Services (GXFS) and IDunion Gaia-X creates an open, federated digital ecosystem for data infrastructure for decentralized cloud and edge workloads and data sharing capabilities. As part of the core services, the so-called Gaia-X Federation Services (GXFS) are targeting the areas of Identity & Trust, Federated Catalogue, Sovereign Data Exchange and Compliance as open-source reference implementations. The project is funded by the governments of France and Germany to support the data-driven business models for the European economy. Part of every digital service solution is decentralized identity and access management, which enables participants of Gaia-X Federations to manage their participants in a self-sovereign manner. The identity layer determines how GDPR-compliant interactions between stakeholders can be offered, established and trusted based on SSI (Self-Sovereign Identity) principles without the need for a centralized controller. Such a decentralized implementation has been developed by IDunion. Despite the agnostic approach of Gaia-X, both projects collaborate to form a holistic solution and are aligned in regards to their principles of data sovereignty, openness and user control. Easy authentication via Lissi The demo is available via https://Lissi-demo.gxfs.dev/. The steps shown below provide a guidance how the process works. In this context authentication is the process of verifying the already known identity of a principal (user). Traditionally a centralized identity provider is used to identify and authenticate a user and you trust them by default. While there are single sign-on solutions by worldwide acting technology companies, these authentication mechanisms make users dependent on the provider while also introducing comprehensive surveillance risks. Therefore, Gaia-X goes another way with Personal wallets such as the Lissi Wallet to enable users to manage their identity by themselves as well as offering a passwordless authentication method, which doesn’t depend on a single centralized service. While this implementation is done via Lissi Connect to bridge newly evolving SSI technologies with existing standards like OpenID Connect, other vendors or open-source integrations can also be used simultaneously. Demonstration at the Hannover Fair The first draft of the integration was demonstrated at the Hannover Fair, an international industry trade exhibition. The final integration with any wallets is currently in progress and will be presented to the public at a later stage. Benefits for users: - Convenience: self-managed and controlled identity and login without password - User-centric: use the same application for interacting with multiple stakeholders - Order: using a credential for authentication and authorization - Transparency: of interactions with GDPR conformity Benefits for organizations: - Domain independent: shared trusted infrastructure with European values and regulatory conformance. - Streamlined UX: for authentication and authorization - Risk reduction: interacting with verified participants - no vendor lock-in: usage of open standards - Independence: decentralized user and access management About Gaia-X Federation Services: The Gaia-X Federation Services (GXFS) represent the minimum technical requirements needed to build and operate a cloud-based, self-determined data infrastructure ecosy
Lissi,Lissi,,Medium,,,,,,,Lissi Connect Demo,"[German] The login is only the start of the mutual customer relationship users do not want to monitor and maintain dozens of communication interfaces, but prefer a solution that brings these aspects together. This includes not only login services, but also newsletters, information letters from the bank, digital proof of any kind and other relevant Personal information. The media break and the fragmentation of the current systems poses a major challenge for users and organizations. However, once stored in the user's wallet, this information can be easily managed, sorted and presented as needed.","Lissi Connect Demo Lissi Connect erleichtert die Nutzerauthentifizierung und den Austausch von digitalen Nachweisen Es ist an der Zeit das Passwort in Rente zu schicken Die Option, sich ohne Passwort bei Plattformen einzuloggen, wird heutzutage von Nutzenden erwartet. Serviceanbieter suchen nach Integrationen, welche von Nutzenden angenommen werden und einfach zu integrieren sind. Dabei haben sich vor allem große Technologiekonzerne als Anbieter von Single-sign on Lösungen etabliert. Diese Login Optionen sind zwar einfach für Nutzer, bringen diese jedoch in große Abhängigkeit von zentralen Dienstleistern, welche häufig das Nutzerverhalten analysieren und an Werbetreibende verkaufen. Der Login ist nur der Start der gemeinsamen Kundenbeziehung Nutzende möchten nicht dutzende von Kommunikationsschnittstellen überwachen und pflegen, sondern bevorzugen eine Lösung, welche diese Aspekte zusammenführt. Dies beinhaltet nicht nur Login Dienste, sondern auch Newsletter, Informationsschreiben von der Bank, digitale Nachweise jeglicher Art und sonstige relevante persönliche Informationen. Der Medienbruch und die Zersplitterung der aktuellen Systeme stellt Nutzende sowie Organisationen vor eine große Herausforderung. Einmal in dem Wallet der Nutzenden abgelegt, können diese Informationen jedoch einfach verwaltet, sortiert und nach Bedarf präsentiert werden. Dies verbessert die Datenhaltung für Nutzende und bietet komplett neue Möglichkeiten der Kommunikation zwischen Organisationen und Endanwender. Die direkte Verbindung — mit Lissi Connect Lissi Connect ermöglicht die Authentifizierung von Nutzenden ohne Passwort. Zusätzlich zur Authentifizierung der Nutzer bietet Lissi Connect die Möglichkeit, digitale Nachweise auszustellen und abzufragen. Es handelt sich dabei um eine Platform-as-a-Service (PaaS) Lösung, welche einfach in bestehende Systeme integriert werden kann. Die Kontrolle über die Kundenschnittstelle liegt dabei stets bei den zwei Parteien, welche den Kommunikationskanal initial erstellt haben. Unsere Lissi Connect Demo Um ein Gefühl für das Nutzererlebnis zu erhalten haben wir euch eine Login Demo bereitgestellt in der ihr die passwortlose Registrierung und Anmeldung testen könnt. Wir haben die Anwendung bereits mit den ersten Partnern getestet und bieten die Anwendung kostenlos für Test-Zwecke an. Interessiert? Schreibt uns doch gerne eine Mail an info@Lissi.id Eurer Lissi Team",https://lissi-id.medium.com/lissi-connect-demo-d6db29db7755,,Post,,Product,,,,,Lissi Connect,,,2022-01-20,,,,,,,,,,,,,
Lissi,Lissi,,Medium,,,,,,,The Lissi Wallet is now available in 12 languages!,"Lanugauges supported: Arabic • English • French • German • Italian • Korean • Polish • Portuguese • Russian • Romanian • Spanish • Turkish<br><br>> the language is only a small part of the whole user experience. The task is to design a universal cockpit, which people can navigate regardless of their social background. Similar to a dashboard in a car, which doesn’t look too different wherever you go. In order to achieve this, we have to standardize the icons, colours and user-flows to a certain degree. However, on the other hand, they need to be adjusted to the target audience.","The Lissi Wallet is now available in 12 languages! About the Lissi wallet The Lissi wallet is a simple but powerful tool to manage digital interactions. It can be used to establish connections to third parties and to exchange information. You can find a more detailed explanation here or on our website. It’s currently available as an open beta version for iOS and Android. The importance of multi language support Within the identity community, we spend considerable time to ensure interoperability between different solutions. We engage in conversations in a variety of standardization bodies to enable a seamless user experience on a global scale. Frankly speaking, we are not there just yet. But we are on a good way to enable access to the services regardless of where an entity is based or which social background an individual has. While regulation as well as technical and educational hurdles remain, it’s crucial to increase the accessibility of products to different cultures and languages. We have already received feedback from multiple stakeholders from the public and private sector saying that multi-language support is essential for the execution of various use cases. There are several nations, which have multiple official languages. If our end-user facing products are not available in the most common languages, it creates entry barriers so big that not even a piloting of these use cases would make sense. Hence, we took note and worked hard to ensure the Lissi wallet is available in the languages of communities, which currently explore the self-sovereign identity concept. The Lissi wallet now supports the following languages: - Arabic - English - French - German - Italian - Korean - Polish - Portuguese - Russian - Romanian - Spanish, and - Turkish. Challenges remain When designing a wallet, the language is only a small part of the whole user experience. The task is to design a universal cockpit, which people can navigate regardless of their social background. Similar to a dashboard in a car, which doesn’t look too different wherever you go. In order to achieve this, we have to standardize the icons, colours and user-flows to a certain degree. However, on the other hand, they need to be adjusted to the target audience. Let’s take the colour red as an example. In western cultures, red is associated with excitement, danger, urgency and love, whereas the same colour evokes danger and caution in the middle-east. In India, it’s associated with purity, while in China it symbolizes luck and happiness. Finding the right balance between standardization and necessary adjustments for the target audience will require knowledge about the cultural differences, feedback and time. When it comes to language it creates its own set of difficulties. Differences can be observed in the usage of genders, the left-to-right or right-to-left reading, the information density or the usage of tenses, just to name a few. Furthermore, there isn’t a common terminology used within the community, which makes a translation into different languages even more challenging. Hence, our translation won’t be perfect. While we worked with native speakers, the context is often difficult to explain without demonstrating the user-flow and an actual use-case. Languages also change depending on the use-case or the subject in question. Nevertheless, we are looking forward to making
Lissi,Lissi,,Medium,,,,,,,The Lissi Wallet now supports additional cards and convenience features,"The Lissi Wallet now supports additional cards and convenience features. Import of additional cards The Lissi Wallet does supports verified credentials, custom cards and pk.pass files The Lissi Wallet now supports .pkpass files, as well as other custom cards, in addition to verifiable credentials (first screen). Any card in the wallet that has a bar code or QR code can now be easi","The Lissi Wallet now supports additional cards and convenience features. Import of additional cards The Lissi Wallet now supports .pkpass files, as well as other custom cards, in addition to verifiable credentials (first screen). Any card in the wallet that has a bar code or QR code can now be easily stored digitally in Lissi Wallet (second screen). These can be customer cards, membership cards or, for example, gift cards. If required, the barcode can then be shown to the merchant instead of carrying the card itself. Often tickets, such as a boarding pass for flights or health passes, which are required for entry abroad, are issued as a .pkpass file. These passes can be easily imported into the wallet and can be presented with the Lissi Wallet at the airport or on the train if needed (third screen). Currently, this feature is only available for Android. Automatically accept incoming connections and credentials and display information about interactions Connection requests and the acceptance of new credentials can now be automated. Users can activate the automatic acceptance of new connections within the settings or after the establishment of three connections. Regardless of whether the connection is accepted automatically or not, users are informed about the connection setup (first screen). The automatic acceptance of new credentials can be activated for individual contacts as desired (second screen). When users receive a new credential, a green banner informs them that the credential has been successfully stored in the wallet (third screen). In addition, users are informed that information has been successfully presented to a contact (fourth screen). Want to try it out yourself? Head over to www.Lissi.id/demo. Cheers, Your Lissi Team",https://lissi-id.medium.com/the-lissi-wallet-now-supports-additional-cards-and-convenience-features-465aeedf5f5c,,Post,,Product,,,,,Lissi Wallet,,,2021-11-09,,,,,,,,,,,,,
Lissi,Lissi,,Medium,,Indicio,,,,,The Lissi wallet supports the Indicio Network,"we are committed to not only provide individuals with the choice of their favourite wallet, but also organisations with the choice of their network. We are delighted to announce that the latest version of the Lissi wallet also supports the Indicio Network.","The Lissi wallet supports the Indicio Network Digital identity is now a fundamental requirement to function in a world that has shifted to remote-first. To empower individuals and to protect their self-sufficiency, the concept of self-sovereign identity (SSI) was developed. It grants the individual agency over their interactions and data by putting the data-subject back into the driver-seat. Self-sovereign identity and its use-cases There are plenty of potential use-cases. Our identity isn’t something we can easily explain or which can easily be summarized by single data sets. It highly depends on the context in which it operates and is different depending on the person with whom we interact. One category of use-cases is the proof of certification or qualification of an individual. This proof is required for applications for jobs, grants or the participation in special events. Depending on the requirements, an individual can collect all necessary certificates and present them directly to the relying party. Another big category of use-cases is to enable access to information, buildings or resources. When e.g. information is labeled as “internal only”, the authorized people should be able to access it. Organizations can issue credentials to the right target audience and only approve access for those individuals, which have a valid credential. Wallets and Networks Two elemental components of an SSI-ecosystem are the wallets for end-users and the networks for organisations on which issued credentials are anchored to. In this article, we will explain how these relate to each other, what their specific goals are and how they interact with each other by providing the example of the Lissi wallet and the Indicio Network. About the Lissi Wallet In order to store and possess the credential, an individual requires an application with a graphical user interface to receive, store and present these credentials to third parties. A wallet is a key management application, which hides all the complicated technical aspects from the user and provides the required guidance to securely interact with trusted contacts. The Lissi wallet offers an intuitive interface and provides the necessary information and flexibility to navigate through an increasingly complex digital environment. Furthermore, it automatically recognizes the network, which an organisation used to verify the authenticity of the credential. Hence, while organizations can choose a suitable network, the user is informed about the network, but doesn’t need to do anything to receive the credential or interact with the organisation. Lissi is your smart agent, which takes unnecessary workload from you, provides you with the information to make informed decisions while always offering a choice. While the Lissi team is also involved in the formation of the IDunion network with its main focus in Europe, we recognize that organisations around the world have different needs. The networks, which are necessary to verify the authenticity of issued credentials, need to be adjusted to different regulatory requirements and the specific demands of their target audience. The network is a distributed and publicly readable database, which contains the public identifier of a legal entity. Therefore, we are committed to not only provide individuals with the choice of their favourite wallet, but also organisations with the choice of their network. We are delighted to announce that the latest version of the Lissi wallet also supports the Indicio Network. About the Indico Network Indicio.tech created the Indicio Network to meet the needs of companies and organizations that want a reliable and robust network to build, test, demo, and launch their identity solution
Lissi,Lissi,,google play,,Verity,,,,,Lissi by Main Incubator,"Lissi is your digital wallet. You can use it to store digital ID cards, proofs and other credentials, which are issued by companies and institutions. You can use these credentials to identify yourself to various online services, log in, shop online, gain access to buildings and much more.<br><br>The Lissi-wallet enables you to:<br>- Establish private and secure connections with other entities<br>- Receive, store and manage verified credentials<br>- Present digital proofs of your credentials<br>- Log-in without a password at third party providers<br>- Store pk.pass files (board pass, concert tickets etc.)","Lissi is your digital wallet. You can use it to store digital ID cards, proofs and other credentials, which are issued by companies and institutions. You can use these credentials to identify yourself to various online services, log in, shop online, gain access to buildings and much more. The Lissi-wallet enables you to: - Establish private and secure connections with other entities - Receive, store and manage verified credentials - Present digital proofs of your credentials - Log-in without a password at third party providers - Store pk.pass files (board pass, concert tickets etc.) The potential use-cases are endless. From proofing that you reached a certain age for age-restricted products to presenting your academic credentials to a potential employer. Identity is versatile - so is Lissi. Your information isn’t stored on a central database or any cloud service. Instead, the Lissi Wallet stores your encrypted identity data locally on your phone. Hence, you have full control over your data and only you decide with whom you want to share it. The Lissi Wallet is developed in Germany by the Neosfer GmbH, a 100 percent subsidiary of Commerzbank AG. Our team also leads the IDunion consortia. The Lissi Wallet currently supports the IDunion, Sovrin, BCovrin and Indicio network. For further information please visit our website www.Lissi.id Neosfer GmbH Eschersheimer Landstr. 6, 60322 Frankfurt am Main",https://play.google.com/store/apps/details?id=io.lissi.mobile.android,,Product,,Product,,,,,,,,2022-12-08,,,,,,,,,,,,,
MagicLabs,,MagicLabs,,Arthur Jen; Jaemin Jin; Sean Li,,"USA, California, San Francisco",USA,,,Magic Labs,"Magic is a developer SDK that you can integrate into your application to enable passwordless authentication using magic links - similar to Slack and Medium.<br><br>When users want to sign up or log in to your application:<br><br> User requests a magic link sent to their email address<br> User clicks on that magic link<br> User is securely logged into the application<br><br>If it's a web application, users are logged into the original tab, even if the user clicked on the magic link on a different browser or mobile device!",,https://magic.link/,,Company,,Company,Enterprise,ID,SSI,,,Passwordless,,2018,https://github.com/MagicLabs,https://twitter.com/magic_labs,https://www.youtube.com/channel/UCe9Itc4HfUnqXO4wJk9mo3Q/,https://medium.com/magiclabs,https://medium.com/feed/magiclabs,,https://www.crunchbase.com/organization/fortmatic-inc,,https://docs.magic.link/,,,,
MagicLabs,MagicLabs,,Medium,,,,,,,3 Types of Passwordless Authentication for Web 3.0,"Passwordless authentication is a fundamental shift in how people will access their tools and information online, and it will provide more security, prevent billions in losses, and create greater transparency.","3 Types of Passwordless Authentication for Web 3.0 This article was written by Mike Truppa, a content developer and blockchain expert at Webstacks, a website and marketing operations agency helping high-growth SaaS, FinTech, and Blockchain startups scale. Passwordless authentication is the future of online security, and promises a future where users don’t need to remember username and password combinations, spend time resetting passwords, and worry about the security of their Personal and financial information being stolen. Passwordless authentication is a fundamental shift in how people will access their tools and information online, and it will provide more security, prevent billions in losses, and create greater transparency. Let’s explore the different types of passwordless technology and compare a few companies offering passwordless authentication software. What is Passwordless Authentication? Passwordless authentication is a method for verifying an internet user’s identity without requiring a password. Types of passwordless authentication methods in use today including, magic links, one-time passwords (OTP), biometric authentication, and public-private key pairs using blockchain technology. Is two-factor authentication (2FA) passwordless authentication? Because the nature of two-factor authentication (2FA) is to add an additional layer of security to passwords, it can sometimes be mis-categorized as passwordless authentication. However, 2FA methods such as SMS-based authentication would still be considered a one-time password which is a form of passwordless authentication. 3 Types of Passwordless Authentication that Eliminate Single Points of Failure from Centralized PAP-based Authentication Today’s password authentication protocols (PAP) are designed with centralized intermediaries or organizations that maintain a database of username-password pairs to prove a user’s identity. The central point of failure of PAP-based authentication puts people at risk of hacks, data breaches, identity theft, fraud, and leaks, all of which can be mitigated with passwordless authentication. 1. Public-Key Cryptography and Blockchain Authentication Public key cryptography is a form of public and private key authentication, which has been broadly used in the current information world including WebAuthN, machine-to-machine communication, etc. Public-key cryptography has exploded in popularity in the last decade in large part because of public blockchains like Bitcoin, Ethereum, and Solana that use public-private cryptography to secure blockchain transactions of digital assets and Non-Fungible Tokens (NFTs). Because blockchain technology is built on top of public-key cryptography, they can be confused as one and the same. However, public-key cryptography doesn’t necesSITAte authentication with a blockchain. For example, although Magic enables Web 3.0 platforms to connect to public blockchains like Ethereum, throughout the entire authentication flow there is no interaction with the underlying blockchain; no consensus is involved or required to prove the user’s identity. How does blockchain authentication work to prove a person’s identity? Instead of using the traditional method of typing in a username and password, blockchain authentication uses public-key cryptography for self-sovereign identity management. When a user creates a wallet account on the blockchain, they receive a private key which only they know, and it is paired with a public key that connects them to the wallet address. To access Web 3.0 applications or complete blockchain transactions, the user signs transaction requests using their private key which authenticates their account access. How are blockchains secured using public-key authentication? Blockchains have
MagicLabs,MagicLabs,,Medium,,,,,,,Developers: SMS Authentication is Challenging,"SMS (Short Message Service) messaging¹, despite a number of material challenges, has broad adoption, international regulations, and support across platforms.","Developers: SMS Authentication is Challenging Phones are ubiquitous; the largest segment of the world’s computing base. However, despite significant market adoption of a few operating systems, interoperable standards for messaging are rare, and often segmented. SMS (Short Message Service) messaging¹, despite a number of material challenges, has broad adoption, international regulations, and support across platforms. This post details the use of SMS as an authentication mechanism. What is a high quality SMS login system? - Easy for Users, Hard for Attackers - Works globally, across all cellular carriers, even in lossy service environments. - Enrollment, opting out, and authentication are beautiful, simple processes. - Confidence the user has access to their phone, and the phone number is valid. - When users change their phone number, they don’t stop using the service; they can migrate to a new phone number smoothly. - When an attacker pretends to be a user, they are prevented from taking over the account. - A user should not be easily duped into helping their attackers. SMS can be temporarily undeliverable SMS delivery is not guaranteed, and many implementations provide no mechanism through which a sender can determine whether an SMS message has been delivered. 💡 Allow users to request a new code as part of the product. Use a different code for each message. SMS can be permanently undeliverable Users can request to stop receiving SMS from a particular sender, often by replying with ‘STOP’. Users will no longer receive messages. In the United States, FCC affirms text messages are covered under the “Telephone Consumer Protection Act”, and users have a variety of rights, including to Opt-Out. 💡 Notify users when their phone number is undeliverable: either in-app, or via email Messages can come from unfamiliar sources SMS standards make spoofing phone numbers difficult. However, no easy way exists for consumers to authenticate numbers or associate them with businesses. Messages appear with only a number to identify them. Users are habituated to ignore sender ids, or react with suspicion when numbers are changed. 💡 Include information about the sender in your message “Your ACME.co Code: 123–123”, or use Domain-Bound Codes Users can be on fraudulent sites Some sites trick users into entering authenticator codes for other sites. A common ploy asks for a user’s phone number, and prompts the user to enter the code they receive. The attacker simply forwards the collected code to the target, and successfully poses as the end user. - User Logs in to Fraud Site. Provides User phone number - Fraud Site forwards request to Real Site - Real Site sends User a SMS challenge. However, User thinks it comes from the Fraud Site - User enters correct SMS onto Fraud Site - Fraud Site / Attacker uses correct SMS to log into legitimate site - Attacker now has legitimate session on real site 💡 Include information about the sender in your message Your ACME.co Code: 123–123 or use Domain-Bound Codes 💡 Monitor for automations and headless browsers attempting your site’s login flow Users can change their phone number Users, particularly those outside of the United States, change their phone numbers often, giving rise to the popularity of messaging applications. 💡 Facilitate self-service recovery of SMS logins through alternative channels Attackers request control over phone numbers SIM-swapping attacks are social engineered takeovers of a user’s telecom contract. Calling customer support and transferring phone numbers between phones is common practice for consumers, and is exploited by attackers to capture SMS messages. Users can, though rarely, defend themselves, and unfortunately many users remain susceptible to these risks. 💡 Many SMS vendors provide carrier infor
MagicLabs,MagicLabs,,Medium,,,,,,,"Building a low-code, opinionated approach to plug & play login","Magic Login Form represents a new onboarding experience for end-users, so we wanted to revamp our own onboarding experience for developers to match. Learning about auth can quickly derail any developer’s good day. Striking the balance between good UX and good security can just boggle the mind.","Building a low-code, opinionated approach to plug & play login It feels so long ago that Magic unveiled its first auth solution in April 2020. JAMstack was having a moment, and so were NFTs. The world had just begun to reckon with shutdowns and social distancing. A surge in remote work showed us that online identity was overdue for a refactor. Centralized infrastructures were being challenged everywhere. Back then, all it took was one line of code to implement Magic. We used to hear lots of positive feedback about our whole developer experience. Those docs, you know? So clean. A year since, the world of web development is again at a threshold. We’re inundated with feedback from users that want a multitude of sign-in options. They want to feel secure, they want to own their data. They desire convenience and seamlessness. Providing an auth experience that serves every user, no matter their technical acumen or accessibility needs, is a costly undertaking for app creators. That’s because building a Magic implementation never really was just one line-of-code. You still have to create buttons, composed into forms, connected to a server. Model user accounts, measure conversion rates, but wait… did I aria-label that button right? Hold on, we need a combobox? Now add social logins to the mix: what the heck is OAuth? Or WebAuthN? This login page is turning into infinite story points! As we added more and more choices for sign-in, we heard feedback that Magic was harder to use, especially for no-code builders. So, what happened? And why should auth — something that every app needs — be so difficult to build and maintain? That’s a question that’s been bugging me for some time now. I lead the engineering team for developer experience at Magic, so we aimed to set a new standard to help our customers build auth more quickly, more securely, more accessibly, and more user friendly-y. Occam’s auth The aha moment came from the simple realization that most modern auth flows follow a discrete pattern: authorization and callback. You prompt a user to authorize themselves, traditionally with an email + password. Or, a more modern (and more secure) approach would use social logins, or Magic’s own passwordless email/SMS flows. Once a user has submitted their proof-of-identity (“authorization”), the app has to then verify this information (“callback”). In the case of social logins, this requires checking a one-time code built around some fancy, math-y cryptographic stuff. Or, using Magic’s passwordless SDKs, you just call getRedirectResult for social logins and loginWithCredential for email/SMS. Building auth for the web essentially boils down to two big function calls. Noticing this, however, presents an opportunity to do what we engineers love to do best: abstract! But we weren’t going to make just any abstraction. We want a new paradigm that speaks to the power of web development today and uses web primitives in such a way that the solution can slot into just about any tech stack. We’re especially excited about no-code and low-code platforms like Webflow and Bubble, so we made it a priority to support those tools as natively as possible. Introducing (truly) plug & play auth Today, we’re introducing a new way to implement Magic auth for the web: Magic Login Form. We think it delivers on the promise of Magic as the easiest, most flexible, and most extensible auth solution available. That’s because we want your frontend implementation to be as simple as copy & paste. Everything you need to start securely authenticating your users with any of Magic’s sign-in methods is two <script> tags away: That’s all it takes to
MagicLabs,MagicLabs,,Medium,,,,,,,Decrypt trusts Magic to onboard record new user growth with the launch of reader tokens and rewards,I’ll cover how the Decrypt team streamlined development and onboarding to launch Decrypt Tokens and Drops — along with how crypto DNA and a leading product and team drove their trust in Magic.,"Decrypt trusts Magic to onboard record new user growth with the launch of reader tokens and rewards “CryptoPunks NFTs Are Worth Nearly $2 Billion Now” “Non-Fungible Tokens (NFT): Beginner’s Guide” These two headlines are just a glimpse into how Decrypt helps demystify the decentralized web. On the site, you can find everything from insights into the biggest events shaping the crypto industry to content that meets readers where they are in their journey of learning about blockchain and cryptocurrencies. As a fan of the publication, I was thrilled to talk with Luke Hamilton, Senior Software Engineer. In this post, I’ll cover how the Decrypt team streamlined development and onboarding to launch Decrypt Tokens and Drops — along with how crypto DNA and a leading product and team drove their trust in Magic. Incentivizing readers to earn as they learn Decrypt is the gateway into the decentralized world. What’s unique about the reader experience is its clear-eyed storytelling and accessibility. Decrypt content caters to various levels of existing crypto knowledge. Back in 2019, the team had ambitions to deepen the reader experience and connect further to their ethos of education through using decentralized technology. Fast forward two years of behind-the-scenes work by their product team, that vision is now brought to life with the launch of Decrypt Token (DCPT), a new reader token that lives inside the Decrypt mobile app. According to the team, “The token is our way of participating in the decentralized industry we cover, and experimenting with how cryptocurrency can spur reader engagement.” So, what’s in it for readers? The opportunity to earn as they learn. Every week, unique digital rewards — called Drops — become available and redeemable with Decrypt tokens. It’s an ingenious way to assign value to actions, thank readers for their loyalty, all while also encouraging hands-on interaction with crypto. Novel reader tokens and rewards inside a mobile app During the development process, Luke and the team tackled the question of how to authenticate users. They explored whether to build their own authentication or integrate with an existing auth solution. Internally, there was already substantial discussion about going passwordless for the tokens MVP (minimal viable product). For Decrypt, the biggest benefits to passwordless login were improvements to UX and that several forward-thinking brands had started to make passwordless login increasingly popular with users. At the time, work on traditional username and password flow had already begun. But after assessing where the app was and what was left to do in the critical path, Luke realized they had not yet solved issues around account recovery. After evaluating the large effort it’d require their lean engineering team to build out forgot password, reset password, and so on, Luke decided not to continue to invest in a traditional auth flow and instead, implement Magic. Natural excitement for Magic sparked at first discovery because of the companies’ shared philosophies on crypto. “Choosing Magic further bolstered the credibility of our ethos.” The product also stood out as the passwordless auth solution with future-proof crypto and identity tech under the hood. “The clear aha moment came when we realized Magic does exactly what we wanted, functionally and philosophically: frictionless login for users and decentralized identity aligned to our mission. There weren’t that many competing solutions or anything remotely comparable; it’s fully-featured and production-ready.” Luke estimates that continuing to build password-based auth would have added “at least another month” to their roadmap. In just a week, email m
MagicLabs,MagicLabs,,Medium,,,,,,,Magic Product Updates: December Edition,"Since our last product update, we’ve launched a multifaceted set of capabilities that enable you to do more with Magic.","Magic Product Updates: December Edition Happy holidays to the Magic community! Since our last product update, we’ve launched a multifaceted set of capabilities that enable you to do more with Magic. In this post, I’ll cover the latest highlights and improvements. Multi-factor Authentication Developers can now enable multi-factor authentication (MFA) for your users! This capability allows customers to add a layer of security to their end-user accounts. This means a secondary factor is validated along with the existing primary factor to log in to an account. Typically, the primary factor is an email, and a secondary factor is a phone number or mobile device authenticator. The idea is that both factors will need to be compromised to breach an account. The benefits of enabling MFA include: - MFA reduces the risk of a compromised account or stolen NFTs by requiring users to provide multiple credentials to access their accounts. - It protects users from theft. By requiring multiple authentication methods, MFA adds a layer of security from a stolen laptop or device. - MFA is one of the most straightforward and robust security methods a developer can enable. Magic makes enabling MFA simple with one click in the dashboard. - It helps your users meet regulatory compliance standards. You should enable MFA if your users must meet HIPAA, PCI, or CJIS compliance standards. Magic offers MFA through mobile authenticator apps like Authy or Google Authenticator. Email and SMS primary factors are currently supported. Magic will add WebAuthN, and social login primary factors support in the future. To get started, head to the dashboard and enable MFA or read more about the integration here. Custom Email Provider Have you wanted to customize the sender of your email magic link login? With Magic, you can now route emails through your Simple Mail Transfer Protocol (SMTP) server. Enabling the custom email provider gives you complete control over where your app’s login email is sent from, as well as the name of the sender. Magic will send email magic links through your SMTP server as soon as you configure the custom email provider. Disabling the custom email provider will restore sending emails from noreply@trymagic.com. Magic’s custom email provider is compatible with leading SMTP servers. Please visit our docs for more information on how to get started. Teams We believe when it comes to building great apps, collaboration is critical. That’s why we are introducing Teams. Every Magic developer is given a Personal team where you can invite up to two collaborators to help integrate Magic, update branding, or manage your users. As a collaborator, you will have access to any teams you have been invited to and your Personal workspace. Teams consist of two basic permission levels: a team owner and collaborators. The team owner has complete control over their account and is responsible for billing and managing team members. Collaborators have access to Dashboard functionality to collaborate on any project within the owner’s account. To add members to your project, head to your Magic Dashboard and look for My Team to get started. Magic Login Form: Privacy Policy and Terms of Service Our Magic Login Form enables a developer to integrate passwordless login with just 2 script tags. Seamlessly link to your applications Privacy Policy and Terms of Service and have them shown within the Magic Login Form. to new registering users and returning login users. For more information on embedding a URI, review our script options here. SMS Login for SDKs SMS Login support has been expanded to our Mobile, Flutter, iOS, and Android SDKs! This release enables developers to easily integrate SMS Login to their applications on any of the supported platforms. Thank you As 2021 comes to a close, I want to thank you for your support over this last year! At Magic, we are
MagicLabs,MagicLabs,,Medium,,,,,,,Magic Raises $27M to Future-Proof Authentication,"Magic makes it plug and play for developersto add secure, passwordless login, like magic links and WebAuthN, to their applications. Users are no longer exposed to password-related risks from the very start.","Magic Raises $27M to Future-Proof Authentication Today, we’re thrilled to announce that Magic has raised $27 million in Series A funding, bringing our total funding to $31 million. This round is led by Northzone, with participation from Tiger Global, Placeholder, SV Angel, Digital Currency Group, CoinFund, and Cherubic — along with a roster of more than 80 stellar angel investors, including: - Alexis Ohanian — Co-founder of Reddit, Initialized Capital - Balaji Srinivasan — Ex-CTO at Coinbase, Co-founder of Earn.com - Ben Pruess — President at Tommy Hilfiger, Ex-VP at Adidas - Casey Neistat — YouTuber (12M subscribers) - Guillermo Rauch — CEO of Vercel & Next.js - Jacob Jaber — CEO of Philz Coffee - Jason Warner — CTO of GitHub - Kayvon Beykpour — Head of Consumer Product at Twitter, Periscope - Naval Ravikant — Co-founder of AngelList - Roham Gharegozlou — CEO of Dapper Labs - Ryan Hoover — Founder of Product Hunt, Weekend Fund - Sahil Lavingia — CEO of Gumroad - Scott Belsky — CPO of Adobe, Author of “The Messy Middle” - Soona Amhaz — General Partner at Volt Capital / TokenDaily - Varsha Rao — CEO at Nurx, Ex-Head of Global Ops at Airbnb This new capital will help us double down on empowering developers and future-proofing our technology, to ensure Magic is the most secure, seamless, and scalable way to onboard users sans passwords. Since launching on Product Hunt in April 2020, Magic has been in hyper-growth mode. This year, we went from a few people in a San Francisco loft to a 30+ all-remote team spread around the world. We’ve over 10X’d the number of developers building with Magic and our community continues to grow at a fast clip each month. Now, we’re securing millions of user identities for companies of all sizes and verticals. Trailblazing customers like UserVoice, Decrypt, Polymarket, Fairmint, and more integrate Magic as their core auth flow. We’ve helped our customer base expedite time-to-market, boost conversion rates, reach more audiences, level up security, and reduce cost. And we’re just getting started. Our vision is to build the passport of the internet in order to safeguard the trust between users and internet services. The legacy model User trust is one of the biggest challenges of the internet. Despite explosive growth in the number of people now connected to the internet — over 5.1 billion users, 67% of the planet — user trust is at an all-time low. Why? The current user trust model of the internet is fundamentally broken. A majority of the internet ecosystem has been trading user security, trust, and privacy in exchange for convenience and unsustainable profit growth. These dynamics at play resemble a teetering Jenga tower about to collapse. We are ensnared in a cybertrust paradox: relying on both a handful of mega-corporations and relative geopolitical stability for access to vital online services — sometimes forcefully so. These corporations may: - Go out of business and stop providing services - Get hacked and cause massive damage to businesses and users - Restrict critical access due to geopolitical motivations - Exploit user privacy and compete with businesses built on their own platform due to misaligned incentives - Ignore compatibility with modern tech stacks like Jamstack, blockchain, and other forms of decentralized infrastructure Big tech companies become centralized custodians, amassing troves of user identity data, creating single-points-of-failure with “too big to fail” level risks. With motivations to expand and maintain growth at all costs, they acquire more companies and absorb even more user identities. Close to 80% of all recorded acquisitions happened in the last 8 years alone. This problem compounds itself. One password leak makes
MagicLabs,MagicLabs,,dropbox,,,,,,,Magic: A Key-Based Authentication System For Self-Sovereign Identity,"Since Magic’s authentication protocol is based on key pairs provided by decentralized blockchain networks, it is platform-independent and thus able to provide authentication service without having to rely on centralized identity providers.","Build and deploy self-sovereign identity solutions, with the technology and go-to-market resources powering the largest implementations of digital credentials in production. Unlock the trust, security, and privacy benefits of verifiable credentials with our industry-leading platform. Start building real-world solutions today, with our software, training materials, product documentation, and world-class customer success team. Evernym is helping us develop our strategic response to the self-sovereign identity market opportunity. With access to Evernym’s insight, tools, and expertise, we’ll be able to rapidly experiment with this technology and its potential applications to the benefit of both individuals and business. Discovering Evernym and its tech in the last two weeks has totally changed my view on data privacy and the sharing of information. Evernym has put Truu at the forefront of decentralized healthcare identity. We have worked closely with Evernym to enable doctors to control their own portable digital identities at a higher level of trust than current standards. Evernym has given us very clear first steps to explore self sovereign identity. With experts on hand, we are able to learn quickly and develop real solutions that directly benefit our customers, partners and the wider business We just did a great live demo of verifiable credential exchange at the Blockchain in Pharma Supply Chain conference in Boston. It was very well received so thanks to this community for the support to make this possible! When you work with Evernym, you work with the world’s leading expert in verifiable credential technology. With deep skills in digital identity, cryptography, privacy, security, and governance, we are the original developers of Hyperledger Indy, the creator of the Sovrin Network and the Sovrin Foundation, a WEF Technology Pioneer, and a co-founder of cheqd, the Trust over IP Foundation, the Decentralized Identity Foundation, and the Good Health Pass Collaborative. We’re a mission-driven company, committed to continually raising the bar when it comes to privacy. All of our products are meticulously architected around privacy, incorporating cutting-edge cryptography and zero-knowledge proofs for data minimization. We never cut corners when it comes to building for the trusted future we want to see. Five safeness checks for ensuring that your digital identity systems are secure, private, flexible, and non-correlatable. It’s not enough to “talk the talk.” Here’s how our core principles have informed our entire direction. Not all digital credential solutions are created equal – here’s what makes Evernym’s solution safe, private, and open.",https://www.dropbox.com/s/3flqaszoigwis5b/magic%20whitepaper.pdf?dl=0,,Whitepaper,,Meta,,,,,,,,2020-07-09,,,,,,,,,,,,,
MagicLabs,MagicLabs,,Medium,,,,,,HackOn2.0,Magic at HackOn2.0,"At Magic, we love to be where developers hang out. As a Developer Advocate, it’s especially fun to connect with devs dreaming up big ideas and hacking them into reality. Back in April, the HackOn2.0 team reached out to me to talk about getting Magic involved in their next hackathon. We jumped at the opportunity and were so glad to support the HackOn2.0’s vibrant community.","Magic at HackOn2.0 At Magic, we love to be where developers hang out. As a Developer Advocate, it’s especially fun to connect with devs dreaming up big ideas and hacking them into reality. Back in April, the HackOn2.0 team reached out to me to talk about getting Magic involved in their next hackathon. We jumped at the opportunity and were so glad to support the HackOn2.0’s vibrant community. HackOn 2.0 is a week-long, global digital hackathon organized by Aditya Oberai, Rishabh Bansal, and team to bring developer’s ideas from inception to reality. This year’s edition focused on fostering innovation and also raised awareness on mental health and diversity. A lot of people dedicated time to participate! 8,298 people registered. In total, there were 370 teams of 2–4 members each. Participants built their hackathon projects based on these tracks: Magic was proud to be a platinum sponsor. In addition, I was Personally psyched to also be a mentor during the hackathon. The learning session set up for May 27th helped participants understand what Magic is and how to get started with it. For the mentor session, you can catch the full video recording here. “Best Hack built with Magic” was one of the categories for participants, in addition to the primary tracks. The participants were allowed to choose more than one sponsored track. We had the following prizes for participants: It was exciting to see that 15% of all projects were built with Magic! When it came to evaluating projects, selecting the winners was not an easy task. All of the projects were amazing and well-aligned to the primary track. In the end, we landed on the top 3 hacks that were focused on solving real problems and have utilized the best possible tech stack in this short time. A key criteria considered was how appropriately the project has implemented the Magic integration. Without further ado, here are the winners — along with the problem they are solving, the technology used, important links, and their team members. Winners 1. WeCare by Eternals Problem it solves WeCare predicts the health risks to your body based on your daily health. The ongoing pandemic made everyone learn the importance of being healthy and how daily activities and diet play a major role in being healthy. Team Eternals wanted to alert the users of WeCare about any risk associated with a deficiency or unhealthy lifestyle by showing graphs and predictions using machine learning. WeCare has a smart predict feature that helps uncover latent diseases and predict the risk of future ones. Patients will be able to review medical conditions and reach their treatment goals much faster, lowering the risk of serious health complications. Technology used ReactJS, Python, Django, Apollo, GraphQL, Heroku, Firebase, Magic Team Members Harmanjit Singh, Kunal Khullar, Gurleen Kaur, and Paritosh Arora Important Links Frontend Backend Video demo 2. ShopZop by Etherbots Problem it solves The Covid-19 Pandemic has hit the small and Medium-size businesses hard as they relied on their in-shop customers and had very little or no digital presence at all. And with the lockdown and movement restrictions, these businesses have suffered a lot. Team Etherbots came together to help connect the shop owners with customers and helping them. A simple solution was to harness the power of an application that almost every Smartphone user uses in India — WHATSAPP!. It will increase their online reach and solve the problem along with some revenue. Technology used ReactJS, NodeJS, GraphCMS, GraphQL, WhatsApp, Magic Team Members Ayush Jain and Bhuvanesh Shathyan Important Links
Mattereum,,Mattereum,,Rob Knight; Vinay Gupta,,"United Kingdom, England, London",,,,Mattereum,"Mattereum has the tools to make physical goods flow around the world as easily as information using Ethereum blockchain smart contracts.<br><br>We help people to sell, organise, and communicate about their property with confidence. Strong product knowledge ensures everyone derives maximum value from objects they buy, sell, and own.<br><br>Mattereum’s first customer is legendary actor William Shatner’s company Third Millenia. Using Mattereum Asset Passports to authenticate important collectibles and memorabilia from Mr Shatner’s long and distinguished career will ensure that these items continue to grow in value by retaining their provenance indefinitely.",,https://mattereum.com/,,Company,,Company,Enterprise; Web3,DWeb,IOT,,,"Ethereum,Smart Contracts",,2017-08-04,https://github.com/mattereum,https://twitter.com/mattereum/,https://www.youtube.com/channel/UCPJMRiyPFgquezFZT850_Ew,https://medium.com/humanizing-the-singularity,https://medium.com/feed/humanizing-the-singularity,,https://www.crunchbase.com/organization/mattereum,https://www.linkedin.com/company/mattereum/,,,,https://t.me/mattereum,
Mattereum,Mattereum,,Medium,,,,,,,Build Back Better!,"VR is not ready for artistic reasons, far more than for technical ones. So my prediction is this: the Metaverse is going to fail.","Build Back Better! Vinay Gupta, CEO of Mattereum and Ethereum launch co-ordinator in 2015 looks at how to survive the Crypto Winter and come out the other end with new purpose Around 2017 I was looking at starting a VC fund. I didn’t know exactly how to do it: I’d worked in a fund in the 1990s but there was a lot about the business I did not understand at the time. As part of the research, I put about 100 people through their first VR experience. I wanted to figure out if it was time to invest in VR projects. It was market research. I came to the conclusion that we were years away from VR being a workable technology. The hardware was clearly ready: Oculus Rift was a little clunky but it was the Apple IIe of VR: the thing that tells you The Revolution is Coming. That was fine. But the software was appalling. Back in the day they made movies by putting a camera on a tripod and doing a stage play in front of it. It took decades to make movies. A whole new art form (cinematography) had to be invented. Shocking and amazing things happened decade after decade for a century to get us to where cinema is now. Those changes were often driven by technology, but they were delivered by actors and directors portraying the human experience in new ways, creating ever-more-compelling works. VR is not ready for artistic reasons, far more than for technical ones. I could go on about this for some hours, but the lack of a “virtual cinematography” makes most VR experiences as compelling as watching CCTV footage of mall parking lots. It does not matter if I’m looking at the wheat fields of Gondor and scouting for Nazgul, if it’s not telling me a story I don’t want to know. Also violence is overwhelmingly overpowering in VR. It’s literally just too much and reducing the violent content of our video games to the point that it doesn’t traumatize people to play (Arizona Sunshine, I’m looking at you here) is also going to take time. So my prediction is this: the Metaverse is going to fail. The pandemic is more-or-less over, people are back out in the world again, and everybody loves this place! The stay-at-home culture which VR is fundamentally rooted in doesn’t provide the lived experiences which people want. There is something very much like VR which people do want, but until VR has solved the artistic problems of storytelling in the virtual Medium it’s just chat rooms with better graphics. I have an Meta Quest II, and it’s gathering dust: there’s just nothing to *do* in there. Not yet. On the other hand, we have inflation. To inflate. The state of things being inflated. The bubble of all bubbles. Folks don’t remember inflation. Realistically the US inflation rate is about 12% right now, if it’s calculated using the same measures used back in the day. If that stays up for four years, each dollar in circulation loses half of its value. The whole economy goes through what the Ethereum community has gone through in the last few weeks, over a couple of years. It is devastating. In theory wages adjust to keep up with inflation, and interest rates too. Practically speaking without strong labour unions to negotiate, workers get poorer year-on-year. Pair that up with the global supply chain crisis, including food, and you’ve got a recipe for global disaster. The middle class don’t just get to retreat into the virtual world. There’s nothing there that anybody wants. No, we have to stand our ground and fight for the real world: it’s where we live. The metaverse is not going to save us. If we re-inflate the tech-hype bubble around the metaverse, it’ll produce a brief flare of innovation, some very inflated prices for assets which are inherently extremely volatile, and another flame-out like the one that we’re in, just a couple of years down the road (at most.) I quite liked play to earn as a concept. It didn’t seem inherently b
Mattereum,Mattereum,,Medium,,,,,,,The Best of Both Worlds: Solving Doctorow’s Oracle Problem,"So while the blockchain space is in some abstract sense perfectly private and perfectly reliable, things are weakest at the joints. The on-ramps and off-ramps are parts of the real world, they’re tied to physical reality and KYC/AML/CTF regulations.","The Best of Both Worlds: Solving Doctorow’s Oracle Problem Cory Doctorow has been thinking about Web3 lately. He just wrote a long piece about the Oracle Problem. In this article we’re going to get to the bottom of the Oracle Problem, and how Mattereum’s solution to the Oracle Problem — multi party risk splitting with full legal enforceability — lets customers buy and sell valuable physical items as NFTs with strong buyer protection. Solving the Oracle Problem in specific domains opens up huge possibilities for trade. Let’s go through Cory’s critique, and then present some answers to his questions. The Inevitability of Trusted Third Parties The search for a crypto use-case continues. doctorow.Medium.com In one section of “The inevitability of trusted third parties” Cory Doctorow quotes extensively from one of my comments on the Well’s State of the World 2022. I said: Here is an NFT on OpenSea which gives the owner the right to physically take delivery of a 1oz gold bar currently vaulted in Singapore, or its financial value.https://opensea.io/assets/0x495f947276749ce646f68ac8c248420045cb7b5e/47824387705 324153400210554042155132922682187088261737780213014306821163188225[...]Here is the full legal text of one of the Ricardian contracts: https://passport.Mattereum.com/ntfa.20210319.20.alpha.004.619263/06_carbon/asset s/out/certification-contract.htmlThis one is a contract between the NFT owner and my company, which guarantees that we have bought-and-retired carbon credits to cover the physical mining of the gold bullion that is being sold. It also covers the CO2 emissions of the NFT issuing process.Clause 20 has the arbitration machinery.We've worked fairly closely with the UK government on arbitration rules for blockchain asset disputes.https://www.pinsentmasons.com/out-law/news/new-dispute-rules-envisage-direct-to- blockchain-enforcement-arbitral-decisionsThe rules themselves are here: https://35z8e83m1ih83drye280o9d1-wpengine.netdna-ssl.com/wp-content/uploads/2021 /04/Lawtech_DDRR_Final.pdfWe get a name check on page 4.So what's being built out here is a very tightly bound legal framework for buying and selling physical goods, with suites of Ricardian contracts creating legally-enforceable claims about what the goods are **DRAWN ON THIRD PARTIES**. Those third parties do not benefit from the sale of the goods themselves, they make a living providing legal warranties on the goods - they're essentially third party inspectors with no economic interest in the situation other than by selling insurance on the fact that something (for example) contains no slave labour. Cory then continues: But the more I think about this smart contract, the fewer reasons I can find for it to be a smart contract instead of just, you know, a contract. As Vinay Gupta — the creator of this system and someone I have a lot of respect for — says, right there in the text, the entire system relies on third party arbiters to make sure that the parties involved don’t rip each other off, that no one uses slave labor, that the carbon is all offset through various schemes and so on. The point is, all of that could be a deception. The only reason to trust it is that you trust the auditors who have signed the scheme. I don’t mean to pooh-pooh the role of auditors here. Auditors are great. In fact, we’re in the middle of several kinds of serious economic crises because we allowed auditors to become an oligopoly of hopelessly conflicted megafirms, and they are cheating like crazy, and so much of the world is broken as a result. We know that the big auditing firms are riddled with fraud. We know that carbon offsets are among the most fraudulent instruments that companies make. I don’t get
Mattereum,Mattereum,,Medium,Ian Simmons,,,,,,The Blockchain Sheep of Reason: Why the blockchain works for the young and old people hate it,There is practically no boomer control of bitcoin or Web3,"THE BLOCKCHAIN SLEEP OF REASON Why the blockchain works for the young and old people hate it By Vinay Gupta, CEO, Mattereum The younger generation suck at explaining the blockchain. No wonder there’s so much fear, uncertainty and doubt in the space right now. Let me explain what’s going on, but this time we’re going to leave the really important parts of the picture in the frame. You’ve got to start in 2008 with the global financial collapse. Since then, interest rates have hovered around zero as government pumped cash into the global economy to keep it running. For a long time, no inflation. The extreme medicine was working. Then covid, and 5% inflation. During that period with no inflation, and tons of money printing, there was very little economic growth. If there had been, inflation would have started then — the economy picks right up, credit risk goes down because lending is less risky, and prices start to rise on the cash. So what happens to people who are turning 20 or graduating college in 2009? Nothing. Nobody will lend them money to start businesses, VC becomes extremely conservative and risk-averse, and Silicon Valley starts to consolidate. Life is slowly getting harder, and young are v. poor. Actually take a look at this thing: There’s just a titanic concentration of wealth in the hands of older people, and the young are living on scraps. This is absolutely brutal: feels like civilization is going backwards. The young are terrified. So in this situation what the young need is economic opportunity and THEY ARE NOT GOING TO GET IT IN ANY RESOURCE POOL THAT THE BOOMERS CONTROL.There’s just no room to expand: whatever you want to do, there’s a tax: boomers control media distribution, VC finance, real estate. Most of the easy niches in the dotcom world are already taken: people shop, they read the news, they listen to music, they date — and big dotcoms are already in all of those niches. Nobody is going to overthrow reddit and FB anytime soon; they’re solidly locked into place now. This is a simple problem of access to capital: land, patents, intellectual property, distribution networks for physical products (Target, Walmart). The young don’t have enough cash to BUY INTO THE SYSTEM. They’re so poor they can’t even get exploited. Now do you see Bitcoin’s’s fix? Bitcoin allows its adherents an escape from the boomer-ridden conventional economic landscape. What is bitcoin’s core feature? IT’S TOO HARD FOR BOOMERS TO USE. So you can build an economy for the young, a parallel state to the Boomer Dollar dominated US political landscape. This is one of those Voice, Loyalty and Exit things. The young complain: nobody hears them. They try and tough it out in existing cultural blocs: still can’t make rent. But to exit the boomer-controlled old economy into the btc/Web3 space? Wow: a huge self-financed bubble grows.There is practically no boomer control of bitcoin or Web3. I’m 50, and I’m one of the oldest people in the space — Ian Grigg, David Chaum, Joe Lubin, Don Tapscott, a handful of others — but the old guys are rare and (apart from Joe) not that powerful. Young blockchain frontier. Now, young people, they are not so smart. I was young myself. They make mistakes. Big ones. Now we have Oh So Many young people running around with a huge pile of capital that they basically created by believing each-other’s stories. It’s a creative pact. A NEW SOCIAL CONTRACT. So this New Social Contract (NSC), let’s examine things like Bored Apes. In this contract, kids who grew up with an ipad in their hand acquiring virtual property in games and trading it with friends, go from renting virtual property from Farmville to creating and owning it. Why is an Ape valuable? The younger generation decided it was valuable. Why isn’t this golf course valuable? The people that thought golf was at the
Mattereum,Mattereum,,Medium,,,,,,,Winter Has Come,"crypto wins by solving problems that nobody else can solve, profitably. It has to win at three levels to survive:<br>- Ordinary people have to use it<br>- It has to generate actual value, not just move value around<br>- Governments have to tolerate it or use it themselves — either one will do<br>","Winter Has Come Vinay Gupta, CEO of Mattereum and Ethereum launch co-ordinator in 2015 looks at the latest Crypto Winter and how we got here. Once again, crypto winter is upon us. Depending on how you count this is my fifth or eighth. Back in the 1990s there was ITAR and the crypto wars, where the US Federal Government basically killed the industry in America, back when crypto was a thing you did to emails not a shorthand for privately issued anonymous digital cash. The early days of bitcoin, when it hit thirty-something dollars then crashed to four and stayed there. The 2016 DAO crisis. I’ve seen it all. I want to talk about how we wound up where we are today, and how we get off this nightmare ride of boom-and-bust cycles which are psychologically trashing our industry and making it so hard to build enduring value. We can stop the bleeding, but we have to be smart. The psychology of the boom-bust innovation cycle. Here’s the piece I wrote in 2017 about the 2018 crypto winter. Some of you may remember it. It lays out the same basic case I’m going to make here: crypto wins by solving problems that nobody else can solve, profitably. It has to win at three levels to survive: - Ordinary people have to use it - It has to generate actual value, not just move value around - Governments have to tolerate it or use it themselves — either one will do If we can’t hit all three of those criteria WANGMI. We’re building a technology that needs a billion regular users to survive. The constants are huge: big engineering teams, big marketing budgets, complex legal and regulatory work. It all costs money and the only thing that can sustain the industry is real economic growth. It is still Warren Buffet’s world — literally, he owns it. His way of analyzing the world is to look at the fundamental valuation and profitability of assets. He’s so good at it, his company has roughly the same market cap as Ethereum had a couple of years ago. But Buffet’s company doesn’t 10x up and 4x down every couple of years: it’s plodded along fairly reliably for decades, incrementally growing value. Now, you’ve gotta ask yourself, “why can’t Warren Buffet see crypto?” And it’s not because he’s old or doesn’t get tech. No, it’s because he’s smart about financial fundamentals. That’s all that boring stuff like: - How much food will come out of the ground? - What’s the global market for machine tools going to look like next year? - How fast are people moving to the cities? Thinking about this stuff really carefully is how you figure out when a real-world asset is under-valued. Buying things which are under-valued is how Warren Buffet makes money. But Warren Buffet won’t buy bitcoin at any price. So we have to think about that. What do we know that Warren Buffet doesn’t? Now let me introduce another big thinker about finance: Carlotta Perez. Perez is good at valuing bubbles. Specifically, she’s good at thinking about how bubbles create value in the long run even though they all pass through horrible periods like this. Source: https://avc.com/2015/02/the-carlota-perez-framework/ Source: https://www.lesswrong.com/posts/oaqKjHbgsoqEXBMZ2/s-curves-for-trend-forecasting What Perez says, roughly, is that bubbles build infrastructure. There’s a massive surge of irrational enthusiasm during which water flows uphill, capital flows into the most improbable things, and the future seems so close you can touch it. Warren Buffet hates this stuff because it involves guessing about the future. During that initial lift, during the innovation burn period, the G-force is like sitting in a plane at take-off. It hits you right in the base of your spine. Here we go! Then a little later
Mattereum,Mattereum,,Medium,,,,,,,Bringing Truth to Market with Trust Communities & Product Information Markets,"With product information markets enabled by Trust Communities, we can incentivize truth in markets by allowing experts to make money on their expertise and face consequences for erroneous claims. Simple concept, powerful implications.","Bringing Truth to Market with Trust Communities & Product Information Markets The incentives in the global marketplace are utterly broken, giving rise to drastic inefficiencies, environmental harm and human rights abuses around the world. How do we create a market economy that doesn’t consume the world? Intro: Fix the Incentives, Fix the World As it currently stands, centralized institutions are incentivized not to secure truth in their products or services but rather shield themselves from potential liabilities. While many companies offer warranties to their products, these are limited almost entirely to the primary markets. As soon as an object begins trading in the secondary markets, liability dissipates. The only other sources of truth available beyond the manufacturer are the specialist firms which rate and certify objects of a particular domain: fine art, collectible cards, instruments, etc. However, these institutions are limited in their capacity by their lack of a shared record of an object’s history. Best case there’s an entry in a single database. Worst case: a single paper certificate. This disconnected certification system and lack of initiative and coordination in securing product information has incredibly adverse effects on society: counterfeiting abound, environmental harm, and human rights abuses. So how do we break out of the silos of separate “truths” and crowdsource expertise to build a better marketplace that doesn’t absolutely consume the world? Our answer: Trust Communities What are Trust Communities? Built on the Mattereum Asset Passport Before diving into this concept it is important to discuss the core component of the Mattereum Protocol: the Mattereum Asset Passport (MAP). In short, a MAP is a bundle of legal warranties tied to an object. While these warranties can vary with the object in question, the initial warranty is often some form of identification. Other warranties in a MAP may include authentication methods, carbon offsets, anti-slavery certification, tokenization (or connections to any smart contract or software system), and many others. These warranties are essentially “legal lego” of various contract terms that will range greatly between different asset classes and will accrue around assets over time. The warranties within a MAP are not informal handshakes on the internet but rather legally-enforceable terms of a contract that the buyer opts into, evidenced by cryptographic signatures which bind counterparties to the underlying legal agreement. All claims are backed by financial stake, giving all warrantors accountability and skin-in-the-game for their assessments. This framework also provides access to dispute resolution protocols in the event of systemic or commercial fallout via an arbitration clause in the contract. Later this year we will integrate UNN.finance risk management pools so that there is a DeFi-native way of supporting product sales using Mattereum. We are also building bridges with the regular insurance industry. This approach means a single asset can be protected by both DeFi-native and fiat-native risk management protocols. Once a MAP has been generated, we must then have a system in place to incentivize and secure this object warranty system over time without centralized institutions. Building Product Information Markets with Blockchain Commerce on the internet is both a technological and social phenomenon, so any proposed system must address the fundamental social and technical challenges that go into curating and securing product information. Socially, in the absence of centralized trust we must incentivize experts to apply their domain-specific knowledge to supply warrantied information around goods
Mattereum,Mattereum,,Medium,,,,,,,Decentralizing and Securing Collectible Card Grading Services with the Mattereum Protocol,"Avoid costly industry deadlocks and gatekeeping with a peer-produced, decentralized alternative to centralized collectible grading and authentication services with the Mattereum Protocol","Decentralizing and Securing Collectible Card Grading Services with the Mattereum Protocol Avoid costly industry deadlocks and gatekeeping with a peer-produced, decentralized alternative to centralized collectible grading and authentication services with the Mattereum Protocol On March 30, 2020, the collectible sports card world was shaken by the news that the gold standard card grading and authentication service, PSA, had decided to close its doors to new submissions following a vast uptick in demand in recent months that had created an insurmountable backlog. Competing firms may enjoy a new wave of users from this new demand, but as they operate on the same business model and processes — accepting incredibly steep submission and grading fees and using trained in-house personnel — this new window of profitability and growth may inevitably lead to the same path as PSA: incapacitation and immense loss of value. How can the collectible card world achieve and sustain a level of scalability, resilience, and quality in the expert certification process that can adapt to the ebbs and flows of a growing, global industry? Enter the Mattereum Protocol, a peer-produced, decentralized alternative to centralized grading and authentication firms that elegantly brings assets from zero history to storied value with built-in legal warranties and dispute resolution. Before diving into how Mattereum addresses these issues, let’s first unpack the incumbent business model. Monopolies | High Fees | Gated Markets Grading companies wield immense monopolistic power. A small number are held as industry standards. A favorable grading from them is much sought after. An unfavorable grading from them is fairly damning. A high rating by a firm like PSA can be the difference between a card valued at $500 versus $50,000 or more. Most of the card sales that make headlines with multi-million dollar auctions feature a PSA grade. In fact, a profitable cottage industry of specialist companies have arisen to offer predictions of what the PSA rating for a card may be. Occupying this indispensable position, grading companies can charge what they like for their services, comfortable in the knowledge that collectors and dealers will pay it. There is a fundamental imbalance in power here. Disputes over a grading, while not impossible, are very difficult as grading companies are insulated by their Ts&Cs which state that grading conforms to THEIR standards and that graders are authorized to exercise their judgement within these bounds. This is a double edged sword. While it ensures judgement by established criteria, it also grants their objective opinions on certain matters a great deal of weight. In the legal world, we call these sorts of arrangements contracts of adhesion, situations in which a single, powerful firm takes charge of the contract drafting process and is able to bend the agreements to their favor. This a common instrument (among others) wielded by companies with monopolistic and gatekeeping tendencies. Yet, despite the value and reputation these firms have in the collectibles industry, the actual mechanics of their business are difficult to scale which can be a stated justification for egregiously high fees. And so it goes. We propose a different way of doing things. The Mattereum Protocol in Practice Peer production of goods, services, and infrastructure has become a powerful phenomenon in the 21st century. With the monumental success of peer-produced operating systems (Linux), encyclopedias (Wikipedia), and financial infrastructures (Bitcoin, Ethereum, and other blockchains), it is not a stretch to imagine other industry verticals that could benefit from a similar paradigm shift. The ecosystem that has built around collectible card gr
Mattereum,Mattereum,,Medium,,,,,,,"FOS Ep. 5: Ian Grigg on Crypto, Identity, Community, and Building Positive-Sum Systems","Ian Grigg is one of the most influential builders in the crypto space, having built digital asset systems since the nineties. We discuss his invention of the Ricardian contract framework, what makes cryptonetworks successful, identity as communal phenomenon, and the importance of building positive-sum systems.",,https://medium.com/humanizing-the-singularity/fos-ep-5-ian-grigg-on-crypto-identity-community-and-building-positive-sum-systems-17ef316703b9,,Episode,,Meta,,,,,,,,2021-08-25,,,,,,,,,,,,,
Mattereum,Mattereum,,Medium,,,,,,,Countering Marketplace Deception with Mattereum’s Trust-as-a-Service Platform,"Marketplace deception is everywhere, at great cost and risk to consumers and businesses. Regulation alone won’t fix it. Can Mattereum Asset Passports and Product Information Markets help secure trust in B2B and B2C trade?","Countering Marketplace Deception with Mattereum’s Trust-as-a-Service Platform Marketplace deception is everywhere, at great cost and risk to consumers and businesses. Regulation alone won’t fix it. Can Mattereum Asset Passports and Product Information Markets help secure trust in B2B and B2C trade? On October 13, 2021, the Federal Trade Commission issued a Notice of Penalty Offenses to over 700 companies, putting pressure on American businesses to disengage from deceptive practices such as fake reviews and false endorsements or else face civil penalties. FTC Puts Hundreds of Businesses on Notice about Fake Reviews and Other Misleading Endorsements The Federal Trade Commission is blanketing industry with a clear message that, if they use endorsements to deceive… www.ftc.gov The list of companies on the notice include some of the largest companies in the world across a range of industries, such as Alphabet, Inc. (Google), Amazon, Apple, Microsoft, Shell Oil, Starbucks, McDonalds, and many others. A quick skim through the list gives the impression that almost any household name company actively deceives consumers as part of their ongoing business strategy, at least according to the FTC. This form of marketplace deception is not limited to B2C relationships. On October 14, 2021, Reuters reported that aerospace giant Boeing had notified the Federal Aviation Administration (FAA) that it had discovered defective parts for its 787 Dreamliner fleet which were sourced by a supplier and manufactured by another company. Boeing finds new defect in continuing struggle to produce Dreamliner 787 WASHINGTON, Oct 14 (Reuters) - Boeing Co (BA.N) said on Thursday that some titanium 787 Dreamliner parts were… www.reuters.com These forms of marketplace deception are seemingly omnipresent in trade at all scales. While regulation may be able to get many businesses to more authentically engage with consumers and other businesses, some of these entities are of such a size that they can simply absorb civil penalties en masse and proceed with business as usual. To combat this endemic deception of consumers, we need a combined effort of effective regulation and technological solutions to secure trust in digital commerce. More specifically, we need to establish standards for consumer protection, and implement the protocols capable of meeting them. The Mattereum Protocol is well-suited for tackling the challenge of holding companies to account for their stated claims, specifically by offering buyers warrantied claims around their purchased goods powered by an incentivized network of third-party expert certifiers. Let’s explore how Mattereum as a trust-as-a-service platform can help create more authentic relationships between businesses and consumers and between businesses themselves. How do we build Trust-as-a-Service? Ultimately, Mattereum is building a system to secure truth in trade at all scales: documenting and offsetting negative externalities, creating a circular economy of reuse, recycling, and upcycling of goods, and designing incentives which align profitability with sustainability. Let’s unpack the Mattereum approach and explore how it would work in B2C and B2B contexts. Asset Passports: Living Product Documentation The Mattereum Asset Passport (MAP) is the core mechanism of the Mattereum Protocol. In short, a MAP is a bundle of legal warranties tied to an object. While these warranties can vary with the object in question, the initial warranty is often some form of identification. Other warranties in a MAP may include authentication methods, carbon offsets, anti-slavery certification, tokenization (or connections to any smart contract or software system), and many others. These warranties are
Mattereum,Mattereum,,Medium,,,,,,,Introduction to Smart Property,How can we streamline and improve the techno-social protocols around commerce so we can better maintain equilibrium with our planet and ourselves?,"Introduction to Smart Property How can we streamline and improve the techno-social protocols around commerce so we can better maintain equilibrium with our planet and ourselves? This article is a companion piece to the first episode of The Future of Stuff podcast. Listen to Vinay unpack the idea of smart property in the debut episode 🎙 Humanitarian engineer Buckminster Fuller once described an approach to building economic systems which he referred to as ephemeralization, defining it as our ability to “do more and more with less and less until eventually we can do everything with nothing.” Now, such a thing seems impossible with the numerous technological and social constraints that come to mind, but the idea of “doing more with less” as a design principle — if followed responsibly — could eventually lead us to a future where atoms and bits dance in perfect synchrony, benefiting everyone at the expense of no one. With that north star, we can start prototyping the systems of tomorrow with the tools of today. With that in mind, let’s explore a potential techno-social Medium for building this future: smart property. What is Smart Property? In the online age, people are used to summoning entities around the world to meet their everyday needs. A few taps on the scrying mirror of a smartphone can marshal human and autonomous agents to provide all manner of services. Transportation. Goods. Housing. Entertainment. Education. Nearly anything. This ability to program value flows and social interactions around goods and services presents an incredibly powerful design space which we can refer to as smart property. In practice, smart property is property that can be bought, sold, collateralized, and accessed via software APIs and search engines. While we already have this in a sense with housing (AirBnB), transportation (Uber), distribution (Amazon), and other areas, these systems are often controlled by centralized corporations operating under the illusory banner of “platform,” resulting in ongoing concerns around privacy, security, and labor practices. At Mattereum, we believe smart property is an inevitable evolution of commerce, but how this system is implemented and the motivations behind it are paramount. Smart property can be how we achieve equilibrium with the planet and with each other, or it could be co-opted by the incumbent powers-that-be with results that can be read in dystopian science fiction. Smart Property Can Fix Society’s Inventory Problem The world is suffering from a severe misallocation of resources, especially on a long-term time horizon. At the core, this is a system design problem. Between planned obsolescence and trade globalization in the pursuit of corporate profit, the things we produce are not actually built to last and rely on an unimaginably complex, global infrastructure powered by distant (or not so distant) horrific labor practices and environmental costs. The IPCW industrial cycle, designed by Mattereum CEO Vinay Gupta and a team at the Rocky Mountain Institute, provides an almost mandala-like mapping of industry. As you can see, the four main areas are Investment (of different capital types), Production, Consumption, and Waste. One way to explain this odd paradox of gluttony and scarcity in the world today is to map where in this cycle we have innovated over the last half century, and where we have not. Investment and Production witnessed a transformative leap in operational efficiency and scale in the post-WWII era, yet similar progress has not been made in optimizing Consumption and managing Waste. Tightening these feedback loops will require better policy, technology, and social awareness. We don’t know what we don’t know about our stuff and figuring it out is critical to achieving sustainability and improving quality of life for all. Smart property as a de
Mattr,,Mattr,,Jack Holt; Kyle Leach; Murray McKerlie,DHS; Sovrin Foundation,"USA, Texas, Austin",USA,,,Mattr,"Restoring trust in digital interactions<br><br>From business people to developers, from policy makers to individuals, Mattr is building tools and working alongside communities who want to transform the internet into a web of trust and restore trust and confidence in digital interactions.<br><br>We think the exciting new world of verifiable data and decentralised identity can be applied to solve many real-world problems we experience today, creating whole new opportunities for value creation. We make our products simple, accessible, and easy to use to help stimulate innovation by the people that understand their context best.<br><br>If you have a digital trust or verifiable data problem that you would like help with, let’s have a discussion on how we can help.",,http://Mattr.global,,Company,,Company,Enterprise,ID,SSI,,,BBS Signatures,"DID,Verifiable Credentials,Schema.Org,JSON-LD,Linked Data",2019,https://github.com/Mattrglobal/,https://twitter.com/MattrGlobal,https://www.youtube.com/channel/UCQ19LrZwBsotEb8M2kxWRtw,https://medium.com/Mattr-global; https://Mattr.global/resources/,https://Mattr.global/feed/resources/,,https://www.crunchbase.com/organization/Mattr,https://www.linkedin.com/company/Mattrglobal/,https://learn.Mattr.global/,,,,
Mattr,Mattr,,Medium,Nader Helmy,,,,,,IIW32: BBS+ and Beyond,"One common theme this year was the continued development and adoption of BBS+ signatures, a type of multi-message cryptographic digital signature that enables selective disclosure of verifiable credentials. This development is possible due to the fact that BBS+ signatures is a ledger-independent approach to selective disclosure, effectively no custom logic or bespoke infrastructure is needed for these digital signatures to be created, used and understood.","IIW32: BBS+ and beyond The Internet Identity Workshop continues to be a central nucleus for thoughtful discussion and development of all things related to digital identity. The most recent workshop, which was held in mid-April, was no exception. Despite the lack of in-person interaction due to the ongoing global pandemic, this IIW was as lively as ever, bringing together a diverse set of stakeholders from across the globe to share experiences, swap perspectives, and engage in healthy debates. One common theme this year was the continued development and adoption of BBS+ signatures, a type of multi-message cryptographic digital signature that enables selective disclosure of verifiable credentials. We first introduced this technology at IIW30 in April 2020, and have been inspired and delighted by the community’s embrace and contribution to this effort across the board. In the year since, progress has been made in a variety of areas, from standards-level support to independent implementations and advanced feature support. We thought we’d take a moment to round up some of the significant developments surrounding BBS+ signatures and highlight a few of the top items to pay attention to going forward. Over the past few months, the linked data proofs reference implementation of BBS+ published a new release that introduces a variety of improvements in efficiency and security, including formal alignment to the W3C CCG Security Vocab v3 definitions. In addition, support for JSON-LD BBS+ signatures was added to the VC HTTP API, making it possible to test this functionality in an interoperable way with other vendors participating in an open environment. An important element in enabling BBS+ signatures is using what’s known as a pairing-friendly curve; for our purposes we use BLS12–381. We have seen some promising signs of adoption for this key pair, with multiple Decentralized Identifier (DID) methods — both did:indy from Hyperledger and did:ion from DIF — indicating they intend to add or already have support for these keys, allowing BBS+ signatures to be issued across a variety of decentralized networks and ecosystems. This development is possible due to the fact that BBS+ signatures is a ledger-independent approach to selective disclosure, effectively no custom logic or bespoke infrastructure is needed for these digital signatures to be created, used and understood. In addition, the Hyperledger Aries project has been hard at work developing interoperable and ledger-agnostic capabilities in open source. The method used to track interop targets within the cohort and ultimately measure conformance against Aries standards is what’s known as an Aries Interop Profile (AIP). A major upcoming update to AIP will add support for additional DID methods, key types and credential formats, as well as introducing Aries support for JSON-LD BBS+ signatures as part of AIP 2.0. This will allow Aries-driven credential issuance and presentation protocols to work natively with BBS+ credentials, making that functionality broadly available for those in the Aries community and beyond. There have also been a number of exciting developments when it comes to independent implementations of BBS+ signatures. Animo Solutions has recently implemented JSON-LD BBS+ signatures support into the popular open-source codebase Hyperledger Aries Cloud Agent Python (ACA-Py). In another independent effort, Trinsic has contributed an implementation of JSON-LD BBS+ credentials which they have demonstrated to be working in tandem with DIDComm v2, a se
Mattr,Mattr,,Medium,,,,,,,Digital Wallets,The reframing of the user as a first-class citizen and their empowerment as ‘holder’ represents a shift towards a new paradigm. Such a paradigm offers users greater sovereignty of their own information and empowerment to manage their digital identity. Users are able to exercise their new role in this ecosystem by utilizing a new class of software known as digital wallets.,"Learn Concepts: Digital Wallets In order to coordinate the authentication needs of apps and services on the web, many of today’s users will leverage services such as password managers. These tools help users keep track of how they’ve identified themselves in different contexts and simplify the login process for different services. In many ways, the need to overlay such services in order to preserve non-negotiable security properties reflects the broken state of identity on the internet today. Users of these apps (i.e. the data subjects) are often an afterthought when a trust relationship is established between data authorities and apps or services consuming and relying on user data. Asymmetry in the nature of the relationships between participants largely prevents users from asserting their data rights as subjects of the data. Users are left to deal with the problems inherent in such a model, foisting upon them the responsibility of implementing appropriate solutions to patch over the shortcomings of identity management under this legacy model. The emerging web of trust based upon self-certifying identifiers and user-centric cryptography is shifting this fundamental relationship by refashioning the role of the user. This role (known in the VC data model as a “holder”) is made central to the ecosystem and, importantly, on equal footing with the issuers of identity-related information and the relying parties who require that data to support their applications and services. The reframing of the user as a first-class citizen and their empowerment as ‘holder’ represents a shift towards a new paradigm. Such a paradigm offers users greater sovereignty of their own information and empowerment to manage their digital identity. Users are able to exercise their new role in this ecosystem by utilizing a new class of software known as digital wallets. Digital wallets are applications that allow an end user to manage their digital credentials and associated cryptographic keys. They allow users to prove identity-related information about themselves and, where it’s supported, choose to selectively disclose particular attributes of their credentials in a privacy-preserving manner. Wallets and Agents When working with technology standards that are inherently decentralized, it’s important to establish a common context and consensus in our choice of terminology and language. Convergence on key terms that are being used to describe concepts within the emerging decentralized identity and self-sovereign identity technologies allows participants to reach a shared understanding. Consequently, participating vendors are able to understand how they fit into the puzzle and interoperability between vendor implementations is made possible. Through dedicated research and careful coordination with the broader technical community, the Glossary Project at DIF offers a useful definition for both wallets and agents. Wallets Provide storage of keys, credentials, and secrets, often facilitated or controlled by an agent. Agents An agent is a software representative of a subject (most often a person) that controls access to a wallet and other storage, can live in different locations on a network (cloud vs. local), and can facilitate or perform messaging or interactions with other subjects. The two concepts are closely related, and are often used interchangeably. In short, the Glossary Project found that an agent is most commonly a piece of software that lets you work with and connect to wallets. Wallets can be simple, while agents tend to be more complex. Agents often need access to a wallet in order to retrieve credentials, keys,
Mattr,Mattr,,Medium,,,,,,,Selective Disclosure,"An important principle that we want to achieve when designing any system that involves handling Personally Identifiable Information (PII) is to minimize the data disclosed in a given interaction. When users share information, they should be able to choose what and how much they share on a case-by-case basis, while the relying parties receiving the information must be able to maintain assurances about the presented information’s origin and integrity.","Learn Concepts: Selective Disclosure An important principle that we want to achieve when designing any system that involves handling Personally Identifiable Information (PII) is to minimize the data disclosed in a given interaction. When users share information, they should be able to choose what and how much they share on a case-by-case basis, while the relying parties receiving the information must be able to maintain assurances about the presented information’s origin and integrity. This process is often referred to as selective disclosure of data. As technologists, by having solutions that easily achieve selective disclosure, we can drive a culture based on the minimum information exchange required to enhance user privacy. Privacy and Correlation Selective disclosure of information is particularly relevant when evaluating approaches to using verifiable credentials (VCs). Because authorities are able to issue credentials to a subject’s digital wallet, the subject is able to manage which data they disclose to relying parties as well as how that disclosure is performed. This presents an opportunity for those designing digital wallets to consider the user experience of data disclosure, particularly as it relates to the underlying technology and cryptography being used for data sharing. The problem of user privacy as it relates to digital identity is a deep and complicated one, however the basic approach has been to allow users to share only the information which is strictly necessary in a particular context. The VC Data Model spec provides some guidance on how to do so, but stops short of offering a solution to the issue of managing user privacy and preventing correlation of their activities across different interactions: Organizations providing software to holders should strive to identify fields in verifiable credentials containing information that could be used to correlate individuals and warn holders when this information is shared. A number of different solutions have been deployed to address the underlying concerns around selective disclosure. Each solution makes a different set of assumptions and offers different tradeoffs when it comes to usability and convenience. Approaches to Selective Disclosure When it comes to solutions for selective disclosure of verifiable credentials, there are many different ways to tackle this problem, but three of the most common are: - Just in time issuance — contact the issuer at request time either directly or indirectly for a tailored assertion - Trusted witness — use a trusted witness between the provider and the relying party to mediate the information disclosure - Cryptographic solutions — use a cryptographic technique to disclose a subset of information from a larger assertion Just in time issuance Just in time issuance, a model made popular by OpenID Connect, assumes the issuer is highly available, which imposes an infrastructure burden on the issuer that is proportional to the number of subjects they have information for and where those subjects use their information. Furthermore, in most instances of this model, the issuer learns where a subject is using their identity information, which can be a serious privacy problem. Trusted witness Trusted witness shifts this problem to be more of a presentation concern, where a witness de-anonymizes the subject presenting the information and presents an assertion with only the information required by the relying party. Again, this model requires a highly available party other than the holder and relying party present when a su
Mattr,Mattr,,Medium,,,,,,,Semantic Web,The semantic web is a set of technologies whose goal is to make all data on the web machine-readable. Its usage allows for a shared understanding around data that enables a variety of real-world applications and use cases.,"Learn Concepts: Semantic Web With so much data being created and shared on the internet, one of the oldest challenges in building digital infrastructure has been how to consistently establish meaning and context to this data. The semantic web is a set of technologies whose goal is to make all data on the web machine-readable. Its usage allows for a shared understanding around data that enables a variety of real-world applications and use cases. The challenges to address with the semantic web include: - vastness — the internet contains billions of pages, and existing technology has not yet been able to eliminate all semantically duplicated terms - vagueness — imprecise concepts like ‘young’ or ‘tall’ make it challenging to combine different knowledge bases with overlapping but subtly different concepts - uncertainty — precise concepts with uncertain values can be hard to reason about, this mirrors the ambiguity and probabilistic nature of everyday life - inconsistency — logical contradictions create situations where reasoning breaks down - deceit — intentionally misleading information spread by bad actors, can be mitigated with cryptography to establish information integrity Linked Data Linked data is the theory behind much of the semantic web effort. It describes a general mechanism for publishing structured data on the internet using vocabularies like schema.org that can be connected together and interpreted by machines. Using linked data, statements encoded in triples (subject → predicate → object) can be spread across different websites in a standard way. These statements form the substrate of knowledge that spans across the entire internet. The reality is that the bulk of useful information on the internet today is unstructured data, or data that is not organized in a way which makes it useful to anyone beyond the creators of that data. This is fine for the cases where data remains in a single context throughout its lifecycle, but it becomes problematic when trying to share data across contexts while retaining its semantic meaning. The vision for linked data is for the internet to become a kind of global database where all data can be represented and understood in a similar way. One of the biggest challenges to realizing the vision of the internet as a global database is enabling a common set of underlying semantics that can be consumed by all this data. A proliferation of data becomes much less useful if the data is redundant, unorganized, or otherwise messy and complicated. Ultimately, we need to double down on the usage of common data vocabularies and common data schemas. Common data schemas combined with the security features of verifiable data will make fraud more difficult, making it easier to transmit and consume data so that trust-based decisions can be made. Moreover, the proliferation of common data vocabularies will help make data portability a reality, allowing data to be moved across contexts while retaining the semantics of its original context. Semantic Web Technologies The work around developing semantic web technology has been happening for a very long time. The vision for the semantic web has been remarkably consistent throughout its evolution, although the specifics around how to accomplish this and at what layer has developed over the years. W3C’s semantic web stack offers an overview of these foundational technologies and the function of each component in the stack. The ultimate goal of the semantic web of data is to enable computers to do more useful work and to develop systems that can support trusted interactions over the network. The shared architecture as defined by the W3C supports the ability for the internet to become a global database based on linked data. Semantic Web technologies enable people to create
Mattr,Mattr,,Medium,,,,,,,The State of Identity on the Web,"This cycle perpetuates the dominance of a few major IdPs and likewise forces users to keep choosing from the same set of options or risk losing access to all of their online accounts. In addition, many of these IdPs have leveraged their role as central intermediaries to increase surveillance and user behavior tracking, not just across their proprietary services, but across a user’s entire web experience. OIDC Credential Provider allows you to extend OIDC to allow IdPs to issue reusable VCs about the end-user instead of simple identity tokens with limited functionality. It allows end-users to request credentials from an OpenID Provider and manage their own credentials in a digital wallet under their control. This article discusses how the success of Open ID Connect shaped the state of identity on the web, how new web standards enable a new model, and describes a bridge between those worlds: OIDC Credential provider.","The State of Identity on the Web The evolution of identity on the web is happening at a rapid pace, with many different projects and efforts converging around similar ideas with their own interpretations and constraints. It can be difficult to parse through all of these developments while the dust hasn’t completely settled, but looking at these issues holistically, we can see a much bigger pattern emerging. In fact, many of the modern innovations related to identity on the web are actually quite connected and build upon each other in a myriad of complementary ways. The rise of OpenID Connect The core of modern identity is undoubtedly OpenID Connect (OIDC), the de-facto standard for user authentication and identity protocol on the internet. It’s a protocol that enables developers building apps and services to verify the identity of their users and obtain basic profile information about them in order to create an authenticated user experience. Because OIDC is an identity layer built on top of the OAuth 2.0 framework, it can also be used as an authorization solution. Its development was significant for many reasons, in part because it came with the realization that identity on the web is fundamental to many different kinds of interactions, and these interactions need simple and powerful security features that are ubiquitous and accessible. Secure digital identity is a problem that doesn’t make sense to solve over and over again in different ways with each new application, but instead needs a standard and efficient mechanism that’s easy to use and works for the majority of people. OpenID Connect introduced a convenient and accessible protocol for identity that required less setup and complexity for developers building different kinds of applications and programs. In many ways, protocols like OIDC and OAuth 2.0 piggy-backed on the revolution that was underfoot in the mid 2000’s as developers fled en-mass from web based systems heavily reliant on technologies like XML (and consequently identity systems built upon these technologies like SAML), for simpler systems based on JSON. OpenID built on the success of OAuth and offered a solution that improved upon existing identity and web security technologies which were vulnerable to attacks like screen scraping. This shift towards a solution built upon modern web technologies with an emphasis on being easy-to-use created ripe conditions for adoption of these web standards. OIDC’s success has categorically sped up both the web and native application development cycle when it comes to requiring the integration of identity, and as a result, users have now grown accustomed to having sign-in options aplenty with all their favorite products and services. It’s not intuitively clear to your average user why they need so many different logins and it’s up to the user to manage which identities they use with which services, but the system works and provides a relatively reliable way to integrate identity on the web. Success and its unintended consequences While OIDC succeeded in simplicity and adoption,
Mattr,Mattr,,Medium,,,,,,,Verifiable Data,"refers to the authenticity and integrity of the actual data elements being shared. *Also covers Verifiable Relationships, Verifiable Processes, Verifiable Credentials, along with Semantics and Schemas.*","Learn Concepts: Verifiable Data The ability to prove the integrity and authenticity of shared data is a key component to establishing trust online. Given that we produce so much data and are constantly sharing and moving that data around, it is a complex task to identify a solution that will work for the vast majority of internet users across a variety of different contexts. The fundamental problem to address is how to establish authority on a piece of data, and how to enable mechanisms to trust those authorities in a broad set of contexts. Solving this problem on a basic level allows entities to have greater trust in the data they’re sharing, and for relying parties to understand the integrity and authenticity of the data being shared. We use the overarching term verifiable data to refer to this problem domain. Verifiable data can be further expanded into three key pillars: - Verifiable data - Verifiable relationships - Verifiable processes Verifiable data This refers to the authenticity and integrity of the actual data elements being shared. Verifiable relationships This refers to the ability to audit and understand the connections between various entities as well as how each of these entities are represented in data. Verifiable processes This describe the ability to verify any digital process such as onboarding a user or managing a bank account (particularly with respect to how data enables the process to be managed and maintained). These closely-related, interdependent concepts rely on verifiable data technology becoming a reality. Verifiable Credentials The basic data model of W3C Verifiable Credentials may be familiar to developers and architects that are used to working with attribute-based credentials and data technologies. The issuer, or the authority on some information about a subject (e.g. a person), issues a credential containing this information in the form of claims to a holder. The holder is responsible for storing and managing that credential, and in most instances uses a piece of software that acts on their behalf, such as a digital wallet. When a verifier (sometimes referred to as a relying party) needs to validate some information, they can request from the holder some data to meet their verification requirements. The holder unilaterally determines if they wish to act upon the request and is free to present the claims contained in their verifiable credentials using any number of techniques to preserve their privacy. Verifiable Credentials form the foundation for verifiable data in the emerging web of trust. They can be thought of as a container for many different types of information as well as different types of credentials. Because it is an open standard at the W3C, verifiable credentials are able to widely implemented by many different software providers, institutions, governments, and businesses. Due to the wide applicability of these standards, similar content integrity protections and guarantees are provided regardless of the implementation. Semantics and Schemas The authenticity and integrity-providing mechanisms presented by Verifiable Credentials provide additional benefits beyond the evaluation of verifiable data. They also provide a number of extensibility mechanisms that allow data to be linked to other kinds of data in order to be more easily understood in the context of relationships and processes. One concrete example of this is the application of data schemas or data vocabularies. Schemas are a set of types and properties that are used to describe data. In the context of data sharing, schemas are an incredibly useful and necessary tool in order to represent data accurately from the point of creation to sharing and verification. In essence, data schemas in the Verifiable Credential ecosystem are only useful if they are strongly reused by ma
Mattr,Mattr,,Medium,,,,,,,Web of Trust 101,"The emerging “Web of Trust” is an idea that has been around since the dawn of the internet. To explain what motivated its creation, let’s take a look at how trust on the internet functions today.","Learn Concepts: Web of Trust 101 The original vision for the World Wide Web was an open platform on which everyone could freely communicate and access information. It was built on the decentralized architecture of the internet, used open standards, and functioned as an accessible platform that would inherit and amplify the fundamentally decentralized nature of the network that underpinned it. However, the reality today has fallen far short of its founding vision. The modern internet is largely centralized and siloed. The vast majority of web traffic belongs to a few powerful corporations that control the distribution of data through platforms designed to selectively serve up information based on in-depth analysis of their users’ data. The lack of an identity system native to the internet over time has created an imbalance of power that erodes users’ digital rights. Several decades after the web was introduced, most of us are now accustomed to widespread spam, fraud, abuse, and misinformation. We don’t have any real agency over how our data is used, and the corporations controlling our data have shown their inability to properly shoulder the responsibility that comes with it. We’re locked into this system, with no reasonable ability to opt out. As a result, the modern internet has made it incredibly difficult to establish trust with others online, creating many barriers to participation that often leave everyday users out of the value chain. Information and data, and the value they create, are no longer freely accessible by the users creating it — most of whom are utterly unaware of the limited agency they have in accessing it. To fix this fundamental problem of digital trust, we need to begin by building a system that allows users to control their identities and to move their Personal data freely from one online platform to another without fear of vendor lock-in. Evolution of Digital Trust The emerging “Web of Trust” is an idea that has been around since the dawn of the internet. To explain what motivated its creation, let’s take a look at how trust on the internet functions today. Though we may not always be aware, we rely on a basic form of security practically every day we use the internet. HTTPS, the secure browsing protocol for the World Wide Web, uses a common infrastructure based on digital signatures to allow users to authenticate and access websites, and protect the privacy and integrity of the data exchanged while in transit. It is used to establish trust on all types of websites, to secure accounts, and to keep user communications, identity, and web browsing private. This is all based on the usage of cryptographic keys, instead of passwords, to perform security and encryption. Public key cryptography is a cryptographic technique that enables entities to securely communicate on an insecure public network (the internet), and reliably verify the identity of users via digital signatures. It is required for activities where simple passwords are an inadequate authentication method and more rigorous proof is required to confirm the identity of the parties involved in the communication and to validate the information being transferred. The type of Public Key Infrastructure (PKI) currently used by the internet primarily relies on a hierarchical system of certificate authorities (CAs), which are effectively third-parties that have been designated to manage identifiers and public keys. Virtually all internet software now relies on these authorities. Certificate authorities are responsible for verifying the authenticity and integrity of public keys that belong to a given user, all the way up to a ‘self-signed’ root certificate. Root certifications are typically distributed with applications such as browsers and email clients. Applications commonly include ov
Mattr,Personal,,,Damien Bowden,,,,,,CREATE AN OIDC CREDENTIAL ISSUER WITH Mattr AND ASP.NET CORE,This article shows how to create and issue verifiable credentials usingMattrand anASP.NET Core. The ASP.NET Core application allows an admin user to create an OIDC credential issuer using the Mattr service. The credentials are displayed in an ASP.NET Core Razor Page web UI as a QR code for the users of the application.,,https://damienbod.com/2021/05/03/create-an-oidc-credential-issuer-with-Mattr-and-asp-net-core/,,Post,,HowTo,,,,,aspnet,,OIDC,2021-05-03,,,,,,,,,,,,,
Mattr,Mattr,,Medium,,,,,,,Issuing credentials directly to the Mattr mobile wallet,"If you’re already using a secure mechanism to authenticate your users, then setting up OIDC capability isn’t necessary. As we’ve explored, sending credentials using secure DID messaging directly or via a QR code or deep-link is safe, convenient and allows users to obtain their credentials directly.","Issuing credentials directly to the Mattr mobile wallet Summary: We explore how to issue credentials using secure messaging. At Mattr, we’ve pioneered a way to request and receive credentials using OpenID Connect (OIDC) capability. However, if you already have a robust mechanism in place to authenticate users, then setting up additional OIDC capability is unnecessary. Sending credentials using secure Decentralized Identifier (DID) messaging or directly with a QR code is a safe, convenient alternative. In this article, we’ll explore this alternative method in more detail. The Mattr mobile wallet supports two main channels for issuing a credential: - OpenID Credential Provider - Secure DID messaging Note: We’re building DID messaging on the JOSE stack to facilitate signing and encryption. OpenID Credential Provider If you haven’t yet authenticated a user, using OpenID Credential Provider offers a secure way to authenticate a user at the point of credential creation. It involves setting up and configuring an OpenID Provider to work alongside the Mattr VII OIDC Bridge Extension — simple if you’re already using OIDC infrastructure, but more complex to set up from scratch. Secure DID messaging If you’ve already authenticated a user through another method, issuing a credential through a secure DID message is a reliable alternative to OIDC. This approach works well if you’re authenticating users through a website login or even in person (like a classroom or training centre). Let’s see how this might work in practice. 1. Authentication Before issuing a credential, you need to authenticate the user. The most common way to do this is having a user login to a session on your website. 2. Linking Now that you’ve authenticated the user, you need to link their DID to the session of the user. This DID will be generated by the wallet they are using to hold the credential. You can obtain it in a few different ways: - If the user already has a credential you’ve issued, and you trust they are still in control of the subject DID in the credential, you can create a new credential based off the DID inside the credential. - If the user needs to link their DID from their mobile wallet, you can use a DID Auth flow to make sure you’re obtaining a validated DID that the user can prove they own. - If you needed to verify credential data from the user as part of the transaction anyway, you’ll need to use the Holder DID from the Verifiable Presentation as the determining DID. For very simple use cases like demo and testing, if a user has the Mattr mobile wallet they can use a Public DID — they can simply copy the DID and pass it to you out-of-band. 3. Constructing the credential and message Now that the DID is ‘known’ and we’ve authenticated the user, a Verifiable Credential is created using the Mattr VII platform. This credential is then packaged into a secure DID message format to be delivered to the recipient. Because the subject DID is known, the DID message can be encrypted to ensure the data is safe in transit. Use the messaging endpoints to easily perform this step. 4. Delivery The Mattr mobile wallet can read DID messages in either a secure DID message, QR code or deep-link. Sending a secure DID message is an easy way to push messages to mobile wallet holders. Once the message has been encrypted, it can be sent to the subject DID and the Mattr VII platform will route the encrypted message to the holder. QR codes and deep-links typically make the messages too large to be reliably read by most smartphones. To solve this, we embed a URL to an endpoint hosting the DID message. Then, the Mattr mobile wallet simply follows a redirec
Mattr,Personal,,,Damien Bowden,,,,,,Present and and Verify Verifiable Credentials in ASP.NET Core Using Decentralized Identities and Mattr,"This article shows how use verifiable credentials stored on a digital wallet to verify a digital identity and use in an application. For this to work, a trust needs to exist between the verifiable credential issuer and the application which requires the verifiable credentials to verify. A blockchain decentralized database is used and Mattr is used as a access layer to this ledger and blockchain. The applications are implemented in ASP.NET Core.",,https://damienbod.com/2021/05/10/present-and-verify-verifiable-credentials-in-asp-net-core-using-decentralized-identities-and-Mattr/,,Post,,HowTo,,,,Wallets,,Aspnet,Verifiable Credentials,2021-05-10,,,,,,,,,,,,,
Mattr,MyCreds,,,,ARUCC,,,,,"ARUCC is pleased to announce a partnership between Digitary, its service partner, and Mattr, a friend of MyCreds™","These two international organizations are combining their talents to deliver SSI (self-sovereign identity) and Verifiable Credentials for the ARUCC MyCreds™ virtual wallet. This groundbreaking work means the Canadian MyCreds™credential wallet along with other international members of the Digitary global network will be able to reach an even higher bar of service delivery for mobile learners, creating a triangle of trust that includes them and the Canadian colleges and universities.","ARUCC is pleased to announce a partnership between Digitary, its service partner, and Mattr, a friend of MyCreds™. These two international organizations are combining their talents to deliver SSI (self-sovereign identity) and Verifiable Credentials for the ARUCC MyCreds™ virtual wallet. This groundbreaking work means the Canadian MyCreds™ credential wallet along with other international members of the Digitary global network will be able to reach an even higher bar of service delivery for mobile learners, creating a triangle of trust that includes them and the Canadian colleges and universities.",https://mycreds.ca/2021/04/14/bridging-today-and-tomorrow-ensuring-self-sovereignty-for-learners-through-aruccs-mycreds/,,Post,,Meta,,,,,,,,2021-04-14,,,,,,,,,,,,,
Mattr,DHS,,,,,,,,,DHS Awards $200K for Issuing and Validating Essential Work and Task Licenses,"Mattr is currently building an extensive set of foundational capabilities in a software-as-a-service (SaaS) platform for verifiable credential issuance, verification, and storage. An essential worker or a person performing an essential task would receive various credentials and attestations from many issuers containing relevant assertions about their essential work or task status. Their solution also offers the option to validate the information further by using either public or private registries of authoritative verifiable information.","FOR IMMEDIATE RELEASE S&T Public Affairs, 202-254-2385 E-mail: STMedia@hq.DHS.gov WASHINGTON – The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has awarded $200,000 to Mattr LIMITED, a woman-owned start-up based in Auckland, New Zealand, to develop a capability to digitally issue and validate essential work and task licenses for United States Citizenship and Immigration Services (USCIS). The Phase 1 award was made under S&T’s Silicon Valley Innovation Program (SVIP) re-release of its Preventing Forgery & Counterfeiting of Certificates and Licenses solicitation, which sought standards-based blockchain and distributed ledger technology (DLT) solutions to fulfill additional needs across DHS missions. The COVID-19 global pandemic has amplified the role of essential workers in ensuring the continuity of operations in emergency response, supply chain fulfillment, essential business, and other previously overlooked areas of interest―and the need for them to self-identify in the performance of their duties. In addition, the need for individuals to interact in-person with DHS to conduct official tasks, duties, and appointments while ensuring public health and safety still exists during this global pandemic. Mattr is currently building an extensive set of foundational capabilities in a software-as-a-service (SaaS) platform for verifiable credential issuance, verification, and storage. An essential worker or a person performing an essential task would receive various credentials and attestations from many issuers containing relevant assertions about their essential work or task status. Their solution also offers the option to validate the information further by using either public or private registries of authoritative verifiable information. “The ability for workers and individuals conducting essentials tasks to assert their respective eligibilities in a manner that safeguards their individual privacy and civil liberties while ensuring public health is a critical need,” said Anil John, SVIP technical director. “Mattr’s platform brings the modular building blocks to address this need by its support for World Wide Web Consortium (W3C) verifiable credentials and decentralized identifier standards. They will adapt and enhance their platform by supporting privacy respecting, ledger independent selective disclosure of information, and integration with existing federated identity protocols to provide a complete solution.” Given the reality that certain areas of the economy will need to continue to operate in parallel for an extended period of time while effective counter-measures are being developed, the ability for workers and individuals conducting essentials tasks to assert their respective eligibility in a manner that safeguards their individual privacy and civil liberties while ensuring public health is a critical need. About SVIP SVIP is one of S&T’s programs and tools to fund innovation and work with private sector partners to advance homeland security solutions. Companies participating in SVIP are eligible for up to $800,000 of non-dilutive funding over four phases to develop and adapt commercial technologies for homeland security use cases. For more information on current and future SVIP solicitations, visit https://www.DHS.gov/science-and-technology/svip or contact DHS-silicon-valley@hq.DHS.gov. For more information about S&T’s innovation progr
Mattr,Mattr,,,,IATA,,,,,Mattr has a series of Videos about their work with IATA,"This is a significant undertaking for both IATA and the other parties involved. As part of Mattr’s role in supporting this initiative, we developed a series of educational videos in partnership with IATA to explain the value and mechanics of a decentralised identity ecosystem.","Developing the future of digital identity in aviation Mattr & IATA collaboration At Mattr, we’re exploring how different sectors can take advantage of verifiable data and digital trust. It’s this mission that led us to our recent partnership with the International Air Transport Association (IATA) on their Digital Identity for Distribution initiative. Mattr is working with IATA to demonstrate how digital identity can be used to enable the secure identification and authentication of organisations involved in the travel distribution chain to improve security and reduce the level of fraud risk for both airlines and travel intermediaries. How IATA supports the aviation industry IATA is the trade association for the airline industry, representing 290 airlines around the world. One of IATA’s roles is to support airlines travel agents, industry bodies and other parties to operate more effectively by managing a set of commonly recognised codes and identities which help to create an efficient distribution ecosystem for all players. Transforming identity management in the airline industry Current identification standards in airline distribution are based on technology concepts developed in the 1960 and 1970s. They have served the industry exceptionally well and continue to be used extensively today. However, the evolution of technology over the past 50 years has meant a transition from closed, private networks to open, public infrastructure and a need to review the legacy identification standards. Using solutions such as Mattr VII, which is built on open standards including W3C Decentralized Identifiers and Verifiable Credentials, can help enable industry bodies like IATA to solve identity challenges in a complex ecosystem. At the same this also ensures that members of such ecosystems are always in control of their own identity and can reliably trust the information shared between organisations. As aviation starts to place customers at the focus of a shop/order/pay ecosystem regardless of distribution channel, IATA has identified some key issues: Airlines can't fully identify all parties in the distribution value chain Current industry coding systems can't scale to cover all parties Current codes do not provide end-to-end security and offer loopholes for fraudulent use and impersonation of identities. To address these issues, the Digital Transformation Advisory Council (DTAC) endorsed a digital strategy with B2B identity management as the highest priority. The DTAC is comprised of senior digital transformation representatives from airlines and advises IATA on industry digital transformation. This is a significant undertaking for both IATA and the other parties involved. As part of Mattr’s role in supporting this initiative, we developed a series of educational videos in partnership with IATA to explain the value and mechanics of a decentralised identity ecosystem. See our video series below. How this benefits the aviation sector This digital identity approach will give all parties in the aviation sector the ability to quickly verify who they’re doing business with, reduce fraud and provide end-to-end security in the transaction process. Sellers, such as Travel Agencies, will be in full control of their own identities and information and will only have to disclose (to the airline or supplier) the relevant information required to request a tailor-made offer and complete a transaction. Find out more about this initiative To learn more about Digital Identity for Distribution, visit the IATA Innovation Hub. Watch our video series The videos below are a series of short explainers and demonstrations of what a digital identity solution could look like in the airline indust
Mattr,Mattr,,,Nader Helmy,,,,,,Why we’re launching Mattr VII,"Inspired by the seven states of matter, our platform gives builders and developers all the tools they need at their fingertips to create a whole new universe of decentralized products and applications. We provide all the raw technical building blocks to allow you to create exactly what you have in mind. Mattr VII is composable and configurable to fit your needs, whether you’re a well-established business with legacy systems or a start-up looking to build the next best thing in digital privacy. Best of all, Mattr VII is use-case-agnostic, meaning we’ve baked minimal dependencies into our products so you can use them the way that makes the most sense for you.","Why we’re launching Mattr VII Nader Helmy • Mar 26, 2021 • 6 min read It’s no secret we need a better web. The original vision of an open and decentralised network that’s universally accessible continues to be a north star for those working to design the future of digital infrastructure for everyday people. Despite the progress that has been made in democratising access to massive amounts of information, the dire state of cybersecurity and privacy on the internet today present significant barriers to access for too many of our most vulnerable populations. We started Mattr because we believe that standards, transparency, and openness are not only better for users; they make for stronger systems and more resilient networks. We recognise that a decentralised web of digital trust, based on transparency, consent, and verifiable data, can help us address critical challenges on a global scale. It represents a significant opportunity to give people real agency and control over their digital lives. Our story At its inception, we chose “Mattr” as a moniker because we strongly believed that the movement towards more decentralised systems will fundamentally change the nature of data and privacy on the internet. Matter, in its varying states, forms the building blocks of the universe, symbolically representing the capacity for change and transformation that allows us all to grow and adapt. In another sense, people matter, and the impact of decisions we make as builders of technology extend beyond ourselves. It’s a responsibility we take seriously, as Tim Berners Lee puts it, “to preserve new frontiers for the common good.” We proudly bear the name Mattr and the potential it represents as we’ve built out our little universe of products. In September 2020, we introduced our decentralised identity platform. Our goal was to deliver standards-based digital trust to developers in a scalable manner. We designed our platform with a modular security architecture to enable our tools to work across many different contexts. By investing deeply in open standards and open source communities as well as developing insights through collaboration and research, we realised that developers want to use something that’s convenient without compromising on flexibility, choice, or security. That’s why we launched our platform with standards-based cryptography and configurable building blocks to suit a broad array of use cases and user experiences in a way that can evolve as technology matures. At the same time, we’ve continued to work in open source and open standards communities with greater commitment than ever to make sure we’re helping to build a digital ecosystem that can support global scale. We launched Mattr Learn and Mattr Resources as hubs for those interested in these new technologies, developing educational content to explore concepts around decentralised identity, offering guided developer tutorials and videos, and providing documentation and API references. We also unveiled a new website, introduced a novel approach to selective disclosure of verifiable credentials, built and defined a new secure messaging standard, developed a prototype for paper-based credentials to cater for low-tech environments, and made a bridge to extend OpenID Connect with verifiable credentials. We’ve consistently
Mattr,Mattr,,Medium,,,,,,,Adding DID ION to Mattr VII,"Different types of DIDs can be registered and anchored using unique rules specific to the set of infrastructure where they’re stored. Since DIDs provide provenance for keys which are controlled by DID owners, the rules and systems that govern each kind of DID method have a significant impact on the trust and maintenance model for these identifiers.","Adding DID ION to Mattr VII Since the beginning of our journey here at Mattr, decentralization and digital identity have been central to our approach to building products. As part of this, we’ve supported Decentralized Identifiers (or DIDs) since the earliest launch of our platform. We’ve also considered how we might give you more options to expand the utility of these identities over time. An important milestone The W3C working group responsible for Decentralized Identifiers recently published the DID v1.0 specification under “Proposed Recommendation” status. This is a significant milestone as DIDs approach global standardization with the pending approval of the W3C Advisory Committee. DIDs are maturing, but so is the environment and context in which they were originally designed. With a complex ecosystem consisting of dozens of different methodologies and new ones emerging on a regular basis, it’s important to balance the potential of this decentralized approach with a realistic approach for defining the real utility and value of each DID method. For example, the DID Method Rubric provides a good frame of reference for comparing different approaches. Different types of DIDs can be registered and anchored using unique rules specific to the set of infrastructure where they’re stored. Since DIDs provide provenance for keys which are controlled by DID owners, the rules and systems that govern each kind of DID method have a significant impact on the trust and maintenance model for these identifiers. This is the key thing to remember when choosing a DID method that makes sense for your needs. Our supported DID methods In Mattr VII, by supporting a variety of DID methods — deterministic or key-based DIDs, domain-based DIDs, and ledger-based DIDs — we are able to provide tools which can be customized to fit the needs of individual people and organizations. - Key-based DIDs — Largely static, easy to create, and locally controlled. This makes them a natural choice for applications where there’s a need to manage connections and interactions with users directly. - DIDs anchored to web domains — These have a different trust model, where control over the domain can bootstrap a connection to a DID. This makes a lot of sense for organizations with existing domain names that already transact and do business online, and can extend their brand and reputation to the domain of DIDs. - Ledger-based DIDs — These offer a distributed system of public key infrastructure which is not centrally managed or controlled by a single party. While ledgers differ in their governance and consensus models, they ultimately provide a backbone for anchoring digital addresses in a way which allows them to be discovered and used by other parties. This can be a useful feature where a persistent identifier is needed, such as in online communication and collaboration. There is no single DID method or type of DID (which at the moment) should be universally applied to every situation. However, by using the strengths of each approach we can allow for a diverse ecosystem of digital identifiers enabling connections between complex networks of people, organizations and machines. To date, we’ve provided support for three main DID methods in our platform: DID Key, DID Web, and DID Sovrin. These align with three of the central types of infrastructure outlined above. Introducing DID ION We’re proud to announce that as of today we’ve added support for DID ION, a DID method which is anchored to IPFS and Bitcoin. We’ve supported the development of the Sidetree protocol that underpins DID ION for some time as it has matured in collaboration wi
Mattr,Mattr,,,,,,,,,Adding support for revocation of Verifiable Credentials leveraging the Revocation List 2020 draft from the CCG.,"Integrating revocation into our platform brings us one step closer to building a fully realized verifiable data ecosystem, an environment where verifiers can have more confidence and trust in the decisions they’re making and people can participate in the sharing and exchange of information without eroding their basic privacy. We look forward to continuing to collaborate with the community and gathering feedback from industry to enhance and extend different ways to accomplish revocation while respecting users’ digital rights.","Adding support for revocation of Verifiable Credentials The Mattr team is excited to announce a critical new addition to our product capabilities. We’re continuing to build out an extensive suite of features to support the exchange of Verifiable Credentials (VCs), leveraging the best efforts of the open-source community along with a number of distinct product innovations. These innovations include our recent work related to using BBS+ signatures for privacy-preserving selective disclosure and our earlier work on the OIDC Credential Provider spec. We’ve also been busy sharing new tools for checking the syntax of a JSON-LD credential during development. In this product release, we are focused on one of the fundamental capabilities in any credential-based system: the ability to provably revoke a credential when it’s no longer valid. Using verifiable data in combination with open standards not only improves the quality of the data exchanged in an ecosystem, it also enables the authority (issuer) on any piece of information to maintain that data throughout its lifecycle. In practice, this means that credential issuers can manage the status of a credential directly, using the same general mechanism as the one used for issuing VCs. Credentials are typically stored by the user (subject) in some kind of digital wallet where they are able to manage their credentials and control when and how to share their data. When accessing services, the user may consent to present their VCs to a relying party (verifier). The relying party needs to be able to be able to verify the credential is genuine and tamper free. They also need to be able to easily validate whether a presented credential has been revoked or not. For example, say you’re issued a digital driver’s license, then you go and get several speeding tickets. The department that issued your license determines you have breached the terms of your license and consequently, suspends your license. In doing so, the credential status is changed, and next time a relying party checks the status they will be able to see that you are no longer entitled to drive. If a car rental office is checking your driving status in order to loan you a vehicle, they’d like to be able to verify if the digital license is still valid and legitimate. User journey viewing a credential & presentation request with a revoked credential. In general, we want to accomplish all of these goals while minimizing the burden on data issuers and verifiers, and preserving the autonomy of credential holders in deciding how to store and disclose their data. We also want to remain flexible around where the revocation list is stored and managed, so we opted to implement an approach that’s extensible to different types of infrastructure supported by the issuer. The resulting solution contrasts with others that have tended to be tightly coupled with a particular kind of infrastructure such as a distributed ledger. We believe revocation should be built in a simple, transparent, and standardizable manner, which is why we built our approach on the W3C CCG’s Credential Revocation List. Practically, the information regarding whether a credential has been revoked is represented in the credential status property of a VC, as defined in the W3C spec. When a credential is first created, the issuer can include in the credential status field a reference to a publicly a
Mattr,Mattr,,Medium,,,,,,,Adding support for Secure DID Messaging,"We are excited to announce a new addition to our Mattr VII platform capabilities. As we continue to build out an extensive suite of features to support the exchange of data such asVerifiable Credentials, we have now added secureDecentralized Identifier messaging capabilities to enable entirely new ways to communicate using our platform.","Adding support for Secure DID Messaging We are excited to announce a new addition to our Mattr VII platform capabilities. As we continue to build out an extensive suite of features to support the exchange of data such as Verifiable Credentials, we have now added secure Decentralized Identifier (DID) messaging capabilities to enable entirely new ways to communicate using our platform. The common and well-understood ways to interact with verifiable credentials have typically been mechanisms such as scanning QR codes or sharing deep links. In this release, we have focused on adding an option to these approaches that provides an even greater level of transparency and user control. With this new capability, you will be able to facilitate more intuitive user flows that make issuing, verifying, and communicating around verifiable credentials a seamless and efficient process for users. While utilizing existing frameworks like push notifications, secure DID messaging maintains a high level of privacy-preserving security. It does this by leveraging a decentralized ecosystem that ensures control of the data in a message remains solely with the participants exchanging the information, and no one else. Utilizing the JSON Web Message (JWM) specification, this new capability allows for encrypted messages to be sent and received in a way that hides their content from all but the cryptographically authorized recipients of the message. That way, the sender of the message can be confident they are only disclosing their details and message with the intended parties. There are two key pieces of information about a recipient that are fundamental to facilitating secure DID-based messaging on the platform. The first of these is the same as any messaging framework, in that an address or endpoint is needed to understand where to send the message. Unlike traditional messaging capabilities that require you to utilize centralized, service provider created, and controlled identifiers such as email and phone numbers, our DID-based messaging solution allows you to facilitate interactions between parties simply by using a Decentralized Identifier and its associated DID Document. The second piece of information you need is the recipient’s public key, which the platform obtains from the resolved DID document. This public key is then used to encrypt a message to the recipient. These capabilities ensure that: - a message is delivered to the correct recipient, and - only the intended recipient can view the content and other metadata of the message. A unique DID is also created by the wallet specifically for each unique interaction with a particular party or organization — further preserving a wallet holder’s privacy and anonymity between the various interactions they may have with issuers and relying parties alike. Once the recipient’s DID is known, a message is formatted as a JSON Web Message (JWM). In this release, we have focused on adding support for 3 main types of messages: - Offering a credential — rather than the user having to scan a QR code, a message can be sent directly to them that will initiate the credential offer flow within their wallet. - Notification about a change in the revocation status of a credential — a mechanism to ensure wallet holders are proactively informed about any status changes for credentials they hold in their wallet, even if they’re not online when the status update occurs. - Starting a credential verification flow (presentation request) — allows a holder to present a credential to a verifier directly, particularly useful in situations where there isn’t a co-location of parties present in the intera
Mattr,Mattr,,,,,,,,,DID Extensibility on the Mattr Platform,"DID Web helps to bridge the gap between the way that trust is established on the internet today, namely using domains, and new and emerging ecosystems using DIDs. When using DID Web, rather than anchoring a DID to a decentralized ledger such as a blockchain, the DID is instead associated with a specific domain name, and subsequently anchored to the web host registered with that domain via DNS resolution. Effectively, this allows a DID using this scheme to be resolved as simply as one resolves a web URL, every time they click on a link. For example, we’ve set up a DID Web using our own domain, which can be resolved at did:web:Mattr.global.","DID Extensibility on the Mattr Platform At Mattr we’ve been busy building the next generation of solutions for verifiable data and digital trust. Earlier this month we introduced our platform and added experimental support for a new, privacy-preserving method for selective data disclosure. Today, we’ve reached another milestone that gives our users even more choice and transparency by the addition of a new way to use Decentralized Identifiers (DIDs). Modularity and extensibility are key design principles underpinning our core platform architecture. The Mattr Platform is designed to support a wide range of distinct pluggable components, providing our customers with confidence that their technology choices will continue to evolve with new innovations as they emerge. When it comes to DIDs, there are currently over 50+ DID Methods registered with the W3C. Each DID Method defines a CRUD model that describes how a particular DID scheme works with a specific verifiable data registry such as a distributed ledger or blockchain. The initial group of DID methods was quite small, and has expanded significantly over time as more solutions emerge in this space. While all of these new DID methods theoretically adhere to the DID core specification, each method makes a different set of choices that affect the underlying trust model at play. For instance, DID methods have distinct rules about who gets to add new transactions, what input data is required, where DIDs are anchored, who can view or monitor the DIDs, and more. In short, there are many factors that affect the choice around which DID method to use, and it’s not a trivial decision. We believe that DIDs, when deployed responsibly, can be extremely effective at preserving user privacy, enhancing transparency and consent, enabling data portability, and enforcing user control. To learn more about our approach, read our blog, “Intro to DIDs for people”. In addition to our current support for DID Key (static key-based identifier) and DID Sovrin (ledger-based identifier), we are now proud to add DID Web (domain-based identifier) to our list of supported DID methods. DID Web helps to bridge the gap between the way that trust is established on the internet today, namely using domains, and new and emerging ecosystems using DIDs. When using DID Web, rather than anchoring a DID to a decentralized ledger such as a blockchain, the DID is instead associated with a specific domain name, and subsequently anchored to the web host registered with that domain via DNS resolution. Effectively, this allows a DID using this scheme to be resolved as simply as one resolves a web URL, every time they click on a link. For example, we’ve set up a DID Web using our own domain, which can be resolved at did:web:Mattr.global. Users in the emerging world of DIDs can use this mechanism to bootstrap trust by using the reputation associated with public domains. While this solution may not work in every circumstance and lacks some of the resilience and censorship guarantees afforded by DID methods with less centralized dependencies, DID Web provides a practical and useful pathway to adoption, particularly for entities whose data and identity are already public. When used in parallel with more natively decentralized mechanisms, we can help to ensure that the web remains free and open while providing a path
Mattr,Mattr,,,,,,,,,Introducing the Mattr Platform,"Here at Mattr, we have been hard at work building a suite of products to serve the next generation of digital trust. We’ve designed our products based on a few key principles: extensible data formats, secure authentication protocols, a rigorous semantic data model, industry-standard cryptography, and the use of drivers and extensions to allow modular and configurable use of the platform over time. By combining our core capabilities with extensions and drivers, our platform offers developers convenience without compromising flexibility or choice.","Introducing the Mattr Platform Here at Mattr, we have been hard at work building a suite of products to serve the next generation of digital trust. We’ve designed our products based on a few key principles: extensible data formats, secure authentication protocols, a rigorous semantic data model, industry-standard cryptography, and the use of drivers and extensions to allow modular and configurable use of the platform over time. By combining our core capabilities with extensions and drivers, our platform offers developers convenience without compromising flexibility or choice. The Mattr Platform delivers digital trust in a scalable manner. Our belief is that a modular security architecture is one which can work across many different contexts. When it comes to trust, context is everything, and we know our users each have their own unique requirements and expectations when it comes to their digital interactions. We provide flexible and configurable building blocks for trust on the web in order to create a digital ecosystem that can support global scale. The platform consists of 3 main components: - Platform Core - Platform Extensions - Platform Drivers Our platform provides the capabilities needed for digital trust through a set of modular and flexible building blocks known as our Platform Core. This includes the ability to establish and use DIDs, sign and encrypt messages, manage the verifiable credentials lifecycle, and share privacy-preserving verifiable presentations. Platform Core is designed as a set of simple APIs that are available for all of our users, with operational tools and documentation. We’ve designed the platform to have cryptographic agility and flexibility built in at a fundamental level. Platform Drivers are pre-configured integrations that allow our capabilities to be pluggable and extensible over time, preventing vendor lock-in and enabling user choice. They identify key areas where flexibility, choice, and optionality are desirable and surface them to the user to promote more resilient security architectures for the future. They are typically surfaced to the user as pluggable parameters in our Platform Core. Extensibility is a key component of our platform architecture. Platform Extensions are higher level capabilities that plug in to our platform, providing convenient and easy-to-access application logic, such as service orchestration and workflow. They are built on top of our Platform Core, allowing users to smoothly onboard and extend our platform as well as enabling Mattr’s digital trust infrastructure to integrate with digital services and protocols that exist outside of our products. They are modular components in terms of logic and configuration, operating independently of Platform Core as an extensible set of APIs. Finally, we offer a growing number of Developer Tools to simplify the user experience by providing additional interfaces and ways to interact with our platform. These tools are free and mostly optional to use, though they do simplify setting up the infrastructure needed to get started experimenting with the platform. Some tools, like some of the features exposed by Mattr’s Mobile Wallet, may be required to use certain features of the platform. Our Developer Tools are designed to work natively with Platform Core as well as our Platform Extensions. Over the past 6 months, we have been working in close collaboration with a number of preview customers to create a great developer ex
Mattr,Mattr,,Medium,,,,,,,Rendering credentials in a human-friendly way,"For example, this update formats address fields to make them more readable; formats names and proper nouns where possible; makes URLs, telephone numbers and email addresses clickable; highlights images and icons for better trust and brand signaling; and creates basic rules for language localization that adjust to a user’s device settings.","Rendering credentials in a human-friendly way At Mattr we’re always dreaming up ways to make decentralized identity and verifiable credentials easy and intuitive to use for as many people as possible. From the start, it’s been a core part of our mission to make sure that end users understand the implications of decentralized identity and the control it affords them over their data and their privacy. This model offers users greater sovereignty over their own information by empowering individuals as both the holder and subject of information that pertains to them. Users are able to exercise their new role in this ecosystem by utilizing a new class of software known as digital wallets. We first released our Mobile Wallet for smartphones in June 2020, with a simple user interface to allow people to interact with and receive credentials from issuers as well as present credentials to relying parties. In the interim, we have developed a number of improvements and features to the Mobile Wallet to support advanced capabilities such as: - Authenticating to Identity Providers over OpenID Connect to receive credentials via OIDC Bridge - Deriving privacy-preserving selective disclosure presentations from credentials using BBS+ signatures - Establishing a secure DID messaging inbox for users to receive encrypted messages and push notifications These changes have not only made the wallet more functional; they’ve also evolved to better protect users’ best interests — giving them privacy-by-design and surfacing the information and context that they need to confidently make decisions underpinned by the security of decentralized identity. This journey has led us to realize the importance of creating a wallet experience that places users front and center. As these systems create more opportunity for user-driven consent and identity management, they’ve simultaneously created a demand for a wallet that can not only perform the technical operations required, but do so in a user-friendly way that surfaces the information that truly matters to people. Our latest feature release to the Mattr Mobile Wallet is a step in this direction. With Human-Friendly Credentials, we have added the capability to render different kinds of credentials uniquely in the wallet interface according to the information they contain. Until now, the end user experience for verifiable credentials has been largely consistent across different categories of credentials and issuers. In other words, a credential containing medical data from your doctor looks exactly the same as an education credential from your university or a concert ticket from a music venue: they all appear to the user as a long list of claims. In this release we change that. Thanks to the semantic information encoded in verifiable credentials, the wallet is now able to understand and interpret certain kinds of credentials to render them to the user in a way that makes the data easier to understand. JSON-LD verifiable credentials have the ability to support common data vocabularies and schemas which are published on the web. For example, if a credential contains a claim describing the name of an individual, the claim can be defined via reference to an existing data vocabulary found here: https://schema.org/Person Human-Friendly Credentials allow the wallet to start intelligently displaying known credential types and data types. This shows up in a variety of different ways in a user’s dataset. For example, this update formats address fields to make them more readable; formats names and proper nouns where possible; makes URLs, telephone numbers and email addresses clickable; highlights
Mattr,Mattr,,Medium,Nader Helmy,,,,,,Using privacy-preserving ZKP credentials on the Mattr Platform,"By leveraging pairing-friendly elliptic-curve cryptography in the context of Linked Data Proofs, our approach provides an unprecedented way to perform zero-knowledge proofs using the semantics of JSON-LD. This allows credential issuers to tap into vast data vocabularies that exist on the web today, such as schema.org and Google Knowledge Graph, making user data more context-rich without sacrificing security and privacy of the user in the process. Not only is this approach more interoperable with existing implementations of the VC data model and semantic web technologies, it also doesn’t rely on any external dependencies to operate (like a distributed ledger), meaning it’s far more efficient than other approaches based on CL-signatures and zk-SNARKs. We’ve open-sourced our LD-Proofs suite for VCs including performance benchmarks so you can check it out yourself.","Using privacy-preserving ZKP credentials on the Mattr Platform Mattr is proud to announce we’ve added support for privacy-preserving verifiable credentials on our platform using BBS+ signatures. Using a technique to implement selective disclosure, we’ve added the ability to generate credentials that support zero knowledge proofs without revealing any unnecessary information about the end-user, or placing any added burden on issuers, in the process. Since we first introduced and open-sourced JSON-LD BBS+ Signatures at IIW30 in April of this year, we’ve received lots of engagement, feedback and contributions from the broader technical community to further develop the implementations and specifications we presented. You can read more about our approach to privacy-preserving verifiable credentials on our introductory blog post. One of the benefits of using the BBS+ cryptographic scheme to sign credentials is the ability to derive a zero knowledge proof from the signature, where the party generating the proof can choose to partially disclose statements from the original message. When enabled, this feature allows issuers to create a credential that effectively enforces minimal data disclosure using the Mattr Platform and a compliant digital wallet. To support this functionality, we generate the keys required to support these signatures and create a Decentralized Identifier (DID) with the keys referenced in the DID Document. BBS+ signatures require what’s called a pairing-friendly curve, we use BLS12–381. This DID can be referenced in credentials to establish the issuer of the data, a common practice to allow a verifier or relying party to trace the root of trust in a credential. To issue a ZKP-enabled credential, simply use our API endpoint to create a new DID Key with type set to BLS 12–381. Then, create a Verifiable Credential (VC) using your new DID Key as the issuer DID. Our platform will automatically detect this capability is available in your DID and create a ZKP-enabled BBS+ credential for you. You can use the platform this way to create a privacy-enabled credential, or you can create a regular credential by providing a DID with a different key type — you have the option. On the user side, you can hold ZKP-enabled credentials in your wallet alongside all of your other credentials. We’ve designed this process in a way that minimizes friction to the user. In future updates, our Mobile Wallet App will be able to detect if BBS+ signatures are being used in a credential. When you get a request to verify some information contained in one of these privacy-enabled credentials, it will derive a new presentation that selectively discloses the required info using a zero-knowledge proof. The platform will then allow verification of the proof using the same interface as any other type of presentation. Our integrated approach treats zero-knowledge proofs as an extension of VCs, rather than an entirely new framework with a separate set of dependencies. We have built BBS+ Signatures and privacy-enabled credentials into our platform for anybody to experim
Mattr,Personal,,,Damien Bowden,,,,,,Implement Compound Proof BBS+ Verifiable Credentials Using ASP.NET Core and Mattr,The ZKP BBS+ verifiable credentials are issued and stored on a digital wallet using a Self-Issued Identity Provider (SIOP) and OpenID Connect. A compound proof presentation template is created to verify the user data in a single verify. Code: [https://GitHub.com/swiss-ssi-group/MattrAspNetCoreCompoundProofBBS](https://GitHub.com/swiss-ssi-group/MattrAspNetCoreCompoundProofBBS),"This article shows how Zero Knowledge Proofs BBS+ verifiable credentials can be used to verify credential subject data from two separate verifiable credentials implemented in ASP.NET Core and Mattr. The ZKP BBS+ verifiable credentials are issued and stored on a digital wallet using a Self-Issued Identity Provider (SIOP) and OpenID Connect. A compound proof presentation template is created to verify the user data in a single verify. Code: https://GitHub.com/swiss-ssi-group/MattrAspNetCoreCompoundProofBBS Blogs in the series - Getting started with Self Sovereign Identity SSI - Create an OIDC credential Issuer with Mattr and ASP.NET Core - Present and Verify Verifiable Credentials in ASP.NET Core using Decentralized Identities and Mattr - Verify vaccination data using Zero Knowledge Proofs with ASP.NET Core and Mattr - Challenges to Self Sovereign Identity - Implement Compound Proof BBS+ verifiable credentials using ASP.NET Core and Mattr What are ZKP BBS+ verifiable credentials BBS+ verifiable credentials are built using JSON-LD and makes it possible to support selective disclosure of subject claims from a verifiable credential, compound proofs of different VCs, zero knowledge proofs where the subject claims do not need to be exposed to verify something, private holder binding and prevent tracking. The specification and implementation are still a work in progress. Setup The solution is setup to issue and verify the BBS+ verifiable credentials. The credential issuers are implemented in ASP.NET Core as well as the verifiable credential verifier. One credential issuer implements a BBS+ JSON-LD E-ID verifiable credential using SIOP together with Auth0 as the identity provider and the Mattr API which implements the access to the ledger and implements the logic for creating and verifying the verifiable credential and implementing the SSI specifications. The second credential issuer implements a county of residence BBS+ verifiable credential issuer like the first one. The ASP.NET Core verifier project uses a BBS+ verify presentation to verify that a user has the correct E-ID credentials and the county residence verifiable credentials in one request. This is presented as a compound proof using credential subject data from both verifiable credentials. The credentials are presented from the Mattr wallet to the ASP.NET Core verifier application. The BBS+ compound proof is made up from the two verifiable credentials stored on the wallet. The holder of the wallet owns the credentials and can be trusted to a fairly high level because SIOP was used to add the credentials to the Mattr wallet which requires a user authentication on the wallet using OpenID Connect. If the host system has strong authentication, the user of the wallet is probably the same person for which the credentials where intended for and issued too. We only can prove that the verifiable credentials are valid, we cannot prove that the person sending the credentials is also the subject of the credentials or has the authorization to act on behalf of the credential subject. With SIOP, we know that the credentials were issued in a way which allows for strong authentication. Implementing the Credential Issuers The credentials are created using a credential issuer and can be added to the users wallet using SIOP. An ASP.NET Core application is used to implement the Mattr API client for creating and issuing the credentials. Auth0 is used for the OIDC server and the profiles used in the verifiable credentials are added here. The Auth0 server is part of the credential issuer service busines
Mattr,Mattr,,,Emily Fry; Tobias Looker,,,,,,New to JSON-LD? Introducing JSON-LD Lint,"The rise in popularity of javascript (due to its natural language monopoly in web-browsers) led to a mass exile from XML and shift over to JSON as the prefered data representation format. In the process, certain valuable features of XML were lost, in particular those that provide a standardised semantic syntax. JSON-LD defines this missing layer of syntax, which improves semantic reasoning around data. This is critical for maintaining data quality and trust in data, which is particularly important as we increase our reliance on digital infrastructure, IOT and AI.","New to JSON-LD? Introducing JSON-LD Lint JSON-LD, based on the ubiquitous JSON technology, is rapidly gaining adoption on the web. JSON-LD is an innovation relevant to both business minds and developers alike. For those unfamiliar with this technology, this short video is a great introduction. At Mattr we use JSON-LD in a variety of ways. For example, the platform generates credentials using this technology so that they can be inherently understood and referenced. Despite it’s growing adoption, the success of standards based technologies like JSON-LD tends to depend on how quickly and easily developers can understand it. Developers rely on tools such as compilers, IDE’s (integrated development environments) like visual studio code and linters to provide them with guidance and feedback as they code. These tools are essential for facilitating developer productivity and education. When it comes to JSON-LD, many have observed that there are limited educational tools and resources available. The lack of training wheels in the space creates a barrier to entry, or results in developers breaking things along the way. Having been on this journey ourselves, we want to make it easier for developers to pick up JSON-LD. That’s why we have developed a linter, which we are open-sourcing today. Specifically, we are open-sourcing a mono-repo of packages (“JSON-LD Lint”) designed to lint/process JSON-LD documents. These packages are: - JSON-LD Lint Core — A typescript/javascript library containing the core linting engine for JSON-LD documents - JSON-LD Lint CLI — A command line tool for linting/processing JSON-LD documents. - JSON-LD Lint VSCode Extension — A VS Code extension aimed at providing an improved development experience within VS Code when dealing with JSON-LD documents (coming soon to the VSCode marketplace). We hope that these packages will help more developers to understand and adopt this technology. As always, we appreciate your feedback and welcome your involvement in progressing this project further! Head along to our GitHub to get involved. You can also gain access to Mattr’s sandbox platform to issue your own JSON-LD credentials today. FAQ What is JSON-LD and why is it on the rise? The rise in popularity of javascript (due to its natural language monopoly in web-browsers) led to a mass exile from XML and shift over to JSON as the prefered data representation format. In the process, certain valuable features of XML were lost, in particular those that provide a standardised semantic syntax. JSON-LD defines this missing layer of syntax, which improves semantic reasoning around data. This is critical for maintaining data quality and trust in data, which is particularly important as we increase our reliance on digital infrastructure, IOT and AI. What is a Linter? Developers are renowned for building tools that make their job easier — whether it be through automating previously manual processes or designing tools that help to catch their mistakes. The number of tools available has grown in tandem with the open source movement. In general a linter is a tool that analyzes some input (often source code) and flag errors, bugs, stylistic errors, and suspicious constructs. It provides developers with feedback around detected issues with their code/input and often includes information on how it could be fixed.",https://Mattr.global/resources/articles/new-to-json-ld-in
Mattr,CCG,,,Daniel Hardman,,,,,,"credential definitions, credential manifests, BBS+, etc","When Tobias first described Mattr's approach to BBS+ signatures, one of my takeaways was that this changed the Indy mechanism of cred defs in two wonderful ways:<br>1. It eliminated the need for lots of keys (only one key, Y, needs to be declared as a credential signing key, instead of a set of keys, Y[0]..Y[n])<br>2. It made it possible to store a cred def somewhere other than a ledger<br>I was very happy about this.<br>However, I have since heard several smart people summarize the breakthrough as: ""We don't need credential definitions at all. You just use the assertionMethod key in your DID doc to sign credentials, and that's all you need."" I believe this is oversimplifying in a way that loses something important, so I wanted to open a conversation","(For those who have never heard of/ understood the thing that Hyperledger Indy calls a ""credential definition"", let me first define the term. A credential definition is a public statement by an issuer, announcing to the world, ""I plan to issue credentials that match schema X. I will sign them with key(s) Y[0]..Y[n], and I will revoke them with the following mechanism: Z."" Because cred defs are not discussed in the VC spec, they have been viewed as a symptom of unnecessary divergence from standards - although they don't violate the VC spec in any way, either. Indy stores cred defs on a ledger, but this is not an essential property, just a convenience.) When Tobias first described Mattr's approach to BBS+ signatures, one of my takeaways was that this changed the Indy mechanism of cred defs in two wonderful ways: 1. It eliminated the need for lots of keys (only one key, Y, needs to be declared as a credential signing key, instead of a set of keys, Y[0]..Y[n]) 2. It made it possible to store a cred def somewhere other than a ledger I was very happy about this. However, I have since heard several smart people summarize the breakthrough as: ""We don't need credential definitions at all. You just use the assertionMethod key in your DID doc to sign credentials, and that's all you need."" I believe this is oversimplifying in a way that loses something important, so I wanted to open a conversation about it. In doing so, I am NOT arguing that cred defs should be required for all VCs, and I am also NOT arguing that credential defs should live on a ledger (I love that Mattr's removed that requirement). I am instead suggesting that they are highly desirable for *some* VCs no matter what the signature format of the VCs is, and that they should become a welcomed part of the ecosystem for all of us (without any introduction of other Indy-isms). VCs CAN absolutely be issued ad-hoc. That is, any controller of a DID can build a credential on the spur of the moment, inventing (or referencing) whatever schema they like, and using any key from the appropriate verification method in their DID doc to sign. And VCs issued in this ad-hoc way can be verified by simply looking for the schema a verifier hopes to see. This totally works. But there are several useful properties that we give up when we operate in this ad-hoc fashion, that we would retain if we used credential definitions: 1. Discoverability (not of individual VCs, but of the VC-publication activities and intentions of institutions) 2. A stable target for reputation 3. A formal versioning strategy As an approximation, credential definitions can provide, for VCs, the same sort of publication formality that a Debian repo provides for Linux artifacts, or that an app store provides on a mobile platform. Is it possible to publish artifacts without such mechanisms? Absolutely. But by publicizing and regularizing the behavior of software ""issuers"", they have a powerful effect on the integrity and predictability/trust of the ecosystem as a whole. (I admit in advance that this analog is imperfect. App stores are centralized. I'm not arguing for centralization as a defining characteristic of VC issuance.) Re. discoverability: without a cred def, there
Mattr,Mattr,,Medium,Nader Helmy,,,,,,A solution for privacy-preserving Verifiable Credentials,"Here at Mattr, we are piloting an approach to ZKPs based on BBS+ signatures. Beyond the privacy and security benefits of ZKPs in general, this approach has a number of additional benefits compared to the ZKP implementations that exist today.","A solution for privacy-preserving Verifiable Credentials The recent ratification of Verifiable Credentials (VCs) as a new standard at the W3C defines a powerful new data model for interoperability of identity technologies. As a standard it also represents a disruptive shift in the future design options of digital systems, towards ones that feature more portable and user-centric digital identity, often referred to as ‘self-sovereign’ or ‘decentralized identity’. The basic data model of verifiable credentials may be familiar to developers and architects that are used to working with attribute-based credentials and data technologies. The issuer, or the authority on some information about a subject (e.g a person), issues a credential containing this information in the form of claims to a holder. The holder is responsible for storing and managing that credential, and in most instances is a piece of software that acts on behalf of the subject such as a digital wallet. When a verifier, sometimes referred to as a relying party, needs to validate some information, they can request from the holder some data to meet their verification requirements. Depending on the capabilities of the underlying technology, the holder is free to present the claims contained in their verifiable credentials using any number of techniques to preserve their privacy. The concept of issuing authorities and verifiers or relying parties has been around on the web for quite a long time. It is a model adopted by certificate authorities which are used to securely browse websites as well as protocols like OpenID Connect that are used to manage identity claims about a subject. The real innovation of the verifiable credentials standard is that it pushes for the introduction of a layer between relying parties or verifiers and issuing authorities — what’s known in the VC data model as a ‘holder’. The introduction of this layer signals a shift towards a new paradigm, giving users greater control over their own information and also making it more convenient for a user to manage their digital identity. One of the important principles that we want to achieve when designing any system that involves handling PII is to minimize the data disclosed in a given interaction. When users share information, they should be able to choose what and how much they share on a case-by-case basis (often referred to as selective disclosure), while the relying parties receiving the information must be able to maintain assurances about the presented information’s origin and integrity. As technologists, by having solutions that easily achieve selective disclosure, we can drive a culture based on the minimum information exchange required to enhance user privacy. When it comes to solutions, there are many different ways to tackle this problem, but three of the most common are: - Just in time issuance — Contact the issuer at request time either directly or indirectly for a tailored assertion containing only the information required by the relying party. - Trusted witness — Use a trusted witness between the prover and the relying party to mediate the information disclosure. - Cryptographic solutions — Use a cryptographic technique to disclose a subset of information from a larger assertion. While each solution is perfectly valid in different scenarios, these approaches have some important trade-offs. Just in time issuance, a model made popular by OpenID Connect, assumes the issuer is highly available, which imposes an infrastructure burden on the issuer that is proportional to the number of subjects they have information for and where those subjects use their information. Furthermore, in most instances of this model, the issuer learns wh
Mattr,Mattr,,,,,,,,IIW30,BBS+ signatures,"Mattr is proud to announce we’ve added support for privacy-preserving verifiable credentials on our platform using BBS+ signatures. Using a technique to implement selective disclosure, we’ve added the ability to generate credentials that support zero knowledge proofs without revealing any unnecessary information about the end-user, or placing any added burden on issuers, in the process. Since we first introduced and open-sourced JSON-LD BBS+ Signatures at IIW30 in April of this year, we’ve received lots of engagement, feedback and contributions from the broader technical community to further develop the implementations and specifications we presented. You can read more about our approach to privacy-preserving verifiable credentials on our introductory blog post.<br><br>","Using privacy-preserving ZKP credentials on the Mattr Platform Mattr is proud to announce we’ve added support for privacy-preserving verifiable credentials on our platform using BBS+ signatures. Using a technique to implement selective disclosure, we’ve added the ability to generate credentials that support zero knowledge proofs without revealing any unnecessary information about the end-user, or placing any added burden on issuers, in the process. Since we first introduced and open-sourced JSON-LD BBS+ Signatures at IIW30 in April of this year, we’ve received lots of engagement, feedback and contributions from the broader technical community to further develop the implementations and specifications we presented. You can read more about our approach to privacy-preserving verifiable credentials on our introductory blog post. One of the benefits of using the BBS+ cryptographic scheme to sign credentials is the ability to derive a zero knowledge proof from the signature, where the party generating the proof can choose to partially disclose statements from the original message. When enabled, this feature allows issuers to create a credential that effectively enforces minimal data disclosure using the Mattr Platform and a compliant digital wallet. Issuers can create ZKP-enabled credentials that allow the user to selectively disclose data To support this functionality, we generate the keys required to support these signatures and create a Decentralized Identifier (DID) with the keys referenced in the DID Document. BBS+ signatures require what’s called a pairing-friendly curve, we use BLS12–381. This DID can be referenced in credentials to establish the issuer of the data, a common practice to allow a verifier or relying party to trace the root of trust in a credential. To issue a ZKP-enabled credential, simply use our API endpoint to create a new DID Key with type set to BLS 12–381. Then, create a Verifiable Credential (VC) using your new DID Key as the issuer DID. Our platform will automatically detect this capability is available in your DID and create a ZKP-enabled BBS+ credential for you. You can use the platform this way to create a privacy-enabled credential, or you can create a regular credential by providing a DID with a different key type — you have the option. On the user side, you can hold ZKP-enabled credentials in your wallet alongside all of your other credentials. We’ve designed this process in a way that minimizes friction to the user. In future updates, our Mobile Wallet App will be able to detect if BBS+ signatures are being used in a credential. When you get a request to verify some information contained in one of these privacy-enabled credentials, it will derive a new presentation that selectively discloses the required info using a zero-knowledge proof. The platform will then allow verification of the proof using the same interface as any other type of presentation. Our integrated approach treats zero-knowledge proofs as an extension of VCs, rather than an entirely new framework with a separate set of dependencies. We have built BBS+ Signatures and privacy-enabled credentials into our platform for anybody to experiment with, in what we think is a significant milestone for st
Mattr,Mattr,,Medium,Nader Helmy,,,,,,JWT vs Linked Data Proofs: comparing Verifiable Credentials,"Linked Data Proofs offer more flexibility and are thus more scalable for global decentralized networks. Plus, because they natively work with JSON-LD, they encourage adoption of an open-world data model and re-usage of schemas that makes JSON-LD so powerful. JWTs, in contrast, offer a simple and straightforward way to express data with a limited semantic vocabulary. Using JWTs with JSON-LD provides a potential compromise between the two approaches, but loses much of the flexibility provided by Linked Data Security.","JWT vs Linked Data Proofs: comparing Verifiable Credentials Verifiable Credentials, a standard at the W3C as of late last year, is a verifiable data model which can be represented in multiple different assertion formats. Essentially, these formats, or ‘types’ of verifiable credentials, are just alternative ways to represent the same information. The data model described by VCs does not dictate a particular rendering or assertion format, however there are clear trade-offs between the different implementation choices that offer a number of useful insights. Both of the existing VC formats build off of JSON, the primary serialization format used on the web today. The first of these is JSON Web Token, or JWT, and the other is Linked Data Proofs. The ‘Linked Data’ in Linked Data Proofs refers to JSON Linked Data, or JSON-LD. While Linked Data Proofs are designed specifically to work with JSON-LD, the JWT-based assertion format can be used with either JSON-LD or plain JSON. Comparison JWTs have the benefit of already being widely used in today’s identity technologies, most notably in the framework used by OAuth 2.0 and OpenID Connect. Because of this, there are a number of existing software libraries and tools that developers can use immediately to begin building out their implementations. In addition, due to the fact that JWT-based credentials rely on a shared assertion format with existing identity technologies, it may be an easier mental model for newcomers to adopt when starting to experiment with VCs. JWTs are, however, limited in other ways. While they are efficient at representing information, they do very little to allow humans and software to understand the context of the data they represent. As the VC standard continues to mature and adoption increases, what’s starting to emerge is a web of verifiable data. The data in this ‘web’ originates from many different sources and many different contexts, so it’s important that we have some common standards to maintain the hygiene and quality of the data we are using. The widespread usage of a format such as JWT leads to deep data quality issues when you want to build an ecosystem on consistent, high-quality linked data. Because JWT poorly represents the context of data, its utility in the context of rich data supply chains is quite limited. Fortunately, we have an alternative model that overcomes this significant limitation. Linked Data Proofs offer a number of improvements on top of JSON. The primary benefit of the JSON-LD format used by LD-Proofs is that it builds on a common set of semantics that allow for broader ecosystem interoperability. It provides a standard vocabulary that makes data more portable as well as easy to consume and understand across different contexts. In order to create a crawlable web of verifiable data, it’s important that we prioritize strong reuse of data schemas as a key driver of interoperability efforts. Without it, we risk building a system where many different data schemas are used to represent the same exact information, creating the kinds of data silos that we see on the internet today. JSON-LD makes semantics a first-class principle and is therefore a solid basis for constructing VC implementations. JSON-LD is widely adopted on the web today, with W3C reporting it is used by 30% of the web and Google making it the de facto technology for search engine optimization. When it comes to verifiable credentials, it wo
Mattr,Mattr,,Medium,,,,,,,OpenID Connect Credential Provider,"Introducing OpenID Connect Credential Provider, an extension to OpenID Connect which enables the end-user to request credentials from an OpenID Provider and manage their own credentials in a digital wallet. This specification defines how an OpenID Provider can be extended beyond being the provider of simple identity assertions into being the provider of credentials, effectively turning these Identity Providers into Credential Providers.","Introducing OIDC Credential Provider OpenID Connect (OIDC) is a hugely popular user authentication and identity protocol on the web today. It enables relying parties to verify the identity of their users and obtain basic profile information about them in order to create an authenticated user experience. In typical deployments of OpenID Connect today, in order for a user to be able to exercise the identity they have with a relying party, the relying party must be in direct contact with what’s known as the OpenID Provider (OP). OpenID Providers are responsible for performing end-user authentication and issuing end-user identities to relying parties. This effectively means that an OpenID Provider is the Identity Provider (IdP) of the user. It’s the reason we often see buttons that say “Login with Google” or “Login with Facebook” during the login journey in an application or service. The website or application you want to use must first authenticate who you are with a provider like Google or Facebook which controls and manages that identity on your behalf. In this context we can think of the IdP as the “man in the middle.” This relationship prevents users from having a portable digital identity which they can use across different contexts and denies users any practical control over their identity. It also makes it incredibly easy for IdPs like Google or Facebook to track what users are doing, because the “man in the middle” can gather metadata about user behavior with little agency over how this identity data is shared and used. In order to allow users to have practical control over their identity, we need a new approach. Introducing OpenID Connect Credential Provider, an extension to OpenID Connect which enables the end-user to request credentials from an OpenID Provider and manage their own credentials in a digital wallet. This specification defines how an OpenID Provider can be extended beyond being the provider of simple identity assertions into being the provider of credentials, effectively turning these Identity Providers into Credential Providers. To maximize the reuse of existing infrastructure that’s deployed today, OIDC Credential Provider extends the core OpenID Connect protocol, maintaining the original design and intent of OIDC while enhancing it without breaking any of its assumptions or requirements. Instead of using OIDC to provide simple identity assertions directly to the relying party, we can leverage OIDC to offer a Verifiable Credential (VC) which is cryptographically bound to a digital wallet of the end-users choice. The digital wallet plays the role of the OpenID Client application which is responsible for interacting with the OpenID Provider and manages the cryptographic key material (both public and private keys) used to prove ownership of the credential. The credentials issued to the wallet are re-provable and reusable for the purposes of authentication. This helps to decouple the issuance of identity-related information by providers and the presentation of that information by a user, introducing the user-controlled “wallet” layer between issuers and relying parties. Essentially, a wallet makes a request to an OpenID provider in order to obtain a credential, and then receives the credential back into their wallet so they can later use it to prove their identity to relying parties. The interaction consists of three main steps: - The Client sends a signed credential request to the OpenID Provider with their public key - The OpenID Provider authenticates and authorizes the End-Use
Mattr,Mattr,,GitHub,T. Looker ; J. Thompson ; A. Lemmon ; K. Cameron<br>,,,,,,OIDC Credential Provider,is “an extension to OpenID Connect which enables the end-user to request credentials from an OpenID Provider and manage their own credentials in a digital wallet.”,"|OpenID Connect Credential Provider||April 2021| |Looker, et al.||Informational||[Page]| OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It enables relying parties to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User.¶ OpenID Providers today within OpenID Connect assume many roles, one of these is providing End-User claims to the relying party at the consent of the End-User such as their name or date of birth, providers performing this function are often referred to as being claims providers. However, the need for End-Users to be able to provide a variety of claims to a relying party from different providers is only increasing as many business processes that span multiple logical domains such as KYC and education move towards digital channels.¶ However, assuming a direct integration between the relying party and the claims providers leads to a difficult experience for End-Users to manage. Instead End-Users need a way to consolidate the different identities and claims they have available with various claims providers into one place where they can manage their release from. In doing this, a layer of in-direction is created between the relying party and the claims provider through the introduction of a new party that we refer to in this specification as being the ""holder"".¶ In OpenID Connect today the existing ways to communicate End-User claims to relying parties are the id_token and the userinfo endpoint, however these mechanisms alone are unsuitable for the style of indirect presentation of claims to relying parties via a holder, as the relying party must be able to authenticate the authority of the holder to be presenting the claims on behalf of the End-User. Instead in order to support this style of flow, this specification defines a new vehicle for communicating End-User claims called a ""credential"". In addition to this definition this specification defines how an existing OpenID Provider can be extended to issue ""credentials"" to holders.¶ OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It enables relying parties to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User.¶ OpenID Providers today within OpenID Connect assume many roles, one of these is providing End-User claims to the relying party at the End-User's consent such as their name or date of birth. OpenID providers performing this function are often referred to as being claims providers. However, the need for End-Users to be able to provide a variety of claims from different providers is only increasing as many business processes that span multiple logical domains such as KYC and education move towards digital channels.¶ However, assuming a direct integration between the relying party and the claims providers leads to a difficult experience for End-Users to manage. Instead End-Users need a way to consolidate the different identities and claims they have available with various claims providers into one place where they can manage their release from. In doing this, a layer of indirection is created between the relying party and the claims provider through the introduction of a new party that we refer to in this specification as being the ""holder"".¶ In OpenID Connect today the existing ways to communicate End-User claims to relying parties are the id_token and the userinfo endpoint. However, these mechanisms alone are unsuitable for the style of indirect presentation of claims to relying parties via a holder as the relying party must be able to authenticate the authority of the holder to b
Mattr,CCG,,GitHub,Dave Longley ; Manu Sporny,Mattr,,,,,Revocation List 2020,"This specification describes a privacy-preserving, space-efficient, and high-performance mechanism for publishing the revocation status of Verifiable Credentials.","This specification describes a privacy-preserving, space-efficient, and high-performance mechanism for publishing the revocation status of Verifiable Credentials. This document is experimental and is undergoing heavy development. It is inadvisable to implement the specification in its current form. An experimental implementation is available. It is often useful for an issuer of verifiable credentials [[VC-DATA-MODEL]] to link to a location where a verifier can check to see if a credential has been revoked. There are a variety of privacy and performance considerations that are made when designing, publishing, and processing revocation lists. One such privacy consideration happens when there is a one-to-one mapping between a verifiable credential and a URL where the revocation status is published. This type of mapping enables the website that publishes the URL to correlate the holder, time, and verifier when the status is checked. This could enable the issuer to discover the type of interaction the holder is having with the verifier, such as providing an age verification credential when entering a bar. Being tracked by the issuer of a driver's license when entering an establishment violates a privacy expectation that many people have today. Similarly, there are performance considerations that are explored when designing revocation lists. One such consideration is where the list is published and the burden it places from a bandwidth and processing perspective, both on the server and the client fetching the information. In order to meet privacy expectations, it is useful to bundle the status of large sets of credentials into a single list to help with herd privacy. However, doing so can place an impossible burden on both the server and client if the status information is as much as a few hundred bytes in size per credential across a population of hundreds of millions of holders. The rest of this document proposes a highly compressible, bitstring-based revocation list mechanism with strong privacy-preserving characteristics, that is compatible with the architecture of the Web, is highly space-efficient, and lends itself well to content distribution networks. As an example of using this specification to achieve a number of beneficial privacy and performance goals, it is possible to create a revocation list that can be constructed for 100,000 verifiable credentials that is roughly 12,500 bytes in size in the worst case. In a case where a few hundred credentials have been revoked, the size of the list is less than a few hundred bytes while providing privacy in a herd of 100,000 individuals. This section outlines the core concept utilized by the revocation list mechanism described in this document. At the most basic level, revocation information for all verifiable credentials issued by an issuer are expressed as simple binary values. The issuer keeps a bitstring list of all verifiable credentials it has issued. Each verifiable credential is associated with a position in the list. If the binary value of the position in the list is 1 (one), the verifiable credential is revoked, if it is 0 (zero) it is not revoked. One of the benefits of using a bitstring is that it is a highly compressible data format since, in the average case, large numbers of credentials will remain unrevoked. This will ensure long sections of bits that are the same value and thus highly compressible using run-length compression techniques such as ZLIB [[RFC1950]]. The default bitstring size is 16KB (131,072 entries), and when only a handful of verifiable credentials are revoked, the compressed bitstring size is reduced down to a few hundred bytes. Another benefit of using a bitstring is that it enables large numbers of verifiable credential revocation statuses to be placed in the same list. This specification utilizes a mi
Mattr,Mattr,,,,,,,,,Verifiable Credential based Authentication via OpenID Connect,"At MATTR, we’ve been working hard on an exciting opportunity with the Government of British Columbia (BC Gov) in Canada. In June 2019, the BC Gov Verifiable Organisations Network team put out a “Code With Us” development bounty to integrate KeyCloak, their chosen enterprise Identity and Access Management (IAM) solution, with a new W3C standard called Verifiable Credentials. This work led to a solution that enables the use of Verifiable Credentials (VC) as a means of authentication that is interoperable with OpenID Connect (OIDC). We call this work VC-AuthN-OIDC. The output is an adapter that bridges these standards and enables a whole new set of capabilities through a simple extension of most modern IAM solutions.",,https://mattr.global/verifiable-credential-based-authentication-via-openid-connect/,https://mattr.global/wp-content/uploads/2019/10/0_Kcm1VBTjAxZP9Dkk-1024x465.png,post,,Standards,,,,,,,,2019-12-10,,,,,,,,,,,,,
Meeco,,Meeco,,Katryna Dow,MyData; Respect Network; DIF,"Australia, Melbourne, Victoria",Europe,GDPR,,Meeco,"Meeco gives people and organisations the tools to access, control and create mutual value from Personal data<br><br>Privately, securely and with explicit consent","Put your customers in control of their Personal data, identity and digital assets Unlock the power of permissioned Personal data and digital assets with enterprise infrastructure that has privacy, security and convenience built in. Reduce cost and meet data compliance requirements on a range of uses cases, from decentralised identity to digital asset management. Deploy new business models built on digital trust and evolve existing applications from Web2 to Web3 with our platform for Personal identity and data ecosystems. Trust is a key enabler of connected digital communities. It is central to delivering sustainable outcomes across financial services, mobility, health, education, environment, public administration, employment and eCommerce.next Seamless experiences are underpinned by tools that deliver interoperability. Citizens, employees, students, patients and customers can securely transact across networks and ecosystems.next Hybrid infrastructure will support the transition from Web2 to Web3, delivering security, convenience and decentralised services.next Enterprise customers can complete their Web3 transition with Secure Value Exchange by Meeco. Offering secure data storage through to self-sovereign identity and verifiable credentials, SVX is a complete toolkit for enterprise customers to deploy trusted Personal data ecosystems.next",https://meeco.me,,Company,,Company,Enterprise,ID,,Personal Data,,,,2012-08-23,https://github.com/Meeco,https://twitter.com/meeco_me,https://www.youtube.com/user/MeecoMe,https://blog.meeco.me/,,,https://www.crunchbase.com/organization/meeco,https://www.linkedin.com/company/meeco-me/,,https://dev.meeco.me/,https://app.meeco.me/,,
Meeco,Meeco,,,,,,,EU Data Strategy,,European Strategy for Data,"A Meeco Review of the European Strategy for Data Communication from the European Commission on February 19th, 2020",,https://media.meeco.me/public-assets/reports/Meeco_Review_of_European_Strategy_for_Data.pdf,,Report,,Ecosystem,Public,,,,,,,2020-02-19,,,,,,,,,,,,,
Meeco,Meeco,,,,,,,EU Data Governance Act,,EU Data Governance Act,"We welcome the regulation as a needed common ground for clarifying the role of data intermediaries, building trust in these intermediaries and setting the direction for data governance, including the emergence of digital human rights.In this context we offer the following suggestions:<br>1. Explicitly include individuals as active participants in the definitions [...]<br>2. Clarify the scope of the data sharing services (Art. 9 (2)) and extend it to include services that empower the data subject beyond compliance.<br>3. Foster the growth of intermediaries, which offer new technologies and have the greatest likelihood of success in Europe if supported by the Data Governance Act.<br>4. Open silos and implement soft infrastructure such as standards & open APIs to accelerate uptake and interoperability between data sharing services.<br>5. Foster eco-systems and demonstrate the value through practical use-cases.<br>6. Create a level playing field for sustainable data sharing by providing funding to pioneers at the forefront of developing data eco-systems<br><br>","The proposed European Data Governance Act is another progressive indication that the EU is seeking to develop a more equitable digital economy. However, where we go from here depends on how the European Union is able to use the Data Governance Act to strike a balance between the existing tech giants and data platforms alongside an entirely new range of services designed to enable the collection, protection and exchange of data. Currently, a handful of global players enjoy a virtual monopoly on the exploitation of data. Unlocking these data silos and regulating for data mobility and interoperability will provide the vital infrastructure required for meeting the challenges of the next century, including timely and informed decision making. At Meeco we believe that enabling citizens, students, patients, passengers and consumers to more equitably join the value chains fuelled by data will ultimately lead to greater trust and Personalisation, resulting in a more prosperous society. However, this will require new commercial models, enforceable regulation such as the Data Governance Act and the digital tools to transform our connected society. We believe this will lead to significant benefits to including Personalised health and education, increased financial literacy and better financial decisions, more informed consumer choices which also contribute to protecting our environment. Meeco is endorsing the Data Governance Act as a founding member of Data Sovereignty Now; a coalition of leading Europe-based technology companies, research institutions and not-for-profit organisations. We are working together to ensure that the control of data remains in the hands of the people and organisations that generate it in order to play a key role in not only securing the rights of individuals over their data, but also providing significant stimulus for the digital economy. Meeco is also a member of MyData Global and was amongst the first 16 organisations to be awarded the MyData Operator designation in 2020. We join in the goal towards developing interconnected and human-centric data intermediaries to meet the Personalisation and equity challenges of open digital society. We welcome the regulation as a needed common ground for clarifying the role of data intermediaries, building trust in these intermediaries and setting the direction for data governance, including the emergence of digital human rights. In this context we offer the following suggestions: - Explicitly include individuals as active participants in the definitions: define the key roles in data sharing (Art. 2 Definitions) so that data rights holders (data subject) and technical data holders (controller or processor) can be separated and acknowledge the type of data sharing where individuals are active participants in the transactions. - Clarify the scope of the data sharing services (Art. 9 (2)) and extend it to include services that empower the data subje
Meeco,Meeco,,,,,,,EU Data Strategy,,Meeco Review of the European Data Strategy,"This document has been written to give the reader a snapshot of the new European Union (EU) Strategy for Data published as an EU communication on February 19th, 2020. In this document the authors express their opinion by way of commentary on the topic of Personal data management and analysis of the strategy that the EU will adopt.<br><br>Meeco’s review points the reader to some of the most important elements of the EU’s position on various data issues, as well as the key elements of its strategy. We have taken care to include all direct excerpts between quotation marks and to reference them clearly back to the original communication document, by way of footnotes and demonstrated through relevant case studies.","The EU wants to become a leading role model for a society empowered by data to make better decisions – for individuals, in business and the public sector. It intends to be a major actor in the new Data Economy, holding its own against other world powers. The EU is committing to build a supportive environment in Europe from a regulatory and legal perspective. It will participate alongside Member States and private enterprise to build next generation technology and infrastructure solutions such as Cloud at the Edge Computing, Quantum Computing and of course Blockchain. – European Strategy for Data, A Meeco review of the European Strategy for Data Communication from the European Commission on February 19th, 2020. Europe will continue to place the individual citizen at the centre of the data equation, by promoting a human-centric approach to Personal data management. This document has been written to give the reader a snapshot of the new European Union (EU) Strategy for Data published as an EU communication on February 19th, 2020. In this document the authors express their opinion by way of commentary on the topic of Personal data management and analysis of the strategy that the EU will adopt. Meeco’s review points the reader to some of the most important elements of the EU’s position on various data issues, as well as the key elements of its strategy. We have taken care to include all direct excerpts between quotation marks and to reference them clearly back to the original communication document, by way of footnotes and demonstrated through relevant case studies. The production of data is literally exploding, with volumes growing massively from 33 zettabytes in 2018 to 175 zettabytes forecast in 2025. Much of this growth will be driven by the Internet of Things but not solely, as individuals, businesses and organisations fully understand the true potential of data-usage. In promoting more effective data usage, the EU believes that we can solve social and environmental issues for example and in doing so make for a more prosperous and sustainable society. “Data is the lifeblood of economic development” – page 14 European Strategy for Data € 4 – 6 Billion to be invested in total in 9 common European data spaces and a European federation of Cloud infrastructure and services. In addition, the strategy calls out the need for Personal data spaces that are ethical, compliant and human-centric. Industrial (manufacturing) data space, to support the competitiveness and performance of EU industry and to capture the potential value of non-Personal data in manufacturing. Green Deal data space, to use the major potential of data in support of the Green Deal priority actions on climate change, circular economy, zero-pollution, biodiversity, deforestation and compliance assurance. Mobility data space, to position Europe at the forefront of the development of an intelligent transport system and to facilitate access, pooling and sharing of data from existing and future transport and mobility databases. Health data space, which is essential for advances in preventing, detecting and curing diseases, as well as improvements in the accessibility, effectiveness and sustainability of the healthcare systems. Financial data space, to stim
Meeco,Meeco,,HelloUser,,,,,,,"Hello, User: Episode 13 with Katryna Dow","Welcome to lucky episode number 13! Your new host Aubrey Turner, Executive Advisor at Ping, is thrilled to welcome Katryna Dow, CEO & Founder of the award-winning data platform Meeco. Katryna discusses Meeco’s mission to enable everyone on the planet access to equity and value in exchange for the data and information they share. She talks about why she saw a need for Meeco’s services, what we need to know as we approach a more “physigital”world, and how her vision all started with a Tom Cruise film.","Description: Welcome to lucky episode number 13! Your new host Aubrey Turner, Executive Advisor at Ping, is thrilled to welcome Katryna Dow, CEO & Founder of the award-winning data platform Meeco. Katryna discusses Meeco’s mission to enable everyone on the planet access to equity and value in exchange for the data and information they share. She talks about why she saw a need for Meeco’s services, what we need to know as we approach a more “physigital”world, and how her vision all started with a Tom Cruise film. Key Takeaways: [1:34] Katryna talks about her journey of founding Meeco, and how she was inspired by Tom Cruise’s movie Minority Report. In early 2012 she sat down and wrote a Manifesto, and asked the question: what would happen if everyday people had the power to make really good decisions on data, the way that social networks, government, and enterprise do? How can we create meaningful value and make better decisions with our data? [8:12] Katryna shares some of her concerns around modern privacy and where she sees things evolving, both good and bad. [9:35] Technology is neutral. It’s what we do with it that gives it bias and can make it either creepy or cool. [11:33] What does Katryna mean when she says it starts with trust by design? [17:22] The next wave may be just starting to bring people and things into the direct value chain, through wearables or IoT devices for example. [18:31] How can we create better digital onboarding for employees, knowing that even post-COVID-19 our world will not go back to how it was in December 2020? One thing that Katryna is sure of is that we must lean into innovation rather than doing nothing and waiting to see. [36:13] We must make sure we are paying attention to the misalignment between law and technology, especially when it comes to ethics and the safety of children growing up in a digital-forward world. Quotes: - “I think the challenge for any kind of technology and regulation is a lag factor, not a lead factor.”—Katryna - “The line between creepy and cool is one of the things we are always trying to address from a technology point of view.”—Katryna - “There isn’t really the option to not find better ways of digitally engaging.”—Katryna Mentioned in This Episode: PingIdentity AubreyTurner KatrynaDow Meeco “HowCOVID-19 has pushed companies over the technology tipping point—and transformed business forever”",https://hellouser.libsyn.com/episode-13-with-katryna-dow,,Episode,,Explainer,,,,,,,,2022-01-11,,,,,,,,,,,,,
Meeco,Ubisecure,,,,,,,,,"Katryna Dow - Data minimisation: value, trust and obligation","She is the founder and CEO of Meeco, a Personal data and distributed ledger platform that enables people to securely exchange data via the API-of-Me with the people and organisations they trust. Katryna has been pioneering Personal data rights since 2002, when she envisioned a time when Personal sovereignty, identity and contextual privacy would be as important as being connected. Now within the context of GDPR and Open Banking, Distributed Ledger, Cloud, Artificial Intelligence and the Internet of Things have converged to make Meeco both possible and necessary. For the past three years, Katryna has been named as one of the Top 100 Identity Influencers.","with Katryna Dow, founder and CEO of Meeco. Katryna talks to Oscar about her career (including inspiration from Minority Report), Meeco’s Personal data & distributed ledger platform, the importance of data minimisation to inspire trust in organisations, and cultural differences in attitudes towards digital identity. [Scroll down for transcript] “The greatest way to overcome this privacy paradox is transparency.” “Where regulators have moved to increase the data transparency and data rights of individuals, these need to actually be part of the solution architecture.” Katryna Dow is the founder and CEO of Meeco; a Personal data & distributed ledger platform that enables people to securely exchange data via the API-of-Me with the people and organisations they trust. Katryna has been pioneering Personal data rights since 2002, when she envisioned a time when Personal sovereignty, identity and contextual privacy would be as important as being connected. Now within the context of GDPR and Open Banking, distributed ledger, cloud, AI and IoT have converged to make Meeco both possible and necessary. Find out more about Meeco at Meeco.me. For the past three years, Katryna has been named as one of the Top 100 Identity Influencers. She is the co-author of the blockchain identity paper ‘Immutable Me’ and co-author/co-architect of Meeco’s distributed ledger solution and technical White Paper on Zero Knowledge Proofs for Access, Control, Delegation and Consent of Identity and Personal Data. Katryna speaks globally on digital rights, privacy and data innovation. Follow Katryna on her blog at katrynadow.me, on LinkedIn and on Twitter @katrynadow. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @Ubisecure! Go to our YouTube to watch the video transcript for this episode. Or subscribe with your favorite app by using the address below Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hi and thanks for joining today. Today, we’re going to have a very interesting conversation about how many technologies and business ideas converge into products that help people directly to protect their data and their identity. For that we have a very special guest. Our guest today is Katryna Dow. She is the founder and CEO of Meeco, a Personal data and distributed ledger platform that enables people to securely exchange data via the API-of-Me with the people and organisations they trust. Katryna has been pioneering Personal data rights since 2002, when she envisioned a time when Personal sovereignty, identity and contextual privacy would be as important as being connected. Now within the context of GDPR and Open Banking, Distributed Ledger, Cloud, Artificial Intelligence and the Internet of Things have converged to make Meeco both possible and necessary. For the past three years, Katryna has been named as one of the Top 100 Identity Influencers. Hello, Katryna. Katryna Dow: Hello, Oscar. That introduction makes me feel I’m going backwards and forwards in time at the same time. Oscar: Very nice talking with you now Katryna. It’s super interesting having this conversation with you. I know there are so many things we can talk about. And so, I would like to he
Meeco,Meeco,,,,,,,,,Data Privacy: does anyone care?,The compelling data and research suggest that my original question now needs to be reframed. People most certainly do care about their data privacy. The question now is: how are organisations going to bridge this data privacy chasm?,"We’ve all heard the refrain….no-one cares about privacy anymore. I confess, that sometimes I feel the same way, particularly when I see my own family members oblivious to what they are sharing. I’ve even done it myself. Then I realise that it’s not that they don’t care about data privacy, it’s just they don’t have any agency to do anything about it. I recently gave a talk at Kuppinger Cole European Identity Conference 2021 so had cause to dig into this question afresh. If the newspaper and magazine headlines are anything to go by then data privacy is still very much a live issue. But what about real people? Surely there must be some examples that would help. I looked at two recent events that could act as a litmus test of public sentiment. The first was Apple’s decision as part of its update to iOS 14.5 that allowed users, for the first time, to control whether or not to allow apps to track their data. Pretty convincing data but maybe it was skewed towards Apple users. Maybe if I looked at something more serious like helping to fight the Covid pandemic, I’d see a completely different picture? According to the latest Edelman Trust Barometer, even fighting a Global pandemic is not sufficient reason to share data. The willingness to share data to Governments to help contain Covid has actually decreased over the last 12 months. Perhaps not surprising given how some Governments have not been too adept in handling privacy concerns¹. Finally, I was convinced by some latest research by KPMG - Corporate Data Responsibility – in August 2021. The research was conducted in the US but I suspect can be translated across the world. One set of statistics stood out: The compelling data and research suggest that my original question now needs to be reframed. People most certainly do care about their data privacy. The question now is: how are organisations going to bridge this data privacy chasm? This a real opportunity for organisations to step up and take a lead. An opportunity for organisations to action rebuilding trust and becoming data sustainable for the future. There are some immediate steps every organisation should start with: - Analyse your own ethics around data collection and use. Consider implementing a code of data ethics. - Be transparent and explicit around data collection and use and do it in a way that is upfront, easy and clear for everyone to understand. - Consider using privacy enhancing technologies to anonymise data or make use of synthetic data. - Give people access and control over their data empowering them to gain value and equity by sharing. - People openly admit they don’t know how to protect their Personal data and they are rightly peeved that organisations aren’t doing much to help. Take the lead now in establishing corporate data responsibility. Meeco can help provide the infrastructure you need to bridge the data privacy chasm. Reference:[1] https://www.theguardian.com/technology/2020/jul/20/uk-government-admits-breaking-privacy-law-with-test-and-trace-contact-tracing-data-breaches-coronavirus ________ About the author A highly strategic, technical and commercially astute executive. Jason Smith has over 20 years of experience of starting, growing and managing businesses. The last 10 years of which have been with data businesses. Prior to joining Meeco, Jason led a global project within Experian as part of their global data innovation team (‘Dx’) focusing on consent, data sharing & privacy. He also co-led projects on digital ID, privacy enabling technologies and consumer Personal data management applications. Jason also contributed to Experian’s response to the 2020 EU Data Strategy consultation. Previously, he established a research data lab as part of ScaleUpNation, in Amsterdam, using machine
Meeco,Meeco,,,,,,,,,Opening the domestic card rails to innovation,"Enabling Australian FinTechs a direct avenue to discuss how they partner and collaborate to access the eftpos payments network through the Committee resulted in recommendations that covered a number of central themes, including consultation and engagement, regulation, and technology and solutionsBen Tabell, eftpos Chief Information Officer and Committee Chair","Earlier this year, eftpos, in collaboration with FinTech Australia, established the eftpos FinTech Advisory Committee. The Committee was established as a way of giving Australian FinTechs a direct avenue to discuss how they partner and collaborate to access the eftpos payments network for the betterment of Australia's digital economy. Over the past five months, ten leading FinTech companies joined the Committee, chaired by Ben Tabell, eftpos' Chief Information Officer. Together, the Committee collaborated to help create an initial report on how to best leverage the eftpos digital roadmap, API programs along with a variety of industry topics. Enabling Australian FinTechs a direct avenue to discuss how they partner and collaborate to access the eftpos payments network through the Committee resulted in recommendations that covered a number of central themes, including consultation and engagement, regulation, and technology and solutionsBen Tabell, eftpos Chief Information Officer and Committee Chair Meeco is honoured to have been one of the companies invited to join the Committee alongside Assembly Payments, Bleu, Monoova, Sniip, Verrency, Ezypay, Azupay, POLi and Paypa Plane. The aim of the Committee is to advise eftpos on ways the company can build on its efforts to make it easier for FinTechs to access the eftpos network, products and services. The focus is to enable FinTechs to build experiences that can work across a broad range of connected devices in the digital economy. eftpos has now released the report in collaboration with FinTech Australia, delivering ten recommendations on how Australian fintechs can best leverage the eftpos digital roadmap and API programs. Of the recommendations in the report, Meeco is especially interested in the inclusion of data as the new currency, mobile wallets and digital identity. These map directly to the work Meeco has had the privilege to explore and validate together with eftpos over the past year. This includes a micropayments Proof-of-Technology using Meeco's multipurpose wallet decentralised on Hedera and a pilot that is now underway with eftpos' identity broker solution, connectID, for credentials verification as part of employee onboarding. We're delighted that this work with eftpos and Hedera Hashgraph has resulted in us being selected as a FinTech Australia Finnies finalist in the ""Excellence in Blockchain/Distributed Ledger"" category. The Finnies event and announcement of winners is now delayed to September, due to the rolling COVID restrictions in Australia. The eftpos FinTech Advisory Committee Report; Innovating on the domestic card rails, is now available to download. We would like to thank eftpos and FinTech Australia for the opportunity to have contributed to the Committee and the report. We hope you find it interesting and useful.",https://blog.meeco.me/opening-the-domestic-card-rails-to-innovation/,,Post,,Explainer,,,Payments,,,,,2021-07-29,,,,,,,,,,,,,
Meeco,Meeco,,,,,,,,,"Understanding the difference between Identity, Authentication and Authorisation",Identity is the answer to the “Who am I?” or “What am I?” question.- Authentication is about asking can I trust who or what this is?<br>- Authorisation follows authentication to determine what services are available to the trusted party.,"On August 7–8th 2018, technology experts from Australia and around the globe gathered in Canberra for the Digital ID Show. The event was co-located with the Technology in Government Expo and the Cyber Security in Government Conference. Overall, more than 2,500 attendees wandered among 120+ exhibitors and listened to 120+ speakers from a range of industries. The Digital ID Show focused on the bigger questions underpinning digital identity and what that means for the roll out of digital identity in Australia. These questions are not only being asked in Australia, several countries including the UK, Netherlands, Canada and USA are reviewing similar ideas. The concept is to provide users with a better way to prove ID, establish trust, reduce fraud, fight crime and terrorism, and streamline services and online payments. There are many different players involved, both from the government, as well as the private sector. One thing everyone agrees on, is that innovation and collaboration between all stakeholders is vital. In a world where everything is connected 24/7, where the power of AI is increasing, it is critical to get the foundations right. The recent data breaches and Facebook's data privacy scandals highlight the impact that technology can have on our Personal lives, including disastrous consequences if we do not take the right measures. Technology is neutral. It is neither good or evil. It does not have a concept of ethics, it only does what we set it up to do. We must be the ones asking the right questions to position technology to succeed with the right outcomes in society. A range of regulations is being implemented across the world to set a legislative framework around the use of Personal data. Laws like the General Data Protection Regulation (GDPR) in Europe are setting a standard for data privacy legislations. In Australia, the Open Banking changes will come in place by July 2019, permitting consumers to allow other financial companies and third parties access to their banking information. This will open new opportunities for businesses, as well as fairer and better products and services for customers. If implemented properly, these new laws can both protect our Personal data while enabling Personalisation at scale, all with explicit and informed consent. If we fail to put in place the right measures, it can lead to a digital dark age where no trust is established between consumers, organisations and public institutions. Solving the question of Digital Identity is an important first step, but the efforts should not stop there. In her talk entitled “Do you really need to know who I am?”, Meeco founder Katryna Dow outlined the differences between Identity, Authentication and Authorisation and how emerging solutions like progressive disclosure and Zero Knowledge Proofs can help solve some of the identity and Personal data challenges we face in the digital world. Identity is the answer to the “Who am I?” or “What am I?” question.Authentication is about asking can I trust who or what this is? Authorisation follows authentication to determine what services are available to the trusted party. With minimum information and transparency, users can still get maximum value from many services. A great example is the difference between asking for your date of birth versus asking if you are over 18 and therefore eligible to enter a night club, drive or purchase alcohol. Many services do not need to know your exact identity to provide you with their services. A trusted persona (backed by your real identity) can enable services to be provided in a more privacy preserving way. The service provider just needs to know that they can trust the party that vouches for you. When s
Meeco,DataSovereigntyNow,,,,,,,,,"When you invent the ship, you invent the shipwreck'","Katryna [Dow] believes that it is vital for the future of the internet that people and organisations obtain control of their data. This concept is called ‘data sovereignty’, but achieving that means rethinking the digital infrastructure the current internet is built upon. She calls for a soft infrastructure that consists of agreements between public and private-sector parties about the access to data.","In this edition of the Data Sharing Journal, INNOPAY’s Mariane ter Veen discusses data sovereignty with Katryna Dow, founder and CEO of Meeco. Katryna believes that it is vital for the future of the internet that people and organisations obtain control of their data. This concept is called ‘data sovereignty’, but achieving that means rethinking the digital infrastructure the current internet is built upon. She calls for a soft infrastructure that consists of agreements between public and private-sector parties about the access to data.",https://datasovereigntynow.org/2021/01/18/when-you-invent-the-ship-you-invent-the-shipwreck/,,Post,,Explainer,,,,,,,,2021-01-18,,,,,,,,,,,,,
Meeco,,,,,"EFTPOS, Hedera",,,,,Meeco announced as Finnies 2021 finalist,Meeco’s submission results from our work in collaboration with with[eftpos](https://www.eftposaustralia.com.au)and[Hedera Hashgraph](https://hedera.com/). The Australian payments giant eftpos recently announced joining the Hedera Governing Council after successfully conducting tests to determine the[feasibility of a digital Australian dollar stablecoin for micropayments](https://www.finextra.com/newsarticle/37360/australias-eftpos-to-set-up-hedera-hashgraph-node-for-micropayments). Meeco plays an important part in this world-leading initiative as the wallet provider for the proof-of-technology.,,https://blog.meeco.me/meeco-announced-as-finnies-2021-finalist/,,Post,,Meta,,,,,,,,2021-05-23,,,,,,,,,,,,,
Meeco,Meeco,,,,,,,,Mydata 2016,Advancing human-centric Personal data: MyData 2016 powered by MeCast,"For conference attendees, whether participating in-person, or engaging with the MyData community in the comfort of your home or office, MyData 2016 powered by MeCast is the hub of Personal data activity, conversation, thought leadership and action throughout August and September.","Well, ‘powered by MeCast’ is just part of it. The entire event is actually a little bigger. We’ve written about this before, but to recap quickly, MyData 2016 is a three-day conference, starting on the 31st of August, hosted in the beautiful Finnish capital, Helsinki. The conference brings together thought leaders, entrepreneurs, academics, policy makers and executives. The thing bringing them together is that they’re all focused on developing the ecosystem and advancing collaborative approaches to human centric Personal data products, services and frameworks.In collaboration and in support of our ongoing partnership, Meeco is proud to announce the launch of MyData 2016 powered by MeCast. Many of you are probably familiar with MeCast by now, but for those who aren’t, MeCast is social in your control and on your terms. Just like Meeco, MeCast is Privacy by Design. It’s within your control, now and forever. The app makes it quick and easy for you to simultaneously post to your social networks, whilst also creating a back-up and searchable Personal timeline of all your social posts. For conference attendees, whether participating in-person, or engaging with the MyData community in the comfort of your home or office, MyData 2016 powered by MeCast is the hub of Personal data activity, conversation, thought leadership and action throughout August and September. So lets get practical, what can you do with the app? The MyData 2016 app enables posting to: - Yammer - Meeco And better yet, if you’re not able to fly al the way to Helsinki and experience the midnight sun, you can engage with speakers and topics through both MeCast and the Participate tab powered by Screen.io. This is your opportunity to ask some of the leading thought leaders, those driving the progression of the Personal data economy, the questions you’ve always wanted to ask. It’s also worth noting that the app will be used to communicate the agenda. There’s nothing worse than missing your favourite speaker, so here’s how to get started:Connect to your NetworksSimply tap on the MeCast tab in the App and follow the prompts to connect your social accounts Search your timelineUse MeCast to search your timeline for key words and #tags. Searches will return the post including the networks you have posted to. Keep a back up of your postsMeCast makes social sharing easy, it also helps you control your own story by backing up your posts (including photos) to your own Personal data store. The MeCast Timeline gives you an automatic back up on your mobile device.If you are a Meeco Member, you can add your MeCast Timeline to your Meeco dashboard to view and search your Personal Timeline on other devices. For more information about MeCast visit www.mecast.me After the conference download the full MeCast app from iTunesWhether we see you in person, or engage in friendly Twitter banter, we look forward to MeCast powering MyData 2016. Here's a sneak peak",https://blog.meeco.me/advancing-human-centric-personal-data/,,Post,,Meta,,,,,,,,2016-08-16,,,,,,,,,,,,,
Meeco,Meeco,,,,Katryna Dow,,,,,Katryna Dow Named as a Top 100 Identity Influencer,"Katryna has been pioneering Personal data rights since 2002, when she envisioned a time when Personal sovereignty, identity and contextual privacy would be as important as being connected. Now within the context of GDPR and Open Banking, distributed ledger, cloud, AI and IoT it has never been so important to make sure identity works for us all.","Meeco is proud to announce that Katryna Dow, our CEO and Founder, has been named by One World Identity in the OWI Top 100 Identity Influencers 2019 for the third year running. OWI is an independent market intelligence and strategy firm focused on identity, trust, and the data economy. Starting in 2017, OWI have published the top 100 Identity Influencers recognising pioneers leading the charge to improve identity. It’s a who’s who of the identity world — the minds shaping the future of how data (big and small) is collated, treated, protected and shared. Katryna was nominated and selected as part of this inspirational group of professionals, including entrepreneurs, innovators and leaders across public and private sector enterprises. Making the list is a significant achievement given the high calibre of influencers, which include Tim Cook (Apple), Mark Zuckerberg (Facebook), and identity veteran Kim Cameron (Microsoft). Of note this year, more than 30% of the Top 100 are women. These influencers are finding support and opportunities to raise their profiles through initiative such as Women in Identity. Women in Identity was founded by Emma Lindley (Visa, and Top 100), Pamela Dingle (Microsoft, and Top 100), Collette D'Alessandro (Ping) and Sue Dawes (formally OIX). Together, their vision was to improve diversity in the identity industry. They realised that without diversity within identity companies — it would likely make identity solutions less inclusive, the key thing identity solutions need to be! They wanted to raise the profiles and accomplishments of women founding companies through to leadership roles in multinationals. Since 2017, organisations including Microsoft, Barclays, Post Office, Capital One, HSBC, GBG, KuppingerCole, Identiverse and OWI have provided help through funding interns, space for meet-ups and hosting events. The 2019 Top 100 Identity Influences come from a variety of backgrounds. However they share a common goal: to solve the identity challenge. Increasingly, our physical lives are shadowed by our digital actions. If we want to achieve a balance between, privacy, security and utility we need to get the architecture of identity right. Some of these influencers are championing user empowered and decentralised solutions, whilst others are focussed on the commercial returns of centralised control. Katryna has been pioneering Personal data rights since 2002, when she envisioned a time when Personal sovereignty, identity and contextual privacy would be as important as being connected. Now within the context of GDPR and Open Banking, distributed ledger, cloud, AI and IoT it has never been so important to make sure identity works for us all. “Every child born in today’s digital world will live a dual physical and digital life. How we enable privacy and security for their digital twin is as important as the rights afforded to them in the physical world. Protecting their identity, enabling trusted authentication and authorisation of services is the key challenge for us to solve in an increasingly connected world. If we don’t get this right, we risk a generation born into digital slavery rather than delivering on the promise of empowerment through technology” – Katryna Dow, World Government Summit, 2019 Meeco’s vision is to create a place for everyone on the planet to get equity and value in exchange for the data and identity information they share. As individuals gain the legal rights to manage and control their data, organisations need to re-think how they collect, store and exchange their customers identity and information for mutual value. Meeco has been pione
Meeco,Meeco,,,,Eftpos; Hedera,,,,Finnies 2021,Meeco announced as Finnies 2021 finalist,Meeco’s submission results from our work in collaboration with with[eftpos](https://www.eftposaustralia.com.au)and[Hedera Hashgraph](https://hedera.com/). The Australian payments giant eftpos recently announced joining the Hedera Governing Council after successfully conducting tests to determine the[feasibility of a digital Australian dollar stablecoin for micropayments](https://www.finextra.com/newsarticle/37360/australias-eftpos-to-set-up-hedera-hashgraph-node-for-micropayments). Meeco plays an important part in this world-leading initiative as the wallet provider for the proof-of-technology.,"Awards such as FinTech Australia's Finnies are a testament to Australian innovation. Australia is often considered as a great test market. Despite the relatively small population compared to the USA or Europe, the high adoption of new technologies makes Australia a great market to test, validate and chart a pathways for solutions to take off globally. Indeed, Australia is proudly home to a lot of innovative start-ups, which makes the start-up industry in particular worth considering. The synergy of technological shifts, market opportunities and a vigorously growing digital culture has developed several FinTech Unicorns.In October 2020, Meeco was the proud recipient of the FinTech Australia Finnie for Excellence in Industry Collaboration & Partnerships, for our push into Belgium and collaboration with KBC Bank. So we are more than thrilled to keep the momentum going when we received news that we are been shortlisted again this year. We are proud to announce we made it to the finalists for FinTech Australia's Finnies 2021. This year, Meeco was nominated in the Excellence in Blockchain/Distributed Ledger category, for the development of our decentralised identity wallet. Contenders for the award this year include AgUnity, BOULEVARD Global, CommChain, Hutly, Oxen, Pellar Technology and RelayPay. “Excellence in Blockchain/Distributed Ledger” finalist Meeco's submission results from our work in collaboration with with eftpos and Hedera Hashgraph. The Australian payments giant eftpos recently announced joining the Hedera Governing Council after successfully conducting tests to determine the feasibility of a digital Australian dollar stablecoin for micropayments. Meeco plays an important part in this world-leading initiative as the wallet provider for the proof-of-technology. “When we were running the eftpos micropayments PoC with Hedera Hashgraph, we needed a wallet partner. We had had great experience of working with Meeco on our connectID PoC and needed aspects of digital identity for the micropayments PoC too, so they were a natural fit.This enabled us to combine the provisioning of an eftpos debit card, identity credentials and a stable coin in one wallet. The PoC was very successful and resulted in a technical platform that demonstrates micropayment capability in a way that no other payments provider has. Our next phase is to look at ways to commercialise this capability.” Rob Allen, Entrepreneur in Residence, eftpos Everything will be Tokenized Earlier this month, Meeco was invited to share our vision of a tokenised work at an FSClub webinar hosted by Z/Yen's Chairman, Professor Michael Mainelli. Meeco's CEO and Founder, Katryna Dow delivered the presentation titled Everything Will Be Tokenized: The Future of Identity. Katryna shared some of the exiting things we have been working on along with where the tokenised world is heading. “We're on track towards a world where everything can be tokenized. Tokenization plays a critical part in enabling more equitable value creation for people, organisations and things. Providing the means to issue and store value, trace provenance, and most importantly achieve consensus to instantly trust. In order for this tokenized world to emerge we will need the infrastructure for people and their digital twins to participate. This will include digital identity, verifiable credentials and payment
Meeco,Meeco,,,,VELA,,,,,Meeco announces VELA Solutions partnership,"Together, Meeco and VELA have created a secure digital credentialing platform to help individuals and businesses adapt to the changing work environment and modernise their HR practices.","As we head into the last month of 2020, this most extraordinary year, we’re delighted to announce a new partnership focussed on empowering work. VELA Solutions has selected Meeco to power their workforce digital credentials platform. Together, Meeco and VELA have created a secure digital credentialing platform to help individuals and businesses adapt to the changing work environment and modernise their HR practices. The post COVID-19 world will be more digital. Whilst many digital technologies already existed, to support working from home, telemedicine or signing a contract, necessity accelerated adoption this year. Now, as we look to 2021, with the promise of being able to work together again, there's an opportunity to rethink the way we seek and start work in a more trusted and digital way. New technical standards are emerging which focus on establishing trust in the digital world. One such standard is Verifiable Credentials, the method by which credentials can be issued, verified and exchanged. This includes the ability to cryptographically prove that a credential is authentic, valid and trustworthy. The benefits for people and organisations of this technology include: - Faster and more convenient to verify education and training records - Reduced risk and fraud - Credential portability and re-use - Verification and revocation - Improved compliance - Increased safety - Privacy management Founded by Andrew Scott and Michael Derwin, VELA Solutions is the culmination of their extensive experience across workforce management, organisational development and HR Tech. Their motivation to build VELA draws on their Personal stories. For Andrew, the importance of identity was something he learnt at a much younger age. In his late teens whilst living away from home to study, the share house he was living in was destroyed by fire. He escaped only with the jeans he was wearing and with no way to identify himself. Without proof of identity, he was not able to access basic things like health services or his bank account. Living rough was the only option until he could get back on his feet. This experience has shaped his desire to ensure people can benefit from decentralised identity, also referred to as Self Sovereign, Self-Managed or Portable Identity. “We believe that this technology will fundamentally change the way businesses and employees work together — it's just a matter of time.” – Andrew Scott, Director – VELA Solutions Michael has always had a passion for making technology work for people. He is no stranger to pioneering the change he wants to see in the world. His first foray was in the 1990s, using the early internet to support the education of Australian outback students using ""School of The Air"" – something we now know as open learning. More recently he co-founded the talent management software company, Adepto, which was successfully acquired by Degreed earlier this year. “We are now in the age where we can connect hardware and software technologies and truly empower individuals to take charge of their digital self.” – Michael Derwin, Director – VELA Solutions The maturing of decentralised identity solutions underscored the decision to find an experienced partner. Enter Meeco. We have been pioneering the collection, protection and exchange of Personal data and identity since 2012. The decentralised credentials technology developed for VELA draws on our expertise and uses the W3C Verifiable Credentials Standard, which means, we will deliver workforce solutions that are interoperable and globally supported. “This is a significant achievement towards empowering people to securely collect, verify and share their workforce credentials. The mutual benefits of risk management and value creation demonstrates the power of human-centric technology. Ad
Meeco,Meeco,,,,,,,,,Meeco expands UX and Design team along with a new office in Adelaide,"Meeco now has illustrious neighbours such as the Australian Space Agency, the Australian Institute for Machine Learning, the Aboriginal Art and Cultures Centre and coming soon, Amazon and MIT.","Meeco has been enabling organisations and people to collect, protect and exchange Personal data since the Meeco manifesto came to life in 2012. Since then, Meeco has been steadily growing in size and recognition. 2020 was an interesting year! Despite worldwide shutdowns and uncertainty, Meeco doubled in size in the last year, adding to our development team in Melbourne. Meeco also secured new partnerships in Europe along with the Finnie 2020 award in “Excellence in Industry Collaborations & Partnerships” to prove it. Now as we enter 2021, we're keeping the momentum and thrilled to announce the expansion of our UX, Design and Testing team in Adelaide, Australia. The new meeps will significantly bolster Meeco's design chops, bringing more diversity to the team and addressing the need for more women working on digital identity and Personal data solutions. This new team is Meeco's Design/Digital hub, cementing Meeco's commitment to delivering beautiful design and digital work made in-house. The first task of the Meeco Design Team will be breathing some new life into its website and digital communication. The new meeps are excited to bring in their understanding of data collection, user interactions and how they can bring them together to create thoughtful design solutions. They add to Meeco's belief that an holistic approach to designing processes is key to delivering unique and powerful memories for people. Our new office The team has taken residence in Stone&Chalk Adelaide, keeping up with the tradition in Melbourne and Sydney. Stone&Chalk is located on Adelaide's remarkable Lot Fourteen. With a $150 million investment from the Federal Government, the Adelaide City Deal builds on Adelaide’s global reputation in innovation, culture and the arts.lotfourteen.com.au Meeco now has illustrious neighbours such as the Australian Space Agency, the Australian Institute for Machine Learning, the Aboriginal Art and Cultures Centre and coming soon, Amazon and MIT. The Design Team will be led by Mars El-Bougrini, Meeco’s Chief of Design and veteran meep of 7 years. “We’re very excited to be growing the Meeco design and testing team here in Adelaide. With the addition of the talented Yolanda, Ai and Himani, Meeco will continue to go from strength to strength.” Mars El-Bougrini, Meeco’s Chief of Design Meeco continues to build strong partnerships worldwide, helping organisations and developers solve hard problems while respecting data rights through holistic data solutions. Stay tuned for exciting new announcements we have in the works! Cheers Team Meeco",https://blog.meeco.me/meeco-expands-ux-and-design-team-along-with-a-new-office-in-adelaide/,,Post,,Meta,,,,,,,,2021-03-22,,,,,,,,,,,,,
Meeco,Meeco,,,,RegTech Association of Australia,,,,,Meeco joins RegTech Association of Australia,"History has shown us that at times of national emergency, Personal rights and freedoms are often traded for the greater good. Whilst these measures may be appropriate in the eye of the storm, society is often left with the legacy of less than optimal freedoms when life becomes more stable. One of the tools we have at our disposal is the rise of RegTech; specifically, the ability to implement greater monitoring, governance and separation of concerns that can help society balance between what we need to know, and the hard-fought freedoms of global citizens.","Meeco joins RegTech Association of Australia In the past weeks we have experienced a tectonic shift in our global societal, health and financial priorities. Now more than ever we need to be connected with access to data we can rely on and trust. History has shown us that at times of national emergency, Personal rights and freedoms are often traded for the greater good. Whilst these measures may be appropriate in the eye of the storm, society is often left with the legacy of less than optimal freedoms when life becomes more stable. One of the tools we have at our disposal is the rise of RegTech; specifically, the ability to implement greater monitoring, governance and separation of concerns that can help society balance between what we need to know, and the hard-fought freedoms of global citizens. “This is a golden age for the RegTech opportunity. There’s unprecedented focus on RegTech, the fines for regulatory non-compliance are growing and there’s prediction that globally the industry will spend in excess of $127 billion by 2024.” – Deborah Young, Welcome to 2020 address Through and post COVID-19, the impact of increasing and tighter regulations on Personal data and individual’s data rights, will be felt more and more in terms of the cost of compliance implementation or the consequences of non-compliance fines. Enterprises and organisations can choose to offset these costs by turning compliance into an operating model innovation opportunity. This can be done in partnership with patients and customers by the application of intelligent technology when collecting and using Personal data. This is at the heart of Meeco’s value proposition. It also sits at the heart of our commitment to collaboration, industry solutions and co-operative eco-systems. Since our launch in 2014, Meeco has strongly identified with the growing need for orderly, structured and controlled Personal data management. As an award-winning pioneer in this field, Meeco has always been closely connected to the issues involved in Personal data rights and the way in which they can be managed, in step with growing host of regulatory measures. This is particularly true for consent and permission management, and equally for Personal data security and fraud management. Meeco’s API-of-Me platform allows organisations to help their customers create secure ways to collect, share and manage their Personal data. The added benefit of Meeco’s secure data enclaves is that it also alleviates many of the compliance and cost burdens of regulations such as the General Data Protection Regulation in Europe, Consumer Data Rights regulation in Australia or the California Consumer Privacy Act, 2018 in the United States. The immediate consequence of the expansion of this type of regulation is the increased protection of data rights and Personal data for individuals. Whist these regulations may be aligned to other initiatives such as Open Banking, to enable better financial services decisions, the opportunities and benefits are as relevant in healthcare, education, transport and retail. These are positive steps forward, particularly considering the sharp increase in mismanagement of Personal data and increase in fraudulent activity that we have witnessed over the last few years. There are numerous examples of regulatory fines handed down to enterprises that have willingly or unwillingly mismanaged their customers P
Meeco,Meeco,,,,OWI,,,GDPR,,Meeco Positioned as Leader in Personal Identity Products in One World Identity’s Identity Industry Landscape,"Meeco has been recognized as a leader in Personal Identity Products. Meeco is a GDPR compliant multi-sided Personal data platform to offer Personalised solutions and channels to build trust. Organisations can incorporate Meeco’s secure data enclave inside existing applications to create value for customers by simplifying onboarding and Personalising experiences. This balance of Me2B and B2Me, enabling new privacy enhanced business models to emerge, is core to Meeco’s unique position in the emerging Personal data market.","Meeco Recognised for Personal Data in Identity Industry Meeco announces move from R&D to Q2 2020 planned release of a range of new Personal data and identity products. The range of new services will include a Developer Portal with access to Meeco's API Platform, together with a Verified Claims Wallet. Both new products are designed to support enterprise and developers to rapidly prototype Personal data use-cases, validate customer value and minimise investment risk ahead of deploying data compliant solutions. This update builds on the One World Identity (OWI) announcement in November 2019, recognising Meeco as a leader in Personal Identity Products, and featured in the annual Identity Landscape Map. OWI is a market intelligence and strategy firm focused on identity, trust, and the data economy. Each year, OWI designs an Identity Landscape, providing a comprehensive and holistic view of leaders in the identity space. As the identity industry is rapidly developing, OWI’s landscape provides an unparalleled overview of how digital identity applications are evolving and the companies and markets shaping next-generation digital identity. With over 400 companies and 35 market segments, the 2019 Identity Landscape visually depicts a growing and maturing industry. The new, unique landscape format allows companies to touch multiple market segments, reflecting on the dynamic nature of digital identity applications. The OWI team selected 415 identity companies from a pool of over 2,000 based on several factors. - Each company must be an identity company OR have a distinguishable line of business focused on identity. - Each company must be at least 3 years old or have raised $3 million. - Each company must have a functioning product in the market. “Since 2017, the number of identity companies has more than quadrupled, from 500 companies to over 2,000,” said Travis Jarae, CEO and Founder of OWI. “With the wave of data breaches and privacy scandals, there is a rapid expansion of identity products and solutions. The OWI team interacts with identity companies every day, from startups to enterprise. We’re proud to share the Identity Landscape each year to distill how new companies, products, and solutions are shaping the future of identity.” Meeco has been recognized as a leader in Personal Identity Products. Meeco is a GDPR compliant multi-sided Personal data platform to offer Personalised solutions and channels to build trust. Organisations can incorporate Meeco's secure data enclave inside existing applications to create value for customers by simplifying onboarding and Personalising experiences. This balance of Me2B and B2Me, enabling new privacy enhanced business models to emerge, is core to Meeco’s unique position in the emerging Personal data market. Digital identity is the core of digital transformation. From Personal to professional applications, identity is the foundation for how we connect, engage, and interact in the digital economy. As there is increasing consumer demand for privacy and security, digital identity is no longer a nice-to-have; it is a pillar of success. The OWI Identity Landscape is a tool to help companies keep track of market growth and trends and understand the strategic importance of digital identity moving into 2020 and beyond. OWI will be releasing a more detailed research report delving into the details of each market segment and h
Meeco,Meeco,,,,,,,,,Meeco Terms & Conditions Update - Feedback Welcome,"At Meeco, our mission is to develop the tools to enable people to collect, protect and securely exchange Personal data. We launched our first service in 2014 backed by Terms & Conditions we were proud to share. Starting with that first version, we've continued to invited feedback before implementing updates. We take our governance seriously, which starts with transparent and easy to understand terms of service.","At Meeco, our mission is to develop the tools to enable people to collect, protect and securely exchange Personal data. We launched our first service in 2014 backed by Terms & Conditions we were proud to share. Starting with that first version, we've continued to invited feedback before implementing updates. We take our governance seriously, which starts with transparent and easy to understand terms of service. This is the fifth update since then. Our last major update was back in 2018 prior to the introduction of the General Data Protection Regulation. Through that update we were able to strengthen data rights, and extend the GDPR protections to everyone using Meeco. This V5 update paves the way for a range of exciting new Meeco services, including applications like mIKs-it, designed for to make digital services safer and secure for kids. We've also been busy building tools for developers. Tools to support amazing start-ups like My Life Capsule, who are helping people manage, prepare, capture and share data to connect and organise families across generations. We're also deploying a range of new decentralised identity capabilities to support partners like VELA Solutions. VELA provide a digital credentialing platform to enable the secure storing and sharing of verifiable credentials. Over the next fourteen days, we would love your feedback or questions on any of the changes. Our Terms & Conditions reflect our commitment to giving people and organisations the tools to access, control and create mutual value from Personal data. Here's a high level summary of the changes: - Introduction of data administration roles for parents and guardians - Description of new and expanded Meeco Services - Information about Meeco’s entities in Belgium and the United Kingdom - Expanded terms to include children using Meeco Services - Prohibited use to protect children - Additions to protect Your data rights - Updates to increase Your data security - Expansion of Your commencement and termination rights - Introduction of terms regarding subscriptions and payments - Additions to meaning of words and legal terms. If you would like to share your feedback, simply email support@Meeco.me and include “Update to Terms and Conditions” in the subject heading. All going to plan, our new Terms & Conditions will apply by Monday 8th March 2021! Thank you for taking the time to read this update and we look forward to your comments. 🙏",https://blog.meeco.me/meeco-terms-conditions-update-feedback-welcome/,,Post,,Meta,,,,,,,,2021-02-18,,,,,,,,,,,,,
Meeco,Meeco,,,,mIKs-it; VELA; My Life Capsule,,,,,Support Centre for Data Sharing interview with Meeco,"Meeco’s inception, its work so far and recent growth. Some of the the exciting projects discussed include[mIKs-it, the safe multimedia app for children](https://miks-it.com/), developing a decentralised identity and verifiable credentials wallet and how innovators like[VELA Solutions](https://vela.solutions/)are transforming workforce management and[My Life Capsule](https://mylifecapsule.com/)are helping their customers be prepared for a family emergency.","The Support Centre for Data Sharing (SCDS) initiative focuses on researching, documenting, and reporting about the data sharing practices, EU legal frameworks, access and distribution technology that are relevant to organisations, and that imply novel models, and legal or technological challenges. ""Whilst privacy is paramount, you can't have a digital economy if everyone is locking their entire digital footprint away”Katryna Dow, CEO & Founder Meeco This is one of the many topics touched on the latest Support Centre for Data Sharing interview. Raymonde Weyzen and Esther Huyer interview Meecos' CEO & Founder Katryna Dow and Chief Commercial Officer Jason Smith. Some of the challenges that come with data sharing are data privacy and data control. However the paradox of data sharing is that it generally means the recipient needs the data in order to fulfil an obligation, such as deliver a service, validate identity, deliver a package or customise an experience. So the issues are often not about sharing, but about trust and transparency. Helping customers understand why the data is required and providing evidence that it is being used as intended is a great way to establish trust. Another way to boost trust is to focus on designing services that minimise the amount of data collected whilst maximising the value created. In this thought provoking interview Raymonde asks about Meeco's inception, its work so far and recent growth. Some of the the exciting projects discussed include mIKs-it, the safe multimedia app for children, developing a decentralised identity and verifiable credentials wallet and how innovators like VELA Solutions are transforming workforce management and My Life Capsule are helping their customers be prepared for a family emergency.Other questions and topics covered include: - How the idea of Meeco was conceived - Why is there a need for data sharing? - What is the data sharing lifecycle at Meeco? - Examples of use cases at Meeco - What specific licensing or standards to share data are used at Meeco? - In order to share data proper; y going forward, do we need more or less regulation? - Where would you see Meeco and ultimately the digital world in 10 years from now? And finally, the most difficult question we weren't prepared for ""What would be the working title of a movie starring Meeco?"" to find the answer to this and more click below to listen or watch the interview. 👇 Huge thanks to the Support Centre for Data Sharing team for all the great work they are doing to help people understand the value of data sharing 👏 We very much appreciated the opportunity to share Meeco's perspective. 🙏",https://blog.meeco.me/support-centre-for-data-sharing-interview-with-meeco/,,Post,,Meta,,,,,,,,2021-06-23,,,,,,,,,,,,,
Meeco,Meeco,,,,,,,,,"Zero Knowledge Proofs of the modern digital lifefor access, control, delegation and consent of identity andPersonal data","The Meeco solution provides access, control, delegation and consent from the perspective of the individual user. Meeco enables people (data subjects)to provide their own verified records and controlled consent. This API-of-Me allows Meeco to provide a meta-data driven attribute wallet with no knowledge of the data to any authenticated identity of a user,which in turn enables an auditable Personal-event chain of data interactions at scale.",,https://media.meeco.me/public-assets/white_papers/Meeco_Zero%20Knowledge%20Proofs%20of%20the%20modern%20digital%20life_V1.0_20180513.compressed.pdf,,Whitepaper,,Meta,,,,,API-of-Me,,,2018-05-13,,,,,,,,,,,,,
Meeco,HelloUser,,,,,,,,,Hello User,"In the digital world, identity has evolved far beyond its old definitions. It’s the way we consume products. Our ability to vote. Our financial security. Digital identity can be created quickly, accessed broadly and even stolen...easily. And it doesn’t just live online. Welcome to Hello, User: the podcast that covers modern identity across every facet of our lives, from Personal to public to professional.",,https://podcasts.apple.com/us/podcast/hello-user/id1541385551,,Podcast,,Resources,,,,,,,,2020-11-09,,,,,,,,,,,,,
Microsoft,,Microsoft,,Bill Gates; Paul Allen; Subur Khan,DIF; ID2020; ID2020 Founder; VCI Founder,"USA, Washington, Redmond",USA,,,Microsoft,Microsoft enables digital transformation for the era of an intelligent cloud and an intelligent edge. Its mission is to empower every person and every organization on the planet to achieve more.,,https://www.microsoft.com/en-us/,,Company,,Company,Enterprise,,"IT, IAM, ID, SSI",,VCI,,"WebAuthN,Secure Data Storage",1975,https://github.com/microsoft,https://twitter.com/Microsoft,https://www.youtube.com/microsoft,https://techcommunity.microsoft.com/t5/identity-standards-blog/bg-p/IdentityStandards,https://techcommunity.microsoft.com/gxcuf89792/rss/board?board.id=IdentityStandards,,https://www.crunchbase.com/organization/microsoft,https://www.linkedin.com/company/microsoft/,,,,,
Microsoft,Microsoft,,,Joy Chik,,,,,,5 identity priorities for 2021—strengthening security for the hybrid work era and beyond,"In this paradigm, individuals can verify a credential with an ID verification partner once, then add it to Microsoft Authenticator (and other compatible wallets) and use it everywhere in a trustworthy manner.",,https://www.microsoft.com/security/blog/2021/01/28/5-identity-priorities-for-2021-strengthening-security-for-the-hybrid-work-era-and-beyond/,,Post,,Explainer,,,,,,,,2021-01-28,,,,,,,,,,,,,
Microsoft,Microsoft,,ID Standards Blog,Pamela Dingle,,,,,,Decentralized Identity: The Basics of Decentralized Identity,"At the most basic level, decentralized identity is the story of three standardized documents: a proclamation, a letter of introduction, and an endorsement.","Here in part three of our decentralized identity series, I’ll describe the key parts of a decentralized identity architecture without diving too far into the technical details. It takes a village for this kind of ecosystem to work – as you’re about to see – and the concepts discussed here are industry standards that anyone can research and implement. If I succeed, you’ll be able to explain the design pattern behind this architecture and have enough information to look up the underlying specifications, if you choose. Quick background: We started this series with the 5 guiding principles for decentralized identities. Then, we looked at why we think that the Direct Presentation model gives us advantages in moving towards our goals. Now comes the FUN part – we get to dig into the technical mechanisms that we think could underlie decentralized trust for individuals. Part I: The Five Guiding Principles Part II: The Direct Presentation model Part III: The Basics of Decentralized Identity <-- You are here Part IV: Deep Dive: Verifiable Credentials Part V: Deep Dive: Anchored Decentralized Identifiers A story of three documents At the most basic level, decentralized identity is the story of three standardized documents: a proclamation, a letter of introduction, and an endorsement. That’s it! The rest is just tying up loose ends. Because I hate to leave you all in suspense, I’ll give you the technical names for each of these documents up front - but don’t panic! We’ll define them in context right away. A DID document is a proclamation that helps strangers verify communications are authentic. A verifiable credential is a letter of introduction by an issuer containing authoritative statements about a subject. A verifiable presentation is an endorsement of a subject at the time a verifiable credential is passed to a verifier. You can think of this architecture as a feudal letter passing scheme, with just as much intrigue but a lot more math involved. We open our feudal saga in a mythical land, long ago… Chapter 1: The proclamation Rose Abbey is known throughout the land for its beautiful gardens. The main building is something of a famous landmark: everyone knows where to find it, and those who do can find a proclamation nailed to the door with a wax seal attached that only this abbey can produce: A paper with a wax seal in the shape of a flower that says: “Hear ye hear ye: All messages from Rose Abbey will be sealed with wax mixed with rose petals that can only be found in the Abbey. It looks like this” There are two interesting properties of this proclamation document. First is the provenance of the proclamation. It’s clearly a proclamation from Rose Abbey because it’s nailed right to the door, for all to see. Anyone can find Rose Abbey on a map, walk to the door, and read the document to learn about the wax that verifies a message is from the Abbey. The second is the verification method within the document. The proclamation provides the recipe that explains how anyone can compare the exact composition of wax affixed to a given message to the one on this proclamation, and verify the message was created using wax from the roses unique to the Abbey. Let’s go one step further and say that any attempt to melt and re-form the wax changes the color so that only the Rose Abbey artisans are able to achieve a unique seal from specific raw ingredients. What will Rose Abbey do with this magic superpower? Rose Abbey needs shoes for their monks. Cobbler Jan is the best around, working from her pushcart which she wheels around the village. Luckily, Jan has a proclamation too - but Cobbler Jan isn’t as rich or established as Rose Abbey. Jan doesn’t have a fixed, well-known storefront. Instead of hanging on a fancy door, Cobbler Jan’s p
Microsoft,Microsoft,,ID Standards Blog,Pamela Dingle,,,,,,Decentralized Identity: Verifiable Credentials Deep Dive,"To understand the world of verifiable credentials and verifiable presentations, you need to understand the ecosystem in which they are expected to be used. The VC Data Model v1.1 defines the roles different entities play in the data format, as well as two processes: credential issuance and credential presentation. You are probably familiar with a concept of issuers or verifiers in the physical world, but the role of holder could be new to you. The specification defines a holder as an entity that can “possess a verifiable credential and generate verifiable presentations”. Another way to think about this is the place you store your credentials until you are ready to take them out and use them for a purpose.","Welcome to part four of our decentralized identity series! The goal for this segment of our larger story is to show you what a concrete VC (aka Verifiable Credential) looks like and to describe enough of the terms and concepts that you can further research W3C VC Data Format 1.1 specification easily. There are a lot of links in this post, most of them will take you right to the corresponding part of the specification. If you missed our earlier installations in the series you can find them here: Part I: The Five Guiding Principles Part II: The Direct Presentation model Part III: The Basics of Decentralized Identity Part IV: Deep Dive: Verifiable Credentials <-- You are here Part V: Deep Dive: Decentralized Identifiers General Model – and what is a Holder? To understand the world of verifiable credentials and verifiable presentations, you need to understand the ecosystem in which they are expected to be used. The VC Data Model v1.1 defines the roles different entities play in the data format, as well as two processes: credential issuance and credential presentation. You are probably familiar with a concept of issuers or verifiers in the physical world, but the role of holder could be new to you. The specification defines a holder as an entity that can “possess a verifiable credential and generate verifiable presentations”. Another way to think about this is the place you store your credentials until you are ready to take them out and use them for a purpose. You might want to jump to the conclusion that a holder and a digital wallet are the same thing - a wallet can play the role of holder, but it has many other characteristics we will discuss some other time. Additionally, a wallet is usually a ""user-present"" technology, meaning that there is a human performing a ceremony as part of the credential interaction. While wallet interactions are the most talked-about use of VCs there are also machine-to-machine interactions that do not have a user experience at all. Credential Issuance I have previously called a verifiable credential (VC) a letter of introduction – a statement of relationship between an issuer and a subject. A verifiable credential uses cryptographic proofs to bind an issuer statement about a subject to the subject's identifier. The resulting document can contain claims relative to the subject and in some cases proofs of different kinds can be bundled together. Once issued, a verifiable credential can be held for potentially long periods of time and presented for multiple purposes and in multiple ways. VCs in a wallet wrapped by a VP and sent to verifiers Credential Presentation In the verifiable credential world, presentation involves the generation of a VP – a verifiable presentation. A VP is generated by a holder - it is a document that wraps a verifiable credential with a new credential that is both fresh and which proves a relationship in the moment between the holder and the original VC subject. Most often the subject/holder relationship is direct - meaning that the entity presenting the credential can prove they are the same entity named in the credential. To check this relationship, the verifier checks that the VC subject is the same as the VP issuer, AND that the si
Microsoft,Office Garage IT Pro,,,,,,,,,"Digital Identity, use Verifiable Credentials with Blockchain","a special edition of Microsoft Mechanics with Microsoft’s Identity CVP Joy Chik, to cover a brand new solution called Verifiable Credentials that uses blockchain-based underpinnings and cryptographic keys to ensure that you’re in control of your own identity online","Digital Identity, use Verifiable Credentials with Blockchain A solution that uses blockchain-based underpinnings and cryptographic keys, to ensure that YOU are in control of your own identity online. Owning your identity is more relevant than ever. In the digital environment, it’s hard to retain ownership of your identity once you’ve shared it. Every time you give away Personal information in exchange for a service — like bank account numbers, proof of education, or even employment, it’s now in the custody of those different institutions. You no longer control the data associated with them, and you can’t take it back. Verifiable Credentials is one of the most exciting and transformative areas of innovation. Verifiable Credentials and Decentralized Identifiers help you share your verifiable credentials without giving up your privacy. No one company or institution can control or store your information centrally — you can revoke your verifiable credentials at any time. Joy Chik, Microsoft’s Identity CVP, joins Jeremy Chapman to show you how it works and gives you the key steps to get up and running. QUICK LINKS: 00:07 — New solution: Verifiable Credentials 01:39 — What is it, and how do things change? 02:16 — See how it all works 08:04 — Get it up and running 13:26 — Where else are Verifiable Credentials applied? 14:08 — Links to learn more Link References: To learn more and get all of the tutorials, go to https://aka.ms/DIDForDevs. Download the Verifiable Credentials SDK and create your own DID at https://aka.ms/VCSDK. Keep up to date with our Decentralized Identity blog at https://aka.ms/IdentityBlog/DID. Unfamiliar with Microsoft Mechanics? We are Microsoft’s official video series for IT. You can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. - Subscribe to our YouTube: https://www.YouTube.com/c/MicrosoftMechanicsSeries?sub_confirmation=1 - Follow us on Twitter: https://Twitter.com/MicrosoftMechanics Follow us on LinkedIn: https://www.linkedin.com/company/Microsoft-mechanics/ - Follow us on Facebook: https://facebook.com/microsoftmechanics/ Video Transcript: Hello, and welcome to a special edition of Microsoft Mechanics with Microsoft’s Identity CVP Joy Chik, to cover a brand new solution called Verifiable Credentials that uses blockchain-based underpinnings and cryptographic keys to ensure that you’re in control of your own identity online. So, Joy, it’s been a while. Welcome back to Microsoft Mechanics. It’s great to have you back and speaking about one of our favorite topics: identity. - Thank you. It is great to be back. - So, this whole topic of owning your own identity is more relevant than ever. Now, we’ve all heard stories or maybe even experienced times where our identities may have been compromised or even stolen, yet in the digital environment, it’s hard to retain ownership of your identity once you’ve shared it. - Right, and that problem compounds every time you give away Personal information in exchange for a service, like bank account numbers and a proof of education, or even an employment, and once you give it away, you can’t take it back. It is part of your growing digital footprint. Think about all of the services that you sign into every day to enable day-to-day transactions, or your school ID, or employer-issued IDs. Once you share your information, it is now in the custody of those different institutions. It is hard to keep track of the different accounts. You can no longer control the data associate with them, and you can’t take them back. - Okay, so how do things change, then, with Verifiable Credentials? - This is one
Microsoft,Personal,,,Damien Bowden,,,,,,Getting started with Self Sovereign Identity SSI,"Self-sovereign identity is an emerging solution built on blockchain technology for solving digital identities which gives the management of identities to the users and not organisations. It makes it possible the solve consent and data privacy of your data and makes it possible to authenticate your identity data across organisations or revoke it. It does not solve the process of authenticating users in applications. You can authenticate into your application using credentials from any trusted issuer, but this is vulnerable to phishing attacks. FIDO2 would be a better solution for this together with an OIDC flow for the application type. Or if you could use your credentials together with a registered FIDO2 key for the application, this would work. The user data is stored in a digital wallet, which is usually stored on your mobile phone. Recovery of this wallet does not seem so clear but a lot of work is going on here which should result in good solutions for this. The credentials DIDs are stored to a blockchain and to verify the credentials you need to search in the same blockchain network.","The blog is my getting started with Self Sovereign identity. I plan to explore developing solutions using Self Sovereign Identities, the different services and evaluate some of the user cases in the next couple of blogs. Some of the definitions are explained, but mainly it is a list of resources, links for getting started. I’m developing this blog series together with Matteo and will create several repos, blogs together. - Getting started with Self Sovereign Identity SSI - Creating Verifiable credentials in ASP.NET Core for decentralized identities using Trinsic - Verifying Verifiable Credentials in ASP.NET Core for Decentralized Identities using Trinsic - Create an OIDC credential Issuer with Mattr and ASP.NET Core - Present and Verify Verifiable Credentials in ASP.NET Core using Decentralized Identities and Mattr - Verify vaccination data using Zero Knowledge Proofs with ASP.NET Core and Mattr - Challenges to Self Sovereign Identity - Create and issue verifiable credentials in ASP.NET Core using Azure AD - Implement Compound Proof BBS+ verifiable credentials using ASP.NET Core and Mattr What is Self Sovereign Identity SSI? Self-sovereign identity is an emerging solution built on blockchain technology for solving digital identities which gives the management of identities to the users and not organisations. It makes it possible the solve consent and data privacy of your data and makes it possible to authenticate your identity data across organisations or revoke it. It does not solve the process of authenticating users in applications. You can authenticate into your application using credentials from any trusted issuer, but this is vulnerable to phishing attacks. FIDO2 would be a better solution for this together with an OIDC flow for the application type. Or if you could use your credentials together with a registered FIDO2 key for the application, this would work. The user data is stored in a digital wallet, which is usually stored on your mobile phone. Recovery of this wallet does not seem so clear but a lot of work is going on here which should result in good solutions for this. The credentials DIDs are stored to a blockchain and to verify the credentials you need to search in the same blockchain network. What are the players? Digital Identity, Decentralized identifiers (DIDs) A digital identity can be expressed as a universal identifier which can be owned and can be publicly shared. A digital identity provides a way of showing a subject (user, organisation, thing), a way of exchanging credentials to other identities and a way to verify the identity without storing data on a shared server. This can be all done across organisational boundaries. A digital identity can be found using decentralized identifiers (DID) and this has working group standards in the process of specifying this. The DIDs are saved to a blockchain network which can be r
Microsoft,Microsoft,,ID Standards Blog,Pamela Dingle,,,,,,The Direct Presentation model,"A credential is issued, and then held for a long period of time with intermittent voluntary presentations to many different verifiers.","Take a look in your physical wallet. Maybe you have some credit cards and probably identification of some kind. Do you have a roadside assistance card, perchance? The cards we carry and present every single day feel different than many common digital credentials (such as federated credentials) that identify us and communicate our attributes online, but that gap is narrowing. As the identity ecosystem looks at emerging paradigms for trust and individual agency in our online interactions, we see use cases where the federated identity model we know so well in the real world might work to provide more digital autonomy and control. We call this model the “presentation model” because an end user collects and controls the presentation of their credential when and where they choose. The presentation model does not replace online federated models, but instead, each model can be used where most valuable. Part one of our series introduced our 5 guiding principles for decentralized identities. In this and subsequential blogs, we will continue to dive deeper into the technical basics of decentralized identity. Read on for part two of this five-part series on decentralized identity. Part I: The Five Guiding Principles Part II: The Direct Presentation model <-- You are here Part III: The Basics of Decentralized Identity Part IV: Deep Dive: Verifiable Credentials Part V: Deep Dive: Anchored Decentralized Identifiers When we use identity-related credentials in the real world, they often have different properties than digital credentials. There are two separate ceremonies in most cases: issuance and presentation. If you have spent any time at a department of motor vehicles or a passport office, you’ve seen what an issuance ceremony can be – it is usually an intensive process, but the tradeoff is that once you have a credential like a driver’s license or passport, you can use that credential for multiple purposes, at multiple places, over a long period of time. You, the “holder” of the credential, can choose to present your credential as a (mostly) voluntary exchange, in which the verifier of your credential can grant you access to some kind of resource - for example, they might allow you into a nightclub, or allow you to check out a library book. Let’s use a concrete real-world scenario: roadside assistance. Many of us are members of automotive clubs which advertise national and international coverage in the case of vehicle mishaps. After a sign-up song and dance and giving them my annual fee, they issue me a card I stuff into my wallet and forget about. Until one fateful night when my car breaks down in a location I am unfamiliar with. In this case, a miraculous thing happens – I can pull my auto club card from my wallet, and present that card to a garage that has never heard of me before, and a tow truck will arrive to help me. This issue-then-present credentialling model that has long powered the physical world is ready for adoption in the digital world too. The technical name for the model at work here is called the Direct Presentation model. A credential is issued, and then held for a long period of time with intermittent voluntary presentations to many different verifiers. To put that back into our example, my auto club issues me a card, which I hold in my wallet for years (maybe decades!), and I might choose to show that card to a garage when I need a tow, or possibly to a store to get a discount. Now let’s switch gears (see what I did there?) to look at the digital world as you use it today. Rather than giving me a card I can store in my wallet, websites (and other services) create a user account. My resource access is tied to this account, and I must prove I own the account by authenticating to the website. After I have authenticated, there is a limited amount of time where the website <20>
Microsoft,Microsoft,,,Alex Simons,,,,,,The Five Guiding Principles for Decentralized Identities,"Our goal in sharing these principles and our commitments is to help our customers, partners, and the decentralized identity community understand what motivates and guides us and how we think about this exciting opportunity.","Three years ago, as part of Microsoft’s mission to empower people and organizations to achieve more, we announced that we were incubating a new set of decentralized identity technologies based on a simple vision: Each of us needs a digital identity we own, one which securely and privately stores all elements of our digital identity. This self-owned identity must be easy to use and give us complete control over how our identity data is accessed and used. During this incubation, customers and partners all around the world have helped us understand their challenges and the shortcomings of their existing identity systems. We’ve learned a ton through a set of successful proof of concepts partnering with Keio University,1 The National Health Service (UK),2 and the Government of Flanders.3 We’ve worked with our partners in the Decentralized Identity Foundation (DIF) and the open standards community to develop standards and demonstrate interoperability. Using these new open standards and all these learnings to guide us, we turned on the public preview of our new decentralized identity system—Microsoft Azure Active Directory Verifiable Credentials—in April 2021. That preview generated a ton of valuable feedback and gave us the opportunity to learn from all of you. Through all these interactions and investments, we have become even more excited about the opportunity to create a decentralized identity system that increases customer trust and adoption by minimizing data processing and providing the user much greater control of the specific identity data they share and how it will be used. Now we are well into the next phase of our plan, working on two parallel efforts: - Partner with the decentralized identity community to finalize a set of high-quality open standards that we can all support. - Deliver the first General Availability release of our decentralized identity service in parallel with these still-evolving standards. The 5 guiding principles In this new phase, we want to share the set of guiding principles that we will use to guide both efforts. Not all these principles will be realizable from the start, but we believe that all are necessary over time to realize the promise of decentralized identities: 1. Secure, reliable, and trustworthy - My digital identity must be secure. It must not be easy to forge or hack. No one must be able to use it to impersonate me. - I must always have a way to access, use, and securely recover my digital identity. - I must have access to a detailed log of all the times I’ve used my digital identity, who I used it with, and what it was used for. 2. Privacy protecting and in my control - My digital identity is under my control. It must only be used with my consent and when I consent; I must know who will use it and how it will be used. - I must be able to review which elements of my digital identity are being requested and I must have the option to only disclose the specific information necessary to support the consented use. - My use of my digital identity must be private. No one, other than the party I explicitly share it with, should know I am using it without my consent. - My digital identity must not be able to be used to track me across unrelated services or applications without my consent. - I must have the freedom to switch between the devices and applications of my choosing to manage my digital identity, and never be locked in. - I must be able to delete all aspects of my digital identity and any associated data and log files from wherever I choose to store them. 3. Inclusive, fair, and easy to use - My digital identity must be usable, available, and accessible regardless of my race, ethnicity, abilities, gender, gender identity, sexual orientation, nationa
Microsoft,Microsoft,,ID Standards Blog,Tim Cappalli,FIDO,,,,,"What's New in Passwordless Standards, 2021 edition!","TheWeb Authentication API (WebAuthN) Level 2specification is currently aCandidate Recommendationat the W3C. ""Level 2"" essentially means major version number 2. The version 2.1 of the Client to Authenticator Protocol (CTAP)specification is a Release Draft at the FIDO Alliance. ","Hi everyone and welcome to chapter 14 of 2020! It’s been a little while since we talked about standards for passwordless so we’re excited to tell you about some new enhancements and features in FIDO2 land that you'll start seeing in the wild in the next few months! Specification Status The Web Authentication API (WebAuthN) Level 2 specification is currently a Candidate Recommendation at the W3C. ""Level 2"" essentially means major version number 2. The version 2.1 of the Client to Authenticator Protocol (CTAP) specification is a Release Draft at the FIDO Alliance. This means the spec is in a public review period before final publication. These new draft versions are on their way to becoming the next wave of FIDO functionality (as of the writing of this blog, we support Level 1 of WebAuthN and CTAP version 2.0). We think you might want to hear about what we think is especially fun about WebAuthN L2 and CTAP 2.1. Enterprise Attestation (EA) Enterprise Attestation is a new feature coming as part of WebAuthN L2 and CTAP 2.1 that enables binding of an authenticator to an account using a persistent identifier, similar to a smart card today. FIDO privacy standards require that ""a FIDO device does not have a global identifier within a particular website"" and ""a FIDO device must not have a global identifier visible across websites"". EA is designed to be used exclusively in enterprise-like environments where a trust relationship exists between devices and/or browsers and the relying party via management and/or policy. If EA is requested by a Relying Partying (RP) and the OS/browser is operating outside an enterprise context (Personal browser profile, unmanaged device, etc), the browser is expected to prompt the user for consent and provide a clear warning about the potential for tracking via the persistent identifier being shared. Authenticators can be configured to support Vendor-facilitated and/or Platform-managed Enterprise Attestation. Vendor-facilitated EA involves an authenticator vendor hardcoding a list of Relying Party IDs (RP IDs) into the authenticator firmware as part of manufacturing. This list is immutable (aka non-updateable). An enterprise attestation is only provided to RPs in that list. Platform-managed EA involves an RP ID list delivered via enterprise policy (ex: managed browser policy, mobile application management (MAM), mobile device management (MDM) and is enforced by the platform. Spec reference: CTAP 2.1 - Section 7.1: Enterprise Attestation WebAuthN L2 - Section 5.4.7: Attestation Conveyance Preference Authenticator Credential Management and Bio Enrollment Credential Management is part of CTAP 2.1 and allows management of discoverable credentials (aka resident keys) on an authenticator. Management can occur via a browser, an OS settings panel, an app or a CLI tool. Here's an example of how the Credential Management capability is baked into Chrome 88 on macOS (chrome://settings/securityKeys). Here I can manage my PIN, view discoverable credentials, add and remove fingerprints (assuming the authenticator has a fingerprint reader!) and factory reset my authenticator. Clicking on ""Sign-in data"" shows the discoverable credentials on the authenticator and allows me to remove them. This security key has an Azure AD account and an identity for use with SSH. Bio Enrollment allows the browser, client, or OS to aid in configuring biometrics on authenticators that support them. This security key has one finger enrolled. I can either remove the existing finger or add more. Here's an example of authenticator credential management via a CLI tool, ykman from Yubico. Spec references: CTAP 2.1 - Section 5.8: Cr
Microsoft,Microsoft,,,Melanie Maynes,,,,,,Why decentralization is the future of digital identities,"Turning credentials into digital form isn’t new, but decentralizing identity goes beyond that. It gives individuals the ability to verify their credentials once and use them anywhere as proof of attestation.",,https://www.microsoft.com/security/blog/2022/03/10/why-decentralization-is-the-future-of-digital-identities/,,Post,,Explainer,,,,,,,,2022-03-10,,,,,,,,,,,,,
Microsoft,Microsoft,,YouTube,,,,,,,Decentralized identity explained,What is decentralized identity? How does it give you more control over your digital identity and keep your information on the internet safer? This video explains in short what decentralized identity is and how it can replace usernames and passwords to verify you are who you say you are quickly and easily.,,https://www.youtube.com/watch?v=ew-_f-otdfi,,Video,,Explainer,,,,,,,,2020-08-14,,,,,,,,,,,,,
Microsoft,Personal,,,Damien Bowden,Mattr,,,,,Create an OIDC credential Issuer with Mattr and ASP.NET Core,"Whilst in Damien's blog post he showed how a verifiable credential can be issued to a so called credential holder, this blog post will be about how we can verify such credentials as part of a business workflow. After an issuer has issued credentials to the holder and they have stored these into their wallet, a verifier can now ask a holder to verify them self with a certain credential. A verifier can add policies to check for certain attributes but also add restrictions like a specific issuer DID. With this in place a verifier can create a verification request which will be sent to the credential holder. This step is very important because it is where a cryptographic challenge is generated that the holder must respond to. This guarantees that the holder is responding to exactly this specific verification request. After the verification request gets returned to the verifier, it needs to be verified against the ledger to make sure it is valid. The verification record does not only contain the attributes, but also some metadata such as the digital signature of the issuer of the credentials, revocation details, verification policies etc. which then get validated against their sources. The image below describes this trust-triangle between the issuer, holder and verifier.<br>","This article shows how to create and issue verifiable credentials using Mattr and an ASP.NET Core. The ASP.NET Core application allows an admin user to create an OIDC credential issuer using the Mattr service. The credentials are displayed in an ASP.NET Core Razor Page web UI as a QR code for the users of the application. The user can use a digital wallet form Mattr to scan the QR code, authenticate against an Auth0 identity provider configured for this flow and use the claims from the id token to add the verified credential to the digital wallet. In a follow up post, a second application will then use the verified credentials to allow access to a second business process. Code: https://GitHub.com/swiss-ssi-group/MattrGlobalAspNetCore Blogs in the series - Getting started with Self Sovereign Identity SSI - Creating Verifiable credentials in ASP.NET Core for decentralized identities using Trinsic - Verifying Verifiable Credentials in ASP.NET Core for Decentralized Identities using Trinsic - Create an OIDC credential Issuer with Mattr and ASP.NET Core - Present and Verify Verifiable Credentials in ASP.NET Core using Decentralized Identities and Mattr - Verify vaccination data using Zero Knowledge Proofs with ASP.NET Core and Mattr - Challenges to Self Sovereign Identity - Create and issue verifiable credentials in ASP.NET Core using Azure AD - Implement Compound Proof BBS+ verifiable credentials using ASP.NET Core and Mattr Setup The solutions involves an Mattr API which handles all the blockchain identity logic. An ASP.NET Core application is used to create the digital identity and the OIDC credential issuer using the Mattr APIs and also present this as a QR code which can be scanned. An identity provider is required to add the credential properties to the id token. The properties in a verified credential are issued using the claims values from the id token so a specific identity provider is required with every credential issuer using this technic. Part of the business of this solution is adding business claims to the identity provider. A Mattr digital wallet is required to scan the QR code, authenticate against the OIDC provider which in our case is Auth0 and then store the verified credentials to the wallet for later use. Mattr Setup You need to register with Mattr and create a new account. Mattr will issue you access to your sandbox domain and you will get access data from them plus a link to support. Once setup, use the OIDC Bridge tutorial to implement the flow used in this demo. The docs are really good but you need to follow the docs exactly. https://learn.Mattr.global/tutorials/issue/oidc-bridge/issue-oidc Auth0 Setup A standard trusted web
Microsoft,Personal,,,Damien Bowden,,,,,,Create and issue verifiable credentials in ASP.NET Core using Azure AD,"This article shows how Azure AD verifiable credentials can be issued and used in an ASP.NET Core application. An ASP.NET Core Razor page application is used to implement the credential issuer. To issue credentials, the application must manage the credential subject data as well as require authenticated users who would like to add verifiable credentials to their digital wallet. The Microsoft Authenticator mobile application is used as the digital wallet.","This article shows how Azure AD verifiable credentials can be issued and used in an ASP.NET Core application. An ASP.NET Core Razor page application is used to implement the credential issuer. To issue credentials, the application must manage the credential subject data as well as require authenticated users who would like to add verifiable credentials to their digital wallet. The Microsoft Authenticator mobile application is used as the digital wallet. Code: [https://GitHub.com/swiss-ssi-group/AzureADVerifiableCredentialsAspNetCore](https://GitHub.com/swiss-ssi-group/AzureADVerifiableCredentialsAspNetCore) Blogs in this series Setup Two ASP.NET Core applications are implemented to issue and verify the verifiable credentials. The credential issuer must administrate and authenticate its identities to issue verifiable credentials. A verifiable credential issuer should never issue credentials to unauthenticated subjects of the credential. As the verifier normally only authorizes the credential, it is important to know that the credentials were at least issued correctly. We do not know as a verifier who or and mostly what sends the verifiable credentials but at least we know that the credentials are valid if we trust the issuer. It is possible to use private holder binding for a holder of a wallet which would increase the trust between the verifier and the issued credentials. The credential issuer in this demo issues credentials for driving licenses using Azure AD verifiable credentials. The ASP.NET Core application uses Microsoft.Identity.Web to authenticate all identities. In a real application, the application would be authenticated as well requiring 2FA for all users. Azure AD supports this good. The administrators would also require admin rights, which could be implemented using Azure security groups or Azure roles which are added to the application as claims after the OIDC authentication flow. Any authenticated identity can request credentials (A driving license in this demo) for themselves and no one else. The administrators can create data which is used as the subject, but not issue credentials for others. Azure AD verifiable credential setup Azure AD verifiable credentials is setup using the Azure Docs for the Rest API and the Azure verifiable credential ASP.NET Core sample application. Following the documentation, a display file and a rules file were uploaded for the verifiable credentials created for this issuer. In this demo, two credential subjects are defined to hold the data when issuing or verifying the credentials. { ""default"": { ""locale"": ""en-US"", ""card"": { ""title"": ""National Driving License VC"", ""issuedBy"": ""Damienbod"", ""backgroundColor"": ""#003333"", ""textColor"": ""#ffffff"", ""logo"": { ""uri"": ""https://raw.GitHubusercontent.com/swiss-ssi-group/TrinsicAspNetCore/main/src/NationalDrivingLicense/wwwroot/ndl_car_01.png"", ""description"": ""National Driving License Logo"" }, ""description"": ""Use your verified credential to prove to anyone that you can drive."" }, ""consent"": { ""title"": ""Do you want to get your Verified Credential?"", ""instructions"": ""Sign in with your account to get your card."" }, ""claims"": { ""VC.credentialSubject.name"": { ""type"": ""String"", ""label"": ""Name"" }, ""VC.credentialSubject.details"": { ""type"": ""String"", ""label"": ""Details"" } } } } The rules file defines the attestations for the credentials. Two standard claims are used to hold the data, the given_name and the family_nam
Microsoft,Personal,,,Damien Bowden<br>,Trinsic,,,,,Creating Verifiable credentials in ASP.NET Core for decentralized identities using Trinsic,"The National Driving license application is responsible for issuing driver licenses and administrating licenses for users which have authenticated correctly. The user can see his or her driver license and a verifiable credential displayed as a QR code which can be used to add the credential to a digital wallet. When the application generates the credential, it adds the credential DID to the blockchain ledger with the cryptographic proof of the issuer and the document. When you scan the QR Code, the DID will get validated and will be added to the wallet along with the request claims. The digital wallet must be able to find the DID on the correct network and the schema and needs to search for the ledger in the correct blockchain. A good wallet should take care of this for you. The schema is required so that the data in the DID document can be understood.",,https://damienbod.com/2021/04/05/creating-verifiable-credentials-in-asp-net-core-for-decentralized-identities-using-trinsic/,,Post,,HowTo,,,,,,QR Code,DID,2021-04-05,,,,,,,,,,,,,
Microsoft,XT Seminars,,,,,,,,,Issuing your own DIDs & VCs with Azure AD,,,https://www.xtseminars.co.uk/post/issuing-your-own-dids-vcs-with-azure-ad,,Post,,HowTo,,,,,,"Entra,AzureAD",,2021-06-01,,,,,,,,,,,,,
Microsoft,Personal,,,Damien Bowden,Mattr,,,,,Present and Verify Verifiable Credentials in ASP.NET Core using Decentralized Identities and Mattr,"This article shows how use verifiable credentials stored on a digital wallet to verify a digital identity and use in an application. For this to work, a trust needs to exist between the verifiable credential issuer and the application which requires the verifiable credentials to verify. A blockchain decentralized database is used and Mattr is used as a access layer to this ledger and blockchain. The applications are implemented in ASP.NET Core.","This article shows how use verifiable credentials stored on a digital wallet to verify a digital identity and use in an application. For this to work, a trust needs to exist between the verifiable credential issuer and the application which requires the verifiable credentials to verify. A blockchain decentralized database is used and Mattr is used as a access layer to this ledger and blockchain. The applications are implemented in ASP.NET Core. The verifier application Bo Insurance is used to implement the verification process and to create a presentation template. The application sends a HTTP post request to create a presentation request using the DID Id from the OIDC credential Issuer, created in the previous article. This DID is created from the National Driving license application which issues verifiable credentials and so a trust needs to exist between the two applications. Once the credentials have been issued to a holder of the verifiable credentials and stored for example in a digital wallet, the issuer is no longer involved in the process. Verifying the credentials only requires the holder and the verifier and the decentralized database which holds the digital identities and documents. The verifier application gets the DID from the ledger and signs the verify request. The request can then be presented as a QR Code. The holder can scan this using a Mattr digital wallet and grant consent to share the credentials with the application. The digital wallet calls the callback API defined in the request presentation body and sends the data to the API. The verifier application hosting the API would need to verify the data and can update the application UI using SignalR to continue the business process with the verified credentials. Code https://GitHub.com/swiss-ssi-group/MattrGlobalAspNetCore Blogs in the series - Getting started with Self Sovereign Identity SSI - Creating Verifiable credentials in ASP.NET Core for decentralized identities using Trinsic - Verifying Verifiable Credentials in ASP.NET Core for Decentralized Identities using Trinsic - Create an OIDC credential Issuer with Mattr and ASP.NET Core - Present and Verify Verifiable Credentials in ASP.NET Core using Decentralized Identities and Mattr - Verify vaccination data using Zero Knowledge Proofs with ASP.NET Core and Mattr - Challenges to Self Sovereign Identity - Create and issue verifiable credentials in ASP.NET Core using Azure AD - Implement Compound Proof BBS+ verifiable credentials using ASP.NET Core and Mattr Create the presentation template for the Verifiable Credential A presentation template is required to verify the issued verifiable credentials stored on a digital wallet. The digital identity (DID) Id of the OIDC credential issuer is all that is required to create a presentation request template. In the application which issues credentials, ie the NationalDrivingLicense, a Razor page was created to view the DID of the OIDC credential issuer. The DID can be used to create the presentation template. The Mattr documentation is really good here: https://learn.Mattr.global/tutorials/verify/presentation-request-template A Razor page was created to start this task from the UI. This would normally require authentication as this is an administrator task from the application requesting the verified credentials. The code behind the Razor page takes the DID request parameter and calls the MattrPresentationTemplateService to create the presentation template and present thi
Microsoft,Personal,,,Damien Bowden,Mattr,,,,,Verify Vaccination Data Using Zero Knowldege Proofs with ASP.Net Core and Mattr,"This article shows how Zero Knowledge Proofs ZKP verifiable credentia can be used to verify a persons vaccination data implemented in ASP.NET Core and Mattr. The ZKP BBS+ verifiable credentials are issued and stored on a digital wallet using a Self-Issued Identity Provider (SIOP) and Open ID Connect. The data can then be used to verify if the holder has the required credentials, but only the required data is used and returned to the verification application.<br>",,https://damienbod.com/2021/05/31/verify-vaccination-data-using-zero-knowledge-proofs-with-asp-net-core-and-Mattr/,,Post,,HowTo,,,,,,ASP.NET,Verifiable Credentials,2021-05-31,https://GitHub.com/swiss-ssi-group/MattrZeroKnowledgeProofsAspNetCore,,,,,,,,,,,,
Microsoft,ML-Software,,,Matteo Locher,Trinsic,,,,,Verifying Verifiable Credentials in ASP.NET Core for Decentralized Identities using Trinsic,In this part we are going to look at how we can verify these credentials in order to continue some sort of business process. We will continue with the sample that Damien started and after obtaining our driver license we want to sign up for a new insurance. But we can only sign up at this insurance company if we can deliver proof of our driver license.,"This blog post is a continuation of Damien's blog post about the creation of verifiable credentials. In his blog post Damien showed how to set up an ASP.NET Core application to obtain a credential from the Trinsic platform. In this part we are going to look at how we can verify these credentials in order to continue some sort of business process. We will continue with the sample that Damien started and after obtaining our driver license we want to sign up for a new insurance. But we can only sign up at this insurance company if we can deliver proof of our driver license. The code for this can be found on GitHub. Whilst in Damien's blog post he showed how a verifiable credential can be issued to a so called credential holder, this blog post will be about how we can verify such credentials as part of a business workflow. After an issuer has issued credentials to the holder and they have stored these into their wallet, a verifier can now ask a holder to verify them self with a certain credential. A verifier can add policies to check for certain attributes but also add restrictions like a specific issuer DID. With this in place a verifier can create a verification request which will be sent to the credential holder. This step is very important because it is where a cryptographic challenge is generated that the holder must respond to. This guarantees that the holder is responding to exactly this specific verification request. After the verification request gets returned to the verifier, it needs to be verified against the ledger to make sure it is valid. The verification record does not only contain the attributes, but also some metadata such as the digital signature of the issuer of the credentials, revocation details, verification policies etc. which then get validated against their sources. The image below describes this trust-triangle between the issuer, holder and verifier. Inside of the Trinsic studio you can now create a new organization. This can be on the same account as you have created the issuer organization but also on a different account works fine. After you have created the organization you need to acquire the API-Key that is required to call the Trinsic API from the verifier application. For this example we did no create a template for the verification request. So there is nothing more to do in the Trinsic Studio. For this scenario we used Connectionsless Verifications. These have the ability to create a verification request without having to create a enduring relationship with the credential holder. You can read more about this here. The verifier application will require a NuGet package offered by Trinsic so make the communication with the Trinsic API easier. Add the Trinsic.ServiceClients package to your project and add the service inside of your startup. Remember to put your API-Key into your user secrets and not in your app settings. public void ConfigureServices(IServiceCollection services) { services.AddTrinsicClient(options => { // For CredentialsClient and WalletClient // Insurance API Key // API key of Bo Insurance (Organisation which does the verification) options.AccessToken = Configuration[""Trinsic:ApiKey""]; }); services.AddScoped<IDriversLicenseVerificationService, DriversLicenseVerificationService>(); services.AddRazorPages(); services.AddControllers(); } The logic for the verification is encapsulated inside of the DriversLicenseVerificationService. Due to the limitation of Trinsic only allowing 50 credential exchanges (which include verification requests) there is also a MockService that can be used duri
Microsoft,Microsoft,,ID Standards Blog,Alex Simons,,,,,,Announcing Azure AD Verifiable Credentials,We started on a journey with the open standards communityto empower everyone to own and control their own identity. I’m thrilled to share that we’ve achieved a major milestone in making this vision real. Today we’re announcing that the public preview for Azure AD verifiable credentials is now available: organizations can empower users to control credentials that manage access to their information.,,https://techcommunity.microsoft.com/t5/azure-active-directory-identity/announcing-azure-ad-verifiable-credentials/ba-p/1994711,,Post,,Meta,,,,,,,Verifiable Credentials,2021-04-05,,,,,,,,,,,,,
Microsoft,Microsoft,,ID Standards Blog,Alex Simmons,,,,,,Decentralized digital identities and blockchain: The future as we see it,"Over the last 12 months we’ve invested in incubating a set of ideas for using Blockchain (and other distributed ledger technologies) to create new types of digital identities, identities designed from the ground up to enhance Personal privacy, security and control. We’re pretty excited by what we’ve learned and by the new partnerships we’ve formed in the process. Today we’re taking the opportunity to share our thinking and direction with you. This blog is part of a series and follows on Peggy Johnson’s blog post announcing that Microsoft has joined the ID2020 initiative. If you haven’t already Peggy’s post, I would recommend reading it first.",,https://techcommunity.microsoft.com/t5/azure-active-directory-identity/decentralized-digital-identities-and-blockchain-the-future-as-we/ba-p/1994714,,Post,,Meta,,,,,,Entra,,2021-02-18,,,,,,,,,,,,,
Microsoft,Microsoft,,,Alex Simons,,,,,,Decentralized digital identities and blockchain: The future as we see it,"Over the last 12 months we’ve invested in incubating a set of ideas for using Blockchain (and other distributed ledger technologies) to create new types of digital identities, identities designed from the ground up to enhance Personal privacy, security and control. We’re pretty excited by what we’ve learned and by the new partnerships we’ve formed in the process. Today we’re taking the opportunity to share our thinking and direction with you. This blog is part of a series and follows on Peggy Johnson’s blog post announcing that Microsoft has joined the ID2020 initiative. If you haven’t already Peggy’s post, I would recommend reading it first.<br>","Decentralized digital identities and blockchain: The future as we see it Howdy folks, I hope you’ll find today’s post as interesting as I do. It’s a bit of brain candy and outlines an exciting vision for the future of digital identities. Over the last 12 months we’ve invested in incubating a set of ideas for using Blockchain (and other distributed ledger technologies) to create new types of digital identities, identities designed from the ground up to enhance Personal privacy, security and control. We’re pretty excited by what we’ve learned and by the new partnerships we’ve formed in the process. Today we’re taking the opportunity to share our thinking and direction with you. This blog is part of a series and follows on Peggy Johnson’s blog post announcing that Microsoft has joined the ID2020 initiative. If you haven’t already Peggy’s post, I would recommend reading it first. I’ve asked Ankur Patel, the PM on my team leading these incubations to kick our discussion on Decentralized Digital Identities off for us. His post focuses on sharing some of the core things we’ve learned and some of the resulting principles we’re using to drive our investments in this area going forward. And as always, we’d love to hear your thoughts and feedback. Best Regards, Alex Simons (Twitter: @Alex_A_Simons) Director of Program Management Microsoft Identity Division ———- Greetings everyone, I’m Ankur Patel from Microsoft’s Identity Division. It is an awesome privilege to have this opportunity to share some of our learnings and future directions based on our efforts to incubate Blockchain/distributed ledger based Decentralized Identities. What we see As many of you experience every day, the world is undergoing a global digital transformation where digital and physical reality are blurring into a single integrated modern way of living. This new world needs a new model for digital identity, one that enhances individual privacy and security across the physical and digital world. Microsoft’s cloud identity systems already empower thousands of developers, organizations and billions of people to work, play, and achieve more. And yet there is so much more we can do to empower everyone. We aspire to a world where the billions of people living today with no reliable ID can finally realize the dreams we all share like educating our children, improving our quality of life, or starting a business. To achieve this vision, we believe it is essential for individuals to own and control all elements of their digital identity. Rather than grant broad consent to countless apps and services, and have their identity data spread across numerous providers, individuals need a secure encrypted digital hub where they can store their identity data and easily control access to it. Each of us needs a digital identity we own, one which securely and privately stores all elements of our digital identity. This self-owned identity must be easy to use and give us complete control over how our identity data is accessed and used. We know that enabling this kind of self-sovereign digital identity is bigger than any one company or organization. We’re committed to working closely with our customers, partners and the community to unlock the next generation of digital
Microsoft,BitcoinMagazine,,,GIULIO PRISCO,Blockstack; Consensys; ID2020; uPort,,,,,"Microsoft Building Open Blockchain-Based Identity System With Blockstack, ConsenSys","The Microsoft strategist said that the Redmond, Washington, giant is working with Blockstack Labs and ConsenSys to leverage their current Bitcoin and Ethereum-based identity solutions, Blockstack and uPort. Through this open source collaboration, Microsoft and its partners intend to produce a cross-chain identity solution that can be extended to any future blockchains or new kinds of decentralized, distributed systems. In the coming weeks an open-source framework for developers will be made available on Azure.","Microsoft Building Open Blockchain-Based Identity System With Blockstack, ConsenSys Microsoft has announced that it is collaborating with Blockstack Labs, ConsenSys and developers across the globe on an open source, self-sovereign, blockchain-based identity system that allows people, products, apps and services to interoperate across blockchains, cloud providers and organizations. The United Nation's Sustainable Development Goals include giving everyone a legal identity by 2030. As a first step, the U.N. wants to develop scalable identity systems by 2020. The inaugural ""ID2020 Summit ‒ Harnessing Digital Identity for the Global Community,"" held at the United Nations headquarters in New York on May 20, brought together policymakers and technology companies to develop an action plan. “While we don’t profess to have solutions to these overwhelming problems today, we can start where the open source community is best: collaboration,” said Yorke Rhodes III, blockchain business strategist at Microsoft. “To progress toward these goals, we have been working with partners to address identity using the self-owned or self-sovereign qualities of blockchain technology.” The Microsoft strategist said that the Redmond, Washington, giant is working with Blockstack Labs and ConsenSys to leverage their current Bitcoin and Ethereum-based identity solutions, Blockstack and uPort. Through this open source collaboration, Microsoft and its partners intend to produce a cross-chain identity solution that can be extended to any future blockchains or new kinds of decentralized, distributed systems. In the coming weeks an open-source framework for developers will be made available on Azure. Blockstack ‒ an open source blockchain application stack ‒ permits building decentralized, serverless apps by plugging into Blockstack's services for identity, naming, storage and authentication. According to the Blockstack team, Blockstack is the largest, most popular blockchain identity system, with 50,000 registered identities that come with profiles and globally unique names. Identities can be registered for people, companies, websites, software packages and more. Profiles can contain both private and public information, which is attested to by the user and can be verified by peers and select authorities. “Microsoft will make it easy to deploy new Blockstack servers and infrastructure on the Azure cloud and plans to integrate Blockstack with some internal systems for identity and authentication,” notes the Blockstack blog. “With the Blockstack technology users are in complete control of their usernames and data and don’t need to trust any third party for their information. We appreciate Microsoft’s committed to making the internet a more secure and user-centric place and to promote open-source software development.” In November Bitcoin Magazinereported that Microsoft had partnered with ConsenSys, a blockchain startup focused on Ethereum technology, founded in October 2014 by Ethereum Foundation’s co-founder Joseph Lubin. In December, Microsoft and ConsenSys announced Ethereum Blockchain as a Service (EBaaS) on Microsoft Azure, to provide a single-click cloud-based blockchain developer environment to Azure Enterprise clients and developers. In October, ConsenSys revealed that it was working on an identity management system called uPort . “[We] have st
Microsoft,BusinessInsider,,,Isobel Asher Hamilton,,,,,,Microsoft is quietly testing a project that aims to hand people complete control over their online data,"Foley reported that Bali's ""about"" page described itself as a ""new Personal data bank which puts users in control of all data collected about them... The bank will enable users to store all data (raw and inferred) generated by them. It will allow the user to visualize, manage, control, share and monetize the data.""<br><br>It also cited the concept of ""inverse privacy,"" a paper published by Microsoft researchers in 2014. It's the idea that someone else has access to your online data, but you don't.","- Microsoft is quietly working on a project codenamed ""Bali,"" which could give users much more control over their Personal data. - Bali was first spotted by a Twitter user, and reporters then found what looked like the project's website. - The website described Bali as a ""new Personal data bank which puts users in control of all data collected about them."" - When Business Insider tried to access the site, it had vanished. Microsoft is working on a research project which could give customers vast control over their Personal online data. Microsoft has been quietly testing the idea and even launched a beta website, according to reports. It comes at a time when privacy is high on the agenda following a series of scandals, including Facebook's Cambridge Analytica data breach last year. Reporters first got wind of the project from a tweet. Twitter user ""Longhorn"" said on Wednesday: ""Microsoft Bali is a project that can delete all your connection and account information (inverseprivacyproject). It's currently in private beta still."" ZDNet journalist Mary Jo Foley then found what looked like the Bali website. The site reportedly required a code to sign in, but visitors could request a code. PC Magazine also appears to have visited the site, but when Business Insider followed the link, the website failed to load. Foley reported that Bali's ""about"" page described itself as a ""new Personal data bank which puts users in control of all data collected about them... The bank will enable users to store all data (raw and inferred) generated by them. It will allow the user to visualize, manage, control, share and monetize the data."" It also cited the concept of ""inverse privacy,"" a paper published by Microsoft researchers in 2014. It's the idea that someone else has access to your online data, but you don't. Business Insider contacted Microsoft for comment.",https://www.businessinsider.com/microsoft-working-on-project-bali-to-give-people-control-over-data-2019-1,,Post,,Meta,,,,,,,,2019-01-04,,,,,,,,,,,,,
Microsoft,Wired,,,,"At its Ignite conference today, Microsoft announced that it will launch a public preview of its “Azure Active Directory verifiable credentials” this spring.",,,,,Microsoft's Dream of Decentralized IDs Enters the Real World,"Beyond just controlling access, developers can further secure user data by encrypting that data using keys from their decentralized identifiers,' a Microsoft spokesperson told WIRED in a statement. Based on such an approach, a bad actor may gain access to a system or datastore but can’t decrypt the data without keys that reside with individual user.'","For years, tech companies have touted blockchain technology as a means to develop identity systems that are secure and decentralized. The goal is to build a platform that could store information about official data without holding the actual documents or details themselves. Instead of just storing a scan of your birth certificate, for example, a decentralized ID platform might store a validated token that confirms the information in it. Then when you get carded at a bar or need proof of citizenship, you could share those pre-verified credentials instead of the actual document or data. Microsoft has been one of the leaders of this pack—and is now detailing tangible progress toward its vision of a decentralized digital ID. At its Ignite conference today, Microsoft announced that it will launch a public preview of its “Azure Active Directory verifiable credentials” this spring. Think of the platform as a digital wallet like Apple Pay or Google Pay, but for identifiers rather than credit cards. Microsoft is starting with things like university transcripts, diplomas, and professional credentials, letting you add them to its Microsoft Authenticator app along with two-factor codes. It's already testing the platform at Keio University in Tokyo, with the government of Flanders in Belgium, and with the United Kingdom's National Health Service. ""If you have a decentralized identifier I can verify, say, where you went to school, and I don’t need you to send me all of the information,"" says Joy Chik, corporate vice president for Microsoft's cloud and enterprise identity division. “All I need is to get that digital credential and because it’s already been verified I can trust it."" Microsoft will release a software development kit in the coming weeks that organizations can use to start building applications that issue and request credentials. And long-term, the company says, it hopes the system could be used around the world for everything from renting an apartment to establishing identity for refugees who are struggling without documents—a dream of virtually all decentralized identification efforts. In the NHS pilot, for example, health care providers can request access to professional certifications from existing NHS health care workers, who can in turn choose to allow that access, streamlining a process for transferring to another facility that previously required a much more involved back and forth. Under Microsoft's setup, you can also revoke access to your credentials if the recipient no longer needs access. “In the NHS system, at each hospital health care workers go to, it used to take months of effort to verify their credentials before they could practice,"" Chik says. “Now it literally takes five minutes to be enrolled in the hospital and starting to treat patients."" A big hurdle to widespread adoption of a decentralized ID scheme has been interoperability. Having 10 competing frameworks out there wouldn't make things easier for anyone. Currently there are some potential competitors, like an offering from Mastercard that's still in testing. Microsoft's ubiquity potentially makes it a good candidate to rally a critical mass of users. With this in mind, the company developed Azure Active Directory verifiable credentials off of open authentication standards, like the World Wide Web Consortium's WebAuthN. That should make it easier for customers to adopt the platform, and for other tech giants to support its use i
Microsoft,Microsoft,,,Peggy Johnson,ID2020,,,,,Partnering for a path to digital identity,"As discussions begin this week at the World Economic Forum, creating universal access to identity is an issue at the top of Microsoft’s agenda, and we think technology can be a powerful tool to tackle this challenge. It was last summer that Microsoft took a first step, collaborating with Accenture and Avanade on a blockchain-based identity prototype on Microsoft Azure. Together, we pursued this work in support of the ID2020 Alliance – a global public-private partnership dedicated to aiding the 1.1 billion people around the world who lack any legal form of identity. To say that we were encouraged by its mission would be an understatement. We were inspired by it.","In the U.S. and abroad, fundamental rights and services like voting, healthcare, housing and education are tethered to legal proof of identification – you can’t participate if you don’t have it. Yet nearly one in six people worldwide – the majority of them being women, children and refugees – live without it. The lack of legal documentation not only strips access to critical services, it puts those trapped in the “identity gap” at risk for larger issues including displacement and child trafficking. As discussions begin this week at the World Economic Forum, creating universal access to identity is an issue at the top of Microsoft’s agenda, and we think technology can be a powerful tool to tackle this challenge. It was last summer that Microsoft took a first step, collaborating with Accenture and Avanade on a blockchain-based identity prototype on Microsoft Azure. Together, we pursued this work in support of the ID2020 Alliance – a global public-private partnership dedicated to aiding the 1.1 billion people around the world who lack any legal form of identity. To say that we were encouraged by its mission would be an understatement. We were inspired by it. Today, we are excited to share that we are deepening our commitment to this issue by formally joining ID2020 as a founding member. In addition to a donation of $1 million, we will commit resources and expertise to further develop a secure, portable form of digital identity and help implement it across governments and agencies. In the coming months, Microsoft, our partners in the ID2020 Alliance, and developers around the globe will collaborate on an open source, self-sovereign, blockchain-based identity system that allows people, products, apps and services to interoperate across blockchains, cloud providers and organizations. We will lend the technical expertise of our Identity team to provide guidance as the project scales, empowering people with direct consent over who has access to their Personal information, and when to release and share data. We will also help establish standards that ensure this work is impactful and scalable. Our shared ambition with ID2020 is to start piloting this solution in the coming year to bring it to those who need it most, beginning with refugee populations. Amid a growing refugee crisis, we believe technology can play a powerful role when put in the hands of displaced people and the organizations that are supporting them. Over the last two years, Microsoft Philanthropies has donated $33 million in technology and funding to organizations that aid refugees and empower them to rebuild their lives. Closing the identity gap is an enormous challenge. It will take the work of many committed people and organizations coming together across different geographies, sectors and technologies. But it’s exciting to imagine a world where safe and secure digital identities are possible, providing everyone with an essential building block to every right and opportunity they deserve. Tags: digital identity, ID2020 Alliance",https://blogs.microsoft.com/blog/2018/01/22/partnering-for-a-path-to-digital-identity/,,Post,,Meta,,,,,,,,2018-01-02,,,,,,,,,,,,,
Microsoft,Newswire CA,,,,,,,,,Credivera Joins Microsoft Partner Network as Verifiable Credentials Provider,"Credivera, a global leader in the secure, open exchange of verifiable credentials and digital identity solutions, today announced that it has joined the Microsoft Partner Network. In addition, it has been selected by Microsoft as a Microsoft Entra Verified ID solution provider. Credivera joins a list of internationally based companies in the Microsoft Partner Network who are leading the development of innovative digital identity tools, empowering individuals to completely own and control their unique digital identity. ","Jul 26, 2022, 13:00 ET CALGARY, AB, July 26, 2022 /CNW/ - Credivera, a global leader in the secure, open exchange of verifiable credentials and digital identity solutions, today announced that it has joined the Microsoft Partner Network. In addition, it has been selected by Microsoft as a Microsoft Entra Verified ID solution provider. Credivera joins a list of internationally based companies in the Microsoft Partner Network who are leading the development of innovative digital identity tools, empowering individuals to completely own and control their unique digital identity. Recent market conditions, such as the emerging world of decentralized identity, the remote nature of today's global workforce, and the troubling increase in widespread identity theft, uniquely position Credivera as a trusted source of truth, supporting businesses and enterprises everywhere as they look to automate the verification of identity credentials for their workforce. ""We are in the business of verifiable career credentials and today's announcement is a major milestone for the entire Credivera team as we respond to the urgent demand for trusted digital identity and open standard solutions that enable secure, private information sharing. We're excited to represent Canada on a global stage within the Microsoft Partner Network alongside an esteemed list of companies and will continue to deliver innovative digital identity solutions for the workforce that return power and control into the hands of the individual, allowing each of us to own what we know and share what we want."" said Dan Giurescu, Credivera co-founder and Chief Executive Officer. Credivera's technology platform is built using Microsoft Azure SQL Database, Azure Active Directory, and is integrated with Microsoft Dynamics 365 Business Central and Power BI. Credivera also integrates with third-party HR and Safety programs, meaning that an individual's digital credentials, that are available in a Credivera digital wallet, are always accessible, always on, and always true for multiple contexts and scenarios. Beyond the advantages for individuals, key organizational benefits of the solution include enhanced systems productivity, a scalable global reach, definitive trust in fraud-free, valid workforce credentials, and eliminating any possibility of liability and risk. To learn more about how our digital identity verifications solutions can work for you, visit credivera.com/the-exchange/verifiable-credentials. To learn more about the Microsoft Partner Network, please visit partner.Microsoft.com. TerraHub Technologies Inc., known as Credivera commercially, is the world's first secure, open exchange for verifiable credentials. A leader in workforce management and digital identity, Credivera gives employees, employers, and organizations that issue credentials increased productivity and control of how important credentials are stored and shared. The Credivera Exchange optimizes Personal privacy and trust with up-to-date verifiable credentials secured in a digital wallet, resulting in reduced risk for all. Founded in 2017, with offices in Toronto and Calgary, Credivera supports regulated industries and global technology firms in over 30 countries worldwide",https://www.newswire.ca/news-releases/credivera-joins-microsoft-partner-network-as-verifiable-credentials-provider-857742185.html,,Press,,Meta,,,,,,,,2022-07-26,,,,,,,,,,,,,
Microsoft,Microsoft,,,,Condatis,,,,,Condatis revolutionizes staff management with Microsoft Entra Verified ID,"At Edinburgh-based Condatis, as more employees transition from a hybrid work model to a full return to the office, they’re being greeted by a new, intuitive sign-in experience built on virtual, verifiable credentials that provide value-added access to office spaces and services. Whether someone is being onboarded, coming in as a temporary hire, or visiting a staff member, each person will see that some doors in the office will be open for them, and others won’t.",Microsoft customer stories See how Microsoft tools help companies run their business. Microsoft,https://customers.microsoft.com/en-us/story/1508854534910834689-condatis-partner-professional-services-entra-verified-id,,Testimonial,,Meta,,,,,,,Verifiable Credentials,2023-01-01,,,,,,,,,,,,,
Microsoft,Microsoft,,,,,,,,,Decentralized Identity Own and control your identity,"Microsoft cloud identity systems already empower developers, organizations, and billions of people to work, play, and achieve more, but there’s so much more we can do to create a world where each of us, even in displaced populations, can pursue our life goals, including educating our children, improving our quality of life, and starting a business.To achieve this vision, we need to augment existing cloud identity systems with one that individuals, organizations, and devices can own so they can control their digital identity and data. This self-owned identity must seamlessly integrate into our daily lives, providing complete control over what we share and with whom we share it, and—when necessary—provide the ability to take it back. Instead of granting broad consent to countless apps and services and spreading their identity data across numerous providers, individuals need a secure, encrypted digital hub where they can store their identity data and easily control access to it.",,https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/re2djfy,,Whitepaper,,Meta,,,,,,,,2018,,,,,,,,,,,,,
Microsoft,Microsoft,,Microsoft Entra Verified ID documentation,,,,,,,Azure AD Verifiable Credentials architecture overview (preview),"It’s important to plan your verifiable credential solution so that in addition to issuing and or validating credentials, you have a complete view of the architectural and business impacts of your solution. If you haven’t reviewed them already, we recommend you review Introduction to Microsoft Entra Verified ID and the FAQs, and then complete the Getting Started tutorial.<br><br>This architectural overview introduces the capabilities and components of the Microsoft Entra Verified ID service. ","Microsoft Entra Verified ID architecture overview Note Azure Active Directory Verifiable Credentials is now Microsoft Entra Verified ID and part of the Microsoft Entra family of products. Learn more about the Microsoft Entra family of identity solutions and get started in the unified Microsoft Entra admin center. It’s important to plan your verifiable credential solution so that in addition to issuing and or validating credentials, you have a complete view of the architectural and business impacts of your solution. If you haven’t reviewed them already, we recommend you review Introduction to Microsoft Entra Verified ID and the FAQs, and then complete the Getting Started tutorial. This architectural overview introduces the capabilities and components of the Microsoft Entra Verified ID service. For more detailed information on issuance and validation, see Approaches to identity Today most organizations use centralized identity systems to provide employees credentials. They also use various methods to bring customers, partners, vendors, and relying parties into the organization’s trust boundaries. These methods include federation, creating and managing guest accounts with systems like Azure AD B2B, and creating explicit trusts with relying parties. Most business relationships have a digital component, so enabling some form of trust between organizations requires significant effort. Centralized identity systems Centralized approaches still work well in many cases, such as when applications, services, and devices rely on the trust mechanisms used within a domain or trust boundary. In centralized identity systems, the identity provider (IDP) controls the lifecycle and usage of credentials. However, there are scenarios where using a decentralized architecture with verifiable credentials can provide value by augmenting key scenarios such as secure onboarding of employees’ and others’ identities, including remote scenarios. access to resources inside the organizational trust boundary based on specific criteria. accessing resources outside the trust boundary, such as accessing partners’ resources, with a portable credential issued by the organization. Decentralized identity systems In decentralized identity systems, control of the lifecycle and usage of the credentials is shared between the issuer, the holder, and relying party consuming the credential. Consider the scenario in the diagram below where Proseware, an e-commerce website, wants to offer Woodgrove employees corporate discounts. Terminology for verifiable credentials (VCs) might be confusing if you're not familiar with VCs. The following definitions are from the Verifiable Credentials Data Model 1.0 terminology section. After each, we relate them to entities in the preceding diagram. “An issuer is a role an entity can perform by asserting claims about one or more subjects, creating a verifiable credential from these claims, and transmitting the verifiable credential to a holder.” - In the preceding diagram, Woodgrove is the issuer of verifiable credentials to its employees. “A holder is a role an entity might perform by possessing one or more verifiable credentials and generating presentations from them. A holder is usually, but not always, a subject of the verifiable credentials they are holding. Holders store their credentials in credential repositories.” - In the preceding diagram, Alice is a Woodgrove employee. They obta
Microsoft,Microsoft,,Microsoft Entra Verified ID documentation,,,,,,,Configure your tenant for Microsoft Entra Verified ID,"Microsoft Entra Verified ID is a decentralized identity solution that helps you safeguard your organization. The service allows you to issue and verify credentials. Issuers can use the Verified ID service to issue their own customized verifiable credentials. Verifiers can use the service's free REST API to easily request and accept verifiable credentials in their apps and services. In both cases, you will have to configure your Azure AD tenant so that you can use it to either issue your own verifiable credentials, or verify the presentation of a user's verifiable credentials that were issued by another organization. In case you are both an issuer and a verifier, you can use a single Azure AD tenant to both issue your own verifiable credentials as well as verify those of others.","Configure your tenant for Microsoft Entra Verified ID Note Azure Active Directory Verifiable Credentials is now Microsoft Entra Verified ID and part of the Microsoft Entra family of products. Learn more about the Microsoft Entra family of identity solutions and get started in the unified Microsoft Entra admin center. Microsoft Entra Verified ID is a decentralized identity solution that helps you safeguard your organization. The service allows you to issue and verify credentials. Issuers can use the Verified ID service to issue their own customized verifiable credentials. Verifiers can use the service's free REST API to easily request and accept verifiable credentials in their apps and services. In both cases, you will have to configure your Azure AD tenant so that you can use it to either issue your own verifiable credentials, or verify the presentation of a user's verifiable credentials that were issued by another organization. In case you are both an issuer and a verifier, you can use a single Azure AD tenant to both issue your own verifiable credentials as well as verify those of others. In this tutorial, you learn how to configure your Azure AD tenant to use the verifiable credentials service. Specifically, you learn how to: - Create an Azure Key Vault instance. - Set up the Verified ID service. - Register an application in Azure AD. The following diagram illustrates the Verified ID architecture and the component you configure. Prerequisites - You need an Azure tenant with an active subscription. If you don't have Azure subscription, create one for free. - Ensure that you have the global administrator or the authentication policy administrator permission for the directory you want to configure. If you're not the global administrator, you will need permission application administrator to complete the app registration including granting admin consent. - Ensure that you have the contributor role for the Azure subscription or the resource group that you will deploy Azure Key Vault in. Create a key vault Azure Key Vault is a cloud service that enables the secure storage and access of secrets and keys. The Verified ID service stores public and private keys in Azure Key Vault. These keys are used to sign and verify credentials. If you don't have an Azure Key Vault instance available, follow these steps to create a key vault using the Azure portal. Note By default, the account that creates a vault is the only one with access. The Verified ID service needs access to the key vault. You must configure your key vault with access policies allowing the account used during configuration to create and delete keys. The account used during configuration also requires permissions to sign so that it can create the domain binding for Verified ID. If you use the same account while testing, modify the default policy to grant the account sign permission, in addition to the default permissions granted to vault creators. Set access policies for the key vault A Key Vault access policy defines whether a specified security principal can perform operations on Key Vault secrets and keys. Set access policies in your key vault for both the Verified ID
Microsoft,Microsoft,,,,,,,,,DTDL models - Azure Digital Twins,"DTDL is based on JSON-LD and is programming-language independent. DTDL isn't exclusive to Azure Digital Twins, but is also used to represent device data in other IoT services such as IoT Plug and Play.","Learn about twin models and how to define them in Azure Digital Twins A key characteristic of Azure Digital Twins is the ability to define your own vocabulary and build your twin graph in the self-defined terms of your business. This capability is provided through user-provided models. You can think of models as the nouns in a description of your world. Azure Digital Twins models are represented in the JSON-LD-based Digital Twin Definition Language (DTDL). A model is similar to a class in an object-oriented programming language, defining a data shape for one particular concept in your real work environment. Models have names (such as Room or TemperatureSensor), and contain elements such as properties, telemetry, and relationships that describe what this type of entity in your environment does. Later, you'll use these models to create digital twins that represent specific entities that meet this type description. Digital Twin Definition Language (DTDL) for models Models for Azure Digital Twins are defined using the Digital Twins Definition Language (DTDL). You can view the full language specs for DTDL in GitHub: Digital Twins Definition Language (DTDL) - Version 2 Reference. This page includes detailed DTDL reference and examples to help you get started writing your own DTDL models. DTDL is based on JSON-LD and is programming-language independent. DTDL isn't exclusive to Azure Digital Twins, but is also used to represent device data in other IoT services such as IoT Plug and Play. Azure Digital Twins uses DTDL version 2 (use of DTDL version 1 with Azure Digital Twins has now been deprecated). The rest of this article summarizes how the language is used in Azure Digital Twins. Model overview Twin type models can be written in any text editor. The DTDL language follows JSON syntax, so you should store models with the extension .json. Using the JSON extension will enable many programming text editors to provide basic syntax checking and highlighting for your DTDL documents. There's also a DTDL extension available for Visual Studio Code. Here are the fields within a model interface: |Field||Description| |A Digital Twin Model Identifier (DTMI) for the model. Must be in the format | |Identifies the kind of information being described. For an interface, the type is | |Sets the context for the JSON document. Models should use | |[optional] Gives you the option to define a friendly name for the model. If you don't use this field, the model will use its full DTMI value.| |All remaining interface data is placed here, as an array of attribute definitions. Each attribute must provide a | Here's an example of a basic DTDL model. This model describes a Home, with one property for an ID. The Home model also defines a relationship to a Floor model, which can be used to indicate that a Home twin is connected to certain Floor twins. { ""@id"": ""dtmi:com:adt:dtsample:home; 1"", ""@type"": ""Interface"", ""@context"": ""dtmi:dtdl:context; 2"", ""displayName"": ""Home"", ""contents"": [ { ""@type"": ""Property"", ""name"": ""id"", ""schema"": ""string"" }, { ""@type"": ""Relationship"", ""@id"": ""dtmi:com:adt:dtsample:home:rel_has_floors; 1"", ""name"": ""rel_has_floors"", ""displayName"": ""Home has floors"", ""target"": ""dtmi:com:adt:dtsample:floor; 1"" } ] } Model attributes The main information about a model is given by its attributes, which are defined within the contents section of the model interface. Here are the attributes available in DTDL. A DTDL model interface may contain zero, one, or many of each of the following fields: Property - Properties are data fields that represent the state of an entity (like the properties in many object-oriented programming languages). Properties have backing storage and can be read at any time. For more information, see Properties and
Microsoft,Microsoft,,Microsoft Entra Verified ID documentation,,,,,,,Issue Azure AD Verifiable Credentials from an application,- Set up Azure Blob Storage for storing your Azure AD Verifiable Credentials configuration files.<br>- Create and upload your Verifiable Credentials configuration files.<br>- Create the verified credential expert card in Azure.<br>- Gather credentials and environment details to set up the sample application.<br>- Download the sample application code to your local computer.<br>- Update the sample application with your verified credential expert card and environment details.<br>- Run the sample application and issue your first verified credential expert card.<br>- Verify your verified credential expert card.,"Issue Microsoft Entra Verified ID credentials from an application Note Azure Active Directory Verifiable Credentials is now Microsoft Entra Verified ID and part of the Microsoft Entra family of products. Learn more about the Microsoft Entra family of identity solutions and get started in the unified Microsoft Entra admin center. In this tutorial, you run a sample application from your local computer that connects to your Azure Active Directory (Azure AD) tenant. Using the application, you're going to issue and verify a verified credential expert card. In this article, you learn how to: - Create the verified credential expert card in Azure. - Gather credentials and environment details to set up the sample application. - Download the sample application code to your local computer. - Update the sample application with your verified credential expert card and environment details. - Run the sample application and issue your first verified credential expert card. - Verify your verified credential expert card. The following diagram illustrates the Microsoft Entra Verified ID architecture and the component you configure. Prerequisites - Set up a tenant for Microsoft Entra Verified ID. - To clone the repository that hosts the sample app, install GIT. - Visual Studio Code, or similar code editor. - .NET 5.0. - Download ngrok and sign up for a free account. If you can't use ngrokin your organization, read this FAQ. - A mobile device with Microsoft Authenticator:Android version 6.2206.3973 or later installed.iOS version 6.6.2 or later installed. Create the verified credential expert card in Azure In this step, you create the verified credential expert card by using Microsoft Entra Verified ID. After you create the credential, your Azure AD tenant can issue it to users who initiate the process. Using the Azure portal, search for Verified ID and select it. After you set up your tenant, the Create credential should appear. Alternatively, you can select Credentials in the left hand menu and select + Add a credential. In Create credential, select Custom Credential and click Next: For Credential name, enter VerifiedCredentialExpert. This name is used in the portal to identify your verifiable credentials. It's included as part of the verifiable credentials contract. Copy the following JSON and paste it in the Display definition textbox { ""locale"": ""en-US"", ""card"": { ""title"": ""Verified Credential Expert"", ""issuedBy"": ""Microsoft"", ""backgroundColor"": ""#000000"", ""textColor"": ""#ffffff"", ""logo"": { ""uri"": ""https://didcustomerplayground.blob.core.windows.net/public/VerifiedCredentialExpert_icon.png"", ""description"": ""Verified Credential Expert Logo"" }, ""description"": ""Use your verified credential to prove to anyone that you know all about verifiable credentials."" }, ""consent"": { ""title"": ""Do you want to get your Verified Credential?"", ""instructions"": ""Sign in with your account to get your card."" }, ""claims"": [ { ""claim"": ""VC.credentialSubject.firstName"", ""label"": ""First name"", ""type"": ""String"" }, { ""claim"": ""VC.credentialSubject.lastName"", ""label"": ""Last name"", ""type"": ""String"" } ] } Copy the following JSON and paste it in the Rules definition textbox { ""attestations"": { ""idTokenHints"": [ { ""mapping"": [ { ""outputClaim"": ""firstName"", ""requ
Microsoft,Microsoft,,,,,,,,,Microsoft Entra Verified ID documentation,Verifiable credentials help you build solutions that empower customers to manage their own data.,,https://learn.microsoft.com/en-us/azure/active-directory/verifiable-credentials/,,Docs,,Product,,,,,,Entra,Verifiable Credentials,2023-01-24,,,,,,,,,,,,,
Microsoft,Microsoft,,Microsoft Entra Verified ID documentation,,,,,,,Plan your issuance solution,"This article covers the technical aspects of planning for a verifiable credential issuance solution. The Microsoft solution for verifiable credentials follows the World Wide Web Consortium (W3C) Verifiable Credentials Data Model 1.0 and Decentralized Identifiers (DIDs) V1.0 standards so can interoperate with non-Microsoft services. However, the examples in this content reflect the Microsoft solution stack for verifiable credentials.<br><br>Out of scope for this content is articles covering supporting technologies that aren't specific to issuance solutions. ","Plan your Microsoft Entra Verified ID issuance solution Note Azure Active Directory Verifiable Credentials is now Microsoft Entra Verified ID and part of the Microsoft Entra family of products. Learn more about the Microsoft Entra family of identity solutions and get started in the unified Microsoft Entra admin center. It’s important to plan your issuance solution so that in addition to issuing credentials, you have a complete view of the architectural and business impacts of your solution. If you haven’t done so, we recommend you view the Microsoft Entra Verified ID architecture overview for foundational information. Scope of guidance This article covers the technical aspects of planning for a verifiable credential issuance solution. The Microsoft solution for verifiable credentials follows the World Wide Web Consortium (W3C) Verifiable Credentials Data Model 1.0 and Decentralized Identifiers (DIDs) V1.0 standards so can interoperate with non-Microsoft services. However, the examples in this content reflect the Microsoft solution stack for verifiable credentials. Out of scope for this content is articles covering supporting technologies that aren't specific to issuance solutions. For example, websites are used in a verifiable credential issuance solution but planning a website deployment isn't covered in detail. Components of the solution As part of your plan for an issuance solution, you must design a solution that enables the interactions between the issuer, the user, and the verifier. You may issue more than one verifiable credential. The following diagram shows the components of your issuance architecture. Microsoft VC issuance solution architecture Azure Active Directory tenant A prerequisite for running the Microsoft Entra Verified ID service is that it's hosted in an Azure Active Directory (Azure AD) tenant. The Azure AD tenant provides an Identity and Access Management (IAM) control plane for the Azure resources that are part of the solution. Each tenant uses the multi-tenant Microsoft Entra Verified ID service, and has a decentralized identifier (DID). The DID provides proof that the issuer owns the domain incorporated into the DID. The DID is used by the subject and the verifier to validate the issuer. Microsoft Azure services The Azure Key Vault service stores your issuer keys, which are generated when you initiate the Microsoft Entra Verified ID issuance service. The keys and metadata are used to execute credential management operations and provide message security. Each issuer has a single key set used for signing, updating, and recovery. This key set is used for every issuance of every verifiable credential you produce. Microsoft Entra Verified ID Service is used to store credential metadata and definitions; specifically, the rules and display definitions for your credentials. Display definitions determine how claims are displayed in the holder’s wallet and also includes branding and other elements. The Display definition can be localized into multiple languages. See How to customize your verifiable credentials. Rules are an issuer-defined model that describes the required inputs of a verifiable credential. Rules also defined trusted input sources, and the mapping of input claims to output claims stored in the VC. Depending on the type of attestation defined in the rules definition, the input claims can come from different providers. Input claims m
Microsoft,Microsoft,,Microsoft Entra Verified ID documentation,,,,,,,Plan your verification solution,"Microsoft’s Microsoft Entra Verified ID (Azure AD VC) service enables you to trust proofs of user identity without expanding your trust boundary. With Azure AD VC, you create accounts or federate with another identity provider. When a solution implements a verification exchange using verifiable credentials, it enables applications to request credentials that aren't bound to a specific domain. This approach makes it easier to request and verify credentials at scale.","Plan your Microsoft Entra Verified ID verification solution Note Azure Active Directory Verifiable Credentials is now Microsoft Entra Verified ID and part of the Microsoft Entra family of products. Learn more about the Microsoft Entra family of identity solutions and get started in the unified Microsoft Entra admin center. Microsoft’s Microsoft Entra Verified ID (Azure AD VC) service enables you to trust proofs of user identity without expanding your trust boundary. With Azure AD VC, you create accounts or federate with another identity provider. When a solution implements a verification exchange using verifiable credentials, it enables applications to request credentials that aren't bound to a specific domain. This approach makes it easier to request and verify credentials at scale. If you haven’t already, we suggest you review the Microsoft Entra Verified ID architecture overview. You may also want to review Plan your Microsoft Entra Verified ID issuance solution. Scope of guidance This content covers the technical aspects of planning for a verifiable credential (VC) verification solution using Microsoft products and services. The solution interfaces with a trust system, where currently supported trust systems are Identity Overlay Network (ION) or DID Web. ION acts as the decentralized public key infrastructure (DPKI) while DID Web is a centralized public key infrastructure. Supporting technologies that aren't specific to verification solutions are out of scope. For example, websites are used in a verifiable credential verification solution but planning a website deployment isn't covered in detail. As you plan your verification solution, you must consider what business capability is being added or modified. You must also consider what IT capabilities can be reused, and what capabilities must be added to create the solution. Also consider what training is needed for the people involved in the business process and the people that support the end users and staff of the solution. These articles aren't covered in this content. We recommend reviewing the Microsoft Azure Well-Architected Framework for information covering these articles. Components of the solution As part of your plan for a verification solution, you must enable the interactions between the verifier, the subject, and the issuer. In this article, the terms relying party and verifier are used interchangeably. The following diagram shows the components of your verification architecture. Microsoft Entra Verified ID service In the context of a verifier solution, the Microsoft Entra Verified ID service is the interface between the Microsoft components of the solution and the trust system. The service provisions the key set to Key Vault, provisions the decentralized identifier (DID). In the case of ION, the service writes the DID document to the distributed ledger, where it can be used by subjects and issuers. Azure Active Directory tenant The service requires an Azure AD tenant that provides an Identity and Access Management (IAM) control plane for the Azure resources that are part of the solution. Each Azure AD tenant uses the multi-tenant Microsoft Entra Verified ID service, and it issues a single DID document representing the verifier. If you have multiple relying parties using your verification service, they all use the same verifier DID. The verifier DID provides pointers to the public key that allows subjects and issuers to validate messages that come from the relying party. Azure Key Vaul
Microsoft,techmindfactory,,,Daniel Krzyczkowski,,,,,,Azure Active Directory VCs - preview introduction,"Once I discovered that documentation is available, I decided to create a small proof of concept. I have configured Verifiable Credentials accordingly todetails in the documentationI have an existing Azure AD B2C tenant so it was much easier because users have to sign in first before they can be issued a verifiable credential.","Azure Active Directory Verifiable Credentials - preview introduction Introduction Azure Active Directory Verifiable Credentials are now in a public preview mode (at the moment of writing this article). You can visit the official page to read more. On this website, you will find all the details about how to start using Verifiable Credentials with Azure Active Directory. There is also great documentation with all details required to set up Verifiable Credentials in your own Azure Active Directory tenant. Small proof of concept Once I discovered that documentation is available, I decided to create a small proof of concept. I have configured Verifiable Credentials accordingly to details in the documentation. I have an existing Azure AD B2C tenant so it was much easier because users have to sign in first before they can be issued a verifiable credential. In this short article, I decided to share the result (I do not want to write another documentation, because the one provided by the Azure AD Team is great) and confirm that this concept works as expected! Modified website with QR codes to issue Verifiable Credentials Below I present modified node.js application which is used to display QR codes: Verifiable Credentials in the Microsoft Authenticator App Below I the user experience in the Microsoft Authenticator App: Confirmed DID in the Identity Overlay Network (ION) Once I created my Verifiable Credential, I verified that it can be found and verified in the ION network. You can read more about it here. Summary In this article, I briefly presented proof of concept related to Verifiable Credentials using Azure Active Directory. In the future, I plan to prepare the blog post series and describe concepts and implementation in detail. If you want to read more about Azure Active Directory Verifiable Credentials, please check this documentation.",https://techmindfactory.com/azure-ad-verifiable-credentials-intro/,,Post,,Product,,,,,,Entra,,2021-04-07,,,,,,,,,,,,,
Microsoft,Microsoft,,ID Standards Blog,Ankur Patel,,,,,,Expanding the public preview of verifiable credentials,"more than 1,000 enterprises with premium subscriptions have issued and verified tens of thousands of verifiable credentials […] from remote onboarding at work, collaboration across business boundariesas well as enabling education beyond the campus[...] we are extending the public preview […] for all Azure Active Directory (Azure AD) Free and Premium users.",,https://techcommunity.microsoft.com/t5/azure-active-directory-identity/expanding-the-public-preview-of-verifiable-credentials/ba-p/3295508,,Post,,Product,,,,,,,Verifiable Credentials,2022-05-04,,,,,,,,,,,,,
Microsoft,Personal,,,Damien Bowden,,,,,,Implement Compound Proof BBS+ verifiable credentials using ASP.NET Core and Mattr,This article shows how Zero Knowledge Proofs BBS+ verifiable credentials can be used to verify credential subject data from two separate verifiable credentials implemented in ASP.NET Core and Mattr. The ZKP BBS+ verifiable credentials are issued and stored on a digital wallet using a Self-Issued Identity Provider (SIOP) and OpenID Connect. A compound proof presentation template is created to verify the user data in a single verify,,https://damienbod.com/2021/12/13/implement-compound-proof-bbs-verifiable-credentials-using-asp-net-core-and-Mattr/),,Post,,Product,,,,,,,,2021-12-13,,,,,,,,,,,,,
Microsoft,Microsoft,,ID Standards Blog,,,,,,,Microsoft Entra Verified ID now generally available,"Customers rely on Azure AD to secure access to corporate resources. However, enabling use of credentials for utility beyond the company (e.g. prove employment for bank loan) is complex and comes with compliance risk. In contrast, identity documents from our everyday lives, like a driver’s license or passport, are well suited for utility beyond travel (e.g. age or residency). We believe an open standards-based Decentralized Identity system can unlock a new set of experiences that give users and organizations greater control over their data—and deliver a higher degree of trust and security for apps, devices, and service providers. ",,https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/microsoft-entra-verified-id-now-generally-available/ba-p/3295506,,Post,,Product,,,,,,Entra,,2022-08-08,,,,,,,,,,,,,
Microsoft,Microsoft,,ID Standards Blog,,,,,,,Towards scalable decentralized identifier systems,"Today, we’re announcing an early preview of a Sidetree-based DID network, called ION (Identity Overlay Network) which runs atop the Bitcoin blockchain based on an emerging set of open standards that we’ve developed working with many of our partners in the Decentralized Identity Foundation. This approach greatly improves the throughput of DID systems to achieve tens-of-thousands of operations per second",,https://techcommunity.microsoft.com/t5/azure-active-directory-identity/toward-scalable-decentralized-identifier-systems/ba-p/560168,,Post,,Product,,,,,,,"DID,Verifiable Credentials",2019-05-13,,,,,,,,,,,,,
Microsoft,Microsoft,,ID Standards Blog,Pamela Dingle,,,,,,Why does standards certification matter?,"It’s a good month for identity certification at Microsoft! We are excited to have achieved two important goals: OpenID Certification for Azure Active Directory and also FIDO Certification for Windows 10. You may or may not know what these particular protocols do, but even if you don’t, it’s worth talking about what these certification programs accomplish.","It’s a good month for identity certification at Microsoft! We are excited to have achieved two important goals: OpenID Certification for Azure Active Directory and also FIDO Certification for Windows 10. You may or may not know what these particular protocols do, but even if you don’t, it’s worth talking about what these certification programs accomplish. The goal of certification in the standards world is to ensure conformance to protocols. In FIDO Certification, the tests are both physical and digital; for example, authenticators must prove that they are storing keys and secrets in a secure environment, such as a trusted platform module (TPM), and that the secure environment can only be used when a user gesture is performed. Resistance to physical attacks, such as side-channel attacks, must be demonstrated, as well as protocol conformance. A third party performs this certification, with the goal that anyone who uses a certified product can have reasonable confidence that the solution hasn’t cut any corners. The OpenID Certification is a different beast from FIDO Certification. Because OpenID Connect is a web protocol, there are fewer hidden parts; it’s easier for anyone to inspect and validate the protocol messages exchanged. The OpenID Certification process is therefore lighter weight and uses self-certification. With self-certification, those seeking certification run their own tests. The results of those tests are then published for scrutiny by all. In this case, the certifying organization is putting their reputation on the line. It isn’t a third party that claims adherence, it’s the owner of the implementation themselves. While those organizations could lie, most prioritize their reputation over any short-term gain that could come from misrepresentation. A lot of developers have been successfully using the OpenID Connect with the Microsoft Identity Platform for years, so what’s the big deal? There are a couple of reasons why it matters. First, certification enables third-party vendors who are completely platform-agnostic to develop with confidence. This gets us closer to a world that requires as little custom connectivity as possible. Second, these tests sometimes catch things! The simple assurance of knowing that the development team has worked through all the edge-cases is valuable, even for established platforms. If you go back a decade to when security assertions markup language (SAML) implementations were being certified, certification was highly formalized, took a long time, and cost a lot of money. We have iterated on that pattern with OpenID Connect, creating a lightweight and more inclusive practice. I don’t think this is the final frontier for certification, however. I believe that we will see the kinds of standards that lend themselves to automation evolving towards inline “test-driven” certification, where simple checks are performed by underlying layers as part of everyday software design lifecycle. Indeed, some projects are already using the OpenID Certification test suite in that way. Whether the tests are automated, manual, or process-driven, at the end of the day, the goal is to ensure that what is promised on the outside matches what is implemented on the inside. It takes a lot of time and attention to faithfully implement protocols and certify those implementations, but the effort is worth it. Congratulations to our engineering teams on both of our certification achievements!",https://techcommunity.microsoft.com/t5/identity-standards-blog/why-does-standards-certification-matter/ba-p/638937,,Post,,Product,,,,,,,"Open
Microsoft,Microsoft,,,,,,,,,Azure Active Directory Verifiable Credentials,Verifiable credentials help you build solutions that empower customers to manage their own data.,,https://learn.microsoft.com/en-us/azure/active-directory/verifiable-credentials/,,Product,,Product,,,,,,AzureAD,,2022-07-08,,,,,,,,,,,,,
Microsoft,Microsoft,,,,,,,,,Decentralized identity,Discover the open standards-based solution for verified digital identity that gives people more control and convenience.,,https://www.microsoft.com/en-us/security/technology/own-your-identity,,Product,,Product,,,,,,,,2019-06-18,,,,,,,,,,,,,
Microsoft,Microsoft,,Azure,,,,,,,Azure Documentation,Find the languages and tools you need to develop on Azure.,,https://learn.microsoft.com/en-us/azure/?product=popular,,Documentation,,Product,,,,,,,,2023-02-25,,,,,,,,,,,,,
Microsoft,Microsoft,,,,,,,,,Microsoft Entra Verified ID. Verify once. Use everywhere,"Strengthen security and reduce costs with Microsoft Entra<br>Hear Joy Chik, Microsoft Corporate Vice President for Identity, share the latest identity and access announcements in governance, workload identities, strong authentication, and new tools for upgrading from Active Directory Federation Services (AD FS) to Azure AD.","Strengthen security and reduce costs with Microsoft Entra Hear Joy Chik, Microsoft Corporate Vice President for Identity, share the latest identity and access announcements in governance, workload identities, strong authentication, and new tools for upgrading from Active Directory Federation Services (AD FS) to Azure AD. Start your decentralized identity journey Enable more secure interactions with Verified ID, the industry-leading global platform from Microsoft. Quickly onboard employees, partners, and customers Digitally validate information with ID verification providers to ensure trustworthy self-service enrollment and faster onboarding. Access high-value apps and resources Quickly verify an individual’s credentials and status to grant least-privilege access with confidence. Provide self-service account recovery Replace support calls and security questions with a streamlined self-service process to verify identities. Work with a Microsoft Partner Ensure a smooth and secure verifiable credential experience, made possible by Microsoft partnerships with leading identity verification providers. Verified ID capabilities Help people control their digital identity Based on open standards, Verified ID automates verification of identity credentials and enables privacy-protected interactions between organizations and users. How customers are using Verified ID Verified ID is currently available for free.* - Verify and issue workplace credentials, education status, certifications, or any unique identity attributes. - Empower your users to own and control their digital identity for improved privacy. - Reduce organizational risk and simplify the audit process. - Provide developers with a seamless way to create user-centric, serverless apps. Start your decentralized identity journey by enabling Verified ID for free in the Microsoft Entra admin center. Quickly onboard and begin issuing and verifying credentials for customers by implementing Verified ID with one of our partners. *Microsoft Entra Verified ID is included with any Azure Active Directory subscription, including Azure AD Free. Related Microsoft Entra products Microsoft Entra Permissions Management Monitor permissions risks across your multicloud infrastructure. Azure Active Directory Help safeguard your organization with the Microsoft Entra identity and access management solution that connects people to their apps, devices, and data. Documentation and training Learn more about decentralized identity Reduce risk and empower people to own and control their identity data. Key technical concepts Understand digital direct presentation, verifiable credentials, and decentralized identifiers. Developer guide Create serverless apps that store data with users through the Microsoft verifiable credentials platform. Implementation partners Accelerate your decentralized identity transformation with help from our world-class partners.",https://www.microsoft.com/en-us/security/business/identity-access/microsoft-entra-verified-id,,Product,,Product,,,,,,,Verifiable Credentials,2023-01-01,,,,,,,,,,,,,
Microsoft,Microsoft,,Azure,,,,,,,DID Project - Azure Websites,"Verify once, use everywhere. Join our list and we'll let you know when our Public Preview is ready.","Verify once, use everywhere Join our list and we'll let you know when our Public Preview is ready.Get Notified Faster onboarding, even remote Digitally validate any piece of information with ID verification services for trustworthy self-service enrollment and faster onboarding. Secure access to apps Verify credentials from a wide variety of trusted partners based on open standards. Self-service account recovery Replace support phone calls and security questions with a simpler, more secure process to verify their identity. Start issuing and accepting verifiable credentials in minutes With Azure AD verifiable credentials you can verify anything while respecting privacy. Digitally validate any piece of information about anyone and any business. Customer Stories Keio University Keio University is a leading research university in the process of implementing digital Student IDs to certify enrollment for eligibility and recruiting.Learn more > National Health Service The National Health Service (NHS) in the UK is using verified credentials to support staff movement between NHS organizations, allowing staff to hold their own verified record of their employment, clearance, and other attributes on their smartphone.Learn more > Government of Flanders Citizens will be able to request a verifiable credential with citizenship status across civic and private sector, including the citizen portal.Learn more >",https://didproject.azurewebsites.net,,Project,,Product,,,,,,,"DID,Verifiable Credentials",2021-01-01,,,,,,,,,,,,,
Microsoft,Microsoft,,ID Standards Blog,Pamela Dingle,,,,,,"All about FIDO2, CTAP2 and WebAuthN","To understand how FIDO2 authenticators work, you need knowledge of two specifications in two different standards bodies. The WebAuthentication (aka WebAuthN) spec lives at W3C (where the browser makers meet) while the Client-to-Authenticator (aka CTAP2) spec lives at the FIDO Alliance (where hardware and platform folks have joined to solve the problem of Fast IDentity Online).","This is a great week to be working in Identity Standards, as we at Microsoft celebrate the release of our first ever WebAuthN Relying Party. This one relying party enables standards-based passwordless authentication at Xbox, Skype, Outlook.com and more. But what are the actual pieces of the puzzle and how do they fit? Read on for the big picture of how the W3C WebAuthN and FIDO2 CTAP2 specifications interact. We will start with the industry standards perspective, and then at the end we will summarize how Microsoft implements the various roles. To understand how FIDO2 authenticators work, you need knowledge of two specifications in two different standards bodies. The WebAuthentication (aka WebAuthN) spec lives at W3C (where the browser makers meet) while the Client-to-Authenticator (aka CTAP2) spec lives at the FIDO Alliance (where hardware and platform folks have joined to solve the problem of Fast IDentity Online). The Big Picture CTAP2 and WebAuthN define an abstraction layer that creates an ecosystem for strongly authenticated credentials. Any interoperable client (such as a native app or browser) running on a given “client device” can use a standardized method to interact with any interoperable authenticator – which could mean a platform authenticator that is built into the client device or a roaming authenticator that is connected to the client device through USB, BLE, or NFC. Authenticators securely create and locally store strong cryptographic keys at the request of clients, under the condition that the user must consent to the operation via the performance of a ‘user gesture’. Once these client-specific keys are created, attestations can be requested and sent to the clients for the purposes of registration and authentication; the type of signature performed by the private key reflects the user gesture performed. When CTAP and WebAuthN are drawn, it looks something like the picture below. The light blue dotted arrows are light blue and dotted because the exact way in which platform APIs are exposed to clients is an implementation choice. The cast of characters in a combined WebAuthN/CTAP2 dance are: Relying Parties & Clients Relying parties are web or native applications that wish to consume strong credentials. In the native case, the relying party running on the client device can also act as a WebAuthN client to make direct WebAuthN calls. In the web case, the entity that wants to consume the credential cannot directly interact with the WebAuthN API, and so must broker the deal through the browser. Do not confuse FIDO relying parties with federated relying parties, there is no single sign-on in the above picture. Client Device The client device is the hardware hosting a given strong authentication. Laptops and phones are examples of client devices. Platform Authenticator A platform authenticator is usually resident on a client device and cannot be accessed via cross-platform transport protocols such as USB, NFC or BLE. Examples of platform authenticators include built-in laptop fingerprint readers or facial recognition using smartphone cameras. Roaming Authenticator A roaming authenticator can connect to multiple client devices, and interaction must be negotiated over a supported transport protocol. Examples of roaming authenticators might include USB security keys, BLE-enabled smartphone applications, or NFC-enabled proximity cards. Authenticators may support CTAP1, CTAP2, or both protocols. CTAP2 Platform/Host The platform (also called the host in the CTAP2 spec) is the part of the client device that negotiates with authenticator
Microsoft,Personal,,,Damien Bowden,Trinsic; Mattr; Evernym,,,,,Challenges to Self Sovereign Identity,"Authentication using SSI credentials would have to same level of security as the authenticator apps which you have for existing systems. This is not as safe as using FIDO2 in your authentication process as FIDO2 is the only solution which protects against phishing. The SSI Authentication is also only as good as the fallback process, so if the fallback process, recovery process allows a username or password login, then the level would be passwords.<br>","The article goes through some of the challenges we face when using or implementing identity, authentication and authorization solutions using self sovereign identity. I based my findings after implementing and testing solutions and wallets with the following SSI solution providers: Blogs in this series: - Getting started with Self Sovereign Identity SSI - Creating Verifiable credentials in ASP.NET Core for decentralized identities using Trinsic - Verifying Verifiable Credentials in ASP.NET Core for Decentralized Identities using Trinsic - Create an OIDC credential Issuer with Mattr and ASP.NET Core - Present and Verify Verifiable Credentials in ASP.NET Core using Decentralized Identities and Mattr - Verify vaccination data using Zero Knowledge Proofs with ASP.NET Core and Mattr - Challenges to Self Sovereign Identity - Create and issue verifiable credentials in ASP.NET Core using Azure AD - Implement Compound Proof BBS+ verifiable credentials using ASP.NET Core and Mattr History 2021-12-11 Added video explaining SSI phishing 2021-10-31 Updated phishing section after feedback. SSI (Self Sovereign Identity) is very new and a lot of its challenges will hopefully get solved and help to improve identity management solutions. Some definitions: - Digital Identity: This is the ID which represents a user, for example an E-ID issued by the state, this could be a certificate, hardware key, verifiable credential etc. - Identity: This is the user + application trying to access something which usually needs to be authenticated when using a protected user interactive resource. - Authentication: verifying the “Identity” i.e. application + user for user interactive flows. - Authorization: verify that the request presents the required credentials, specifying access rights/privileges to resources. This could mean no verification of who or what sent the request, although this can be built in with every request if required. Solutions exist for this in existing systems. The following diagram from the Verifiable Credentials Data Model 1.0 specification shows a good overview of verifiable credentials with issuers, holders and verifiers. The holder is usually represented through a wallet application which can be any application type, not just mobile applications. Level of security for user interaction authentication with SSI Authentication using SSI credentials would have to same level of security as the authenticator apps which you have for existing systems. This is not as safe as using FIDO2 in your authentication process as FIDO2 is the only solution which protects against phishing. The SSI Authentication is also only as good as the fallback process, so if the fallback process, recovery process allows a username or password login, then the level would be passwords. See this post for more details: The authentication pyramid Authentication Issuer The authentication process is not any better than previous systems, every issuer needs to do this properly. Trust quality of the issuer depends on this. If a verifier wants to use verifiable credentials from a certain issuer, then a trust must exist between the verifier and the issuer. If the issuer of the credentials makes mistakes or does this in a bad way, then the verifier has this problem as well. It is really important that the credential issuer authenticates correctly and only issues credentials to correctly authenticated identities. SIOP (Self-Issued OpenID Provider) provides one solution for this. With this solution, every issuer requires
Microsoft,XT Seminars,,,,,,,,,Introduction to the future of identity - DIDs & VCs,"In this blog, I want to start by thinking about identity in general and then explaining Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs). I will show you how you can issue your own DIDs and VCs using the new Microsoft service in future blogs. This series' final blog will look at how DIDs can be anchoPred in decentralized transaction ledgers using ION and the Bitcoin blockchain.","Update 02 March 2022: Please read the introduction to see what's changed. Part 2 and beyond are new content. Part 1 in the series With the Microsoft Azure AD Verifiable Credentials (VCs) issuer service available in your tenant, it's time to understand what VCs are and how they work with Decentralized Identifiers (DIDs). VCs and DIDs provide a new paradigm for identity, a true step into the future. In this blog, I want to think about identity in general and then explain Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs). There are four blogs in the series, and by following the four blogs, you will learn how to issue your own DIDs and VCs using the new Microsoft service. When I originally started writing this series of blogs, Microsoft provided an SDK and libraries that could be incorporated into an application to request the issuance and presentation of VCs. The libraries coded the cryptographic functions required to support VCs. Microsoft replaced the need for the libraries by implementing APIs to generate the necessary issuance and presentation requests. The APIs are also used for VC validation. The APIs are the recommended way of working with VCs, and the SDK became depreciated at the end of 2021. I have now published three new blogs which show how the Microsoft Request Service REST API is used. This first blog has not changed very much (apart from the intro), but blogs two, three and four are new. The blogs in the series are: 1. Introduction to the future of identity - DIDs & VCs (this one) 2. Issuing and verifying Verifiable Credentials with the Microsoft Azure AD services 3. How to run the Microsoft Azure AD Verifiable Credentials sample app 4. Creating your own Azure AD Verifiable Credentials Blog 4 will be published on 04/03/2022. By the end of blog 4, you will be issuing your own VCs with claims taken from different sources For now, read on for an introduction to DIDs and VCs. Let's start by considering the question What is identity and access control? Identity is about knowing who someone is; the user is identified when they are authenticated. Access control manages access to resources based on the individual's credentials. I've used the term credential to refer to ""known"" information about the user. Traditionally an individual's credentials have been set by the systems that authenticate the user and/or control access to a resource. Identity and access control could be governed by a single entity, such as a website authenticating users via its own accounts database and controlling access to the site's resources. Alternatively, a central identity provider (IdP) can authenticate the user, and individual resources implement access control based on the user's credentials. If our systems use industry-standard authentication protocols such as SAML or OpenID Connect / OAuth 2.0, one organization can manage the authentication and another organization control access to the resources. This is a federated solution, and there are many industry players providing enterprise Identity and Access Management (IAM) services including, Microsoft, Okta, OneLogin, Ping Identity. These enterprise IAM services are full-featured, allowing an organization to manage their own users and application access. In addition to the enterprise IAM services, there is a range of consumer identity services such as Google(Gmail), Microsoft(MSA), Amazon, and Facebook. These consumer services allowing self-service sign up for the core service, for example, Gmail. However, they also provide federated sign-in for any resources that are configured to trust the IdP
Microsoft,Microsoft,,ID Standards Blog,Pamela Dingle,,,,,,"To Understand WebAuthN, Read CredMan",take a cruise through the W3C Credential Management (aka CredMan) specification first. CredMan sets up the object model for the Credential object model that WebAuthN's PublicKeyCredential extends.,"The holidays are well and truly over, time to get serious - now is the perfect time to read specifications! If you are planning to read the WebAuthN specification, you can ease into the terminology in a simple way - take a cruise through the W3C Credential Management (aka CredMan) specification first. CredMan sets up the object model for the Credential object model that WebAuthN's PublicKeyCredential extends. This post will be an overview of the CredMan spec, geared for folks who want to call the API as clients, not for those few and proud who are tasked with implementation of the API within a user agent. #IdentityStandards CredMan Base Definitions CredMan unsurprisingly centers on the concept of a Credential. Actions on Credentials are requested by a relying party using JavaScript and fulfilled by a user agent (generally a browser). Credentials can be created stored, retrieved for validation by a relying party and so on. In addition to actions, CredMan defines standardized dictionaries that communicate context. Note that the CredMan API itself does not use the term ‘relying party’ but instead refers to a developer that would write code using the navigator.credentials JavaScript control. Since we are identity architects, we will assume that developed code is deployed and running as a service at a specific origin and that the developed code will call the CredMan API as part of user registration and authentication activities. The CredMan API defines three actions (and an object constructor): Initialize - Credential objects are instantiated with an id and type. Additional parameters can be specified by populating the CredentialData data dictionary. create() - The relying party instructs the user agent to make a new credential, based on parameters from the CredentialCreationOptions data dictionary. In the base definition the CredentialCreationOptions data dictionary is empty. get() - The relying party instructs the user agent to retrieve an existing credential, based on parameters in the CredentialRequestOptions data dictionary. In the base definition, CredentialRequestOptions contains the mediation parameter: it allows a relying party to instruct the user agent whether it must, may, or must not interact with the end user to gain explicit consent for the action. The mediation default value is ‘optional’, meaning that the relying party leaves the decision up to the user agent. store() - The relying party instructs the user agent to directly save an already instantiated credential object – for example a credential that might have been returned via a get() call and subsequently altered. In addition to the task-specific actions and data dictionaries noted above, one data dictionary is defined that can be optionally added to any of the other dictionaries: CredentialUserData - Describes human-friendly information that the user agent could pass on to help a user properly identify a credential. The base values include a name and an icon URL. User Mediation CredMan defines an action as user mediated if the action “takes place after gaining a user’s explicit consent”. Choosing an account from a credential chooser during a get() or confirming storage of a credential both count as user-mediated actions. Origin-bound credentials require user mediation by default, meaning that user agents must interact with the user in some decision-oriented way before taking actions like storing or retrieving credentials – however in the interests of creating a user experience that is contextually intelligent, options exist to change the circumstances where user mediation takes place: - A user agent might offer to persist consent for ongoing use of a credential. In this case, access is considered to be “silent” and the action is considered u
Microsoft,Microsoft,,ID Standards Blog,Pamela Dingle,,,,,,Why WebAuthN will change the world,"With WebAuthN, any web entity can call a simple Javascript API and ask for a cryptographically secure credential. What happens next is pretty cool – the world’s browsers have worked with the world’s operating system makers and the world’s hardware manufacturers, so that when a website asks for a credential, the browsers work with the underlying platform to securely locate compliant local hardware and talk to it!","A little over a month ago, W3C WebAuthN became a real internet specification. Most of you don’t know what WebAuthN is yet, but many of you will feel the impact in short order. In fact, I will go so far as to say that WebAuthN may change how we all authenticate to the resources we use every day. We live in a world where the best parts of our individual local hardware and software collection are rarely leveraged to make cloud security decisions. This is because there has never been a vendor-agnostic and privacy-preserving way for cloud resources to interact with individual hardware configurations in any generic way. Until now! With WebAuthN, any web entity can call a simple Javascript API and ask for a cryptographically secure credential. What happens next is pretty cool – the world’s browsers have worked with the world’s operating system makers and the world’s hardware manufacturers, so that when a website asks for a credential, the browsers work with the underlying platform to securely locate compliant local hardware and talk to it! All of a sudden, there is a way for all the devices close to us to speak for us. Whether it is my fitness device, a built-in fingerprint reader, a soft token or a roaming security key, we now have credible alternatives for passwords, because the very proximity of my device makes it hard for an attacker to subvert, my devices need to be either built-in, plugged in, or wirelessly connected. The ratification of WebAuthN is only a first step. While we have agreement on how we can leverage what is locally connected, deployment is still ongoing and it will take time for all the pieces to be available in a way that can be used anywhere, by anyone. One day, your individual collection of devices will form a flexible, recoverable set of ‘authenticators’ that make it very easy for you to get to your cloud resources. We won’t overwhelm you with technology, but rather use what you already keep with you every day. The most amazing thing about WebAuthN (and companion specs also ratified at the FIDO Alliance) is how many different companies have had to form consensus before this specification could exist. It has been seven years of debate, proposals, interops, working group meetings, editorial tweaks, liaison work with other specifications, evangelism and working code to get us where we are. Whatever happens, keep an eye out for W3C WebAuthN and FIDO2. And raise a glass to your neighborhood standards engineer, they deserve it. Cheers, and congratulations on your ratification, W3C WebAuthN and FIDO2 CTAP2!",https://techcommunity.microsoft.com/t5/identity-standards-blog/why-WebAuthN-will-change-the-world/ba-p/482286,,Post,,Standards,,,,,,Javascript,WebAuthN,2019-04-19,,,,,,,,,,,,,
MyDex,,MyDEX,,William Heath,,"United Kingdom, England, London",Europe,,,MyDex,"When Mydex came into being in 2007, its founders made a number of important decisions — these decisions are what make Mydex remain unique even in today's blossoming Personal data ecosystem. It had to be free to individuals for life, the data had to be under their control, and Mydex as a company had to be self-sustaining and protect its core values. These prerequisites guided the evolution of Mydex: a Community Interest Company, a Social Enterprise and its range of trust platform services for citizen controlled storage and exchange of Personal data, identity and engagement, in a safe, secure and easy manner. We are working to improve outcomes for individuals and organisations alike.","Mydex CIC helps individuals and service providers improve their handling of Personal data. Our Personal data stores equip individuals with tools to collect, store, use and share their data to manage their lives better. They also help bona fide service providers reduce data processing costs, improve service and innovate. As a Community Interest Company we are legally committed to pursuing our mission of empowering individuals with their data. We are currently helping individuals and service providers use Personal data to better manage chronic health conditions, access debt advice, improve independent assisted living and assure identities. We are working with governments, local councils and communities to improve access to and increase the value delivered from public services. We plan to do much, much more.",https://mydex.org/,,Company,,Company,Enterprise,,,Personal Data,,,,2008,,https://twitter.com/MydexCIC,https://www.youtube.com/user/Mydexcic,https://medium.com/mydex,https://medium.com/mydex,,https://www.crunchbase.com/organization/mydex,,,,,,
MyDex,MyDex,,Medium,,,,,,,A critical fork in the data road?,"In its discussion of data portability the EU rightly recognises the economic importance of this issue, stressing that “market imbalances arising from the concentration of data restricts competition, increases market entry barriers and diminishes wider data access and use.”","A critical fork in the data road? We have been talking with the EU about some research they are doing into the role of ‘smart contracts’ in data portability. We won’t go into the details of that particular discussion here, but it raised some bigger questions that we think are worth sharing. This is an edited version of a document we sent them. Is the EU discussion about data portability missing a key point? In its discussion of data portability the EU rightly recognises the economic importance of this issue, stressing that “market imbalances arising from the concentration of data restricts competition, increases market entry barriers and diminishes wider data access and use.” However, the way it has framed the issue of ‘control’ of Personal data renders the biggest breakthrough opportunities for economic transformation — in productivity, service quality and innovation — largely invisible. Hidden in the details of data portability lies the potential for organisations to deposit ‘verified attributes’ or ‘verified credentials’ in individuals’ Personal data stores (sometimes called ‘wallets’). These verified attributes confirm data that has been carefully checked about individuals. Because they are cryptographically secure, they cannot be tampered with. When verified attributes are deposited in individuals’ Personal data stores, it becomes possible for individuals to bring this pre-verified data with them to their dealings with other service providers. These other service providers can rely on this data without having to regenerate it or check it. This process greatly speeds up completion of data-driven tasks and eliminates friction, effort, risk and cost from every step of Personalised service provision across every service dealing with individuals, including public administration, financial services, health, education, retail, transport, media and leisure. The closest economic parallel to this is the productivity revolution ushered in by Henry Ford’s moving assembly lines for the production of automobiles. Verified attributes are the standardised parts of service provision and Personal data stores are the assembly lines. Ford reduced the costs of making a car by over 90%. Similar productivity breakthroughs in service provision are being made possible by the portability of verified attributes. In addition, the ability to make individuals the point at which information about themselves is gathered is creating powerful new-to-the-world person-centric data assets. Currently, individuals’ data is dispersed across the hundreds of different organisations that collect data about them. Enabling this data to be unified in the individual’s Personal data store, under the control of that individual, is creating a data source whose richness surpasses any data asset ever created — while fully protecting individuals’ privacy. The economic potential of these new person-centric data assets is immense. As long as these two opportunities — of verified attributes and of individuals as the point of integration of their own data — remain overlooked, EU discussions about data portability and ‘control’ over data risk missing the economic opportunities that could be opened up. Two meanings of ‘control’ In this context, it is crucial that the EU recognises there are two distinct and different meanings to the word ‘control’ as it relates to individuals ‘controlling’ their data. The first, very limited, meaning relates to individuals exercising more control over the data that organisations collect about them. The second, broader, more expansive meaning of control is individuals being able to collect, store, use and share their own data for their own pur
MyDex,MyDex,,Medium,,,,,National Data Strategy,,Achieving Change At Scale,"This is the third in a series of blogs providing edited extracts from Mydex CIC’s response to the UK Government [consultation around a new National Data Strategy](https://www.gov.uk/government/consultations/uk-national-data-strategy-nds-consultation). The first focused on [how to unleash the full potential of Personal data](https://Medium.com/MyDex/how-to-unleash-the-full-potential-of-data-3676db8d7c03), the second on why [every citizen should be provided with their own Personal data store](https://Medium.com/MyDex/how-to-unleash-the-full-potential-of-data-3676db8d7c03). This blog explains why this strategy can be quick and easy to implement.","Achieving Change At Scale This is the third in a series of blogs providing edited extracts from Mydex CIC’s response to the UK Government consultation around a new National Data Strategy. The first focused on how to unleash the full potential of Personal data, the second on why every citizen should be provided with their own Personal data store, common misconceptions that derail progress, and the scale of the social and economic opportunity. This blog explains why this strategy can be quick and easy to implement. To catch up on progress on our Macmillan My Data Store Pilot click here. In some peoples’ minds, the idea that every citizen should be provided with their own Personal data store generates visions of massively costly, risky and time-consuming IT projects that invariably overrun in terms of both time and money while failing to deliver their promises (the sad but common experience of many centralised Government IT projects). Providing individuals with their own Personal data store is not one of these projects. In fact, because it implements a completely different model, it avoids these problems. How to make it happen Providing every citizen with a Personal data store does not require a massively high cost, high risk IT procurement process. To the contrary, the strategy can be pursued in a way that minimises costs, risk and disruptions, and builds momentum incrementally. For example, the strategy identified by the Scottish Government: - Builds on what already exists. Organisations already hold huge amounts of data about citizens, including verified attributes. All they have to do is electronically share some of this data when requested. Providing individuals with Personal data stores does not stop organisations from collecting and using data to provide valuable services. Rather, it builds on their expertise and infrastructure to add a new, additional layer of capabilities and infrastructure. Verified Attributes are already used widely and frequently in the provision of public services. Citizens are already required to present proofs about themselves using documents provided by other parties (e.g. passport, driving licence, bank statement, official letter etc). Providing individuals with a Personal data store so that they can separately store and share Verified Attributes about themselves simply enables the same things to happen digitally, safely and securely in a more efficient manner. - Minimises risk and disruption. Providing individuals with a Personal data store does not require any significant changes to existing back office systems, or to organisations’ processes, culture, business models or operations. Personal data stores add a new connecting element that ‘joins the dots’ between previously separate data silos, where the Personal data stores acts as a node for citizen-controlled information sharing. This does not require the dots themselves to change what they do or how they operate. - Builds momentum automatically and incrementally Roll-out can proceed incrementally, taking one particular service at a time, allowing for a test-and-learn approach that builds momentum and impact over time. This avoids big leaps into the unknown. Incremental adoption can be built-in to small, additional process changes. For example, by minting digital copies of birth certificates during the certific
MyDex,MyDex,,Medium,,,,,,,AI: The Emperor’s New Clothes?,"One reason the UK Government wants to abolish citizens’ rights to data protection is to create conditions for Artificial Intelligence (AI) to blossom. This, it says, will “bring incredible benefits to our lives”.","AI: The Emperor’s New Clothes? One reason the UK Government wants to abolish citizens’ rights to data protection is to create conditions for Artificial Intelligence (AI) to blossom. This, it says, will “bring incredible benefits to our lives”. This third blog in our series prompted by the Government’s proposed reforms (‘Data: A New Direction’) examines the flaws in the Government’s arguments. - You need lots of data to ‘do’ AI. But it doesn’t have to be Personal data. It can, and should, be anonymised data. So there is no need to reform data protection law to promote AI’s potential. - Most of the hopes (and fears) pinned on AI, along with many of its mis-uses and abuses, stem from a basic misconception about what AI is. AI does not replicate or substitute for human intelligence. Calculation is not the same as perception. Computation is not the same as intelligence. The real power of AI comes from its ability to do things that humans can’t do, rather than replace what they can do. Unfortunately, the Government is compounding the misconceptions. We think AI has great potential … to do what it is good at. But in perpetuating misconceptions about AI, the Government risks compounding the damage done by mis-applications of AI’s potential while distorting policy decisions (including those relating to data protection law and investment priorities). This blog examines these misconceptions. AI and Personal data The Government is proposing to abolish citizens’ rights to data protection in all but name. Its main justification for doing so is the “incredible” benefits it believes AI will bring. But it does not need to ‘reform’ data protection law to realise these benefits. Many AI-based services such as driverless cars or automated online translation services don’t need any Personal data at all. Others, like facial and voice recognition, may generate new Personal data about the person whose face or voice it is but they don’t actually need Personal data to work. Yes, they need huge amounts of data to identify the patterns needed for recognition. But they don’t need to know whose faces or voices they are: they need anonymised data, not Personal data. Many other AI-based services such as medical diagnoses or predictive modelling also need huge amounts of data to generate their insights and predictions and often this data starts out as Personal data (e.g. about identifiable people). But again, AI does not need to know who these people are to work. The data can and should be anonymised. Of course, there are many technical questions relating to how data should be anonymised. Can it be easily de-anonymised, for example? But this doesn’t alter the underlying fact: these applications don’t need Personal data to work, so rules about the collection and use of Personal data aren’t relevant to it and shouldn’t be allowed to be made relevant by using Personal data when they shouldn’t. The only time when Personal data does become important is if an organisation acts on the outcomes of AI’s number crunching when dealing with an identifiable individual. But this has got nothing to do with AI itself. This is about service provision, when normal rules and safeguards relating to the use of Personal data in service provision should apply. In short, the Government’s proposals for data protection reforms as they relate to AI are without foundation. Misunderstanding AI Unfortunately, there’s more: the Government’s proposals are based on a definition of AI that is confused, at least partially wrong and potentially highly damaging. Here is how its ‘Data: A New Direction’ paper defines artificial intelligence. “The use of digital technology to create systems capable of performing tasks commonly thought to require i
MyDex,MyDex,,Medium,Alan Mitchell,,,,Data: A New Direction,,Data: A New Direction — But Which Direction?,This is the fifth and final blog in our series about the UK Government’s proposals for data protection reform — “Data: A New Direction”. Previous blogs focused on the thinking behind the proposals. This blog summarises what the main proposals are.,"Data: A New Direction — But Which Direction? This is the fifth and final blog in our series about the UK Government’s proposals for data protection reform — “Data: A New Direction”. Previous blogs focused on the thinking behind the proposals. This blog summarises what the main proposals are. Stated plainly, the UK Government is planning to end data protection rights for UK citizens. Reforms proposed in its paper Data: A New Direction would shift the core operating principle of data protection regulations from citizen protection (that Personal data shall only be collected by organisations “for specified, explicit and legitimate purposes”) to a new principle that organisations should have the right to build and maintain databases about citizens without their consent. This Briefing Paper shows how the Government is planning to achieve this radical ‘new direction’ for data. (Paragraphs 57 and 58 of the Consultation, around which this ‘New Direction’ pivots are reproduced in the Addendum.) Background The Government is taking the opportunity of Brexit to ‘reform’ data protection law. “Now that we have left the EU, we have the freedom to create a bold new data regime,” says the Minister in his introduction. The stated intention of this “bold new data regime” is to “usher in a new golden age of growth and innovation right across the UK”. This, to be achieved by creating “a better balance between protecting individuals and not impeding responsible data use” [Paragraph 59] — a ‘better balance’ that ends citizen data protection rights in all but name, replacing them with corporate rights instead. The Minister’s introduction states that “The protection of people’s Personal data must be at the heart of our new regime. Without public trust, we risk missing out on the benefits a society powered by responsible data use has to offer.” But the content of the actual proposals do the opposite. What the law currently says The core principle of existing GDPR data protection regulations is that Personal data shall only be “collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes”. A key supporting principle is that of data minimisation: that Personal data shall be “adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed”. There are six conditions for the lawful processing of Personal data but the two central ones are that: - the data subject has given consent to the processing of his or her Personal data for one or more specific purposes; - processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract; Conditions for lawful processing envisage situations where “processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party”. But these legitimate interests come with a ‘balancing test’ to test whether they should be “overridden by the interests or fundamental rights and freedoms of the data subject which require protection of Personal data”. What the UK Government is proposing On the grounds of addressing ‘consent fatigue’, the Government is proposing to: “create a limited, exhaustive list of legitimate interests for which organisations can use Personal data without applying the balancing test in order to give them more confidence to process Personal data without unnecessary recourse to consent.” [Paragraph 57] Paragraph 57 adds that “The processing would still have to be necessary for the stated
MyDex,MyDex,,Medium,,,,,,,Hidden in Plain Sight — the Transformational Potential of Personal Data,"Personal data stores apply the same economic logic to transform the costs of producing data driven services. [Verified attributes](https://Medium.com/MyDex/unleashing-the-potential-of-verified-attributes-fe001e01b091)are the digital equivalents of Henry Ford’s standardised parts. By enabling one organisation to instantly re-use data verified by another organisation they eliminate the need for vast amounts of duplicated effort and rework (re-creating each data point from scratch or checking its details, provenance etc).","Hidden in Plain Sight — the Transformational Potential of Personal Data This is the sixth and final in a series of blogs which provide edited extracts of key points made by Mydex CIC in its response to the UK Government consultation around a new National Data Strategy. This blog focuses on the scale of the economic (and social) opportunity — and why it is often overlooked. Previous blogs focused on how to unleash the full potential of Personal data, why every citizen should be provided with their own Personal data store, how to achieve these changes at scale, common misconceptions that derail progress and a review of the key components needed for the overall ecosystem to work. To catch up on progress on our Macmillan My Data Store Pilot click here. It’s odd to the point of bizarre, but it’s true. Today, there is endless hype about the enormous economic potential of data. That is why the UK Government is developing a National Data Strategy. Yet most debate (and therefore decision-making) about it demonstrates a deep misunderstanding of where this value lies and how it can be unleashed. For a National Data Strategy to be successful, it has to get its underlying economic logic right. Cost plus versus cost out Currently, nearly every Government proposal and policy relating to data (including Personal data) treats data as a corporate asset that the organisation has invested in. The organisation therefore needs to earn a return on this investment (it is assumed). Like any other product, data needs to be sold (or rented) for a margin. The entire focus is on measuring and the potential size of ‘the market for data’, the supposed value of different bits of data in this market, and how to enable this market to work better. It’s all about monetisation of data. At first glance, this seems logical. After all, if organisations have invested a lot of time and money creating data assets, it’s only sensible that they should find a way to cover these costs. What this misses, however, is the opportunity to take cost out of the system as a whole — to move it to a different cost baseline — where new ways of sharing and using data pay for themselves many times over without anyone having the need to sell or ‘monetise’ anything. Henry Ford’s mass production moving assembly line is a good example of the immense opportunities opened up by such system-wide ‘cost out’ approaches. Before the moving assembly line, cars were extraordinarily expensive items, made painstakingly by craftspeople who made each component separately. Because each component was hand made and therefore slightly different, to assemble them into a working machine, they had to re-work every component to make it fit. This required exquisite skill. The ability to do it well was a key source of the craftsperson’s added value. But it was also incredibly expensive. By relying on standardised components, Ford’s production lines eliminated the need for this rework. And by bringing each component to the worker when they needed it, his moving assembly line eliminated unnecessary time spent searching for, travelling to, or waiting for parts to arrive — thus reducing another layer of effort and speeding up outputs. When Henry Ford first experimented with his ‘cost out’ moving assembly line, people were astonished by the efficiency gains it delivered. Before the experiment, it took 29 workers 15 minutes to make a magneto (which hel
MyDex,MyDex,,Medium,,,,,,,Misconceptions that Kill Progress in Personal Data,"It is not possible to make good policy decisions about priorities for investments, grants, innovation and research projects or rules and regulations if the grounds for these decisions are faulty. Currently, effective policy making is hampered by widespread misunderstandings about where the biggest economic opportunities lie, the nature of issues such as control, and the role of citizens in the workings of the data economy.","Misconceptions that Kill Progress in Personal Data This is the fourth in a series of blogs which provide edited extracts of key points made by Mydex CIC in its response to the UK Government consultation around a new National Data Strategy. This blog focuses on common misconceptions that need to be addressed if we are to progress. Previous blogs focused on how to unleash the full potential of Personal data, on why every citizen should be provided with their own Personal data store, how to achieve these changes at scale, and the sheer size of the social and economic opportunity. To catch up on progress on our Macmillan My Data Store Pilot click here. It wasn’t so long ago that sober, intelligent, responsible adults believed the sun orbited the earth, that if you were ill the best cure was to have a leech suck your blood, and that it was the right thing to do to hunt and burn witches at the stake. They also gave patronage to alchemists and astrologists who claimed they could turn lead into gold and foretell futures. These conventional wisdoms were deeply and dangerously wrong, but the majority of the great and good went along with them without a second thought. If everybody believes it, it must be true. Right? Something similar is happening with debates about Personal data today. Mydex CIC’s submission on the UK Government’s proposed National Data Strategy highlighted three areas where this is the case: a naive belief in the magic cure-all powers of ‘Big Data’ and artificial intelligence; confusion about what citizens ‘controlling’ their data really means; and whether citizens are actually capable of doing so. This blog summarises what we said on these issues. Beware AI hype Many narratives about a national strategy for data follow a familiar refrain. Artificial intelligence can gain much better insights from data and make much better decisions than human beings can. The opportunities are endless. To enable the analytics that will drive these insights we need to gather together as much data as possible. There is so much wrong with this trope that we will need to devote future blogs to it. But basically, it contains three core errors. - Claims for what AI can actually do are being wildly inflated. AI is good at solving certain types of problems (which require lots of computation and where judgements based on context or values are not required). But most of the important problems our society faces do not fit this specification. - By the nature of the processes needed to deliver AI, policies designed to promote it automatically favour existing data monopolies, thereby exacerbating the extreme imbalances of power and reward that already exist. - AI operates by crunching huge amounts of data. But when it comes to actually applying any insights or decisions generated to specific individuals, we hit a transition point. At this point we are no longer dealing with ‘big’ statistical data or (misnamed) artificial ‘intelligence’, we are dealing with specific bits of data about specific people: we are dealing with Personal data. This last point needs some elaboration. Economically speaking, by far the most important and valuable uses of Personal data do not derive from ‘insights’ derived from ‘analytics’. Businesses like Google and Facebook may loom very large in peoples’ consciousness, but their business models are organised around advertising, which accounts for less than 2% of all economic activity. The really big uses of Personal data lie elsewhere: in public administration, health, financial services,
MyDex,MyDex,,Medium,,DigitalScot,,,,,MyDex CCI on working with the Scottish Government,Over the past months Mydex CIC has been [working for the Scottish Government](https://blogs.gov.scot/digital/2020/10/01/digital-identity-scotland-a-beta-industry-event/) on a strategy for implementing and scaling a system of ‘smart entitlements’ for the citizens of Scotland.,"A Way Forward for Personal Data Over the past months Mydex CIC has been working for the Scottish Government on a strategy for implementing and scaling a system of ‘smart entitlements’ for the citizens of Scotland. The Smart Entitlements concept is very simple. Its goal is to create a common, easy approach for citizens to access public services that is consistent across multiple service providers. To achieve this, it provides citizens with the ability to store their Personal information in an Attribute (or Personal data) Store which they own and control. Using this Attribute Store, citizens are able collect, receive and keep verified data about themselves and subsequently allow its reuse (if relevant) when they seek to access or use other public services. Practically speaking, under the proposed system service providers would a) generate a secure electronic tokens that verify facts about a citizen (such as proofs of their address, age, disability or educational qualification), b) provide these tokens to citizens to be held safely in the citizen’s own attribute/Personal data store, so that c) citizens can share these tokens with other service providers, under their control, as and when they are needed. The benefits could be immense. - Citizens would have to spend much less time and effort trying to find, present and prove information — filling in endless forms — and would also find the process less stressful and yes, sometimes less humiliating. - Organisations could use the process to reduce unnecessary data processing, verification of data entered into forms, all the duplicated effort, and errors that come from forms, enabling them to do more with less. - And the Government itself would benefit from the creation of a safe, efficient, privacy-protecting data sharing infrastructure that would support its inclusive growth and wellbeing agenda, while providing it with the digital capabilities to respond to new situations as they arise — such as the COVID-19 pandemic. In a separate project we proved that, technically speaking, it is indeed feasible for service providers to generate verified attributes and for citizens to store them in an Attribute Store. (A ‘verified attribute’ is any piece of information about a person or performance that has been generated or checked by a responsible trustworthy body and made available to another party in such a manner as to be trustable as a specific attribute.) This approach is already being put into practice in other projects working with groups of organisations serving the same citizen. But is such an approach operationally feasible? Could it work at scale? And how to achieve that scale? A roadmap for success The good news is that we have identified a way to achieve all the above. It involves some technical things like creating metadata standards to make sure data is machine readable and to ensure clarity about levels of assurance about the data ( including descriptions of how the data was collected, created, protected and verified). But essentially, it boils down to identifying a good place to start (for example, focusing on attributes that are widely used by many services and are easy to mint and share) — and then getting on with it. Crucially, it is do-able, now. There are no critical technical, operational or legal obstacles stopping Scottish Government from being able to implement this approach with immediate effect which is why they are able to move ahead with their Beta Phase during 2021. The details of this approach are laid out in this report. But its core features are simple. First, Scottish Government agencies, departments and initiatives such as the National Entitlement Card, local authorities, h
MyDex,DigitalScot,,,,,,,,,MyDex is working with the Scotish Government,MyDex is a community interest corporation that has been working on building *real products in the real world*. They [wrote about the ongoing work](https://Medium.com/MyDex/proving-verified-attributes-work-3f9ca813d43f) enabling public sector organizations to give citizens verifiable attributes they keep in their own data stores and can prove to other parties without the issuing organization in the middle.,"Digital Digital Identity Scotland – Prototype draws to a close May 13, 2020 by Digital Identity Scotland No Comments | Category Digital Identity, Digital Public Services Mike Crockart, Delivery Lead for the Digital Identity Scotland Programme, provides an update as the work on a prototype draws to a close… “The pandemic and our country’s response has rightly dominated all of our lives in recent weeks. For many of us it has meant a change to where we are working; how we are working; what we are working on; and for some whether we are working at all. For Digital Identity, however, it has brought into sharp focus the potential benefits of an improved method for digitally proving identity or entitlements in a new world. Particularly where accessing services online may not only be the easiest but also the safest way to do so. As a result, we have continued our work – albeit remotely – and it has been an exciting time for the programme, building and testing an attribute-led approach to support simple, safe and secure access to public services. In partnership with Mydex CIC and DHI (Digital Health and Social Care Institute), we have successfully developed a fully working prototype, including linking a separate credential provider (Okta UK Ltd) as an example authentication service. This has proven the technical feasibility and provided ample opportunity for testing the usability of the proposed service. With Young Scot and Independent Living Fund as example Relying Parties, we developed associated user journeys and iterated based on user feedback. The goal is to simplify access to services and reduce tedious processes for users, for example, repeatedly providing Personal information that has been verified as accurate elsewhere, such as age or disability, whilst maintaining high levels of privacy and security. A key aim of the prototype was to test concepts with users. We wanted to know how they interpreted a Scottish Government branded authentication credential (registration/login) and if they understood that it is reusable across the whole of the Scottish public sector. We also introduced the concept of creating a citizen-controlled attribute store into which they could add verified information, and could then choose to share selected trusted facts about themselves with other organisations to speed up application processes. Our findings were that users broadly understood that the credential was reusable across services; users were familiar with 2-factor authentication via SMS and authenticator apps, though many regarded this as an inconvenience despite awareness of the benefits to security; and there was generally support for creating and using an attribute store. However, it became clear early on that we need to do more to explain the difference between facts asserted by users about themselves and facts verified as being true by a trusted third party. We will also work with users to understand how best to outline the benefits this will give them and service providers in speeding up their access while reducing the risk of their privacy or security being breached. The prototype has added a great deal of knowledge to the wider Digital Identity Programme around technical feasibility, usability and user perceptions. Our plan now is to conduct more user research with the prototype (which we will have access to for 12 months), testing and iterating associated wireframes. This will help us understand how best to convey the attributes model to users so they have full trust and confidence in using the service, particularly as to how it gives them full
MyDex,MyDex,,Medium,Alan Mitchell,,,,National Data Strategy,,Not Just Personal Data Stores,This is the fifth in a series of blogs which provide edited extracts of key points made by Mydex CIC in its response to the UK Government [consultation around a new National Data Strategy](https://www.gov.uk/government/consultations/uk-national-data-strategy-nds-consultation)This blog focuses on the main ingredients needed to unleash the full potential of Personal data — in addition to Personal data stores.,"Not Just Personal Data Stores This is the fifth in a series of blogs which provide edited extracts of key points made by Mydex CIC in its response to the UK Government consultation around a new National Data Strategy. This blog focuses on the main ingredients needed to unleash the full potential of Personal data — in addition to Personal data stores. Previous blogs focused on how to unleash the full potential of Personal data, why every citizen should be provided with their own Personal data store, how to achieve these changes at scale and common misconceptions that derail progress. To catch up on progress on our Macmillan My Data Store Pilot click here. If you’ve read the other blogs in this series you might think everything we’re saying boils down to a single recommendation “provide every citizen with their own Personal data store”. That’s definitely pivotal. But it’s not the whole story. Empowering citizens with their own Personal data stores only works in the context of a broader ecosystem, where other parties contribute other functions. Adding genuine Personalised value The most obvious of these is bona fide service providers, who use data to provide valued services. A Personal data store is a generic enabler; a piece of infrastructure. Every bona fide service provider is a domain expert in their particular field. That is why they exist. To provide their services they need to access and use the right data, and they need their own systems to do this. Personal data stores do not eliminate or replace existing organisation-centric systems. They add another complementary layer. We explore some of the implications of this here. A second obvious fact is that value isn’t generated by Personal data in isolation. Usually, it’s generated by making the right connections between and combinations of Personal and non-Personal data. A simple example: information about the weather is utterly imPersonal. But a weather service that provides a forecast for where I am right now, and where I intend to travel tomorrow may use Personal data to add value: my location and my future plans. Many of our problems today are created by providers of such services using the need to connect Personal with non-Personal data as an excuse to grab Personal data that they can monetise for other purposes. Manipulation of the content and presentation of privacy policies and terms and conditions for these ends has to stop. But the Personal data-driven connections and combinations are essential to ongoing value creation. This is generating the need for two important bits of enabling infrastructure: - ‘smart directories’ that create connections between the individual’s Personal data (my particular circumstances, interests, plans etc) and external data about the world out there, so that all possible extraneous noise is filtered out and only the right information is presented. This is the essence of data logistics: exactly the right information flowing to and from the right people at the right times. - ‘smart search’. Currently, search services are driven primarily by search term plus (perhaps) a tiny bit of filtering that a search engine conducts using information it has gathered about you. Usually, this filtering isn’t done to help you find what you want, but to herd you in the direction that is most profitable for the search engine. Smart search is a genuine service to the individual, using information about the individual that the individual is happy to volunteer (and only that information, almost certainly behind a shield of anony
MyDex,MyDex,,Medium,,,,,,,Public Spending: One Way to Solve Many Problems,"“We will identify where there may be shared interest, duplication or overlap in intended policy outcomes over multiple portfolios. Where there is, we will look to develop a more effective and efficient cross-government solution.”","Public Spending: One Way to Solve Many Problems Like most governments, the Scottish Government is currently going through the difficult process of deciding how to spend a shrinking amount of money on a growing list of problems. Given its “tight budgetary envelope”, says the Government’s Investing in Scotland’s Future paper “it is imperative that public spending is deployed as efficiently and effectively as possible” via policy interventions that help “maintain the affordability of public services over the Medium to long-term”. Within this context it is seeking to prioritise three things: - To support progress towards meeting poverty targets - To address climate change - To secure a stronger, fairer, greener economy Now, we would say it wouldn’t we? But it’s true (and it applies to almost any Government you can think of, not just Scotland). On every issue identified — whether it’s efficiency savings in public spending, maintaining the affordability of public services, tackling child poverty, addressing climate change, or securing a stronger, fairer, greener economy — one, single action could help address them all: building a Personal data logistics infrastructure that empowers citizens and enables the safe, efficient sharing of the data citizens and service providers need to access and provide public services. Guiding principles The Scottish Government says its approach to these challenges will be “heavily informed” by the principles of the Christie commission’s report on the future of public services, which says the Government should: - Empower individuals and communities - Integrate service provision - Prevent negative outcomes from arising - Become more efficient by reducing duplication and sharing services Providing each individual with their own Personal data store, which they can use to safely collect and store data about themselves, and share it under their control, would do all these. By enabling the right data to get to and from the right people and organisations at the right times, this citizen-empowering data infrastructure could radically reduce transaction costs for both citizens and service providers. It would both cut costs and enable service improvement. Let’s give a quick run through those key headline priorities. Improving service efficiencies In work previously done by Mydex CIC for the Scottish Government we showed how a system by which public service providers deposit ‘verified attributes’ (cryptographically secure tokens confirming facts about people) in their Personal data stores and that enables citizens to share this data as and when needed, could strip out huge amounts of friction, effort, risk and cost for both citizens and public services. In particular, it would help eliminate endemic duplication of effort (e.g. recreating or checking data that has already been generated and confirmed, or simply rekeying data that already exists) and errors caused by inaccurate or out of date data (including the cost of rectifying those errors). This system works like this. - Services holding different types of data about an individual deposit verified copies of this data in the individual’s Personal data store. - This data remains under the individual’s control in their PDS, and kept up to date and accurate via secure API link. 3. When the citizen needs to provide some of these data points to a different service provider they simply say ‘Yes’, and the data can flow accordingly — enabling them to bring their data with them to new service relationships, without having to fill in forms. Scottish Government has already formally recognised the power of this approach by deciding to establish its new Scottish Attribute Provider Service, which is based on these pr
MyDex,MyDex,,Medium,,,,,,,Deploying Personal Data Stores at Scale,"The big question now is how to enable this to happen at scale, safely, securely and efficiently. One key element of this is useful, easy-to-use interfaces, the taps and switches that mean people can use the infrastructure without having to think much about it.","DEPLOYING Personal DATA STORES AT SCALE An important change is beginning to sweep the world of Personal data. For many years, people have debated the question ‘what if individuals — e.g. citizens, customers — were able to assert genuine control over their own data?’ Now the debate is moving on to how to make this happen, at scale. Look at some recent developments. In recent weeks: - The UK Government’s proposed legislation to reform UK data protection laws, includes (amongst many less positive things) new provisions for data intermediaries including for “Personal information management systems, which seek to give data subjects more control over their Personal data.” - The UK Department of Culture Media and Sport’s latest paper on its new National Identity and Attributes Trust framework specifically mentions citizens being able to hold verified attributes in their own Personal data stores. - The Scottish Government’s proposed Scottish Attribute Provider Service includes a provision “where people can choose to save their Personal information securely to an individual ‘locker’ (a digital attribute store), in order to reuse when they wish to apply to other services”. - The UK Government via its Government Digital Service is to provide a One Log-in for Government which includes the concept of a Personal data store to enable citizen control over how their data is being shared across Government. Tom Read GDS Chief Executive Officer said that “One Log-in for government is currently the organisation’s most important piece of work.” - Scottish Government has just signed a contract with Mydex CIC to improve recruitment of citizens to participate in projects to co-design public services that ensures privacy via the use of its Inclued platform and Personal data stores.The UK NHS and BBC are now experimenting with Personal data stores for health and media consumption records In other words, multiple different parties and people are converging on the same solution — of providing citizens with their own Personal data stores — to solve multiple different problems. The big question now is how to enable this to happen at scale, safely, securely and efficiently. One key element of this is useful, easy-to-use interfaces, the taps and switches that mean people can use the infrastructure without having to think much about it. We’ve written about this here. But operational deployment as scale presents its own challenge. It’s one thing to build something in a lab to illustrate an idea’s potential. It’s quite another to make the transition to 24/7/365 operations, working at scale in the real world. Answering the question ‘how’ requires robust answers to many hard questions relating to infrastructure resilience, security, system architecture, governance, trustworthiness, business model and legal compliance. Here’s a checklist of these questions in a little more detail. Are its underlying design principles fit for purpose, robust and built to last? We talk about this issue in detail here. Is the individual’s data really secure? It’s very easy to make promises about data security, but very difficult to keep these promises permanently, especially when a system is operating at scale. Here are some of the safeguards that need to be built. - All data should be encrypted in motion and at rest - Distributed architecture: every PDS is separately and individually encrypted (which means the system is not creating a massive centralised database that becomes a honeypot for hackers) - No knowledge operations. Every individual should hold their own private key to their own data: the PDS operator does not have access to this private key, and cannot look into the Personal data stores it
MyDex,MyDex,,Medium,,,,,,,Design Principles for the Personal Data Economy,"A key part of this is continuity and longevity: a Personal data store is for life, so the institutions providing Personal data stores should be designed for decades (centuries, even). Whatever particular corporate form they take, legal safeguards relating to continuity and longevity of purpose need to be built into how they operate.","Design Principles for the Personal Data Economy Last month we were asked to give a talk in Korea on the design principles for a new Personal data economy. We’ve turned this talk into a White Paper, published here. It’s important because, in our view, most current debate about Personal data is based on a philosophical category error that inevitably leads to a dead end. If you want to solve a problem you need to know what’s causing it. If you’ve got a heart problem, no matter how many pills you take for gastric wind you won’t solve it. When it comes to Personal data, most discussion assumes that our problems are caused by how organisations handle the data they collect and use. They are not. They are caused by the design of the system these organisations are operating within. ‘System design’? That sounds rather abstract and airy-fairy. Not for practical people. But it’s not abstract or airy-fairy at all. Birds are living systems designed to fly in the air. Fish are designed to swim in water. If you ask a fish to fly you won’t get very far because that’s not what its system is designed to do. Today’s Personal data system is designed to help organisations collect and use data to further their particular purposes. It is not designed to help citizens get the benefits of their data, to use data to address social ills, or even to help economy-wide innovation and growth (which may involve the creation of new and different organisations). In fact, with the way our current system works citizens have little or no control over their own data and are not benefiting as they should from it. Service providers often lack access to the data they need and face high costs in accessing and using it. And the system as a whole experiences high costs along with low levels of trust and restricted innovation. But these problems are not created by the behaviours of individual organisations in isolation. They are created by the way the system itself works. Its design: the fact that it is organised solely around organisations collecting and using data for their own particular purposes. We simply won’t solve the problems we now face by asking organisations to behave differently; by asking fish to fly. We can only solve them by introducing a different system design. Fitness for purpose We need a system for Personal data that unleashes its full Personal, social and economic potential; that goes beyond only helping organisations achieve their purposes. To achieve this we need to design a new system that’s fit for a broader range of purposes; that’s designed to fly rather than swim. These design principles are not random, plucked from the air because we think they might be nice. It’s no accident that all fish are sleek and that birds have wings. These designs fit what they need to do. So what fit-for-purpose design principles do we need to adopt? For a start, we need to build on the fact that unlike other commodities, when data gets used it doesn’t get used up. It can be used again and again, for many different purposes. We expand on this theme here. This being the case, it makes no sense to restrict access to data to just one organisation with one set of purposes. We need to break out of the confines of organisation-centricity, to enable data sharing. However, if you try to create a system where all organisations try to share data with all other organisations, you quickly create a complexity catastrophe. To solve this problem you need fit-for-purpose design. If data about each individual is deposited in the individual’s Personal data store, then these Personal data stores can act as hubs for the safe, efficient shari
MyDex,MyDex,,Medium,,,,,,,Designed for Integrity,"Below are some of the design principles that underpin our infrastructure and services — principles designed to ensure that what we do truly does serve citizens, today and into the future.","DESIGNED FOR INTEGRITY In our last blog we talked about diverse, practical ways in which we help people and organisations use Personal data to get stuff done — to enrich peoples’ lives and improve service quality in a way that cuts friction, effort, risk and cost for both sides. The tools and capabilities we discuss in that blog are great. But to be truly valuable, they also need to be robust and ethical. They need to be based on sound design principles. Below are some of the design principles that underpin our infrastructure and services — principles designed to ensure that what we do truly does serve citizens, today and into the future. - Safe, efficient data logistics Our Personal data stores (PDSs) use APIs to enable safe efficient data sharing between individuals and organisations. Organisations can deposit data in an individual’s PDS, and individuals can share data with these organisations. Our PDSs don’t only provide safe storage facilities. They also provide safe, efficient data sharing capabilities which keep the individual in control. We call this ‘Personal data logistics’. - Individual the point of integration Our Personal data stores enable individuals to aggregate data about themselves that is currently dispersed across many different service providers. For example, most UK citizens have over a dozen relationships with different financial service providers: one or more banks and building societies, loan providers, mortgage providers, savings providers, investment services, pensions, insurances and so on. It’s only by aggregating data from all these service providers (and by adding additional information that only the individual knows) that it’s possible to gain a true, fully-rounded picture of an individual’s financial circumstances, and therefore to be able to give truly Personalised, relevant advice. That is why we applied for and got an Open Banking licence. Our infrastructure is designed to enable the provision of such genuinely Personalised advice across every walk of life: money, health, career, etc. - An asset for life By enabling individuals to aggregate data (including verified attributes) about themselves in their own Personal data store, we provide them with an asset for life: an asset that grows in value over time as more data is added to it. - Seek win-wins Many data relationships are adversarial, where one side seeks to extract value from another. We seek to enable mutually beneficial, productive relationships between citizens and bona fide service providers. For example, as the data in an individual’s Personal data store grows in richness and value, citizens can bring this data with them to relationships with service providers, helping both sides access and use the data they need for better services at lower cost. - Neutral In line with the above, our platform is not designed to help one organisation gain competitive advantage over another. It is designed to enable all sides to improve the way they operate, by helping everyone involved reduce friction, effort, risk and cost for example. So our charging structure doesn’t favour one organisation over another and it doesn’t incentivise us to try and make money out of individuals’ data either. (For example, if we charged a fee per data transaction, our revenues would grow with the volume of data sharing and that could incentivise us to pressurise individuals into sharing more data than they want to. So we don’t.) - Truly independent Our Personal data stores are truly independent and under the control of the individual. They do not sit inside any data-holding service provider’s organisational boundaries and do not depend on any service provider’s systems and technologies. Individuals don’t have to use any organisation’s identity processes to access their data. Organisation
MyDex,MyDex,,Medium,,,,,,,Flicking the Switch of Personal Data,"Over the last 14 years we have built the infrastructure needed to make citizen data empowerment possible — infrastructure capable of providing every individual with their own Personal data store, where they can safely and securely collect their own data, use it and share it under their own control. This infrastructure is now live and operational, officially recognised as a supplier to public services on procurement platforms in both England and Scotland and independently accredited for data management security under ISO 27001.","FLICKING THE SWITCH OF Personal DATA We believe individuals should be able to access and use their own data to be able to manage their lives better. Currently, this isn’t possible because every individual’s data is dispersed across dozens (probably over a hundred) different organisations that hold it and don’t make it available. This is absurd and unfair. Over the last 14 years we have built the infrastructure needed to make citizen data empowerment possible — infrastructure capable of providing every individual with their own Personal data store, where they can safely and securely collect their own data, use it and share it under their own control. This infrastructure is now live and operational, officially recognised as a supplier to public services on procurement platforms in both England and Scotland and independently accredited for data management security under ISO 27001. Unleashing the potential But what we’ve also learned over these 14 years is that core infrastructure is not enough. A parallel: it is extraordinary and wonderful that we have water infrastructure that brings fresh, safe water to our homes and offices, and a national grid that does the same with electricity. But if we didn’t have taps and switches to turn the water and electricity on and off as and when we need them, they wouldn’t be half as valuable as they are. So, over the past few years, we’ve also been building the taps and switches that are needed to make our citizen empowering Personal data logistics infrastructure really useful. This blog outlines some of them. Smart directories One of the really big, time consuming, frustrating and expensive things every individual and every organisation has to contend with is what we call ‘matching and connecting’. Individuals want to find the services they need to help them with a particular task, but often they don’t know who they are or where to find them. They might not even know that such services exist. Likewise, organisations offering a particular service often struggle to find and reach the particular people who really want or need this service. A huge amount of time, money and effort is wasted by both individuals and organisations trying to solve these puzzles, often in expensive and unsatisfactory ways. With smart directories, individuals can allow selected organisations to see an anonymised profile of themselves (shorn of any data that would identify the particular individual), and the selected organisations can see whether individuals fit the criteria their service is designed for. If there is a fit, the organisation can use the platform to send a message to the individual. If the individual decides to accept the message and respond, a connection is established. Smart Directories lie at the heart of the work we are currently doing with the Office of the Chief Designer in Scotland and Connecting Scotland to radically reduce the costs of finding and working with citizens to help co-design public services. Automated form filling There is little more dispiriting and irritating than having to fill in forms, especially when you have to do it time and time again, providing the same information to different people. Using our platform and its ability to enable the sharing of verified attributes in particular, if an individual says ‘Yes, I would like this service’ it is possible for the necessary information (and only the necessary information) to be automatically sucked out of their PDS
MyDex,MyDex,,Medium,Alan Michel,,,,,,Getting Data Security Right,"data security is about system-wide design, where many different elements need to fit together to create a working whole.","Getting Data Security Right Over the last few weeks we’ve been asked about data security from places as far afield as Lithuania and Korea. As one journalist from Asia Business Daily asked us: “Security issues are paramount in MyData. How does Mydex manage customer privacy? There is no single ‘magic bullet’ that can guarantee data security or customer privacy. Indeed, the belief that there is such a magic bullet (usually some techno-fix such as blockchain) is one of the biggest dangers. That’s because data security is about system-wide design, where many different elements need to fit together to create a working whole. Mydex’s approach to data security is therefore multi-faceted and multi-levelled. It includes: - Encryption: all data handled by Mydex is encrypted in motion and at rest. - Architecture: big, centralised databases holding records about millions of citizens attract hackers. With our infrastructure, each individual’s Personal data store is separately encrypted. This means that to get a million records, hackers would have to conduct a million separate, successful hacks. - Operating procedures: Each individual holds their own private key to their Personal data store. Mydex itself does not know or hold this key, so Mydex employees cannot see the data held by citizens in their Personal data stores. - Business processes: We only work with known, reputable organisations that themselves work to the highest standards (e.g. government departments). To connect to our platform they have to agree to Terms and Conditions and Information Sharing Agreements with citizens designed to protect citizens’ privacy and data. - Citizen control: Citizens can easily see what data they are sharing with which organisations for what purposes, via their own Consent Dashboard. They can use this Dashboard to view ‘consent receipts’ that confirm their agreements with each organisation, and can change or revoke these permissions if they wish to. - External audit and accreditation: All our systems and processes are independently audited to international standards. We have held ISO 27001 accreditation for Information Security and Management for the last nine years. We don’t believe it’s possible to ensure data security without thinking through how the system as a whole works, looking at it from every angle: structure, incentives, governance, processes and, yes, technology. With the way our current data economy works however, many necessary elements are either missing or badly designed — generating incentives that undermine rather than enhance data security for example. That’s why our current system is so insecure, and why there is so little trust in it. There isn’t a magic bullet for ensuring data security and customer privacy. But there is a way of tackling the challenge so that robust, reliable ways forward are found.",https://medium.com/mydex/getting-data-security-right-36d291cac156,,Post,,Explainer,,,Security,,,,,2021-10-22,,,,,,,,,,,,,
MyDex,MyDex,,Medium,,,,,,,Getting Identity Right. At Last.,"By recognising the pivotal importance of verified attributes and the potential role of Personal data stores in enabling the sharing of these attributes, it is opening the door to actually solving the problem of identity. At last.","Getting Identity Right. At Last. A seismic shift is under way in the huge, ongoing international project called ‘digital identity’. It hasn’t triggered any spectacular earthquakes yet. It’s more tectonic than that. But it’s seismic nevertheless. Ten years ago, we (Mydex CIC) were one of five companies (along with the likes of the Post Office and the credit reference agency Experian) chosen by the UK Government to pioneer its Verify digital identity programme. At the time the Government had a vision for identity which went something like this. An ‘identity’ — that confirms that a person is who they claim to be — would be a sort of digital product produced by specialist producers called ‘identity service providers’ (ISPs). They would compete in a market for digital identities made up of competing ISPs. Organisations would buy these identities from the ISPs to help them reduce the costs and risks they incur in checking to see if individuals are who they say they are. None of this vision is likely to survive as it gets replaced by a different, more efficient and more person-centric perspective. The first shift towards this new perspective happened a few years ago when the Government decided to launch its Identity and Attributes Trust Framework. Adding the word ‘attributes’ isn’t just a small semantic change. It signifies something very important (see below). The second shift, confirmed by the publication of the Government’s Beta version of this Trust Framework, is the explicit recognition that ‘identities’, attributes, or both, may be shared by a range of different parties including citizens using Personal data stores. The Trust Framework paper gives the example of Carmen, a doctor moving to work at a new hospital. Before starting work at the hospital, she must prove who she is and that she has the relevant qualifications. She gets a digital version of her registration certificate that confirms her licence to be a doctor in the UK. It is added to her Personal data store. The information from this registration certificate can be checked against an authoritative source. She can share it when needed e.g. when applying for a post at her new hospital. “Attributes can be created, collected and checked by an attribute service provider. An attribute service provider could be an organisation or a piece of software, like a Personal data store or digital wallet.” It’s all obvious, sensible stuff. But what it points to is a new vision of identity that has got nothing to do with the one outlined by Verify above; that combines trust-building with citizen agency with the reduction of friction, effort, risk and cost. Here are some of the main operational differences between the two visions. A new vision of identity First, an ‘identity’ is not a fixed ‘thing’. It is a byproduct of a process for the sharing of verified attributes (that is, details about an individual that have been generated or checked by a recognised, responsible body such as a bank or government department). The particular bits of information that may go towards confirming that an individual is who they say they are may vary greatly from situation to situation. It doesn’t really matter what they are, as long as the process for making them available is reliable, safe and efficient. Second, the use cases of ‘identity’ vary widely. Most people think of identity as relating to one specific scenario such as opening a bank account when, as an individual, you have to prove to the bank that you who you say you are and not some sort of fraudster. That’s important. But it’s actually just one step in an entire sequence of operations where it is necessary to know the identity and attributes of a person in order to provide them with a service
MyDex,MyDex,,Medium,Alan Mitchell,,,,,,The Perils of Pre-Copernican Data Strategy,"Today, ‘everyone’ including powerful actors and decision-makers like the UK Government ‘just know’ that organisations are the centre of the Personal data universe, and that everyone else including citizens revolves around these organisations.","The Perils of Pre-Copernican Data Strategy It’s an oft-told story but it has a new relevance. Back in the middle ages, people believed that the earth was the centre of the universe so that everything else, including the sun, circled round it. When they tried to track the movement of the planets through the sky they were presented with a puzzle. The planets’ motions didn’t represent a simple orbit. At certain times, they seemed to go into reverse, creating a complex jungle of ‘epicycles’ that astronomers struggled to explain. Their mappings of the movement of the planets, as seen from the earth, are shown on the left hand side of Figure 1. An extremely complex picture that is very hard to fathom. Then came Nicolaus Copernicus. He said the sun was the centre of our universe, and that the earth orbited the sun. A simple switch of perspective — from earth-centric to sun-centric — created the enormously simplified picture of the planet’s movements shown in the right hand side of the figure. Today, something similar is happening with data sharing. Back in the days before Copernicus, ‘everyone’ including the great, the good, the clever and the powerful, ‘just knew’ that the earth was the centre of the universe and that everything else, including the sun, revolved around it. Today, ‘everyone’ including powerful actors and decision-makers like the UK Government ‘just know’ that organisations are the centre of the Personal data universe, and that everyone else including citizens revolves around these organisations. That’s why the UK Government is pressing ahead with organisation-centric plans for the future of data sharing. Plans that, if implemented, will create a picture far more complicated than that shown on the left hand side of the illustration; a complexity catastrophe on multiple fronts: costs, data security, interoperability, governance and trust. The complexity catastrophe Let’s take a look at how this data sharing complexity catastrophe will unfold. There are basically two ways to share Personal data. The first is an ‘organisation-centric’ one: direct from organisation to organisation, with the data never being handled by the citizen the data relates to. The second is a person centric one, where organisations deposit copies of details they hold about people in their Personal data store, so that the citizen can forward share this data as and when needed. What is the difference between the two? If you look at Figure 2, which shows how the two models work, you may not think there is much difference. On the left hand side, if there are three organisations involved in data sharing, three connections between them are required: one each to the other two. Simple! The person-centric approach to data sharing shown on the right hand of the diagram also requires three connections. But why bother adding a completely new entity — the citizen’s Personal data store — into the equation? Doesn’t that just add cost and complexity? Now take a look at Figure 3, which shows what happens if eight organisations are now sharing an individual’s data. On the organisation-centric left hand side, the number of connections has grown to 28, whereas if the data is shared via the individual’s Personal data store, the number of connections has grown to just eight. Instead of each organisation having to connect with every other organisation involved in data sharing (who they have never done business with before), the person-centric approach only requires one connection per organisation — with the citizen’s Personal data store. This connection is with somebody they already have a relationship with: the citizen. Figure 3 three shows that as the organisation-to-organisa
MyDex,MyDex,,Medium,,,,,Data: A New Direction,,Why is data valuable?,"prompted by the UK Government’s proposed reforms of data protection law contained in its consultation paper Data: A New Direction. […] Under the banner of tackling ‘consent fatigue’, abolish citizens’ right to consent to the collection and use of their data: achieved by expanding the definition of organisations’‘legitimate interests’ (where they don’t have to seek consent) to cover almost every activity","Why is data valuable? This series of blogs is prompted by the UK Government’s proposed reforms of data protection law contained in its consultation paper Data: A New Direction. The stated intention of these proposals is to unleash a new ‘golden age’ of innovation and growth. But the real effect of these reforms would be to: - Under the banner of tackling ‘consent fatigue’, abolish citizens’ right to consent to the collection and use of their data: achieved by expanding the definition of organisations’‘legitimate interests’ (where they don’t have to seek consent) to cover almost every activity they would wish to undertake, thereby rendering consent irrelevant. - Under the banner of helping organisations access more data for the purposes of research and innovation, abolish the core principle upon which data protection regulations have been built: that Personal data should only be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes. The Government’s proposals would do this by making ‘further processing’ of citizens’ data legal in so many additional circumstances (‘legitimate interests’, use in ‘research’, for AI, to improve ‘data sharing’, etc) that the core principle is rendered irrelevant. These proposals represent the biggest attack on citizen rights seen in this country for generations. They would make new Cambridge Analyticas legal, and would put UK citizens’ data up for sale in global markets — the stated goal being to “secure the UK’s status as a global hub for the free and responsible flow of Personal data” (where ‘responsible’ is never defined in over 50,000 words of argumentation, but where the door is opened to ‘irresponsible’ uses of data many times over). This blog series explores the many mistaken assumptions that lie behind this disastrous initiative. The innovation and growth that Government promises its reforms will bring are a fantasy. They will not unleash a new ‘golden age’ they are based on deep misunderstandings of what makes data valuable in the first place and how to unleash this value. This, first, blog in the series looks at why data is valuable. Where data’s value comes from Given all the fuss that’s made about data, you’d think everyone would have an immediate answer to this question. But when you ask it strange things happen. Some people immediately go off on a tangent, talking about how much money is being made out of data. But this begs the question: why are people prepared to pay so much for it? Others repeat catchphrases such as ‘data is the new oil’. Very soon people are embroiled in arguments about whether data is, or is not, ‘like oil’ — while the original question gets forgotten. But the answer to this question matters, because it will inform all the policies and strategies that follow. If you get it wrong (as the UK Government is currently doing with their proposals to ‘reform’ data protection regulations ) you risk wasting huge amounts of time, money and effort chasing rainbows, while missing the opportunities that really matter. Reliability and Surprise So why is data valuable? Because of two things. Reliability and Surprise. Reliability If we know a fact to be true, we can act on it without incurring the risks (and costs) of making a mistake. If the data you are working with is unreliable — if you don’t know if it is true or not — any decisions or actions you take on the basis of it risks being wrong. One of three things th
MyDex,MyDex,,Medium,,,,,National Data Strategy,,"Why we need new, nationwide Personal data infrastructure","The central plank of Mydex CIC’s consultation response is that the UK needs to build a new layer of data logistics infrastructure that:- Includes citizens in the workings of the data economy, empowering them with the ability to collect, store, use and share data about themselves independently of any data controllers they may have data relationships with.<br>- To achieve this, the Government needs to ensure that every citizen is provided with their own Personal data store, which enables citizens to collect, store, share and use their own data, under their own control, for their own purposes, independently of any organisation that may have collected data about them.<br>- These Personal data stores should be designed to act as neutral, enabling nodes in a vibrant data sharing network, whereby citizens can obtain copies of their data held by organisations and can forward relevant elements of this data (such as Verified Attributes) to other data users under their control, as and when beneficial and necessary.<br>","Why we need new, nationwide Personal data infrastructure This is the second in a series of blogs providing edited extracts of key points made by Mydex CIC in its response to the UK Government consultation around a new National Data Strategy. The first one addressed the question “how to unleash the full potential of data?” Others look at Achieving Change at Scale, Common Misconceptions that Derail Progress, and the sheer size of the social and economic opportunity. To catch up on progress on our Macmillan My Data Store Pilot click here. The central plank of Mydex CIC’s consultation response is that the UK needs to build a new layer of data logistics infrastructure that: - Includes citizens in the workings of the data economy, empowering them with the ability to collect, store, use and share data about themselves independently of any data controllers they may have data relationships with. - To achieve this, the Government needs to ensure that every citizen is provided with their own Personal data store, which enables citizens to collect, store, share and use their own data, under their own control, for their own purposes, independently of any organisation that may have collected data about them. - These Personal data stores should be designed to act as neutral, enabling nodes in a vibrant data sharing network, whereby citizens can obtain copies of their data held by organisations and can forward relevant elements of this data (such as Verified Attributes) to other data users under their control, as and when beneficial and necessary. Such a citizen empowering data logistics infrastructure is key to enabling a MUMU data economy to grow: one where the right Personal data can flow to and from the right parties at the right times, in ways that protects citizens’ privacy and make them active participants in service provision. Benefits of the new Personal data infrastructure Ensuring every citizen is provided with their own Personal data store would kill many birds with one stone. Specifically, it would: - Enable order of magnitude reductions in friction, effort, risk and cost for both bona fide service providers and citizens - Ensure built-in privacy and data protection for all processes involving the collection and use of Personal data - Ensure built-in fair pre-distribution of power and rewards relating to the collection and use of Personal data, resulting in inclusive economic growth, enabling social inclusion and helping to tackle the digital divide and ‘poverty premium’ - Act as a platform for innovation, enhancing capabilities, capacity and flexibility Cutting costs The most compelling immediate reason to introduce Personal data stores is their cost-cutting potential. By enabling citizens to easily, safely and securely obtain electronic copies of data held about them by organisations (as per the data portability provisions of GDPR/Data Protection Act) a Personal data store-based data logistics in
MyDex,MyDex,,Medium,,,,,,,Revolutionising healthy ageing,"Mydex’s role will be to provide the data sharing infrastructure to enable individuals and service providers to safely and efficiently share the right data at the right times, in ways that protects individuals’ privacy and puts them in control of their data at all times and enable two way engagement and feedback throughout the project.","Revolutionising healthy ageing Mydex CIC is pleased to announce its involvement in a new £12.5m project designed to ‘revolutionise’ healthy ageing. The Peoplehood project — originally called Blackwood Neighbourhoods for Independent Living — will help people to stay well and physically active as they age and explore new products and services to support them. Supported by £6m UK Research and Innovation funding as part of its Healthy Ageing Challenge’ and led by Blackwood Group, the project will work with residents and partners in three neighbourhoods to enable people to live independently, including new homes, a design guide to improve upgrading accessibility and adaptations of existing homes as well as future home design. It will include accessible outdoor spaces so that people can sustain physical activity, supported by digital connectivity and infrastructure that helps security and ethical data sharing. Sustainable energy and transport will aim to reduce community carbon footprint and reduce transport costs. Individual coaching and support will help people maintain their health and wellbeing. The long term goal is to improve peoples’ lives as they age and reducing costs of care provision. Key role of Personal data Mydex’s role will be to provide the data sharing infrastructure to enable individuals and service providers to safely and efficiently share the right data at the right times, in ways that protects individuals’ privacy and puts them in control of their data at all times and enable two way engagement and feedback throughout the project. Through every aspect of the project, all Personal data relating to each individual will be delivered to and accessed from the individual’s Personal data store. All parties collecting or using any Personal data will send it to the individual’s Personal data store via a secure API, and will have a data sharing agreement designed to achieve the highest standards of data protection, transparency and control for the citizen. Connecting to Blackwood’s CleverCogs digital system, participating residents will be able to organise their services, care and medical appointments, stay in touch with family and friends via video calls, and listen to music and entertainment. For customers living in Blackwood Home, the system can also be used to control everything from lighting and heat to opening doors and blinds. The three neighbourhoods chosen to take part are located in Dundee, Glasgow, and Moray. Other partner organisations, besides the lead Blackwood, are: - Canon Medical Research Europe - Carebuilder UK - CENSIS - Cisco International Ltd - Enterprise Rent-a-Car UK - Lewis & Hickey Architects - The DataLab - The University of Edinburgh",https://medium.com/mydex/revolutionising-healthy-ageing-200a7edd1016,,Post,,Meta,,,,,,,,2021-11-18,,,,,,,,,,,,,
MyDex,MyDex,,Medium,,,,,,,Can I trust you?,This is the second of two blogs on our new White Paper: [Achieving Transform At Scale](https://MyDex.org/resources/papers/AchievingTransformationatScaleMydexCIC-2021-04-14.pdf). The[first blog](https://Medium.com/MyDex/our-new-white-paper-achieving-transformation-at-scale-f97320f8447e)focused on the infrastructure challenge. This blog focuses on the parallel need for institutional innovation.,"Can I trust you? This is the second of two blogs on our new White Paper: Achieving Transform At Scale. The first blog focused on the infrastructure challenge. This blog focuses on the parallel need for institutional innovation. Sometimes, when a society confronts a new challenge, the institutions it previously relied on to provide solutions cannot cope. New, different institutions are needed. We think this is the case with Personal data. Traditionally, our society has looked to two main types of institution to unleash social and economic opportunities: private sector firms focused on maximising their profits and state-owned enterprises. But as this blog explains, these types of institution cannot rise to the particular challenges posed by Personal data. A different type of institution is needed, and thankfully we have one to hand: the Community Interest Company (CIC). Many people are still not familiar with CICs, which often come across as a rather strange hybrid beast. CICs are: - asset locked. This means any assets a CIC develops cannot be sold to another entity that is not also asset locked and equally committed to pursuing its community purpose. Mydex is not seeking a trade sale or ‘exit’: it is committed to continuing the operation and extension of its platform as permanent infrastructure to benefit its community (citizens). - dividend capped. Only 35% of distributable profits can be returned to shareholders. The remaining 65% must be reinvested in furthering the community benefits for which the CIC was established. Why has Mydex chosen this unfamiliar CIC status? Mission logic One simple explanation is that when Mydex was established back in 2007, its founders didn’t just want to sell a product in order to make money. They wanted to produce a service that brings benefits to people and communities and recognised they needed to make money in order to fund this service provision. Making money isn’t the purpose of the business. Benefiting the community by achieving its mission is the purpose, and making money is a means to achieving that goal. A second reason is that we recognised that Personal data throws up huge issues and challenges relating to trust. We reasoned as follows: If there is a lack of trust surrounding the collection and use of Personal data, its full Personal, social and economic potential will be hampered by mutual suspicion, power struggles and conflict and therefore never realised. A new type of institution that builds trustworthiness into what it does, and how, is needed for this challenge. How CIC status helps us rise to this challenge is not immediately obvious but the logic is powerful. It’s worth exploring. Economic logic The unique and particular challenges (and opportunities) of Personal data lie in the fact that unlike physical products and most services, data is a resource that can be used by many different people and organisations for many different purposes without ever getting ‘used up’. Because of this, it breaks the boundaries imposed by current notions of ‘private property’. Institutions organised around the notion of ownership of private property and profit maximisation are struggling to come to terms with a new world where value is created by data sharing. This takes us to the first unique challenge for Mydex: the question “What makes an enterprise economically viable and successful?” It’s commonly assumed that the acid test of an enterprise’s economic success is how much money it makes. But that relates to its financial success, not its economic success. If you stop to think about it, organisations’ economic results al
MyDex,MyDex,,Medium,,,,,,,Our New White Paper: Achieving Transformation At Scale,"This [White paper](https://MyDex.org/resources/papers/AchievingTransformationatScaleMydexCIC-2021-04-14.pdf) explains the scale of the potential benefits, how they can be achieved, and how they can be achieved at scale.○ Mydex CIC is starting where the need is greatest and resistance is lowest - in public and third sector services needing to cooperate with each other to deliver efficient, effective services to individuals.<br>○ It is using Personal data store-enabled solutions to specific problems to demonstrate the superiority of the Personal data store approach - starting with reductions in friction, effort, risk and cost for both bona fide service providers and citizens.<br>","Our New White Paper: Achieving Transformation At Scale This is the first of two blogs on our new White Paper: Achieving Transformation At Scale. The first blog focuses on the infrastructure challenge; the next on the need for supporting, enabling institutions. It’s now widely understood that the way our society collects and uses Personal data generates wide scale invasions of privacy, endemic risks of data breaches and fraudulent access to data, plus eye-watering imbalances of power and reward which, together, have led to a pervasive erosion of trust. What’s less widely understood is that all these problems and issues are an inevitable byproduct of how the system itself is organised: its organisation-centric structure — the fact that the only entities really capable of collecting and using Personal data at scale are large organisations. No matter how well-meaning new rules, policies and regulations might be, as long as this structure remains, the problems will remain. New rules, policies and regulations may help to clear up the mess created by the systemic leaking bucket, but in themselves they can never fix the leak itself. For that we need structural reform. An infrastructure challenge Our society has faced similar challenges many times before. When the industrial revolution hit us, it dawned on people that if this new system was to work effectively, the entire population would need to be able to read and write. We needed an education system. The rapid growth of cities created immense sanitation and public health problems: everyone needed running water and sewers. When electricity came along, letting every Tom, Dick and Harry create their own generating stations using different frequencies and distribution methods clogged the system with nightmarishly high costs and complexity. We needed a national grid. In each case, it was recognised that for the good of the society, its economy and its citizens we need infrastructure that made things universally available. The same goes for Personal data. The toxicities created by our current systems can never be addressed, and the full potential of data can never be unleashed, unless every citizen is able to collect and use their own data for their own purposes, just as every citizen was previously empowered to read and write and access water and electricity for their own purposes. Doing so makes the whole system work better. The scale of the challenge To achieve such a change however, we need to get over some mountainous obstacles. At Mydex CIC, we believe we have found such a route through. Our new White Paper Achieving Transformation At Scale explains how. To make any real headway we first have to overcome some formidable mental roadblocks. The biggest of these is market myopia — the assumption that the only way forward is to ‘create markets for data’. This is nonsense on two counts. First, none of the economic benefits of what Mydex CIC does around Personal data come from trading data for money. They come from helping people and service providers strip out the huge amounts of unnecessary waste and cost they both experience when trying to handle data. Taking cost out of how the system works is not the same as creating a ‘market’ where data is traded or sold. Closely related to market myopia is accounti
MyDex,MyDex,,Medium,,,,,,,Helping Data Trusts Manage Personal Data,"Mydex CIC has just published a blog for Cambridge University’s Data Trust Initiative on ‘Helping Data Trusts Manage Personal Data’. In it, we address the challenges that arise as the Data Trust movement begins to scale.","Helping Data Trusts Manage Personal Data Mydex CIC has just published a blog for Cambridge University’s Data Trust Initiative on ‘Helping Data Trusts Manage Personal Data’. In it, we address the challenges that arise as the Data Trust movement begins to scale. In a world where many different Data Trusts want to access individuals’ data for a range of different purposes and services, two questions arise: - How can many different Data Trusts collect/access the data they need from the same individuals without creating far-reaching duplication of cost and effort? - How can individuals keep track of, and assert control over, the data they are sharing with many different Data Trusts? One answer, we suggest, is to use individuals’ Personal data stores as infrastructure for Data Trusts. Individuals can use their PDSs to feed their data to the Trusts they want to support and to exercise appropriate controls over this data. The blog goes into more detail as to how this can work.",https://medium.com/mydex/helping-data-trusts-manage-personal-data-4215faaee5f2,,Post,,Product,,,,,,,,2022-05-03,,,,,,,,,,,,,
SecureKey,Avast,SecureKey,,Greg Wolfond,"DHS, DIF","Canada, Ontario, Toronto",Canada,,,SecureKey Technologies,"SecureKey is a leading identity and authentication provider that simplifies consumer access to online services and applications. SecureKey’s next generation privacy-enhancing services enable consumers to conveniently and privately assert identity information using trusted providers, such as banks, telcos and governments, helping them connect to critical online services with a digital credential they already have and trust, while ensuring that information is only ever shared with explicit user consent. SecureKey is a champion of the ecosystem approach to identity, revolutionizing the way consumers and organizations approach identity and attribute sharing in the digital age.",,https://securekey.com/,,Company,,Company,Enterprise,ID,"SSI, Supply Chain",,,,DID,2008,https://twitter.com/SecureKey,https://www.youtube.com/user/SecureKeyTech,,https://www.crunchbase.com/organization/securekey-technologies,https://www.linkedin.com/company/securekey/,,,,,,,,
Spherity,,Spherity,,Carsten Stoecker,Sovrin Steward,"European Union, Germany, Berlin, Berlin",Europe,,,Spherity,"Spherity is building decentralized identity management solutions to power the 4th industrial revolution, bringing secure identities (“Digital Twins”) to machines, algorithms, and other non-human entities.<br><br>Spherity’s Digital Twins enable innovative customer journeys across mobility, supply chain transparency, risk assessment, audit trails for data analytics, and many more use cases.<br><br>Our developers and systems designers combine years of deep research in the emerging decentralized identity space with a wide range of cross-industry experience. They have built and refined complex, bespoke information systems for supply chain management, data-rich manufacturing, and next-generation data control.<br><br>We participate in key standards processes and community conferences to ensure full compliance and interoperability in the complex technological landscapes of decentralization and self-sovereign identity","Credentialing the world for a new internet age with digital trust Enable digital trust in your ecosystems by implementing decentral identities and verifiable credentials. Leverage the trust to streamline your business processes. Start now and use our solutions to easily integrate with your existing IT landscape. OUR ECOSYSTEM AND PARTNERS Products The Spherity Product Suite Two products. Same mission. CARO Credentialing Service for US DSCSA compliance. Spherity’s compact app to authenticate direct and indirect pharmaceutical Authorized Trading Partners in real-time.Learn more Digital Product Passport Boost your compliance with regulatory requirements introduced by the New EU Battery Regulation with Spherity’s Digital Product Passport.Learn more Services Supporting you in Strengthening Trust through Digital Identity. Set-up your trust-ecosystem in your specific industry.Learn more Stay sphered, join our newsletter! Receive product updates and the latest tech trends across industries. We care about the protection of your data. Read our Privacy Policy. Resources Read and watch in-depth articles on case studies, solutions, technical implementations, and more! How issuers can manage credential revocation? Spherity has developed an Ethereum-based credential revocation mechanism for use in the US pharmaceutical supply chain. In brief, a credential issuer examines real-world evidence, such as a trading license,... COP27: Digital Trust Technology Supports International Climate Action The Government of British Columbia (B.C.) and Spherity, both members of the Global Battery Alliance (GBA), are cooperating to facilitate the secure exchange of sustainability information using digital trust technology. Product Passport Pioneers - #6 with Mario Malzacher, Circular Fashion In this episode, we speak to Mario Malzacher, CO-Founder of CircularFashion. Mario is driving the circular economy in the textile industry. He heads and participates in research projects of the BMWK...",https://spherity.com,,Company,,Company,Enterprise,,"ID,AI,IOT",,,,"ISO 27001,DID,Verifiable Credentials",2017,,https://twitter.com/spherityproject,https://www.youtube.com/channel/UCJd30vQ46EYCq0KFysJtRMg,https://medium.com/@spherityy,https://medium.com/@spherityy,,https://www.crunchbase.com/organization/spherity,https://de.linkedin.com/company/spherity; ,,,,,
Spherity,Spherity,,Medium,,EBSI; EIDAS; W3C,,,European Data Infrastructure,,"Spherity connects the dots between SSI, AI, and European Data Infrastructure","Juan Caballeroattended the stakeholder meeting for the European Blockchain Services Infrastructure project in Brussels, where architects and legal counsel presented their requirements and reports for the next round of development in partnership with industry leaders and contractors. [...] The most interesting development [...] the report from Nacho Alamilla, a key legal advisor for EBSI, on the functional limits of the current eIDAS (cross-border electronic signature mutual recognition) system in Europe and possible revisions or refinements of it being discussed in theEU.[...]<br>[Carsten Stöcker](https://Medium.com/u/2d7ca4c61292)and[Ricky Thiermann](https://Medium.com/u/16518b469d1e)were in Bonn attended the High-Tech Partnering Conference[#HTPC20](https://www.htpc-htgf.de/en-gb/home)organized by our lead investor[High-Tech Gründerfonds](https://high-tech-gruenderfonds.de/en/the-decentralized-identity-and-digital-twin-pioneer-spherity-receives-seed-financing-from-htgf/)(HTGF). Carsten had a keynote about “How to unlock the untapped business potential of IOT devices with digital identity”. Further we were able to exchange with the other start-ups of High-Tech Gründerfonds’ portfolio and to establish relations to HTGF’s industry and corporate partners.<br>[...]<br>At the end of January,[Juan Caballero](https://Medium.com/u/7da78f634e80)and[Carsten Stöcker](https://Medium.com/u/2d7ca4c61292)were in Amsterdam, attending the specification-writing face-to-face meeting of the Worldwide Web Consortium’s Decentralized Identifier Working Group (W3C DID-WG). [...] The main event at this meeting was the renegotiation of the limits and interoperability of[DID Documents](https://Medium.com/spherity/ssi101-what-exactly-gets-written-to-a-blockchain-69ef1a88fa3c), which has become a sticking point in recent months due to the complexity of ongoing development based on different encodings (traditional JSON, JSON-LinkedData, CBOR, and even ASN.1 and PDF).<br>[...]<br>On 31st January[Marius Goebel](https://Medium.com/u/3a23dedbeb33)attended the steering committee of the “Standardization Roadmap Artificial Intelligence” for the German Federal Ministry of Economics and Energy ([BMWi](https://www.bmwi.de/Navigation/EN/Home/home.html)) hosted by[DIN](https://www.din.de/en)[German Institute for Standardization] and[DKE](https://www.dke.de/en)[German Commission for Electrical, Electronic & Information Technologies].<br>[...]<br>[Sphertiy](http://www.spherity.com/)is contributing to the working groups around the fields of “IT security in artificial intelligence (AI) systems” and “Certification and quality of AI systems” delivering its expertise in the fields of digital identities, in particular auditability, authenticity, traceability and identifiability of data and artificial intelligences (AIs).","Spherity connects the dots between SSI, AI, and European Data Infrastructure Recap of the first month of the new year Spherity started the year off with a busy travel itinerary, participating in standards work and startup communities. We met with the stakeholders of the European Blockchain Services Infrastructure, shared the business potential of the Internet of Things, made headway on the industry-wide groundwork for more robustly interoperable Decentralized Identifiers, and pushed forward the Identity capabilities of Germany’s Artificial Intelligence standards body. European Blockchain Services Infrastructure, Brussels Juan Caballero attended the stakeholder meeting for the European Blockchain Services Infrastructure project in Brussels, where architects and legal counsel presented their requirements and reports for the next round of development in partnership with industry leaders and contractors. We have built relationships with the key architects of the new system, and will be following closely the tenders and calls for ind
Spherity,Spherity,,Medium,,Legisym,,,,,Spherity is Partnering with Legisym Offering Joint Compliance Product for the U.S. Life Sciences Marke,"“Legisym is thrilled to be working alongside Spherity to bring the first production-level ATP Credentialing solution to the industry,” said Legisym President & Co-Owner David Kessler. “With the successful completion of the ATP Credentialing Pilot in 2020 and the joint founding of the Open Credentialing Initiative in early 2021, the Spherity-Legisym partnership is already proving successful in collaboration and forward thinking.”","Spherity is Partnering with Legisym Offering Joint Compliance Product for the U.S. Life Sciences Market. Legisym, LLC is a trusted expert in the U.S. Life Sciences Market, providing services to pharmaceutical companies around the world since 2009 Legisym and Spherity have worked closely together to bring to maturity a joint offering that meets the security requirements of the U.S. Life Sciences Market. As part of the joint development, both companies have collaborated with SAP and Novartis, which have already subjected the product to extensive quality testing and functional validation. Spherity and Legisym are pleased to officially announce their partnership as of today. In November 2013, the U.S. congress enacted the Drug Supply Chain Security Act (DSCSA) in order to protect patients’ health. To ensure that only legitimate actors are part of the supply chain, the regulation requires U.S. pharmaceutical trading partners to ensure that they only interact with other trading partners that are authorized. Authorized is every trading partner holding a valid state-issued license or a current registration with the Food and Drug Administration (FDA). Today in 2022, U.S. pharmaceutical supply chain actors have no interoperable, electronic mechanism to validate each other´s authorized status. With more than 60,000 interacting trading partners involved in the U.S. Life Sciences Industry and a FDA recommendation to respond to data requests in under one minute, a solution that provides compliance with the regulations by 2023 is in high demand. Legisym and Spherity have decided to cooperate and offer an interoperable highly secure service to enable pharmaceutical supply chain actors to become an Authorized Trading Partner (ATP) according to U.S. DSCSA. Legisym, as a trusted identity and license verification service provider, perfectly complements Spherity’s digital wallet technology for managing verifiable credentials. The verifiable credential technology is used to represent the authorized status of interacting trading partners in an highly efficient, secure and DSCSA-compliant way. To use credentialing for Authorized Trading Partner (ATP) requirements under DSCSA, trading partners need to go through a one-time due diligence onboarding process with Legisym. Once the verifiable credentials are issued, they are stored in a secure digital wallet which comes embedded with the Credentialing Service provided by Spherity. Using this technology enables U.S. pharmaceutical supply chain actors to interact with digital trust, as they now can digitally verify their ATP status in every interaction. Georg Jürgens, Manager Industry Solutions at Spherity says, “together with our partner Legisym we focused on making the adoption of credentialing for trading partners as simple as possible. Manufacturers, wholesalers and dispensers can all acquire a digital wallet and ATP credentials within minutes without integration effort and use this innovative solution for DSCSA-regulated interactions.” “Legisym is thrilled to be working alongside Spherity to bring the first production-level ATP Credentialing solution to the industry,” said Legisym President & Co-Owner David Kessler. “With the successful completion of the ATP Credentialing Pilot in 2020 and the joint founding of the Open Credentialing Initiative in early 2021, the Spherity-Legisym partnership is already proving successful in collaboration and forward thinking.” Legisym and Spherity founded along with oth
Spherity,Spherity,,Medium,,,,,,,#SSI101: An Introductory Course on Self-Sovereign Identity,"Outside of a few philosophers, social scientists, and a tiny minority of specialized technologists, however, most people feel uncomfortable making any definitive or authoritative statements about identity.","#SSI101: An Introductory Course on Self-Sovereign Identity The Spherity Way Most of the time when someone first hears about “self-sovereign identity,” “decentralized identity,” or “blockchain identity,” they naturally assume the terms refer to some esoteric topic far enough away from their domain of experience and expertise that they can safely leave it to the experts. “Identity,” after all, is an important, hotly debated, and nearly undefinable core concept of human life. Outside of a few philosophers, social scientists, and a tiny minority of specialized technologists, however, most people feel uncomfortable making any definitive or authoritative statements about identity. Who would volunteer to express opinions about something that can so easily offend, and which we rarely think about when it is working well for us? As for the adjectives “self-sovereign,” “decentralized,” and “blockchain,” these are no less controversial, no less stable, and no less likely to intimidate, to offend, or to confuse. I do not believe, however, that most people can safely leave it to the experts, even though I am one of those experts. On the contrary, I believe “SSI” is worth learning about, worth getting familiar with, and worth getting excited about. For this reason, I have tried to outline a quick tour through the basic “building blocks” needed to understand what SSI is, how SSI is different from other “regimes” or systems of organizing identity, and what Spherity does with SSI. Half as a fun way to structure these essays, and half out of habit, I will refer to this series of writing as a “curriculum,” and I will use North-American-style course numbers of the kind that were standard in my former life as a college professor. Here, then, is an overview of the topics that will be covered in the coming weeks in our “SSI 101” series: - Identities & Identifiers - An Overview of Non-Human Identities - Self-Sovereignty and Autonomy - Attest, Identify, Authenticate, and Verify - What Exactly Gets Written on a Blockchain? - Verifiable Credentials & Data Portability - Encryption & Correlation - How Open Standards Get Made To facilitate your and our sharing of these links and cross-linking back to them from other writings, I will structure each “glossary entry” listed above as a distinct Medium post with a permanent URL. Full disclosure, they might get more detailed (or illustrated) at some point in the future. They can be read in any order, although they are easiest understood by the true beginner in the linear sequence conveyed in the “previous”/“next” links at the top of each entry. For the reader who is already comfortable with the 101 topics, members from across the Spherity team will be collaboratively writing articles for the rest of 2019 that walk you through the specific data needs of various industries we have studied closely with partners and clients, and even in our past lives pre-Spherity. These longer articles comprise the “special topics” in the 200-level sequence of our SSI curriculum. Having read two or three of those, hopefully at least one of the 300-level will be of interest and accessible: there, we will cover speculative economics, machine futures, the data needs of an increasingly circular economy, data marketplaces, and other “advanced topics” in SSI. At this level, things get a little academic and we stand on the shoulders of many giants, mostly deep thinkers within the SSI community or the software sector generally. So let’s start at the beginning, then, with identities and identifiers, the smallest indivisible unit of SSI.",https://medium.com/spherity/ssi101-an-introductory-course-on-self-sovereign-identity-the-spherity-way-19e0d1de3603,,Post,,Explainer,,,,,
Spherity,KuppingerCole,,,,,,,,,Dr. Carsten Stöcker - Decentralizing Provenance in an Industry 4.0 World,"In this episode, Raj Hegde sits down with Dr. Carsten Stöcker, Founder & CEO of Spherity to understand how #decentralized identity is transforming the end-to-end supply chain lifecycle.","Decentralizing Provenance in an Industry 4.0 World | Frontier Talk #3 - Dr. Carsten Stöcker In this episode, Raj Hegde sits down with Dr. Carsten Stöcker, Founder & CEO of Spherity to understand how #decentralized identity is transforming the end-to-end supply chain lifecycle. Tune in to this episode to explore the increasingly important role of provenance in helping build a better world and learn about the intersection of exciting concepts such as non-fungible tokens (NFTs) and decentralized identifiers (DIDs). He pursued a PhD in physics from RVDA Hawkin, um, to understand how the world works and is leveraging the power of technology for the greater good of society. He's a highly respected figure in the blockchain space and acts as an advisor to the world economic forum, as part of its global future counsel, you are to share a stake on our provenance as a fundamental technology connect as a force multiplier to bring about positive change in society. Dr. Carsten Stoker, the founder and CEO of austerity. Yeah. Hi, thanks for having me on your Frontier Talk and I'm glad to be here today. Welcome to the podcast. And I'm speaking to a physicist, uh, to be honest as being always up there on my bucket list. So I'm glad that I could finally scratch it off my list. Um, so let's get started. Um, you've had an interesting career today. It's spanning across research consulting, a stint at the WEF and now entrepreneurship. So I'm curious to know, how were you introduced to blockchain technology? We, how I got introduced to blockchain technology basically was a big coincidence. I worked for utility RWE at this time and later it was kind of spun off into energy. I worked at the innovation hub and then there was a Dutch board member and the Dutch partner number basically wants to invent Uber for energy. So at this time, everyone wants to invent Uber for some things they have and be for something to come up as a new digital digital proposition. And basically it was a Dutch board members. The Dutch board member asked one of his friends or freelance and his network. And the freelancer said, yes, no, I can start working on this and invent Uber for energy. And what's the freelance and residence that he basically wrote a LinkedIn message to his network and asked his network, Hey, anyone in my network can help me to invent Uber for energy. And then all of the very early Ethereum developer ecosystem, because at this time there was the goal theory team and Amsterdam, and then I think C plus plus theory on team in Berlin and because it was Netherlands and the people from the Netherlands ecosystem said, Hey, yes, we have this fancy new technology, Ethereum, there's all the smart contracts. Why shouldn't we kind of try to not invent Uber for energy, but Uber for energy was out Uber in between, even if it's a disintermediation of Uber. And that's how I got in touch with the theater production and then be developed as early as 2015, already a peer to peer energy trading prototype, um, for, uh, on, based on smart contracts on the theory. So for households that offer energy because of renewable energy that could do a direct peer to peer energy transaction, other households that would like to consume energy. So with our utility, um, in the, uh, in between, without moving in between, and that is how I got in touch with the blockchain technology. Okay. Right. Brilliant. That's so cool. Um, there are so many interesting applications of blockchain today, be it, um, decentralized finance or defy, or for computing, I'm curious to know what, uh, got hooked onto decentralized identity and more specifically, why did you choose to specifically tackle the challenge of automating identity verification in end-to-end value chains? It's basically, um, the S mentioned, we di
Spherity,Spherity,,,,,,,,,Authorized Trading Partners,"DSCSA-Compliant Verification of Authorized Trading Partners - Spherity is working together with global pharmaceutical manufacturers, wholesalers, distributors, the Healthcare Distribution Alliance and other solution providers to develop a production-grade solution for the Authorized Trading Partner legislation by Autumn 2020. Spherity’s Cloud Identity Wallet enables the exchange and verification of electronic state licenses.",,https://web.archive.org/web/20220401000000*/https://spherity.com/pharma-authorized-trading-partners/,,Post,,Meta,,,,,Cloud Identity Wallet,,,2020-11-21,,,,,,,,,,,,,
Spherity,Spherity,,Medium,,Ontology,,,,,Ontology Partners with Spherity to Advance Digital Identity Solutions,Partnership will involve integration of Ontology blockchain into Spherity’s Cloud IdentityWallet,"Spherity Partners with Ontology to Advance Digital Identity Solutions Partnership will involve integration of Ontology blockchain into Spherity’s Cloud Identity Wallet Spherity the German decentralized digital identity specialist, announces a partnership with Singapore based high-performance enterprise blockchain and distributed collaboration platform Ontology. This strategic partnership will see the integration of the Ontology blockchain into Spherity’s Cloud Identity Wallet, and will allow Ontology to harness Spherity’s blockchain-agnostic Decentralized Digital Identity solutions across public and permissioned blockchains. The remit of the partnership will also extend to the creation of Proof-of-Concept (PoC) pilots around supply chain, mobility, and pharmaceutical verticals, along with joint research and marketing initiatives. The primary objective of the partnership is to deliver enterprise solutions for cross-border supply chain resilience and transparency. Andy Ji, Co-founder of Ontology, said, “Partnering with Spherity represents a further expression of intent towards accelerating the development of digital identity protocols, and underlines our commitment to addressing prevalent issues associated with identity security and data integrity. This partnership provides scope for the exploration of enterprise and product identity, as well as cross-border supply chain identity use cases including provenance, transparency, and authenticity.” Spherity builds enterprise cloud wallets and other decentralized digital identity management solutions that offer more secure and versatile cyber-physical bindings and supply chain tracking solutions. Based in Dortmund, Germany, the Spherity team is developing decentralized ‘digital twin’ applications — self-sovereign, unique digital representations of enterprises, products, machines or algorithms services — which are immutably anchored on a decentralized system, overcoming today’s trust and interoperability issues. Dr. Carsten Stöcker, CEO of Spherity, said, “The ambition and vision of the Ontology team directly correlates with Spherity’s own roadmap, both in terms of expediting the deployment of blockchain solutions globally, while also firmly imbuing the principles of trust and security in digital identity solutions. Ontology will provide invaluable access into key Asian markets for our bespoke cloud technology, and we are delighted to boost Ontology’s European presence, given our rich history of operations in Germany, Switzerland, and Austria.” The partnership focuses on connecting Sino-European ecosystems while establishing trust among supply chain actors. Together, Spherity and Ontology are uniquely positioned to establish interoperability and data portability across European and Asian Blockchain infrastructures. The joint goal is to deliver secure ‘collaborative data sharing’ solutions for ‘enterprise master data’ and ‘product serialisation’ with back-to-birth auditability. Ontology delivers a fast, user-friendly platform with a unique infrastructure that supports robust cross-chain collaboration, providing businesses with the tools to design their own blockchain solutions securely. Powered by the Ontology Token (ONT), the distributed collaboration platform allows businesses to enjoy the benefits of smart contracts and tokenization while retaining control of their sensitive data. “The strength and depth of the Spherity network can help us achieve our strategic objectives, particularly those pertaining to extending our European reach and advancing our B2B business development. We look forward to supporting the deployment of Spherity’s cloud technology in Asia while identifying mutually beneficial opportunities for collaboration moving forward,” concluded Ji. About Ontology Ontology is a high-performance public blockchain a
Spherity,Spherity,,Medium,,,,,,,Spherity Achieves ISO 27001 Information Security Standard Certification,"“To guarantee business continuity and protect data, we have built up an Information Security Management System (ISMS) in accordance with ISO/IEC 27001. For us as a company that deals directly with one of the most valuable assets that civilization has—identity—it was the logical pathway to give information security an appropriate degree of importance. Furthermore, we see it as our duty to our customers and employees to enter into this self-imposed obligation and to guarantee the highest possible level of information security—also as an investment in the deep mutual trust and ongoing cooperation with our clients.”","Spherity Achieves ISO 27001 Information Security Standard Certification Spherity, a company building digital identity management solutions, has achieved ISO/IEC 27001:2013 certification Issued by TÜV Rheinland, the certification confirms that the company’s data security systems, including the secure development process, meet the industry’s best practices at the highest level. ISO/IEC 27001 is the most widely used information security standard prepared and published by the International Organization for Standardization (ISO), the world’s largest developer of voluntary international standards. It includes requirements on how to implement, monitor, maintain, and continually improve an Information Security Management System (ISMS) within the context of the organization and its business needs. Conformity with this internationally recognized standard lies at the core of Spherity, since we consider information management essential to all of Spherity’s business operations. These best practices ensure we will continue to protect the interests of our customers, investors and employees, providing the highest level of security assurance. Information security is the practice of ensuring the Confidentiality, Integrity and Availability of information and data according to the “CIA principle,” and thereby defending information and data from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. Additionally, this principle maintains business operations and protects business continuity while minimizing risks. “To guarantee business continuity and protect data, we have built up an Information Security Management System (ISMS) in accordance with ISO/IEC 27001. For us as a company that deals directly with one of the most valuable assets that civilization has — identity — it was the logical pathway to give information security an appropriate degree of importance. Furthermore, we see it as our duty to our customers and employees to enter into this self-imposed obligation and to guarantee the highest possible level of information security — also as an investment in the deep mutual trust and ongoing cooperation with our clients.” – says Dr. Michael Rüther, COO/CFO, Spherity. The certification was validated following an assessment done by the independent certification body, TÜV Rheinland. It covered the organization’s IT systems, cloud services, applications and all related assets, as well as all information and data stored and transacted. The scope also included the company’s office, located in Dortmund, Germany. “Digitization is one of the trends of our time, bringing with it both significant opportunities and major risks: for example, new types of attack vectors are being created or the complexity of systems is increasing, which increases the risk of failure. Certification means that customers can expect systematic and continuous management of information security risks and business continuity. It is noteworthy that Spherity, as a start-up company, has committed itself to follow the internationally recognized standard for information security management.” – says Klaus Schneider, Managing Director of IMS-SCHNEIDER and Lead Auditor for TÜV Rheinland Cert GmbH. The certification is publicly available in the TÜV
Spherity,Spherity,,Medium,,Sovrin Steward,,,,,Spherity becomes a Sovrin Steward,"Spherity has assumed the role of Steward in the Sovrin Network, a not-for-profit worldwide alliance of companies that operate nodes supporting distributed ledger operations so that the network can provide identity forall.","Spherity becomes a Sovrin Steward Spherity to support Sovrin’s “public utility” network for identity Spherity has assumed the role of Steward in the Sovrin Network, a not-for-profit worldwide alliance of companies that operate nodes supporting distributed ledger operations so that the network can provide identity for all. The product of a nearly decade-old open-source community, this network is the largest and oldest global blockchain to support decentralized identity systems, including many governmental initiatives like Unlock in the Netherlands and the province-wide projects for corporate identities in Canada like British Columbia’s OrgBook. In Germany the Main Incubator in Frankfurt has recently launched its own Sovrin-based network, called LISSI, following Finland’s Findy and a handful of smaller efforts. Indy’s complex governance structures have reportedly been a substantial influence on the design of the European Commission’s eSSIF framework. Spherity co-founder Carsten Stöcker says: “Sovrin represents a unique approach to decentralized identity, which draws its strength from technology leadership, thoughtful governance and shared infrastructure. The Indy blockchain and the open-source Aries codebase are driven forward by a wide-ranging coalition of enterprises and communities. We are excited to become Stewards, which will enable us to support German and Europe-wide efforts to build trust frameworks and identity infrastructure from the ground up without starting from scratch.” Spherity has been exploring the Aries framework to build up an Indy wallet that can interoperate with the production-grade Indy-based products of project partner SwissCom (which has been a Steward since November 2018). Spherity plans to continue expanding its Indy libraries and wallets, particularly those supporting interoperability between Aries-compliant Indy wallets and Ethereum wallets. More information on this project can be found in this recent article. About the Sovrin Foundation The Sovrin Foundation is a nonprofit organization established to administer the Governance Framework governing the Sovrin Network, a decentralized global public network enabling self-sovereign identity on the internet. The Sovrin Foundation is an independent organization that is responsible for ensuring the Sovrin identity system is public and globally accessible. About Spherity Spherity is building decentralized identity management solutions to power Industry 4.0, bringing secure identities to enterprises, machines/IoT-devices, data and algorithms. Our client focus is primarily on technical industries like pharmaceuticals, supply chain and mobility. In particular, Spherity is supporting the introduction of identity solutions in the Industrial Internet of Things (IIoT) market, which is expected to have a value of over €400 billion by 2030 and 75 billion connected devices by 2025. Stay sphered by joining Spherity’s Newsletter list and following us on Linkedin and Twitter.",https://medium.com/spherity/spherity-becomes-a-sovrin-steward-b813cff2999b,,Post,,Meta,,,,,,,,2020-05-08,,,,,,,,,,,,,
Spherity,Spherity,,Medium,,Secure Digital Identity Association,,,,,Spherity joins VSDI (Secure Digital Identity Association),"Membership in the association allows[Spherity](http://www.spherity.com/)to participate in consultative processes around future tenders and initiatives, keeping us up to date on the needs of government digitization and the trends moving through state and federal bodies on these topics. It also fosters communication with companies working in specialized fields like military information technology, public services computing, finance, and cross-border issues. The VSDI sees itself as a practice-oriented competence network for politics, administration and business. The association communicates the bundled expertise of its members and advocates through its initiatives to enable secure, user-friendly and data protection-compliant digital identities.","Spherity joins VSDI (Secure Digital Identity Association) 28. January 2020 Spherity GmbH has joined the Berlin-based trade association, Verband Sichere Digitale Identität (VSDI)( engl.: Secure Digital Identity Association), attending the annual meeting hosted by the state-owned certificate, mint, and security conglomerate Bundesdruckerei GmbH, a founding member and part-owner of many others. Having changed its name earlier in the year (from Verband Sichere Identität Berlin Brandenburg), the association focuses more than ever on cybersecurity topics, data standards, usability, and other aspects of digital identity. In practical terms, the association coordinates between Bundesdruckerei, government contractors, IT companies, and other stakeholders as the Bundesdruckerei and administrators throughout the German federal and state government. Membership in the association allows Spherity to participate in consultative processes around future tenders and initiatives, keeping us up to date on the needs of government digitization and the trends moving through state and federal bodies on these topics. It also fosters communication with companies working in specialized fields like military information technology, public services computing, finance, and cross-border issues. 2020 is poised to be a breakthrough year for digital identity, with the federal and state governments embracing (and, just as importantly, funding) initiatives to make digital services more available, more usable, and more secure. For example, the Bundesministerium für Wirtschaft und Energie is running an ongoing series of rapid “Showcase” (Schaufenster) projects to promote this activity and German’s contributions to the European sector. About VSDI Our thesis Without secure digital identities for people, organisations and things, there can be no reliable digitalisation. The Secure Digital Identity Association (VSDI) is the nationwide network for companies, universities and research institutions that promotes the transformation from analogue to digital identities. The VSDI sees itself as a practice-oriented competence network for politics, administration and business. The association communicates the bundled expertise of its members and advocates through its initiatives to enable secure, user-friendly and data protection-compliant digital identities. Our members from the business community offer software and hardware, consulting and services to secure the digital world technologically. Our members from the research and science community research and test how secure digital identities can be improved. The member companies and institutions employ around 9,000 people and have an annual turnover of around 750 million euros. About Spherity Spherity is building decentralized identity management solutions to power the 4th Industrial Revolution, bringing secure identities to machines, algorithms, and other non-human entities. The client focus is primarily on technical industries like mobility, supply chain, and pharmaceuticals. In particular, Spherity is supporting the introduction of identity solutions in the Industrial Internet of Things (IIoT) market, which is expected to have a value of ov
Spherity,Spherity,,Medium,,IDUnion,,,,,Spherity partners IDunion Trusted Identity Ecosystem,Spherity announces that it has become a partner of the IDunionproject. The project is funded within the innovation framework “Showcase secure digital identities” of the German government (Federal Ministry for Economic Affairs and Energy). Spherity is entrusted on the application of cloud identity technology in the healthcare industry.,"Spherity partners IDunion Trusted Identity Ecosystem Spherity becomes Partner in German Government’s Secure Digital Identity Project Spherity announces that it has become a partner of the IDunion project. The project is funded within the innovation framework “Showcase secure digital identities” of the German government (Federal Ministry for Economic Affairs and Energy). Spherity is entrusted on the application of cloud identity technology in the healthcare industry. IDunion aims to provide identity solutions for business, government, and citizens that are user-friendly, trustworthy, and economical. The consortium and its partners will establish a decentralized identity ecosystem for individuals, companies and machines. Within the IDunion project Spherity is entrusted with the application of cloud identity technology in the healthcare industry. Secure and portable identities are necessary prerequisites for seamless e-health applications. In this context, secure digital identities are equally necessary for patients, healthcare professionals and healthcare institutions. Applying a decentralized digital identity (SSI*) approach to the management of e.g. patient data, legal requirements for data protection can be fulfilled, patient rights can be strengthened and the efficiency of digital system solutions can be significantly improved. In the project, these decentralized technologies will be linked with central systems such as Gematik infrastructure and health insurance systems for issuing and storing certificates, so that a corresponding hybrid architecture is created. Demonstrators and field tests will be created in the areas of telemedicine, e-prescription or electronic certificates of incapacity to work or digital vaccination cards. Spherity will further operate a node of the decentralized, heterogeneously distributed IDunion test network, which will be European legal framework (GDPR and eIDAS) compliant. About IDunion IDunion develops a basic infrastructure for the verification of identity data. For this purpose, a distributed database will be jointly operated, which will be managed by a European cooperative. The network will be set up and managed by various actors consisting of private companies, associations, cooperatives, government institutions, educational institutions and other legal entities. About Spherity Spherity is building decentralized digital identity management solutions to power the fourth industrial revolution, bringing secure identities to enterprises, machines, products, data and even algorithms. We provide the enabling technology to digitize and automate compliance processes primarily on highly-regulated technical sectors like pharmaceuticals, automotive and logistics. Spherity’s decentralized cloud identity wallet empowers cyber security, efficiency and data interoperability among digital value chains. Spherity is certified according to the information security standard ISO 27001. Stay sphered by signing up for our newsletter, follow us on LinkedIn or Twitter. Press Inquiries Please direct press inquiries to: Marius Goebel communication@spherity.com",https://medium.com/spherity/spherity-joins-idunion-trusted-identity-ecosystem-e89d093be35a,,Post,,Meta,,,,,,,,2021-03-12,,,,,,,,,,,,,
Spherity,Spherity,,Medium,,Swisscom Blockchain,,,,,Swisscom Blockchain & Spherity are Co-developing Cloud Identity Wallets,"Swisscom BlockchainandSpherityhave both built interoperable Cloud Identity Wallet solutions that handle this kind of world-class, highly trustworthy data, allowing it to transcend silos, proprietary systems, and blockchains. Binding data to digital identities at a low level is the key to bringing more value to all stakeholders in any industry, and making data trustworthy and verifiable anywhere. At its heart, this is what an identity wallet does, and we are proud to have developed two industry-leading, enterprise-grade identity wallets tailored to the documentation needs of the pharmaceutical industry.","Swisscom Blockchain & Spherity are Co-developing Cloud Identity Wallets Real interoperability is built together Swisscom Blockchain and Spherity have both built interoperable Cloud Identity Wallet solutions that handle this kind of world-class, highly trustworthy data, allowing it to transcend silos, proprietary systems, and blockchains. It seems like every day the market for data grows larger, but not all data is of equal value: on the contrary, data’s value increases exponentially the more trustworthy it is. There is a rising demand for trustworthy data, particularly for verifiable data that can travel far and wide without risk or privacy complications. Binding data to digital identities at a low level is the key to bringing more value to all stakeholders in any industry, and making data trustworthy and verifiable anywhere. At its heart, this is what an identity wallet does, and we are proud to have developed two industry-leading, enterprise-grade identity wallets tailored to the documentation needs of the pharmaceutical industry. “We both offer similar solutions and we decided to work together while designing our products because we both wanted to create solutions that are, since day 1, interoperable.” says Luigi Riva, Senior Technical Product Manager, SwissCom Blockchain AG Goals and Accomplishments Swisscom Blockchain and Spherity both have seasoned teams of developers and architects with decades of experience in decentralized and traditional Identity and Access Management, as well as cybersecurity and cryptography topics. For this reason, we see the value that will be unlocked by the emerging Worldwide Web Consortium standards for identity-linked data, but also the challenges that come with such innovation. These include the properly technological limitations of the current generation of platforms and products, such as the customizations we’ve had to make to the open-source Indy libraries to accommodate our clients’ high security requirements. Because of these high requirements, we also value cryptographic agility and work hard to future-proof our security model as well as our codebase. Another technological upgrade we made to the underlying codebase entailed carefully linking verified “attachments” to create a hybrid solution (both machine-readable and human-readable) beyond the size limitations of a traditional Indy-style verified credential. But the most important challenge is balancing these kinds of customizations against the promise of interoperability and freedom from “vendor lock-in”. To fulfil this promise, we chose not just to work together closely as “coop-etitors” but to go one step further, “co-developing” two parallel solutions cooperatively and making sure both of our customizations staying interoperable with the underlying platform and other wallet providers. Comparing designs and testing interoperability throughout the process. We based our two solutions not just on existing Hyperledger Indy standards, but worked together on more future-proof prototyping of a solution inspired by the ongoing Hyperledger Aries specification process (technical readers can find more detail here). Security features fit for a king The current drafts of the Aries cloud-agent specifications are light on details about security, yet our clients on this project were ente
Spherity,Spherity,,Medium,,,,,,,New Product to Support Pharmaceutical Supply Chain Compliance,The product establishes trust in digital interactions between trading partners in pharmaceutical supply chains and ensures compliance with the U.S. Drug Supply Chain Security Act (DSCSA).,"Spherity launches New Product to Support Pharmaceutical Supply Chain Compliance Already integrated by SAP and rfxcel, the Spherity Credentialing Service is now ready to be shipped to the market Spherity announces the launch of its new product: The Spherity Credentialing Service, which sets the benchmark for compliance solutions in the field of trading partner verification and is available from today. The product establishes trust in digital interactions between trading partners in pharmaceutical supply chains and ensures compliance with the U.S. Drug Supply Chain Security Act (DSCSA). We are proud that Novartis, as an innovation leader, is looking to adopt the Spherity Credentialing Service. David Mason, Regional Serialization Lead at Novartis says that “Using credentialing is the first proven digital solution for our industry that addresses the ATP compliance gap of knowing if the counterparty is an Authorized Trading Partner. This is a foundation to meet DSCSA requirements by 2023.” SAP and rfxcel have integrated the Spherity Credentialing Service within their verification routing service solutions to be able to share and verify the Authorized Trading Partner (ATP) status in product verifications. Herb Wong, Vice President of Marketing & Strategic Initiatives at rfxcel says “The Credentialing Service is the most comprehensive effort to address the upcoming Authorized Trading Partner requirement for DSCSA. rfxcel was impressed to see how seamlessly it integrated with our solution.” Dr. Oliver Nuernberg, Chief Product Owner at SAP says “For SAP, one of the key requirements was to ensure that the existing returns verification process is not impacted by adding credentialing. By making the credentialing optional, we further ensure that our customers can add this capability over time without disrupting existing processes.” The Spherity Credentialing Service enables supply chain actors to verify in real time that they are only exchanging information with Authorized Trading Partners (ATP), as per DSCSA requirements, even when they do not have a direct business relationship yet. The Spherity Credentialing Service integrated Legisym as credential issuer and is based on the ATP architecture that was tested by an industry wide pilot. Beyond DSCSA compliance, Spherity leverages process efficiencies of exchanging data with indirect business partners by avoiding manual and time consuming due diligence processes. Saving significant time and money for all participants in the ecosystem. To drive the utilization of decentralized digital identity technologies across the industry, Spherity participates in the newly founded Open Credentialing Initiative (OCI). As an industry consortium, this initiative incubates the ATP architecture and governs further standardization efforts. “Using ATP credentials for product verification interactions is just the tip of the iceberg. The established enterprise identities and associated verifiable credentials will leverage efficiency to exchange data in regulated environments”, says Georg Jürgens, Manager Industry Solutions at Spherity. About Spherity Spherity is building decentralized digital identity management solutions to power the fourth industrial revolution, bringing secure identities to enterprises, machines, products, data and even algorithms. We provide the enabling technology to digitize and automate compliance processes primarily in highly-regulated technical sectors like pharmaceuticals, automotive and logistics. Spherity’s decentralized cloud identity wallet empowers cyber security, efficiency and data interoperability among digital value chains. Spherity is certified according to the information security standard ISO 27001. Stay sphered by signing up for our newsletter, follow us on LinkedIn or
Spherity,Spherity,,,,,,,,,One-Button Trusted Release,"Medical products with verifiable credentials - Imagine a digitalized Trusted Release process on a batch with instant access to all the relevant information in verifiable form, rather than dealing with multiple distributed paper documents. Digitized and pre-validated data allows the Qualified Person to dig deeper or double-check any input with a minimum friction of effort.",,https://web.archive.org/web/20220517020902/https://spherity.com/pharma-one-button-trusted-release/,,Post,,Product,,Healthcare,,,,,Verifiable Credentials,2020-11-21,,,,,,,,,,,,,
Spherity,Spherity,,,,,,,,,Pharma Third Party Risk Management,"How can we shorten the supplier onboarding effort in Third Party Risk Management from the thirty days that is typical today, to only three days?",,https://web.archive.org/web/20210119061430/https://spherity.com/pharma-one-button-trusted-release/,,Post,,Product,,,,Risk Management,,,,2020-11-21,,,,,,,,,,,,,
Spruce,,Spruce,,Gregory Rocco; Jacob Blish; Wayne Chang,,"USA, New York, New York",USA,,,Spruce Systems,"Spruce is building a future where users own their identity and data across all digital interactions. Our open-source credentialing infrastructure is standards-compliant, production-ready, and extensible into typical enterprise and government IT systems","We're building the open-source stack to leave control of identity and data where it should be: with users. This begins with SSX. Spruce is building a future where users control their identity and data across all digital interactions. We believe in endowing individuals with control over privacy through open-source software that makes user-controlled interactions possible. Today, identity providers, such as Google, Facebook, or Apple manage the entire login experience, but so much more can be unlocked by unbundling the login: user control, data sharing, and faster innovation. We use these libraries as the building blocks for our own products and, in the spirit of collaborative innovation, we make them accessible as open-source libraries for other builders to use. SpruceID is an ecosystem of open source libraries to enable user-controlled identity anywhere. Kepler is a decentralized storage system that uses smart contracts to define where your data live and who has access. Enable reusable identity verifications across social media, DNS and more. Enable users to control their digital identity with their Ethereum account using Sign-In with Ethereum. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Commodo risus euismod.Learn more Lorem ipsum dolor sit amet, consectetur adipiscing elit. Commodo risus euismod.Learn more Lorem ipsum dolor sit amet, consectetur adipiscing elit. Commodo risus euismod.Learn more Lorem ipsum dolor sit amet, consectetur adipiscing elit. Commodo risus euismod.Learn more Lorem ipsum dolor sit amet, consectetur adipiscing elit. Commodo risus euismod.Learn more Lorem ipsum dolor sit amet, consectetur adipiscing elit. Commodo risus euismod.Learn more Our libraries are the building blocks for our products, and in the spirit of collaborative innovation, they are modular and open-source for any builders in the community at large.Learn more",https://www.spruceid.com/,,Company,,Company,Enterprise,ID,,,,,,2020-05-13,,,,https://medium.com/@sprucesystems,https://medium.com/@sprucesystems,,https://www.crunchbase.com/organization/spruce-systems,https://www.linkedin.com/company/sprucesystemsinc/,,,,,
Spruce,TechCrunch,,,,Ethereum Foundation; Ethereum Name Service,,,,,Decentralized Identity Startup Spruce Wants to Help Users Control their Sign-In Data,The company [won an RFP](https://www.coindesk.com/policy/2021/10/08/sign-in-with-ethereum-is-coming/)from the Ethereum Foundation and Ethereum Name Service (ENS) to develop a standardized “sign-in with Ethereum” feature that could be interoperable with web2 identity systems [...] to let [users] control what information a platform receives about them when they sign in rather than automatically surrendering the data to the platform.,"Signing into websites using your Google or Facebook account has become so commonplace that lots of people don’t think twice before doing it. Keeping control over one’s own identity on the internet often requires a substantial sacrifice of convenience, so plenty of users have accepted the status quo of social media platforms being able to access and share their data freely, sometimes even in nefarious ways. Spruce, a decentralized identity startup, thinks the blockchain can fix this. The company won an RFP from the Ethereum Foundation and Ethereum Name Service (ENS) to develop a standardized “sign-in with Ethereum” feature that could be interoperable with web2 identity systems. The goal of allowing users to log in using a cryptographic identifier such as their Ethereum wallet address is to let them control what information a platform receives about them when they sign in rather than automatically surrendering the data to the platform. Wayne Chang, co-founder and CEO of Spruce, told TechCrunch that web2 platforms that offer sign-in capabilities have been able to access this data in the past because they offer trust and verification to users of the network. He and his co-founder, Gregory Rocco, both worked at blockchain infrastructure provider ConsenSys before starting Spruce. The company has been holding weekly calls to solicit input from the broader community on the “sign-in with Ethereum” project as it develops the feature, Chang told TechCrunch. Chang used the example of Uber to illustrate why centralized platforms have been viewed as valuable in the past and how a decentralized network could take its place. “If there’s an intermediary like Uber collecting 25%, they have to be doing something for the system. But what does it look like if those [intermediaries] became networks, and they were more like public utilities than a private company that’s trying to collect rent?” Chang said. That’s the question Spruce is trying to answer by building a public utility of sorts for internet users, but doing so requires individual users to build trust with one another by voluntarily sharing data through the network when they can’t rely on a centralized intermediary to make assurances. “If we imagine a smart contract-based ridesharing system, there’s a lot of concerns about that, because you don’t want to just send a transaction to a smart contract, and then step into the next car that pulls up. Instead, it’d be nice if the driver could present that they are a licensed driver, haven’t had too many accidents and that the network has [validated] their good reputation,” Chang said. In turn, the driver might want to know something about the rider’s reputation, akin to their star rating. Data on the internet could move in a similar way if it was decentralized and permissionless, allowing individuals to control what information they share with platforms, Chang continued. “A different way to phrase it is that there are transaction costs associated with booking a rideshare, and there’s a trust portion of those transaction costs. If you’re not able to mitigate [distrust] enough, then those transactions just won’t happen, so if we can move data in a decentralized and authentic way, then maybe a lot more is possible,” Chang said. Spruce offers two main products — SpruceID, a decentralized identity toolkit, and Kepler, a self-sovereign storage product. These products support use cases in service of Spruce’s br
Spruce,MarketScreener,,,,Okta; Wayne Chang,,,,,Founders in Focus: Wayne Chang of Spruce,Each month we highlight one of the founders of Okta Ventures' portfolio companies. You'll get to know more about them and learn how they work with Okta.,"Each month we highlight one of the founders of Okta Ventures' portfolio companies. You'll get to know more about them and learn how they work with Okta. This month we're speaking with Wayne Chang of Spruce. What is Spruce and what is your mission? Spruce is an open-source software company with the mission to let users control their data across the web, starting with Web3. What were you doing prior to Spruce that led you to this moment? Before Spruce, I was part of the leadership team for decentralized identity initiatives at ConsenSys, which incubated uPort, one of the first self-sovereign identity projects ever. It was at ConsenSys that we realized the power of the core technology. It gives individuals control, while phasing out rent-seeking intermediaries, and empowers end-users. Essentially, it diminishes the power of platforms that rely on keeping users locked in. The combination of self-sovereign identity and Web3 enables a model where being locked into a specific platform is erased, and control returns to the user-a victory for consumer choice. That's what we're trying to continue and bolster at Spruce. What is Spruce's solution? What challenges does it solve? We believe the world is moving away from today's centralized model, where users log in to platforms and mayor may not be granted access based on various factors, to a decentralized model, where platforms access a users' Personal data vault, and the user is empowered to adjust permissions for anyone, at any time. To get there, we must move towards open authentication systems based on public-key cryptography, such as Sign-In with Ethereum. Ethereum has tens of millions of monthly active users, and the ones we have spoken to are excited to take back their digital control. As these systems are developing, we're seeing a new class of compatible technologies, such as Personal data vaults like Kepler. This software allows individuals, companies, and decentralized autonomous organizations to host and protect their data wherever they want, whether it's with a company they trust or a server in their basement-all without interruption of service. There will also be a shift away from proprietary databases and shadow profiles, and toward open standards that allow for digital credentials, exportable social media graphs, and data-all fully controlled by the user. We combine many of these open standards into two open-source products under the Apache 2.0 license: the decentralized identity toolkit DIDKit, and the white label-ready credential wallet Credible. Why did Spruce want to work with Okta? We wanted to work with Okta because companies that choose Okta tend to take security and data ownership pretty seriously. It's the top vendor recommended when companies are standardizing their company single sign-on strategy in pursuit of better security, digital accountability, or security compliance standards like SOC 2, ISO 27001, or FedRamp. We're customers as well as Okta partners. These companies also tend to care about data sovereignty, zero-trust architectures, digital credentialing, and user-centric data workflows such as those found in Web3. Spruce solves many of these problem categories, and we're grateful to have the opportunity to collaborate with these companies in a way that works seamlessly with existing Okta installations. For example, our product allows any Okta or Auth0 customer to securely interact with blockchain accounts simply by installing a marketplace plugin. How is Spruce working with Okta? What support do you look for in a corporate partner? We are working with Okta in several ways. First, we are happy to announce the release of our Sign-In with Ethereum integration to the Auth0 marketplace, which allows any Auth0 customer to implement the Sign-In with Ethereum workflow with the click of a button to resolve data from t
Spruce,Spruce,,,,,San Francisico,,,Graph Hack 2022,Spruce At Graph Hack 2022,"Earlier this month, The Graph hosted Graph Hack at the Palace of Fine Arts in San Francisco. Graph Hack was a three-day hackathon, bringing together developers to kickstart the latest dapps and ideas featuring a mix of on and off-chain data via a variety of impactful use-cases.","Spruce At Graph Hack 2022 Earlier this month, The Graph hosted Graph Hack at the Palace of Fine Arts in San Francisco. Graph Hack was a three-day hackathon, bringing together developers to kickstart the latest dapps and ideas featuring a mix of on and off-chain data via a variety of impactful use-cases. Earlier this month, The Graph hosted Graph Hack at the Palace of Fine Arts in San Francisco. Graph Hack was a three-day hackathon, bringing together developers in Web3 to kickstart their latest ideas featuring a mix of on and off-chain data. We're happy to have been a sponsor for the event, working with developers on the ground and fleshing out the next generation of applications that effectively leverage on-chain data and Sign-In with Ethereum. As always, our main focus is to help teams get started building with Sign-In with Ethereum and ushering forward new ways in which users can own their own identifier and identity. As part of the event, we had prizes for the best use cases that used Sign-In with Ethereum for a meaningful workflow in an application, and additional prizes for use cases that incorporate the core authentication flow. We're happy to highlight some of the projects that used Sign-In with Ethereum during the hackathon: Project Highlights using Sign-In with Ethereum Borantia is an on-chain volunteer platform that enables DAOs to create bounties for users to claim for related tokens and commemorative badge NFTs. In addition to the bounty system, the platform also offers a way for users to view their earned badges and tokens on their own profile pages, and it also has an in-app leaderboard to encourage continued volunteering. BlockParty is a social video gallery that enables users to capture videos and store them as NFTs organized by time and place. This process is to remember moments from live events, gatherings, and more, and share them with friends. Dynamic Carbon Offset NFTs is a project that features a way to offset your carbon emissions for a particular period of time by purchasing carbon credits as NFTs. The NFT represents a plant, and slowly dies over time as it gets closer to its expiration period. Proceeds from the sale of the NFTs go toward carbon offset programs. We would like to thank the team at The Graph for putting on a great event. We look forward to continuing to work with developers on the ground at various hackathons around the globe. We hope to see you at the next one! Spruce lets users control their data across the web. If you're curious about integrating Spruce's technology into your project, come chat with us in our Discord:",https://blog.spruceid.com/spruce-at-graph-hack/,,Post,,Meta,,,,,,,,2022-06-17,,,,,,,,,,,,,
Spruce,Spruce,,,,,,,,,Spruce Raises $34M to Unbundle the Login for a User-Controlled Web,"With the new funding, Spruce will spearhead research in cutting-edge privacy and usability technology for identity, grow its product teams, and continue to execute on partnerships across the ecosystem.","Spruce Raises $34M to Unbundle the Login for a User-Controlled Web We're excited to announce that we have raised $34 million in a Series A round led by Andreessen Horowitz. Spruce enables users to control their data across the web as the world becomes increasingly dependent on cryptography, networks, and digital economies. We're excited to announce that we have raised $34 million in a Series A round led by Andreessen Horowitz. Spruce enables users to control their data across the web as the world becomes increasingly dependent on cryptography, networks, and digital economies. Our product suite powers the necessary authentication, credentialing, and storage needed for portable reputation for users, providing decentralized access control to data, and interoperability between Web2 APIs and Web3. With the new funding, Spruce will spearhead research in cutting-edge privacy and usability technology for identity, grow its product teams, and continue to execute on partnerships across the ecosystem. Our Supporters We're thrilled to welcome Okta Ventures, SCB 10X, Robot Ventures, and OrangeDAO, and for continued participation from Ethereal Ventures, Electric Capital, Y Combinator, A.Capital Ventures, Third Kind Venture Capital, Protocol Labs, SV Angel, and Gemini Frontier Fund. Additionally, they are also joined by Alex Pruden, Anthony Sassano, Benjamin Jack, Dev Ojha, Ejaaz Ahamadeen, Jeromy Johnson, Juan Benet, Matias Woloski, Matt Condon, Matt Luongo, Ryan Li, Scott Belsky, Sunny Aggarwal, Teck Chia, Viktor Bunin, William Allen, Will Villanueva, and many more. We look forward to continuing our work with key supporters who share our vision of a user-controlled world, and to welcoming new ones. - If you’re interested in working on the future of user-controlled identity and data, we’re hiring! Check out our openings: To get started building with Spruce, check out: Spruce enables users control their data across the web. If you're curious about integrating Spruce's technology into your project, come chat with us in our Discord:",https://blog.spruceid.com/spruce-raises-34m-to-unbundle-the-login-for-a-user-controlled-web/,,Post,,Meta,,,,,,Sign in with Ethereum,,2022-04-20,,,,,,,,,,,,,
Spruce,VentureBeat,,,,,,,,,"Spruce sets the bar for sovereign identity storage options, secures $7.5M","Spruce, a service that allows users to control their data across the web, has raised $7.5 million. The company builds open source, open standard developer tools helping users collect and control their data across the web. It helps prevent NFT frauds and defines access rules for decentralized","Spruce, a service that allows users to control their data across the web, has raised $7.5 million. The company builds open source, open standard developer tools helping users collect and control their data across the web. It helps prevent NFT frauds and defines access rules for decentralized finance pools and decentralized autonomous organizations (DAOs). The company has earned recognition for becoming the project lead for sign-in with Ethereum, a new form of authentication helping users control their digital identity with their Ethereum account and ENS profile rather than a traditional intermediary. Your Keys, Your Data Spruce’s tagline, “Your Keys, Your Data,” encapsulates the services it provides. Working seamlessly across multiple blockchains like Ethereum, Polygon, Tezos, Solana, Ceramic, and Celo, Spruce’s portfolio offers two signal products: Spruce ID and Kepler. While SpruceID implies an ecosystem of open source tools enabling user-controlled identity anywhere, Kepler is the decentralized storage that leverages smart contracts to determine the location of user data and its access. Event Intelligent Security Summit On-Demand Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today. SpruceID is a collection of four service categories: DIDKit, Rebase, Keylink, and Credible. DIDKit serves as a cross-platform decentralized identity framework, while the Rebase facilitates reusable identity verifications across social media, DNS, etc. The Keylink, as a feature, serves the purpose of linking existing system accounts to cryptographic tokens. Credible is a Whitelabel-ready credential wallet. Kepler, on the other hand, is Spruce’s self-sovereign storage. With Kepler, a user can share their digital credentials, private files, and sensitive media to blockchain accounts. All they need to carry out this sharing process is a Web3 wallet. Kepler also helps serve exclusive content to chosen NFT holders. To refine access, it uses NFT attributes and other blockchain data. With Kepler’s permission-centric storage facilities, users can allow DAO-curated registry members to access sensitive content. Self-sovereign identity The benefit of Spruce’s sovereign storage facility is that individual users own their storage, and no one other than them can govern their Personal data. An individual’s keys control the smart contracts that define their Kepler service contours. Users can manage and access their Kepler services through their Web3 wallet, without having to go for any additional downloads or installs. Additionally, the ‘programmable permissioning’ feature allows users to define their own rules. Users can set data access guidelines by determining the norms of who can do what. There is also the benefit of upgrading rules with ownership or identity verifiable modules. All these reasons are what motivated the investors towards Spruce. According to Joe Lubin, cofounder of Ethereal Ventures, “combining identity and storage elegantly,” Spruce is “building user-centric, Web3-style tools for the decentralized future.” Along similar lines, Ken Deeter, an investment partner at Electric Capital, believes that “Spruce is redefining how applications collect and share our data with others.” Although Ethereal Ventures and Electrical Capital led the round, Spruce won the support of a range of leading blockchain investors, including Bitkraft, Coinbase Ventures, Alameda Research, A. Capital Ventures, Protocol Labs, and the Gemini Frontier Fund. VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative ente
Spruce,Spruce,,Medium,,,,,,,Credible,"Spruce’s native credential wallet for the consumption, storage, and presentation of Verifiable Credentials on Android and iOS.",,https://medium.com/@sprucesystems/spruce-developer-update-2-484368f87ee9,,Post,,Product,,,,,,,,2020-10-07,,,,,,,,,,,,,
Spruce,Spruce,,,,,,,,,Spruce Developer Update #19,"- Sign-In with Ethereum offers a new self-custodial option for users who wish to assume more control<br>- Kepler is a decentralized storage network organized around data overlays called Orbits. Kepler allows users to Securely share their digital credentials, private files, and sensitive media to blockchain accounts, all using a Web3 wallet","Spruce Developer Update #19 At Spruce, we’re letting users control their identity and data across the web. Here’s the latest from our development efforts across Sign-In with Ethereum, Kepler, and SpruceID. At Spruce, we’re letting users control their identity and data across the web. Here’s the latest from our development efforts: Sign-In with Ethereum Sign-In with Ethereum is a new form of authentication that enables users to control their digital identity with their Ethereum account and ENS profile instead of relying on a traditional intermediary. We recently posted a Sign-In with Ethereum-specific April recap that can be found here: Kepler Kepler is a decentralized storage network organized around data overlays called Orbits. Kepler allows users to Securely share their digital credentials, private files, and sensitive media to blockchain accounts, all using a Web3 wallet. - Cryptoscript: added support for JSON templated REST queries as script input, including documentation, test methods, and verbose errors (cryptoscript#2) - The capability subsystem is implemented, providing a registry of delegations, invocations, and revocations (kepler#99). - Simplified Kepler SDK PR merged (kepler-sdk#35), and added an example dapp to show how to use it (kepler-sdk#37). - Simplified Kepler HTTP API to a single endpoint for invocation (of any action) and a single endpoint for delegation (of any action) (kepler-sdk#38, kepler#107). - Remote backend storage is now supported using S3 and DynamoDB (kepler#96, kepler#106). - Prometheus metrics were added (kepler#110), and work is underway to implement tracing and further metrics. - Work is underway to unify authentication in Kepler by supporting a single capability representation and adding translation functionality to the SDK. SpruceID SpruceID is a decentralized identity toolkit that provides everything you need for signing, sharing, and verifying trusted information. DIDKit - Added StatusList2021 implementation (ssi#278). - Auto-generate PRs to update bundled context files (ssi#421). - Add zCap context files; update other context files (ssi#419). - Allow RSA key lengths greater than 2048 with JsonWebSignature2020 (ssi#423). - Improve did:onion configuration (didkit#292). Spruce lets users control their data across the web. Through SpruceID and Kepler, Spruce provides an ecosystem of open source tools for developers that let users collect their data in one place that they control, and show their cards however they want. If you're curious about integrating Spruce's technology into your project, come chat with us in our Discord:",https://blog.spruceid.com/spruce-developer-update-19/,,Post,,Product,,,,,,Ethereum,,2022-05-04,,,,,,,,,,,,,
Spruce,Spruce,,,,,,,,,Spruce Developer Update #21,"We're currently working on a new, ergonomic way to use Sign-In with Ethereum and session management for applications, and are currently in the process of setting up beta testing. If you're interested in trying this out, please get in touch.","Spruce Developer Update #21 At Spruce, we’re letting users control their identity and data across the web. Here’s some of the latest from our development efforts. At Spruce, we’re letting users control their identity and data across the web. Here’s some of the latest from our development efforts: Sign-In with Ethereum Sign-In with Ethereum is a new form of authentication that enables users to control their digital identity with their Ethereum account and ENS profile instead of relying on a traditional intermediary. - We're currently in the process of designing and implementing a method of delegating object capabilities to a session key using a SIWE message. For more on session keys, check out: - We are currently working various fixes across our libraries such as an update for our Discourse plugin, updating some of our examples, and are in the process of releasing v2.0.4of our SIWE core library. - As mentioned in our previous update, our community run identity server via the ENS DAO has had a witnessed deployment and is currently set up on Cloudflare along with relevant access for witnesses. Additionally, the Sign-In with Ethereum documentation has been updated to point to this new server. - We are currently finishing work with a major wallet on a direct Sign-In with Ethereum integration, and are currently working on how Sign-In with Ethereum can support non-standard verification methods. - We're currently working on a new, ergonomic way to use Sign-In with Ethereum and session management for applications, and are currently in the process of setting up beta testing. If you're interested in trying this out, please get in touch. Kepler Kepler is a decentralized storage network organized around data overlays called Orbits. Kepler allows users to Securely share their digital credentials, private files, and sensitive media to blockchain accounts, all using your Web3 wallet. - We've rewrote the core SDK functionality in Rust, refactored out some core definitions from keplerto kepler-lib, and added support for CACAO-ZCAPs (kepler #116) - We've implemented better bundling of the Wasm SDK dependency to improve developer experience, removing the need for specific configuration downstream. (kepler-sdk #40) SpruceID SpruceID is a decentralized identity toolkit that provides everything you need for signing, sharing, and verifying trusted information. DIDKit - We've added a basic UCAN implementation that takes advantage of ssi's JWT/JWS and DID tools. (ssi#447). - Various minor improvements and fixes. Rebase - We have deployed the first demo example of a Rebase frontend that allows users to go through various workflows that result in the user receiving a valid Verifiable Credential. - The demo features credential workflows for Twitter accounts, GitHub accounts, DNS ownership, and demonstrating ownership over two Ethereum wallets. - We've fully documented the architecture, and have added guides on implementing new signers, witness flows, and schemas. This information will also be added to the core SpruceID documentation. - Our next step here is to contribute this codebase to the Rebase community initiative, allowing any organization to issue Rebase credentials. Standards and Community - We congratulate the Decentralized Identity community on the DID-core specification moving forward to become a W3C recommendation. Spruce lets users control their data across the web. Through SpruceID and Kepler, Spruce provides an ecosystem of open source tools for developers that let users collect their data in one place that they control, and show their cards however they want. If you're curious about integrating Spruce's technology into your project, come chat with us in our Discord:",https://blog.spruceid.com/spruce-developer-update-21/,,Post,,Product,,
Spruce,Spruce,,,,,,,,,Spruce Developer Update #23,"Updates on Sign in with Ethereum, Kepler, DIDKit, Rebase","Spruce Developer Update #23 At Spruce, we’re letting users control their identity and data across the web. Every month, we release a developer update detailing our progress on our open source libraries and beyond. At Spruce, we’re letting users control their identity and data across the web. Every month, we release a developer update detailing our progress on our open source libraries and beyond. Check out our previous update here: Here’s the latest from our development efforts: Sign-In with Ethereum Sign-In with Ethereum is a new form of authentication that enables users to control their digital identity with their Ethereum account and ENS profile instead of relying on a traditional intermediary. - As mentioned in a previous update, most of our efforts are currently focused on a product that will make working with Sign-In with Ethereum even easier for developers. Additionally, this initiative will also include enhancements to existing applications and additional information on user interactions. Interested in testing this out early? Get in touch! - CapGrok, an extension to EIP-4361 which provides concise wallet-signable messages with capability delegations, has been submitted to the EIP repository for consideration to become a draft EIP (4362). We will soon have an accompanying blog post breaking down CapGrok, and what it means for the future of Sign-In with Ethereum. Check it out here: - We're working on various improvements to our Sign-In with Ethereum TypeScript library, which will be reflected next month in a v2.1release. Kepler Kepler is a decentralized storage network organized around data overlays called Orbits. Kepler allows users to Securely share their digital credentials, private files, and sensitive media to blockchain accounts, all using your Web3 wallet. - Established performance baseline with load tests, and refined API errors (kepler#118) - Kepler SDK: Abstract over the kepler-sdk-wasminterface, to be able to swap in any module that satisfies that interface (kepler-sdk#48) SpruceID SpruceID is a decentralized identity toolkit that provides everything you need for signing, sharing, and verifying trusted information. Documentation for our core identity tooling can be found here: DIDKit / ssi - As mentioned in a previous update, we're currently restructuring our ssilibrary to make it even easier for developers to import and use. The ssicrate has now been restructured into a variety of more feature-specific crates, which are brought together in the top-level ssicrate (ssi#457). - Update Python examples and fix CI (didkit#308) Rebase We've introduced several new flows and functionality to Rebase including: - A flow linking an active Reddit account to a selected identifier (Rebase #29). - A flow linking a SoundCloud account to a selected identifier (Rebase #30). - Ongoing: the ability to use a Solana account as an identifier, obtain credentials, and two public keys together [Ethereum to Ethereum, Solana to Solana, or Ethereum to Solana] (Rebase #32). TreeLDR - We've released our first implementation of TreeLDR: an open-source developer tool with a DSL that makes managing data schemas as easy as defining data structures in your favorite (sane) statically-typed language. To read more about TreeLDR and how we're using it internally (or to try it out), check out the following: Spruce lets users control their data across the web. Spruce provides an ecosystem of open source tools for developers that let users collect their data in one place they control, and show their cards however they want. If you're curious about integrating Spruce's technology into your project, come chat with us in our Discord:",https://blog.spruceid.com/spruce-developer-update-23/,,Post,,Product,,,,,,"Ethereum,Kepler,DIDKit,Rebase",,2022-09-06,,,,,,,,,,,,,
Spruce,Spruce,,Medium,,,,,,,Spruce Developer Update #8,- “We are currently working on a project that will enable creator authenticity for digital assets including NFTs.”<br>- “focused on advancing did-tezos as the first formally verified DID Method.”<br>- DIDKit Updates<br>- Credible Updates,"Spruce Developer Update #8 At Spruce, we’re building the most secure and convenient way for developers to share authentic data. Here’s the latest from our open source development efforts: Work-in-Progress: Creator Authenticity We are currently working on a project that will enable creator authenticity for digital assets including NFTs. The initial smart contracts are written, as well as a CLI/library to interact with web applications. We plan on alpha testing the application this week. Formally Verifying the Tezos DID Method The Tezos DID method is a DID method that optimizes for privacy, enables formal verification, and scales to billions of identifiers by using “off-chain updates,” which allow private networks to extend and update on-chain data. A lot of our current work is focused on advancing did-tezos as the first formally verified DID Method. We’ve continued work on improving the DID method’s core smart contract for on-chain updates. A first version of the formal proof has also been written, and a CI pipeline has been established. DIDKit Updates DIDKit is a cross-platform toolkit for working with W3C Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs). - Added a Python package. - Added a Django example app. - Added a Flask example app. - Added a JavaServer Pages (JSP) example app. - Added a Svelte example CHAPI wallet. - We’ve enabled DID Methods to use HTTP(S) on WASM and Android. - Conducted a test with the VC HTTP API v0.0.2 test suite. Test report. - Worked on support for Relative DID URLs. - Improved DID URL dereferencing to support more DID documents. - Support publicKeyBase58 for Ed25519. - Implement did:onion. - (WIP) Implement did:pkh — a DID method for deterministic handling of public key hashes by curve. - Released ssi v0.2.0. - Published to crates.io: ssi, ssi-contexts, did-web, did-method-key, did-tz, did-sol, did-pkh, did-ethr, did-onion. - General bug fixes. Credible Updates Credible is a credential wallet for the verification, storage, and presentation of Verifiable Credentials using Decentralized Identifiers. In addition to our native mobile editions, we’ve since written a browser extension version of Credible along with an SDK to enhance any web application with decentralized identity. If you would like to discuss how we would deploy the architecture described above for a specific use case, please take 30 seconds to leave us a message, and we will respond within 24 hours.",https://sprucesystems.medium.com/spruce-developer-update-8-70f04e95a5d4,,Post,,Product,,,,,,,,2021-04-06,,,,,,,,,,,,,
Spruce,Spruce,,,,,,,,,Sign in with Ethereum,"Already used throughout Web3, this is an effort to standardize the method with best practices and to make it easier for web2 services to adopt it.",,https://login.xyz/,,Project,,Product,,,,,,"Ethereum,Sign in with Ethereum",,2021-10-01,,,,,,,,,,,,,
Spruce,Spruce,,Medium,,,,,,,DIDKit,a cross-platform toolkit for working with W3C Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs).,"Introducing DIDKit In order to better work with decentralized identifiers and verifiable credentials, we’re working on DIDKit. DIDKit is a cross-platform toolkit for working with W3C Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs). It allows you to resolve and manage DID documents, and also manage the entire lifecycle of Verifiable Credentials including their issuance, presentation, and verification. Notably, it reuses the same codebase across command-line tooling, RESTful HTTP servers, and platform-specific SDKs to facilitate code-level interoperability and a low total cost of ownership. When building ecosystems using decentralized identity to enable verifiable information, many actors must share the same underlying data formats and processing algorithms across different roles. We wrote DIDKit in Rust due to its memory safety, expressive type system, and suitability across a variety of systems and environments. For example, the Rust ecosystem has already explored WASM compilation targets in support of single-page apps running in browsers, and we wanted to be able to support those and also browser extensions with DID and VC operations. The same codebase can also run nimbly on embedded systems with moderately constrained resources (memory in the megabytes and CPU in the megahertz). Finally, Rust programs are able to directly interface with production-ready cryptographic libraries, as seen with Hyperledger Ursa’s use of openssl, libsodium, and libsecp256k1. Currently, we have a working suite of command-line tools for credential issuance, presentation, and verification. We are creating an HTTP server conforming to VC HTTP API, and we have native iOS and Android libraries that are used in our Credible wallet. If you would like to discuss how we would deploy the architecture described above for a specific use case, please take 30 seconds to leave us a message, and we will be more than happy to show our progress to date or show a demo.",https://sprucesystems.medium.com/introducing-didkit-an-identity-toolkit-e0dfa292f53d,,Code,,Resources,,,,,,,,2020-11-13,,,,,,,,,,,,,
Spruce,Spruce,,,,,,,,,Keylink,"Keylink is an in-development tool that links system accounts to keys. Accounts are authenticated using combinations of widely adopted protocols such as OpenID Connect and FIDO2. Keys can range from cryptographic keys to API credentials. Keylink can gradually bootstrap PKI within existing complex IT systems. It supports a centralized PKI operating mode that can evolve into decentralized PKI, and further coordinates with existing PKI and KMS installations.",,https://github.com/spruceid/keylink,,Code,,Resources,,,,,,DPKI,"OpenID Connect,FIDO2",2023-01-01,,,,,,,,,,,,,
Spruce,Spruce,,,,,,,,,Introducing TreeLDR: A Canopy Across Your Data Schema Dreams,TreeLDR is an open-source developer tool with a DSL that makes managing data schemas as easy as defining data structures in your favorite (sane) statically-typed language.,"Introducing TreeLDR: A Canopy Across Your Data Schema Dreams TreeLDR is an open-source developer tool with a DSL that makes managing data schemas as easy as defining data structures in your favorite (sane) statically-typed language. As we discover new ways to let users control their data across the web, we face plenty of hard problems to solve on the way there. We keep encountering the challenge of managing data schemas, especially when you add digital signing to them as in the case of W3C Verifiable Credentials. - How can you have a handle on your data when you don’t know how to describe them? - How do you go from machine-readable JSON to human-friendly understanding? - Which fields are required, and what do they mean? Is that bankIdreferring to a financial institution or a river bank? Fortunately, a crop of solutions have emerged for the problem of JSON data schema management over the years, including Semantic Web technologies (JSON-LD and SPARQL), JSON Schema, CouchDB views, and IPLD. The downside is that there are many categories of ways to manage data, primarily semantic meaning and validation, and combining them into a complete data schema management system is full of pitfalls and unpaved paths. For example, - JSON-LD will add semantic meaning to what a “LeaseAgreement” is in a specific context, but has no straightforward way to enforce that the “startDate” is an ISO 8601 datetime like “2022-08-16”. - JSON Schema can be used to require that “age” is greater than or equal to 21, but cannot explain who or what is being described by the age field in a way understandable by both humans and machines. - There is no agreed-upon way to perform wholesale migrations from one schema to the next one, or to rollback changes. There are some low-level protocols such as JSON patches that can serve as building blocks, but how would one automatically transform an OpenBadges V2 credential into an OpenBadges V3 one by configuring a managed migration instead of writing custom software that needs its own deployment pipeline? - How would you describe a JSON credential schema that must have been issued (digitally signed) by specific Ethereum or Solana accounts? What if this list of issuers needs to change, or networks need to be added based on different cryptography? We like emergence, and therefore oppose solutions that assume a single entity can efficiently propose, define, and evolve data schemas for all conceivable use cases across disparate verticals. We believe this to be technically infeasible, politically difficult, and also against the tenets of decentralization. Instead, we much prefer approaches where developers are empowered to self-serve, leveraging their specific domain knowledge to create data schemas that suit their use cases well–and when they need to, easily collaborate with other developers to reach a rough consensus on what would work for even more implementers. Introducing TreeLDR (Tree Linked Data Representation) That’s why we’re happy to introduce TreeLDR, which is an open-source developer tool with a DSL that makes managing data schemas as easy as defining data structures in your favorite (sane) statically-typed language. TreeLDR provides a single language to define common concepts (types) and shared data representations (layouts) that can then be compiled into a concert of data schema artifacts. It can be used to produce JSON Schemas, JSON-LD contexts, migration strategies, and eventually entire SDKs (with credential issuance and verification) in various target programming languages. In TreeLDR, not only can you import other TreeLDR definitions but also existing schemas such as JSON-LD contexts or XML XSDs. This way, developers can define data layouts in a familiar way and focus purely on the application they wish to build. Today, it just
Spruce,Spruce,,,,,,,,,Spruce Systems introduces DIDKit,"DIDKit is a cross-platform toolkit for working with W3C Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs). It allows you to resolve and manage DID documents, and also manage the entire lifecycle of Verifiable Credentials including their issuance, presentation, and verification.",,https://sprucesystems.medium.com/introducing-didkit-an-identity-toolkit-e0dfa292f53d,,Post,,Resources,,,,,,DIDKit,"DID,Verifiable Credentials",2020-11-13,,,,,,,,,,,,,
Spruce,Spruce,,,,,,,,,Upgradeable Decentralized Identity - DID Method Traits,DID method traits are testable properties about DID methods that can help implementers tame complexity and choose the right DID method(s) for their use case.,"Upgradeable Decentralized Identity - DID Method Traits DID method traits are testable properties about DID methods that can help implementers tame complexity and choose the right DID method(s) for their use case. Just yesterday, W3C Decentralized Identifiers were approved to be released as an official W3C Recommendation. As a W3C member organization, we are thrilled by this excellent outcome, and will celebrate it by sharing our favorite ideas about the next evolutions of DIDs that will make them more secure, composable, and friendly to implementers. A decentralized identifier (DID) is a URI that resolves to a JSON object called a DID document, which describes how to authenticate as the DID’s controller for different purposes. When a service knows that it’s talking to the controller, it can use this fact as the consistent anchor point to construct a decentralized identity, enriching the session with related data referring to the DID such as verifiable credentials (VCs) or any associated information found on a public blockchain. Where do DID documents come from? Each DID specifies a “DID method” that describes an exact resolution procedure (among other actions) to interpret the DID’s “method specific identifier” and ultimately produce a DID document. DID methods can retrieve data from a variety of sources: TLS-protected websites, public blockchains, or solely from the method-specific identifier itself. Over the past several years, dozens of different DID methods have emerged in practice, with proponents enthusiastic at how powerful and flexible DIDs can be to bridge disparate trust systems (e.g., Ethereum, GPG, and X.509), and detractors declaring an impending interoperability nightmare, with plenty of headaches for implementers. However, there is a way we can prevent this impending interop nightmare! Enter DID method traits: testable properties about DID methods that can help implementers tame complexity and choose the right DID method(s) for their use case. They can be used as requirements revealing which DID methods could satisfy the relevant constraints presented across different use cases. For example, requirements to support certain operations for the NIST Curve P-256, NIST-proposed Curve Ed25519, bitcoin Curve secp256k1 could all be expressed as different DID method traits complete with test suites. Also expressible as DID traits is the guarantee that a DID method is “purely generative,” requiring no storage lookups as in the case of did-key and did-pkh, as opposed to those actively querying a network such as did-web, did-ens, and did-ion. Finally, there may exist a DID method trait that ensures composability across different DID methods: that one DID may serve as the authentication method for another DID, such as did-pkh for did-ens or did-ion. This means that a user can start with an Ethereum account represented as did-pkh, then “upgrade” to a DID method that supports key rotation such as did-ens or did-ion. This helps create a great user experience when using DIDs, as with this approach, users do not need to set up a new decentralized public key infrastructure just to get started. Instead, they can start with whatever key-based accounts they have, leverage the corresponding DID methods, and graft their existing identifier to a more featureful DID method supporting this kind of composability whenever needed. Previous work has been done on the DID method rubric, which evaluates criteria as wide-ranging as underlying network decentralization, adoption metrics, and regulatory compliance. DID method traits may exist as a subset of possible criteria in the DID method rubric, or as a parallel spec used in conjunction. I will be writing a paper on DID method traits as my submission to the forthcoming Rebooting the Web of Trust (RWOT) conference in The Hague. If you<6F>
Transmute,,Transmute,,Eric Olszewski; Karyl Fowler; Orie Steele,DIF; DHS; Microsoft; Consensys; Oracle,"USA, Texas, Austin",USA,,,Transmute,"Build a network of trust with Transmute<br><br>Transmute secures critical supplier, product, and shipment data to give customers a competitive edge in the increasingly dynamic global marketplace.",,https://www.transmute.industries/,,Company,,Company,Enterprise,Supply Chain,,,VCI,Ethereum,"DID,Verifiable Credentials,OAuth,OIDC",2017-05-01,https://github.com/transmute-industries,https://twitter.com/transmutenews,https://www.youtube.com/channel/UCUtBzCKziRpFleZcsnVpUkw,""https://medium.com/transmute-techtalk/","https://medium.com/@Transmute"",""https://medium.com/transmute-techtalk/","https://medium.com/@Transmute"",,https://www.crunchbase.com/organization/transmute-industries,https://www.linkedin.com/company/transmute-industries/,,,,,
Transmute,NextLevelSupplyChain,,,,,,,,,Visibility 2.0: Creating Digital Consistency in an International Supply Chain,"how can something as complicated as the international supply chain take fundamental trade practices and marry them with innovation so we can move at the speed of digitization? Join us for a mind-blowing discussion with Karyl Fowler, CEO at Transmute","Aug 10, 2022 Innovation tends to move more quickly than we can update our processes and infrastructure. So how can something as complicated as the international supply chain take fundamental trade practices and marry them with innovation so we can move at the speed of digitization? Join us for a mind-blowing discussion with Karyl Fowler, CEO at Transmute, and hear about the work being done to digitize trade documentation in a way that is cryptographically verifiable and traceable across the entire logistics ecosystem.",https://nextlevelsupplychainpodwithgs1us.libsyn.com/visibility-20-creating-digital-consistency-in-an-international-supply-chain,,Episode,,Explainer,,Supply Chain,,,,,,2022-08-10,,,,,,,,,,,,,
Transmute,Transmute,,Medium,,Conexus Indiana,,,,,Blockchain-secured Documents for Global Trade,"On May 14th, 2020 Conexus Indiana and Transmute hosted an interactive webinar titled “Blockchain-secured Documents for Global Trade” as part of the Emerging Technology Showcase series.","Blockchain-secured Documents for Global Trade Recap of Conexus Indiana & Transmute Emergent Technology Showcase On May 14th, 2020 Conexus Indiana and Transmute hosted an interactive webinar titled “Blockchain-secured Documents for Global Trade” as part of the Emerging Technology Showcase series. The full recording is available above, or can be viewed on YouTube. Presenters (By order of appearance) - Mitch Landess: Vice President of Innovation and Digital Transformation at Conexus Indiana - Karyl Fowler: CEO & Co-founder at Transmute - Vincent Annunziato: Director, Business Transformation & Innovation Division, Trade Transformation Office, Office of Trade, Customs & Border Protection - Margo Johnson: Head of Product at Transmute - Anil John: Technical Director, Department of Homeland Security, Science & Technology Silicon Valley Innovation Program Showcase Overview Transmute is an Austin, TX based technology company that secures supplier, product, and shipment data for global supply chains. Together with our partners at the Department of Homeland Security, Science & Technology Silicon Valley Innovation Program and the US Customs and Border Protection Office of Trade, Transmute shared tangible examples of how technology, including blockchain, secure data storage, decentralized identifiers and verifiable credentials are being leveraged to digitize critical business documents for global trade. Transmute demoed what this technology looks like for manufacturers and importers with international supply chains. Participants were encouraged to join the session if they found value in: - Looking for ways to increase efficiencies and decrease costs associated with import and export of goods - Exploring counterfeit-reduction and chain of custody for critical goods ranging from steel to medical test kits - Curious about how targeted use of blockchain technology can bring tangible advantages to their business About Conexus Conexus Indiana’s Emerging Technology Showcase is a series that highlights specific technology solutions that offer a value proposition to Advanced Manufacturing and Logistics (AML) organizations. Featured technologies are qualified by Conexus to be commercially launched while still early-stage. The intent is to give Indiana-based companies exposure and direct access to credible technology solutions that can offer a competitive advantage prior to the technology’s widespread availability. If you represent an Indiana-based AML company or technology solution and would like to suggest a candidate technology to be featured in a future Emerging Technology Showcase please reach out to Conexus directly.",https://medium.com/transmute-techtalk/blockchain-secured-documents-for-global-trade-3369d4cfab1f,,Webinar,,Explainer,,Supply Chain,,,,,,2020-05-20,,,,,,,,,,,,,
Transmute,Transmute,,Medium,,,,,,,Identity Terms Provide Value along the Supply Chain: How We Know When to Buy the Farm,"Jessica Tacka Supply chain credentialing in the form of bills of lading, certificates of origin, or letters of credit is used to protect honest parties and their merchandise from being confused with dishonest parties or entities that are engaged in unethical practices, such as environmental destruction, or forced labor.",,https://medium.com/@transmute/identity-terms-provide-value-along-the-supply-chain-how-we-know-when-to-buy-the-farm-738701967e3d,,Post,,Explainer,,Supply Chain,,,,,,2022-06-09,,,,,,,,,,,,,
Transmute,Transmute,,,,,,,,,Takaways from the Suez Canal Crisis,"Karyl Fowler Appeal for Supply Chain Agility — Powered by Verifiable Credentials The Suez Canal debacle had a massive impact on global supply chains — estimated at >$9B in financial hits each day the Ever Given was stuck, totaling at nearly $54B in losses in stalled cargo shipments alone.","Takeaways from the Suez Canal Crisis An Appeal for Supply Chain Agility — Powered by Verifiable Credentials The Suez Canal debacle had a massive impact on global supply chains — estimated at >$9B in financial hits each day the Ever Given was stuck, totaling at nearly $54B in losses in stalled cargo shipments alone. And it’s no secret that the canal, which sees >12% of global trade move through it annually, dealt an especially brutal blow to the oil and gas industry while blocked (given it represents the primary shipping channel for nearly 10% of gas and 8% of natural gas). While the Ever Given itself was a container ship, likely loaded with finished goods versus raw materials or commodities, the situation has already — and will continue to — have a massive negative impact on totally unrelated industries…for months to come. Here’s an example of the resulting impact on steel and aluminum prices; this had related impact again to oil and gas (steel pipes flow oil) as well as infrastructure and…finished goods (like cars). And the costs continue to climb as the drama unfolds with port authorities and insurers battling over what’s owed to who. Transmute is a software company — a verifiable credentials as a service company to be exact — and we’ve been focused specifically on the credentials involved in moving steel assets around the globe alongside our customers at DHS SVIP and CBP for the last couple years now. Now, there’s no “silver bullet” for mitigating the fiscal impact of the Ever Given on global trade, and ships who arrived the day it got stuck or shortly after certainly faced a tough decision — sail around the Cape of Africa for up to ~$800K [fuel costs alone] + ~26 days to trip or wait it out at an up to $30K per day demurrage expense [without knowing it’d only be stuck for 6 days or ~$180,000]. So what if you’re a shipping manager and you can make this decision faster? Or, make the call before your ship arrives at the canal? [Some did make this decision, by the way]. What if your goods are stuck on the Ever Given — do you wait it out? Switching suppliers is costly, and you’ve likely got existing contracts in place for much of the cargo. Even if you could fulfill existing contracts and demand on time with a new supplier, what do you do with the delayed cargo expense? What if you’re unsure whether you can sell the duplicate and delayed goods when they reach their originally intended destination? Well, verifiable credentials — a special kind of digital document that’s cryptographically provable, timestamped and anchored to an immutable ledger at the very moment in time it’s created — can give companies the kind of data needed to make these sorts of decisions. With use over time for trade data, verifiable credentials build a natural reputation for all the things the trade documents are about: suppliers, products, contracts, ports, regulations, tariffs, time between supply chain handoff points, etc. This type of structured data is of such high integrity that supply chain operators can rely on it and feel empowered to make decisions based on it. What I’m hoping comes from this global trade disaster is a change in the way supply chain operators make critical decisions. Supply chains of the future will be powered by verifiable credentials, which seamlessly bridge all the data silos that exist today — whether software-created silos or even the paper-based manual, offline silos. Today, it’s possible to move from a static, critical chain style of management where we often find ourselves in a reactive position to supply chains that look more like an octopus. High integrity data about suppliers and products enables proac
Transmute,Transmute,,Medium,,,,,,,The Business Case for Interoperability,"For Transmute, the foundations required to technically interoperate are considered pre-competitive, and our ability to interoperate widely is a strategic feature. This feature powers a competitive advantage that ensures Transmute customers’ critical trade documents are verifiable at every step in the supply chain, regardless of where they’re stored and what blockchain they’re anchored to. Transmute customers realize maximum confidence about data integrity and access far richer insights about the health of their supply chains as a result.","The Business Case for Interoperability Transmute believes that cross-vendor interoperability is critical for commercialization of decentralized identifier (DID) and verifiable credential (VC) technology. To interoperate means that a computer system or software has the ability to exchange and make use of data from a different system or software “via a common set of exchange formats.” But technical interoperability is difficult to achieve, and it’s definitely not the status quo when it comes to the systems our customers are using today. In fact, most of them are [frustratingly] locked into a single vendor when it comes to transaction management software — with no easy way to share data with parties in their ecosystem. I’m often asked why we, as a start-up, would build so much out in the open. We aren’t afraid to put out the first reference implementation — although never without tests — because we’re keen to have a baseline to measure against and iterate on, especially when it comes to the technical foundations required for achieving interoperability. The more interesting question is why we work so hard to ensure interoperability with “competing” or ancillary DID-based products. The answer is that we view achieving interoperability as a requirement for market creation. We are solving a business problem; achieving interoperability is a barrier to adoption. As the world becomes increasingly hyperconnected, “connective tissue” products and services [like ride-shares, Slack, etc.] are in greater demand in order to bridge the last miles and information silos created between the multitude of disparate internet-enabled products and services we now rely on. For this product category, interoperability is required to create a market compelling enough to go after. For instance, if you are loyal to a single ride-share brand today, your user experience suffers. It takes longer to find rides if you’re loyal, and transit time is a key metric in mobility. Additionally, a frustrating user experience limits adoption, and throws a major kink in customer retention. If riders have multiple apps and are willing to ride whatever brand is most convenient to them, their user experience massively improves, adoption accelerates, and the market expands for everyone. This example demonstrates market expansion due to interchangeability versus technical interoperability, but it highlights the same impact to customer adoption and retention given customers’ current attitude toward avoiding vendor lock-in. Similarly, if my Texas issued digital driver license can’t be verified by my California-resident digital wallet, then I have not sufficiently solved the inefficiencies and traceability problems of physical licenses. In this scenario, a new, worse inconvenience is created since adoption of a solution that lacks interoperability means I’ll have to carry my physical license for interstate transit and my digital one. Furthermore, convincing state DMVs to offer a digital identity credential is a tremendous feat (it took Texas 3 legislative sessions to agree to a single pilot); imagine when you have to sell them on implementing 50 different versions. After all, my physical form Texas drivers license is already an acceptable identification credential across all 50 states. One criticism of supply chain-focused solutions using blockchain is that in order to realize value, you have to convince all of the ecosystem p
Transmute,ViennaDigitalID,,,,GS1,,,,Vienna Digital Identity #30,Identity in the Supply Chain,Vienna Digital Identity #30 GS1 is the global association for supply chain identifiers with members across all industry sectors and interacting (unbeknownst) with general consumer on a daily basis. Transmute a foundational member of the DID/VC community and a participant in the US DHS Silicon Valley Innovation Program’s cross-border shipping use case.,"In this edition of the Vienna Digital Identity Meetup we open our 4th year with a couple presentations and a discussion on how Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) are starting to make inroads and impact in the global supply chain. GS1 is the global association for supply chain identifiers with members across all industry sectors and interacting (unbeknownst) with general consumer on a daily basis. Transmute a foundational member of the DID/VC community and a participant in the US DHS Silicon Valley Innovation Program’s cross-border shipping use case. Slide Decks: - Transmute Deck: thedinglegroup.com/s/Transmute_Vienna-Digital-ID-Forum-Jan-2022.pdf - GS1 Deck: thedinglegroup.com/s/2022-01-24_ViennaDigitalIdentityPhilA.pdf Time marks: 00:00:00 - Introduction and Opening Remarks 00:05:46 - Karyl Fowler, CEO Transmute 00:28:33 - Health Tots video 00:36:36 - Phil Archer, Web Solution Director, GS1 Global 00:52:28 - Round Table, Karyl Fowler, Phil Archer, Michael Shea 01:23:26 - Upcoming Events",https://vimeo.com/669713750,,Video,,Explainer,,,,,,,,2022-01-25,,,,,,,,,,,,,
Transmute,Transmute,,Medium,,,,,,,Back to the Basics,"Several mentors have encouraged me to publicly share a more detailed account of Transmute’s choice to shift focus solely to commercializing Transmute ID, the decentralized identity component of our original product, the Transmute Platform — a Heroku-like rapid dApp builder that seamlessly bridged centralized and decentralized tech, specifically for existing enterprises.<br><br>[...]there was zero near-term enterprise demand in the token-powered functionality of the platform. We searched high and low, interviewing most of the major enterprise storage solutions out there and couldn’t even find one willing to admit that investing decentralized storage tech was on their 5 year innovation roadmap.[...]<br><br> we did uncover a demand for user-centric identity tech (e.g. increased security, privacy, portability, infinite federation/scalable, etc.) and an enormous demand for the resulting efficiency gains and untapped revenue potential of implementing a decentralized identity solution. Because these directly address problems enterprises are facing today, and they directly connect to the cost/profit levers that enterprise stakeholders care most about.","Back to the Basics Course Correcting from Tokens to Equity Several mentors have encouraged me to publicly share a more detailed account of Transmute’s choice to shift focus solely to commercializing Transmute ID, the decentralized identity component of our original product, the Transmute Platform — a Heroku-like rapid dApp builder that seamlessly bridged centralized and decentralized tech, specifically for existing enterprises. [Shoutout to our friends at Mainframe, Wireline and Golem who are keeping the dApp platform dream alive, successfully executing on it for the fully decentralized community!] So here it goes: Now that we’re an [emotionally] safe distance away from the crypto-crash of 2018 and crypto-goldrush that precluded it, I think we can all agree: some projects don’t technically require a token. This is the primary pushback any founder looking to drive adoption of a product with a crypto-token dependency faces in every pitch. And answering this in an accessible way that demonstrates technical chops and business acumen is no small feat. The second biggest concern for potential partners and investors is the legality of the token as an investment. There was [and still is] so much unknown and undecided about the validity and treatment of crypto-token assets here in the U.S. And relocating beyond the U.S. as an American start-up offers an onslaught of complex formation, tax and liability variables such that there is no “easy” option. The third area of question is where the above two intersect: the token economics. Are incentives aligned at network launch? What is the phased approach to reach equilibrium? How will we keep incentives aligned? How will we handle price volatility for enterprise customers? What will we do if, if, if. These are the concerns I witnessed fellow founders spend the most time, energy and resources addressing — myself included. And it makes sense; addressing these concerns is about de-risking the business opportunity. Since we were aware of these primary areas of concern heading into our initial raise, we came to the table with a de-risking plan as part of our first year’s roadmap. Upon closing our first million in pre-seed capital, we immediately began executing on our plan. We built our core team, and we rightfully spent a lot [in dollars and manpower] on finding the right solutions and answers to each of these questions for Transmute. We ultimately concluded that a crypto-token is technically required to ensure specific functionality of the decentralized side of the platform (e.g. decentralized store and compute). This resulted in fine-tuning our token economics through extensive modeling, and a decision to pursue a Reg A+ structure to run the token sale under. Since this meant we needed to functionally look like a publicly traded company [while realistically at the seed st
Transmute,Transmute,,Medium,,,,,,,did:(customer),"Transmute builds solutions that solve real business problems. For this reason, we support a number of different decentralized identifier (DID) methods. While we are committed to providing optionality to our customers, it’s equally important to communicate the selection criteria behind these options so that customers can consider the tradeoffs of underlying DID-methods alongside the problem set they’re solving for. Essentially, we help them pick the right tool for the job.","did:(customer) Transmute’s evolving criteria for matching DID methods to business requirements. Transmute builds solutions that solve real business problems. For this reason, we support a number of different decentralized identifier (DID) methods. While we are committed to providing optionality to our customers, it’s equally important to communicate the selection criteria behind these options so that customers can consider the tradeoffs of underlying DID-methods alongside the problem set they’re solving for. Essentially, we help them pick the right tool for the job. In the spirit of sharing and improving as an industry, here are the work-in-progress criteria we use to help customers assess what DID method is best for their use case: Interoperability This DID method meets the interoperability requirements of my business, for example: - Other parties can verify my DID method. - I can switch out this DID method in the future if my business needs change. Security This DID method meets the security requirements of my business, such as: - Approved cryptography for jurisdiction/industry - Ledger/anchoring preferences - Key rotation/revocation Privacy This DID method meets privacy requirements relevant to my use case, for example: - Identifiers of individuals (data privacy and consent priorities) - Identifiers for companies (organization identity and legal protection priorities) - Identifiers for things (scaling, linking, and selective sharing priorities) Scalability This DID method meets the scalability needs of my business use case, for example: - Speed - Cost - Stability/maturity Root(s) of Trust This DID method appropriately leverages existing roots of trust that have value for my business or network (or it is truly decentralized). For example: - Trusted domain - Existing identifiers/ identity systems - Existing credentials We are currently using and improving these criteria as we co-design and implement solutions with customers. For example, our commercial importer customers care a lot about ensuring that their ecosystem can efficiently use the credentials they issue (interoperability) without disclosing sensitive trade information (privacy). Government entities emphasize interoperability and accepted cryptography. Use cases that include individual consumers focus more on data privacy regulation and control/consent. In some instances where other standardized identifiers already exist, DIDs may not make sense as primary identifiers at all. Examples of DID methods Transmute helps customers choose from today include: Sidetree Element (did:elem, Ethereum anchoring), Sidetree Ion (did:ion, Bitcoin anchoring), Sidetree Photon (did:photon, Amazon QLDB anchoring), did:web (ties to trusted domains), did:key (testing and hardware-backed keys), and more. How do you think about selecting the right DID method for the job? Let’s improve this framework together.",https://medium.com/transmute-techtalk/did-customer-4ca8b7957112,,Post,,Meta,,,,,,,DID,2020-10-30,,,,,,,,,,,,,
Transmute,Transmute,,Medium,,GS1; SVIP,,,,,Transmute Closes $2M Seed Round,"Closing our seed round coincides with another exciting announcement: our recent launch of Phase II work with the U.S. Department of Homeland Security, Science & Technology’s Silicon Valley Innovation Program (SVIP) to enhance “transparency, automation and security in processing the importation of raw materials” like steel.","Transmute Closes $2M Seed Round We’re thrilled to announce the close of Transmute’s $2 million series seed round led by Moonshots Capital, and joined by TMV, Kerr Tech Investments and several strategic angels. Transmute has gained momentum on our mission to be the trusted data exchange platform for global trade. As a byproduct of the pandemic, the world is collectively facing persistent supply chain disruption and unpredictability. This coupled with increasing traceability regulations is driving an urgency for importers to fortify their supply chains. COVID-19 especially has highlighted the need for preventing counterfeit goods and having certainty about your suppliers (and their suppliers). Transmute’s software is upgrading trade documentation today to give importers a competitive edge in an increasingly dynamic, global marketplace. Leveraging decentralized identifier (DID) and verifiable credential (VC) tech with existing cloud-based systems, Transmute is able to offer digital product and supplier credentials that are traceable across an entire logistics ecosystem. From point of origin to end customer, we are unlocking unprecedented visibility into customers’ supplier networks. Disrupting a highly regulated and old-fashioned industry is complex, and an intentional first step in our go-to-market strategy has been balancing both the needs of regulators and commercial customers. This is why we’re incredibly proud to join forces with our lead investors at Moonshots Capital, a VC firm focused on investing in extraordinary leaders. We look forward to growing alongside Kelly Perdew (our newest Board of Directors member) and his founding partner Craig Cummings. They’re a team of military veterans and serial entrepreneurs with extensive success selling into government agencies and enterprises. We are equally proud to be joined by Marina Hadjipateras and the team at TMV, a New York-based firm focused on funding pioneering, early-stage founders. Between their commitment to diverse teams, building sustainable futures and their deep expertise in global shipping and logistics, we feel more than ready to take on global trade with this firm. The support of Kerr Tech Investments, led by Josh and Michael Kerr, further validates our company’s innovative approach to data exchange. Josh is a seasoned entrepreneur, an e-signature expert and has been advising us since Transmute’s inception. Closing our seed round coincides with another exciting announcement: our recent launch of Phase II work with the U.S. Department of Homeland Security, Science & Technology’s Silicon Valley Innovation Program (SVIP) to enhance “transparency, automation and security in processing the importation of raw materials” like steel. Our vision is more broad than just improving how trade gets done, and steel imports are just the beginning. We’re inserting revolutionary changes into the fabric of how enterprises manage product and supplier identity, effectively building a bridge — or a fulcrum, rather — towards new revenue streams and business models across industries. Last — but absolutely not least — I want to give a Personal shoutout to my core teammates; startups are a team sport, and our team is stacked! Tremendous congratulations as these backers will accelerate our progress in a huge way. And finally, thanks also to our stellar team of advisors who commit significant time coaching us through blind spots as we bring Transmute’s product to market. Also, we’re Hiring! Expanding our capacity to meet customer demand is our top nearterm priority. We’re adding a few engineering and product roles to our core team in Austin, TX,
Transmute,Transmute,,Medium,,,,,,Mobility X hackathon at Capital Factory,Transmute IoT,"The Transmute team joined forces with other Austin hackers to participate in [the first Mobility X hackathon at Capital Factory sponsored by car2go](https://www.eventbrite.com/e/mobilityx-hackathon-presented-by-car2go-tickets-33718213083#) a few weekends ago where hackers were challenged to address how to handle rider demand fluctuations or ensure consistent vehicle connectivity. <br><br> Maintaining network connectivity felt like the most urgent problem to solve given an effective solution would mean more accurate data on the car2go fleets, resulting in an expanded capacity to address rider demand changes. Mesh networks have been explored as a natural solution for maintaining network connectivity among distributed assets that are moving around geographically. …","Transmute IoT The Transmute team joined forces with other Austin hackers to participate in the first Mobility X hackathon at Capital Factory sponsored by car2go a few weekends ago where hackers were challenged to address how to handle rider demand fluctuations or ensure consistent vehicle connectivity. Maintaining network connectivity felt like the most urgent problem to solve given an effective solution would mean more accurate data on the car2go fleets, resulting in an expanded capacity to address rider demand changes. Mesh networks have been explored as a natural solution for maintaining network connectivity among distributed assets that are moving around geographically. The problem has historically been when an asset (or car) moves into a “dead zone” where a network node doesn’t exist, so connection drops. Our hardware hacker counterparts mapped out incentive schemes for mesh node operators in areas with poor connectivity and tracking integration for location specific smart contract behavior. Meanwhile, we chose to apply the Transmute framework to build a simple smart contract-based interface to mesh network devices. Significant progress was made on the Transmute framework, which our team used to power the final pitch prototype. We added dynamic event types to our EventStore contract, allowing us to easily interact with json databases and better leverage redux on the client. We consider this stack the “IoT Smart Contracts” or more generally, the interface between hardware devices and blockchain technology. Its applications are varied and include warehousing and logistics systems, inventory management, and firmware and sensor data interfaces. Although, we did not win this hackathon, we feel the problem space is worth considering as the number of automated assets require constant connectivity to function effectively rapidly increases (e.g. self-driving cars, etc.) On a final note, hackathons are a hobby for the Transmute team. We learn as much or more than we build sometimes. Typically, we arrive at the hackathon with a fully formed team and idea, and this has historically worked out well for us. This time, we regretfully neglected this strategy. Teams that remain loosely defined or don’t have prior experience with teammates’ skill sets will have significantly more trouble communicating effectively or organizing generally. This often results in a lack of cohesive messaging which is confusing to the judges and severely stifles technical progress. This may seem obvious, but it’s easy to get stuck in the code and forget how important the pitch is. The pitch is everything. We had a great time working on the Transmute framework and thinking about the blockchain connected hardware space. Lastly, shoutout to The 21 Marketplace, an awesome tool we found along the way.",https://medium.com/transmute-techtalk/transmute-iot-2d00fdcf53e9,,Post,,Meta,,,,,,,,2017-06-10,,,,,,,,,,,,,
Transmute,DHS,,,,,,,,,News Release: DHS Awards $198K for Raw Material Import Tracking Using Blockchain,"WASHINGTON – The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has awarded $198,642 to Transmute Industries, Inc. based in Austin, TX to develop a proof-of-concept application for Customs and Border Protection (CBP) to support increased transparency, automation and security in processing the importation of raw materials such as steel, timber and diamonds raw goods entering the United States.<br>","FOR IMMEDIATE RELEASE S&T Public Affairs, 202-254-2385 WASHINGTON – The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has awarded $198,642 to Transmute Industries, Inc. based in Austin, TX to develop a proof-of-concept application for Customs and Border Protection (CBP) to support increased transparency, automation and security in processing the importation of raw materials such as steel, timber and diamonds raw goods entering the United States. S&T is exploring the application of blockchain to issue credentials digitally to enhance security, ensure interoperability and prevent forgery and counterfeiting. Transmute builds identity management solutions that use blockchain technology to streamline and enforce identity authorization. Its Phase 1 award project “Verifiable Provenance, Traceability, and Regulatory Compliance for Raw Material Imports” will adapt Transmute ID, its core technology product that leverages centralized and decentralized identity infrastructures to secure individual agency identities and verifiable credentials to ensure that CBP has visibility into the provenance, traceability and regulatory compliance of raw material imports. “The ability to construct a secure, digital, chain-of-custody mechanism for raw material imports is a critical aspect of enabling legitimate trade.” said Anil John, SVIP Technical Director. “Transmute’s combined centralized and decentralized approaches address this challenge and support global interoperability by utilizing emerging World Wide Web Consortium global standards.” The Phase 1 award was made under S&T’s Silicon Valley Innovation Program (SVIP) Other Transaction Solicitation Preventing Forgery & Counterfeiting of Certificates and Licenses seeking blockchain and distributed ledger technology (DLT) solutions to fulfill a common need across DHS missions. SVIP is one of S&T’s programs and tools to fund innovation and work with private sector partners to advance homeland security solutions. Companies participating in SVIP are eligible for up to $800,000 of non-dilutive funding over four phases to develop and adapt commercial technologies for homeland security use cases. For more information on current and future SVIP solicitations, visit https://www.DHS.gov/science-and-technology/svip or contact DHS-silicon-valley@hq.DHS.gov. For more information about S&T’s innovation programs and tools, visit https://www.DHS.gov/science-and-technology/business-opportunities. #",https://www.dhs.gov/science-and-technology/news/2019/11/08/news-release-dhs-awards-198k-raw-material-import-tracking,,Press,,Meta,,,,,,,,2019-11-08,,,,,,,,,,,,,
Transmute,PRWeb,,,,Moonshots; TMV; KerrTech,,,,,"Transmute Closes $2M Seed Round From Moonshots Capital, TMV, Kerr Tech Investments",,"“When it comes to commercial importers, new trade regulations combined with antiquated processes are making compliance a huge burden. At the exact same moment, the market is demanding increasing evidence that products are what they say they are,” said Karyl Fowler, Co-Founder and CEO of Transmute. AUSTIN, Texas (PRWeb) October 21, 2020 Transmute, the trusted data exchange platform for global trade, today announced the close of a $2 million series seed round led by Moonshots Capital, with participation from TMV and Kerr Tech Investments. With a clear opportunity to grow rapidly in the enterprise market, Transmute plans to deploy the new capital to expand its Austin, Texas-based team to service increasing customer demand. The company secures critical supplier, product, and shipment data to give customers a competitive edge in an increasingly dynamic, global marketplace. “With backgrounds that span microelectronics manufacturing to cybersecurity, Transmute’s founding team is uniquely qualified to solve vulnerabilities in trade compliance,” said Kelly Perdew, General Partner at Moonshots Capital, a VC firm focused on investing in extraordinary leaders. “We’re enormously proud to back Karyl and Orie as they lead the way in modernizing and securing critical data for international trade.” Perdew will join the company’s Board of Directors as part of the funding. Transmute digitizes trade documentation in a way that is cryptographically verifiable and traceable across an entire logistics ecosystem. While eliminating the hassle of paper trails, Transmute provides unprecedented visibility into customers’ supplier networks. The company’s unique approach combines decentralized identifier (DID), verifiable credential (VC) and blockchain technology with existing cloud-based systems to effectively memorialize trade data at every step in a products’ journey. “When it comes to commercial importers, new trade regulations combined with antiquated processes are making compliance a huge burden. At the exact same moment, the market is demanding increasing evidence that products are what they say they are and are created how they said they were — whether ethically, sustainably or otherwise,” said Karyl Fowler, Co-Founder and CEO of Transmute. “Our seed round investors are purposefully rich in operational expertise spanning government and enterprise logistics. We are thrilled to be joining forces to accelerate growth.” The series seed round of funding closely follows Transmute’s recent launch of Phase II work with the U.S. Department of Homeland Security, Science & Technology’s Silicon Valley Innovation Program (SVIP) to enhance “transparency, automation and security in processing the importation of raw materials” like steel. “The ability to construct a secure, digital, chain-of-custody mechanism for raw material imports is a critical aspect of enabling legitimate trade.” said Anil John, SVIP Technical Director. “Transmute’s combined centralized and decentralized approaches address this challenge and support global interoperability by utilizing emerging World Wide Web Consortium global standards.” The company’s founders are established thought leaders within the emerging decentralized identity industry, each holding leadership positions in industry standards organizations from the W3C and the DIF. After taking the company through Techstars and incubating the underlying tech with early customers, the team found significant enterprise demand for digital identifiers that could persist and traverse across different contexts. ""Karyl is disrupting an archaic industry that requires some hand-holding in addition to a ground breaking service. Transmute has assembled a team of leading technologists creating software attuned to the needs of regulators and commercial customers alike,” says Marina Hadjipateras, co-founder and General Partner at TMV, a New York-based fi
Transmute,Transmute,,Medium,,DigitalBazaar,,,,,Encrypted Data Vaults,"EDVs allow users and companies to store data with their favorite cloud storage providers without fear of vendor lock-in, while also ensuring that the storage provider has no access to their data whatsoever. With an EDV, the client does their own encryption and decryption using keys associated with decentralized identifiers they manage, and as such, acts as the true controller of their data.<br><br>Its Phase 1 award project “Verifiable Provenance, Traceability, and Regulatory Compliance for Raw Material Imports” will adapt Transmute ID, its core technology product that leverages centralized and decentralized identity infrastructures to secure individual agency identities and verifiable credentials to ensure that CBP has visibility into the provenance, traceability and regulatory compliance of raw material imports.","Encrypted Data Vaults for Trusted Data Access Introduction Data protection is an imminent challenge for modern society, as evidenced by the slew of data privacy regulations being introduced in most nations. However data privacy means much more than audits or reports to demonstrate regulatory compliance. Threats to data security are continuously evolving to meet economic and political aims, and as such, data privacy approaches must be even more rigorous to ensure success. Secure data storage is one critical component of data privacy. While significant work is underway to develop storage technologies that both preserve Personal privacy AND and are accessible for the general public to use, there is an equally crucial race among government and commercial entities to deploy storage solutions that better protect IP while enabling efficient and automated compliance. In this post we share an emergent storage solution called “Encrypted Data Vaults” that helps meaningfully preserve data privacy and ensure trusted data access. We are proponents of doing rather than telling, so we then walk you through how to generate keys and encrypt your own data using our demo implementation. Finally, we share the next steps for interoperability and expansion of this technology. What are Encrypted Data Vaults? Encrypted Data Vaults (EDVs) are secure storage mechanisms that allow entities to interoperate across disparate systems and processes without IP exposure or added liability for data that is not relevant to their business or the transaction at hand. EDVs allow users and companies to store data with their favorite cloud storage providers without fear of vendor lock-in, while also ensuring that the storage provider has no access to their data whatsoever. With an EDV, the client does their own encryption and decryption using keys associated with decentralized identifiers they manage, and as such, acts as the true controller of their data. According to the emergent specification, EDVs are “often useful when an individual or organization wants to protect data in a way that the storage provider cannot view, analyze, aggregate, or resell the data. This approach also ensures that application data is portable and protected from storage provider data breaches.” This idea was validated in 2018 by work Digital Bazaar pioneered when they deployed the first working implementation of an encrypted data vault [formerly referenced as a “Trade Evidence Server”] in a POC for Department of Homeland Security and Customs and Border Protection in 2018. Transmute’s EDV implementation is heavily inspired by these concepts, and we are grateful to the Digital Bazaar team for taking on the task of early market education which has paved the way for companies like ours. According to Manu Sporny, Founder and CEO of Digital Bazaar, “solving the problem of secure data sharing across blockchains and entities is one feat, but driving adoption of the technology requires further iteration and standardization. We are excited to see Transmute put forth a second functioning EDV implementation which will support interoperability and drive adoption.” Interoperability is a top prior
Transmute,Transmute,,Medium,,Okta,,,,,Federated Enterprise Agents with Transmute and Okta,"The Okta Identity Cloud provides secure identity management with Single Sign-On, Multi-factor Authentication, Lifecycle Management (Provisioning), and more. Transmute provides a configurable Enterprise Agent enabling Decentralized Identity and Verifiable Credential capabilities for OAuth / OIDC users. Read on to learn about some of the ways Transmute and Okta enable enterprises to rapidly unlock the security benefits of decentralized identities.","Federated Enterprise Agents with Transmute and Okta Transmute’s products bridge the gap between established identity providers (IDPs) and decentralized identity technology. In this first of a series of posts we share details of how we work with IDPs like Okta. The Okta Identity Cloud provides secure identity management with Single Sign-On, Multi-factor Authentication, Lifecycle Management (Provisioning), and more. Transmute provides a configurable Enterprise Agent enabling Decentralized Identity and Verifiable Credential capabilities for OAuth / OIDC users. Read on to learn about some of the ways Transmute and Okta enable enterprises to rapidly unlock the security benefits of decentralized identities. Configuring SSO You can read more about the basics of configuring Single Sign On (SSO) with Okta here. Once the Transmute API has been configured to support SSO with Okta, users can leverage their existing directory accounts to sign in to Transmute. A Decentralized Identity along with a set of managed keys is automatically created for users. These identities and keys are what enable interoperability and audit-ability with the decentralized identity and verifiable credentials ecosystems. Creating a Verifiable Credential Transmute makes creating verifiable credentials and business to business workflows built on these credentials easy. After the user has completed the SSO process, they can use the Transmute Workflow engine (part of our paid product offerings) to create or participate in workflows. At each step of a workflow, the Okta provided id_token is leveraged to protect the use of signing keys linked for the DID. For example, when a user uploads a document the workflow activity is signed by their DID. This enables external systems which would like to verify the credential to do so without knowing any details of the Okta directory user, helping to protect against the mingling of Personal identifying information with credential and authorization material. Anchoring a VC to a Ledger Transmute enables workflows to be anchored to a ledger such that any Okta user can verify the workflow has not been tampered with since the anchor event. We do this by leveraging the same DID infrastructure we use for managing decentralized identities. The processing of anchoring a VC to ledger can be automatic or at the discretion of an authorized Okta user. Conclusion Identity providers like Okta enable SSO within enterprises and help secure products and applications widely in use today. Transmute integrates with IDPs like Okta to provide a seamless interface for existing enterprise users to unlock the security and traceability benefits of decentralized identifiers, verifiable credentials, and distributed ledgers.",https://medium.com/transmute-techtalk/federated-enterprise-agents-with-transmute-and-okta-2f1855dd3944,,Post,,Product,,,,,,,,2020-04-17,,,,,,,,,,,,,
Transmute,Transmute,,Medium,,,,,,,Release 0: Sol,"This release was focused on building support for decentralized identities into centralized directory technology that is already widely adopted by enterprises. This work involved adding UI to our React dashboard and updating our API to support registration and group management. We have also done some exploratory work regarding the DID spec and LDAP integration [...] <br><br> This release we focused on the centralized side of group membership. This use case relies on the integrity of the directory and discretionary access control. In other words, the directory admins can move users between groups, but users cannot control what groups they are assigned to.","Detailing our 1st release since finishing Techstars Everything Starts with Identity There are many companies tackling the blockchain identity problem, and for good reason: all applications begin with identity. And we want to help. The Transmute Platform will combine the best of centralized and decentralized services. In order for users, clusters, and services to communicate securely we need to define how identities are expressed. Historically, decentralized identity systems have been difficult to achieve. Systems like GPG rely on key servers and the web of trust to establish reputation for public keys. Services like Keybase attempt to bootstrap key reputation from social media profiles. Each of these approaches has advantages and challenges, but the common denominator is public key cryptography. Directories If you have worked on authentication and identity development in the past, you will be familiar with the concept of a directory. LDAP and Active Directory have become backbone technologies for enterprise IT and key servers for decentralized identity. This release was focused on building support for decentralized identities into centralized directory technology that is already widely adopted by enterprises. This work involved adding UI to our React dashboard and updating our API to support registration and group management. We have also done some exploratory work regarding the DID spec and LDAP integration — which we are still cleaning up and hope to share soon. Groups Directories like LDAP and Active Directory make use of groups, and it’s fairly common to use group membership for authorization. For example, all nurses can read patient profile data for their hospital group, but not others. This release we focused on the centralized side of group membership. This use case relies on the integrity of the directory and discretionary access control. In other words, the directory admins can move users between groups, but users cannot control what groups they are assigned to. This is valuable and familiar to enterprise system administrators, but not very compatible with decentralized identity. This structure is specifically helpful to Transmute because it means we can segregate our users on the centralized side, allowing selective access to new features based on billing information or reputation. Registration However, there are issues that need to be addressed when considering what it means to add a new member to a directory. These include proofing of communication channels (verify your email), proofing of public keys (verify you can sign), and linking of public keys in cases where you need different keys to support different protocols (for example: Ed25519, secp256k1 for use with SSH, PGP, etc.). For this release, we focused on the basics of registration. We came up with a flow that works, but it still has some limitations we will be addressing in upcoming releases. Our current registration flow involves submitting public key pairs to our centralized API. We then extract the email from the keys, verify that they have signed each other, and create a new directory entry in a deactivated state, which will become activated once the user verifies their email. Obviously, this flow requires the users to have email and protect access to it… which might not be a good idea. It also does not leverage the DID spec fully; PII (ema
Transmute,Transmute,,Medium,,,,,,,Release: The Transmute Framework Alpha,"The Transmute Framework helps developers build on decentralized technologies like Ethereum and IPFS via a familiar javascript interface. We support rapid prototyping by enabling developers with Redux experience to quickly build out decentralized applications. <br><br> This release focuses on support and documentation for the EventStore. Using the EventStore and the Transmute Framework, developers can save events to Ethereum and IPFS, track and query the event-sourced data models, and leverage the immutability properties of IPFS and Ethereum.","Release: The Transmute Framework Alpha The Transmute Framework has graduated to Alpha. Before you dive in, there’s a couple caveats to keep in mind. Hosted IPFS Support Coming Soon We currently provide test infrastructure to support the Transmute Framework; alternatively, you can use your own IPFS API. We’re working on tooling and support to make this easier in the future, but in the meantime, you’ll need to allow mixed content for test IPFS server. We will fix this shortly. Testnet Performance Varies The smart contracts used in the Transmute Framework Alpha are deployed to the Ropsten Testnet. This means you will need Ropsten Ether to use the demo; feel free to contact us for testnet ether if you need some. Announcing the Transmute Framework Alpha Check out the source code + a live demo here! The Transmute Framework helps developers build on decentralized technologies like Ethereum and IPFS via a familiar javascript interface. We support rapid prototyping by enabling developers with Redux experience to quickly build out decentralized applications. This release focuses on support and documentation for the EventStore. Using the EventStore and the Transmute Framework, developers can save events to Ethereum and IPFS, track and query the event-sourced data models, and leverage the immutability properties of IPFS and Ethereum. A Deeper Dive on the Transmute Framework Architecture One challenge developers face when building their first dapp is: how to manage state? Since Redux developers are accustomed to managing state with Redux, we chose to provide a Redux-like api for managing dapp state. Events can be used to model many applications and systems; the EventStore solidity smart contracts store events. Storing information on Ethereum is expensive, so we leverage the decentralized file system IPFS to store larger javascript objects, and then we store the IPFS identifier in the Ethereum smart contract. Together, Ethereum and IPFS are used to construct a Redux-like API for managing application state. IPFS’ content addressing strategy lets us store references to large slices of data easily. Another challenge dapp developers face is: syncing smart contracts state with external databases. This is important for querying, caching, analytics and external integrations. We use the term ReadModel to describe the state of an entity built up from events. Imagine a power plant with many switches and many possible states. Each time a switch is changed, an event is logged, describing the time and state of the switch. By reviewing this event log, we can see what the current state of the power plant is by looking at how it has changed over time. Event sourcing is a powerful tool that allows data management to evolve as it grows — always with the ability to rebuild state from events. ReadModels process the events from Ethereum and IPFS, and use a reducer to generate a state object that can be saved to caches or databases for querying.",https://medium.com/transmute-techtalk/release-the-transmute-framework-alpha-ad45acd42bdc,,Post,,Product,,,,,,,,2018-03-08,,,,,,,,,,,,,
Transmute,Transmute,,Medium,,Orbit DB,,,,,Transmute ID Alpha,"One thing we learned from our Orbit DB PoC is that the DID spec offers a lot of valuable flexibility. Most DID systems achieve censor resistant decentralized storage and cryptographic decentralized identity protocols through a single identifier (hash of or full public key). We found it is possible to create a valid DID implementation that is anchored by 2 public keys, one for updating the filesystem, the other for managing the integrity of the documents, identities and claims.","Transmute ID Alpha Release 5: Wolf 359 Transmute’s sixth monthly release During November we focused our product and engineering efforts on shipping a public alpha of Transmute ID, our hybrid centralized and decentralized identity solution for enterprises. Transmute ID Features and Business Case Transmute ID supports the creation of discoverable identities that can securely send and receive requests and verified credentials, and have record of critical transactions written to a public or private ledger. We engineered our data model and architectural options to integrate easily with business workflows and pain points, and to reflect entity, individual, and asset identities. These business-related identities and their associated claims are built on decentralized identity standards, meaning they can be compatible with other consumer-focused self-sovereign solutions such as Uport and Sovrin. This means we can simultaneously support growth of the decentralized identity ecosystem while also addressing key enterprise pain points including identity proofing, portability, interoperability, consent, and regulatory compliance. DID Javascript Library While building Transmute ID, we’ve made significant progress towards a javascript library for developing DID systems and working with verifiable claims. Separating Decentralized Storage from Decentralized Identity We also added utility to our Transmute-did library, and developed a novel DID implementation built on top of OrbitDB with some really interesting features. One thing we learned from our Orbit DB PoC is that the DID spec offers a lot of valuable flexibility. Most DID systems achieve censor resistant decentralized storage and cryptographic decentralized identity protocols through a single identifier (hash of or full public key). We found it is possible to create a valid DID implementation that is anchored by 2 public keys, one for updating the filesystem, the other for managing the integrity of the documents, identities and claims. This dual public key system can reduce likelihood of an attacker compromising a full identity. It also creates more flexibility around storage and identity stewardship. Read more about how Transmute supports this scenario here. DID Selector Improvements We also proposed an updated approach to DID selectors to improve usability and longevity. This improvement suggests additional standards including JSON Pointer, JSON Path, JSON Path Expressions, URI Template, and Fragment Identifier. IPFS Updated Helm Charts While working with IPFS to support our Orbit DID PoC, we updated our helm charts for IPFS to the latest version. Check them out here. IPFS + Oracle Kubernetes Integration We added an easy mode setup for running IPFS on Oracle Kubernetes Engine with SSL, see here: https://GitHub.com/Transmute-industries/Transmute-charts/tree/master/tutorials/providers/oracle https://GitHub.com/Transmute-industries/Transmute-charts/tree/master/tutorials/easymode/ipfs We look forward to sharing our progress with Transmute ID in future releases. If you are interested in learning more about our tools applied to your specific use case, please contact us at product@Transmute.industries.",https://medium.com/transmute-techtalk/transmute-id-alpha-ba66cdc112fe,,Post,,Product,,,,,,,,2018-06-04,,,,,,,,,,,,,
Transmute,Transmute,,,,,,,,,Transmute U.S. CBP Steel Tech Demo,"The story focuses on critical trade verifiable credentials being issued, presented, and verified by trade, CBP, and PGAs.",,https://www.youtube.com/watch?v=03l_j7fvmhq,,Video,,Product,,,,,,,,2022-09-07,,,,,,,,,,,,,
Transmute,Transmute,,Medium,,,,,,,Element Block Explorer,"We’ve made some serious upgrades to the Element-lib which is the javascript library we use to implement the Element DID. As we mentioned in our last post here, Element is a Sidetree Protocol based DID Method that relies on Ethereum and IPFS. Our implementation is unique in that we provide a JavaScript library that runs in both the browser and node.js, in addition to providing a server-based REST API.<br><br>Our first implementation of Element enabled users to anchor their DID directly via a MetaMask-powered DApp thanks to Infura, and also use our “Full Node” to submit operations. Supporting both modes introduced a lot of complexity, and highlighted some scalability issues which we’ve recently fixed.","Element Block Explorer Transmute is pleased to introduce a block explorer for Element and Sidetree Full Nodes…with some extra bells and whistles. Check it out here: https://element-did.com/explorer. We’ve made some serious upgrades to the Element-lib which is the javascript library we use to implement the Element DID. As we mentioned in our last post here, Element is a Sidetree Protocol based DID Method that relies on Ethereum and IPFS. Our implementation is unique in that we provide a JavaScript library that runs in both the browser and node.js, in addition to providing a server-based REST API. Our first implementation of Element enabled users to anchor their DID directly via a MetaMask-powered DApp thanks to Infura, and also use our “Full Node” to submit operations. Supporting both modes introduced a lot of complexity, and highlighted some scalability issues which we’ve recently fixed. Using Element.Sidetree Interfaces might change, but we’ve added a class called “Sidetree” which abstracts a lot of the common functions and interfaces we used in the first version of Element. Here’s how its initialized: Blockchain and Storage interfaces have not changed (we still support Ethereum and IPFS only). We have added support for a message bus and database for caching data retrieved from the storage and blockchain interfaces. There 2 new services have opened the door towards some really exciting design patterns like CQRS, and syncing the database from full nodes. DB: Offline Mode, Caching and Syncing We’ve added an adapter pattern and a database to Sidetree, and we’re supporting PouchDB / CouchDB and Google Cloud Firestore out of the box. PouchDB, the JavaScript Database that Syncs! It enables applications to store data locally while offline, then synchronize it with CouchDB and compatible servers…pouchdb.com PouchDB is great because it provides a consistent API for both web and node.js and integrates seamlessly with CouchDB for enterprise-scale NoSQL. It’s easy to setup your own CouchDB instance, or host one on a major cloud provider. We also added support for Google Cloud’s Firestore, because we use Firebase to host most of Element today: Cloud Firestore | Firebase Use our flexible, scalable NoSQL cloud database to store and sync data for client- and server-side development.firebase.google.com Both of these databases have support for offline mode and syncing; right now, we’re not leveraging the sync features, but we do use the IndexDB interface provided by PouchDB to avoid making network requests for Ethereum and IPFS. In the future, we think this offline support will be very useful for anyone building a DID application in an Internet-denied environment, like rural areas or combat zones. ServiceBus: CQRS and Event Sourcing We’re huge fans of event sourcing and CQRS. If you are not familiar, check this out: Command and Query Responsibility Segregation (CQRS) pattern — Cloud Design Patterns Segregate operations that read data from operations that update data by using separate interfaces.docs.Microsoft.com Now that Element has a message bus built in, there are lots of potential integrations with other event-oriented systems, like OrbitDB, IPFS PubSub, Kafka, and more. Resolve & Sync The first version of Element only had a blocking syn
Transmute,Transmute,,Medium,,,,,,,Verifiable Actions for signing and verifying VCs with DIDs,This weekend I worked on making a GitHub actionthat can sign and verify verifiable credentials with decentralized identifiers.,,https://medium.com/@transmute/verifiable-actions-for-signing-and-verifying-vcs-with-dids-a4176fb5ba3f,,Post,,Resources,,,,,,,,2022-03-21,,,,,,,,,,,,,
Transmute,Transmute,,GitHub,,,,,,,eXtended Merkle Signature Scheme,"We've been working on generating test vectors for:<br>https://datatracker.ietf.org/doc/html/rfc8391<br><br>That we could use to register the `kty` and `alg` for XMSS such that it<br>could be used by JOSE and COSE.<br><br>[https://GitHub.com/Transmute-industries/xmss](https://GitHub.com/Transmute-industries/xmss)<br><br>I've reached the limits of my ability to move this ball forward, and am<br>here to ask for help.<br><br>I'm not very good with GoLang, and the original xmss source I am basing<br>this on is difficult for me to extend.",,https://github.com/transmute-industries/xmss,,Code,,Standards,,,,,,,, 2022-04-15,,,,,,,,,,,,,
Transmute,FederalBlockchainNews,,,,SVIP,,,,,"Anil John and Melissa Oh, of the Silicon Valley Innovation Program (SVIP)","There was a significant push by large platform players and others, to set up a platform model […] sit in the middle and extract value from that platform. As a government, we are rather familiar with being walked into a corner and told that there is only one product that you will buy because it will solve the problem.",,https://podcasts.apple.com/us/podcast/federal-blockchain-news/id1533524719,,Episode,,Standards,Public,Supply Chain,,,,,,2020-09-25,,,,<br>,,,,,,,,,
Transmute,Transmute,,,,,,,,,GitHub DID,"Decentralized Identifiers (DIDs) are a new type of identifier for verifiable, ""self-sovereign"" digital identity. DIDs are fully under the control of the DID subject, independent from any centralized registry, identity provider, or certificate authority. DIDs are URLs that relate a DID subject to means for trustable interactions with that subject. DIDs resolve to DID Documents — simple documents that describe how to use that specific DID. Each DID Document contains at least three things: cryptographic material, authentication suites, and service endpoints. Cryptographic material combined with authentication suites provide a set of mechanisms to authenticate as the DID subject (e.g., public keys, pseudonymous biometric protocols, etc.). Service endpoints enable trusted interactions with the DID subject.<br>",,https://github.com/decentralized-identity/github-did,,Page,,Standards,,,,,,,,2020-05-08,https://www.npmjs.com/package/@Transmute/GitHub-did,,,,,,,,,,,,
Transmute,Transmute,,,,,,,,,DID Key Workbench,"did:key is a DID Method which is offline friendly, cryptographically self certifying, requires no trust of certificate authoritites or blockchain and is ideal for ephemeral use.",,http://did.key.transmute.industries/,,Page,,Standards,,,,,,,,2020-11-27,,,,,,,,,,,,,
Transmute,Transmute,,Medium,,Microsoft; Consensys; DIF,,,,,Introducing Element,"Transmute is excited to announce Element, an implementation of the Sidetree Protocol on top of Ethereum and IPFS. This work was done in collaboration with Microsoft and Consensys under the Decentralized Identity Foundation (DIF)","Introducing: Element The Sidetree Protocol Implemented on Ethereum Transmute is excited to announce Element, an implementation of the Sidetree Protocol on top of Ethereum and IPFS. This work was done in collaboration with Microsoft and Consensys under the Decentralized Identity Foundation (DIF). See also: ion, sidetree-core, sidetree-ethereum, sidetree-ipfs Why another DID Method? We love `did-ethr,’ but not every use case can support a single Ethereum transaction per document update, and there are lots of cases where we would like to use decentralized identities (DIDs) for ephemeral or high volume use cases, such as IoT and supply chain integrations which make this approach impractical. We’re excited to use the serviceEndpoints defined in Element DID documents to track external integrations, in a privacy preserving manner, including identity hubs, credential stores, and more. Furthermore, the scalability that Sidetree brings to DIDs is unprecedented. Our product, Transmute ID — enterprise-grade decentralized identity — must support scale that we could not achieve otherwise, so we are proud to offer Element as an alternative DID method for Transmute ID customer deployments. This is the business reason we invested so heavily in this open source implementation. There are already detailed posts about what Sidetree is, so we wanted to focus on Element, and what is special about it in the following: About the Code Transmute followed the general structure of sidetree-core and sidetree-bitcoin, but chosen to implement all the protocol logic in a single library, so we can demonstrate both server and browser based sidetree clients that run off the same codebase. We also chose to use Lerna, the mono repo tool for Javascript projects. This lets us test the newest versions of element-lib work with both element-app and element-api. Additionally, we implemented a very simple paper wallet system for testing working with DIDs, where a user can: - Create a wallet. 2. Add a password. 3. Export it as a QR code. Later, the user can import the wallet into the browser and use it to sign Sidetree operations for either the light node or the full node. This makes testing create and update super easy. Unlike Sidetree core, which is a bit more object-oriented and written in TypeScript (which we love!), Element extends functionality by using boring old Javascript. We hope this stokes more open source contribution given Javascripts’ wide acceptance. Light Node First! First and foremost, we think that users with sufficient funds should always be able to anchor their own DID updates with nothing more than a connection to IPFS and Ethereum. For some users, this will mean running a full ethereum node and IPFS locally, and others will use Infura. We provide a MetaMask powered light node demo where a user can pay to anchor their own DID (note: MetaMask uses Infura). Full Node as Cloud Functions! We also have a full node which is an express-based node JS web server with Swagger docs for its API. In this mode, we foot the bill for anchoring to the ledger; it’s currently free, but we plan to introduce Captcha [at a minimum] and more anti-spam defenses in the future.",https://medium.com/transmute-techtalk/introducing-element-328b4260e757,,Post,depreciated,Standards,,,,,,Ethereum,"DID,IPFS,Sidetree,Element",2019-05-10,https://GitHub.com/decentralized-identity/element,,,,,,,,,,,,
Transmute,Transmute,,Medium,,,,,,,NFC + DIDs,"Supply chains are complicated. While over 80% of logistics companies are investing in digitization to bring their supply chains into the 21st century, at the end of the day, not every step along the way can be web-enabled.<br><br>Transmute has been working on a solution: tying DIDs to Tangem NFC Cards, which carry a passport-grade secure chip, which implements public key cryptography. Near Field Communication (NFC) is the technology that enables things like contactless payments [...] increasingly used in supply chains for things like inventory and warehouse management","NFC + DIDs Transmute solves for offline traceability with Tangem. Supply chains are complicated. While over 80% of logistics companies are investing in digitization to bring their supply chains into the 21st century, at the end of the day, not every step along the way can be web-enabled. Provable identification is equally as important in these offline gaps, but far harder to achieve; part of the problem is ensuring seamless traceability across events like shipment handoffs [and associated documentation exchange] that happen offline versus the ones that occur online. Transmute has been working on a solution: tying DIDs to Tangem NFC Cards, which carry a passport-grade secure chip, which implements public key cryptography. Near Field Communication (NFC) is the technology that enables things like contactless payments (e.g. Apple or Android pay), but it’s also being more increasingly used in supply chains for things like inventory and warehouse management [via contactless counting of products on shelves]. Much like DIDs, they provide unique identification for the objects they represent (like your cell phone), but they’re notoriously limited when it comes to data storage and as such have long been outpaced by other web-enabled identification technologies like the QR code. However, in our implementation of did:key on Tangem’s NFC cards, we’ve demonstrated that linking DIDs to NFC Smart Cards solves the usability problem. Now, users have a single device that solves offline authentication, while unlocking secure access to secure storage [ad infinitum/in an infinite amount] — for instance the same user can use their single NFC-based DID to authorize a shipment release at a port as to access full shipment reports stored in their cloud-based EDV — both actions that would be captured in an immutable audit log. This also ensures that actions conducted offline are still accounted for since the DID is a url-based unique identifier. In order to try and explain better how Smart Cards, DIDs and VCs can be used, we’ve developed a set of small user stories. These are in no way exhaustive, but hopefully they help paint a picture of both the B2B and B2C opportunities in this space. “As an inspector, I scan a QR Code on a crate with my phone, loading product information into a credential representing inventory review, and then tap my NFC card to create an inventory reviewed credential, which will automatically be persisted to my encrypted data vault and anchored on a blockchain when I regain internet access.” “As a COVID-19 testing facility operator, I verify permanent resident card associated with a patient, after challenging them to authenticate with their NFC Card. I then complete their rapid response test, and issue a test results credential to their NFC Card. When they travel, they can use their NFC card to present their test results credential to transport authorization personnel.” “ As an undercover operative, I register my did with my handler, and they watch a public blockchain for transactions associated with my NFC Card. When they see a transaction, they check IPFS for the encrypted message, and decrypt it to see the update regarding the ongoing investigation.” “As a quality assurance officer for steel inc, I use my NFC card, issued by my employer to create digital certificates for my mill test reports. I use my NFC card to encrypt those certificates and submit them to an encrypted data vault.
Transmute,Transmute,,ssimeetup,,,,,,,"The Element DID Method: Sidetree, Ethereum & IPFS – Orie Steele","Supply chain logistics companies are particularly interesting with how they manage their extended business networks as they compete for new business. This includes faster and safer on-boarding of customers and third-party vendors, and new ways to manage the lifecycle and associated data of those relationships.","The Element DID Method: Sidetree, Ethereum & IPFS – Orie Steele – Webinar 31 Orie Steele is Cofounder and CTO of Transmute, a company developing IAM and Verifiable Credential solutions that integrate Decentralized Identity for Enterprises. He has a BS in Cyber Security and MS in Computer Science from Stevens Institute of Technology where he studied social network malware and botnets between 2007-2012. He was an early engineer at Patient IO, a Techstars backed startup acquired by Athena Health in 2016, where he helped develop and secure a care coordination platform that connected nurses and patients. In this talk, Orie will discuss the history of the Element DID Method, how it leverages the same Sidetree Protocol that is used by ION on the Bitcoin Network. He’ll introduce the motivation for Element and ION, and then walk through the core components of developing a working DID System, including topics such as wallets, signing, DID resolution, key revocation, and decentralization. Video recording: Slideshare presentation: How can you use these slides and knowledge? This content is shared with a Creative Commons by Share Alike License. This allows you to reuse the powerpoint slides we are sharing here to build your own SSI communities around the globe. You only need to credit SSIMeetup and the invited guest of the day and share whatever you produce with the same license. Please read the license for full details. Download the full presentation “The Element DID Method: Sidetree, Ethereum & IPFS – Orie Steele” from Google Slides. Interested in collaborating or sharing? Please get in touch via the contact form or one of the social media channels and we will find something interesting to do together or support you.",https://ssimeetup.org/element-did-method-sidetree-ethereum-ipfs-orie-steele-webinar-31/,,Post,,Standards,,,,,,,DID:Element,2019-07-04,,,,,,,,,,,,,
Transmute,Transmute,,Medium,,Okta,,,,,Verifiable Credentials with Transmute and Okta,Okta provides a mechanism for adding custom claims to id_tokens and access_tokens: Hooks and Custom Authorization Servers. These components can enable automated integrations with emergent technology including decentralized identifiers and verifiable credentials.,,https://medium.com/transmute-techtalk/verifiable-credentials-with-transmute-and-okta-574edaec887b,,Post,,Standards,,,,,,,,2020-04-17,,,,,,,,,,,,,
Transmute,Transmute,,,,,,,,,"Verifiable Presentation Personas: Certifiers, Consolidators, & Submitters","The arrow for “Issue Credentials” is exactly the same as “Send Presentation,” leading us to believe these activities are similar, but how are they similar? We can’t adequately answer these questions by looking at the above picture and the specification doesn’t provide a ton of help either…",,https://medium.com/@transmute/verifiable-presentation-personas-certifiers-consolidators-submitters-b38a281eb92f,,Post,,Standards,,,,,,,,2022-04-21,,,,,,,,,,,,,
Transmute,Xaralite,,,,Transmute; Consensys; uPort; IBM; Blockstack; Danube Tech; Trinsic; Spherity; Microsoft,,,,,"Decentralized Identifiers Market May See a Big Move: Major Giants- Consensys, Blockstack, Danube Tech","provides valuable market size data for historical (Volume & Value) from 2016 to 2020 which is estimated and forecasted till 2026*. Some are the key & emerging players that are part of coverage and have being profiled are Transmute(United States), Consensys(United States), uPort(United States), IBM(United States), Tykn Tech(Netherlands), Blockstack(United States), Danube Tech(Austria), Trinsic(United States), Spherity(Germany), Microsoft(United States).",,https://xaralite.com/1746487/news/decentralized-identifiers-market-may-see-a-big-move-major-giants-consensys-blockstack-danube-tech/,,Report,,Meta,,,,,,,,,,,,,,,,,,,,,
Trinsic,Streetcred,Trinsic,,Riley Hughes; Michael Boyd,DIF; Sovrin Foundation; Verifiable Organizations Network; Covid Credentials; TOIP; Hyperledger Foundation; W3C,"USA, New York, New York",USA,,,Trinsic,"We make it easy to implement Self-Sovereign Identity based on Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs), a new digital identity standard. Our software is based on the open-source Hyperledger Aries project, to which we are a primary contributor.<br><br>Together with proper governance, SSI enables, for the first time, the Trust over IP (ToIP) stack. Once trust can effectively be conveyed over IP, a tremendous number of opportunities arise in every industry vertical imaginable. We build the tools to help you capitalize on this opportunity.",,https://trinsic.id/,,Company,,Company,Enterprise,ID,Software,,,,"Verifiable Credentials,DID",1998,,https://twitter.com/trinsic_id,https://www.youtube.com/channel/UCkPIelMjjBfT-0bHLVdmZZA,https://trinsic.id/blog/,https://trinsic.id/feed/,https://join.slack.com/t/trinsiccommunity/shared_invite/zt-liwrvejk-dXC3uwYL6CCP~~RNIzc7sg,https://www.crunchbase.com/organization/trinsic-inc,https://www.linkedin.com/company/trinsic-id/,https://docs.trinsic.id/docs,https://trinsic.id/trinsic-studio/,https://trinsic.id/trinsic-wallet/,,
Trinsic,NorthernBlock,,,,,,,,,Building Digital Trust Ecosystems with Riley Hughes from Trinsic,"The reason I love that quote is that digital credentials and verifiable data can not only impact the use cases that everybody tends to think about when they think about SSI, but they could permeate our whole lives and streamline everything we do.","Listen to this Episode about Building Digital Trust Ecosystems on Spotify The Virality of Self-Sovereign Identity Mathieu: I wanted to start with a quote, Riley, from the movie Inception: from Leonardo DiCaprio’s character, Cobb. I’ve seen this quote in an article that you’ve written before, and the quote goes like this: “What is the most resilient parasite? Is it bacteria? A virus? An intestinal worm? An idea. Resilient, highly contagious. Once an idea has taken hold of the brain, it’s almost impossible to eradicate.” You had used this quote to refer to Self-sovereign Identity, or when you started thinking about ‘digital trust’ for the first time some years ago. Would you mind giving a background of how this has taken over your brain, and your life, and effectively, the mission behind Trinsic today? Riley: Yes, that’s an awesome quote — I’m glad that you brought that back up. The first time I was exposed to Self-sovereign Identity and this concept of decentralized identity was when I interviewed for a job at the Sovrin Foundation when it was looking to hire its first employee. My interview was with somebody named Steve Fulling, as well as Phil Windley. Phil Windley is the founder of the Internet Identity Workshop, and he was the chair of the board of Sovrin. He’s quite a ‘guru,’ and he was very good at conveying the vision and what we were trying to accomplish. I went in for a regular job interview, and it went well, but after I left the interview, I looked everywhere around me, and all I could see were digital credentials or the lack thereof. It was as if, once I saw the way the world could operate. I’ve never been able to go about life normally again. Even small daily things; one time, UPS was shipping me a package, and I wanted to pick it up at the distribution center, but I couldn’t prove that it was actually me who bought the package. Or another example: I used to work in the solar industry, collecting people’s electricity data so that we could build them a solar panel estimate. Things like that: everyday activities that you don’t normally hear about, such as KYC (Know Your Customer), or health credentials, or the prime SSI use cases. The reason I love that quote is that digital credentials and verifiable data can not only impact the use cases that everybody tends to think about when they think about SSI, but they could permeate our whole lives and streamline everything we do. I think that was evidenced throughout my time in this space. It seems as if people who get into Self-sovereign Identity, can’t get out. Even people that I worked with at the Sovrin Foundation; while we were there, we never ever had any attrition of employees, even though the Sovrin Foundation was a hard place to be because of funding challenges. Ultimately, those funding challenges resulted in people losing their jobs at one point, but even throughout all that, nobody ever left. We’ve seen the same thing at Trinsic: nobody’s ever left, unless they’re an intern, or someone moving on to their next project. Mathieu, maybe you could speak to this, but I remember when Northern Block came into this space. You weren’t focused solely on Self-sovereign Identity, but it seems like you’ve leaned into this subject. I think that’s characteristic of what I’ve seen over and over and over; once this concept infects your brain, you really can’t help but go all in. I think that’s a characteristic of really promising movements: Once you see it, you can’t unsee it. In my opinion, it’s inevitable that the world is going to go in this direction. Mathieu: Yes, it’s a similar mindset. The feelings that you had towards SSI or digital trust, or Trust over IP, however,
Trinsic,Trinsic,,Medium,,,,,,,Call to Action: Verifiable Credentials & COVID-19,"Gates suggests that a digital certificate is needed because it will enable people to share trustworthy information with others. In other words, it is a tool at our disposal to help us reduce uncertainty around the virus. As uncertainty is reduced, additional information enables risk decisions⁴ to be made to ensure our economy doesn’t slip into a total depression. More people can go back to work,faster. Bill Gates’ comment on Reddit caught attention among my colleagues, customers, and partners because there is already a W3C technology standard to accomplish this called verifiable credentials (VC). Hundreds of organizations, including the largest companies in the world, are using VCs for all sorts of things. Verifiable credentials are like digital certificates but with special superpowers that give people privacy, control, and convenience.","Call to Action: Verifiable Credentials & COVID-19 Shortly after Bill Gates posted on Reddit a few weeks ago, my notifications started blowing up. In response to a question about what businesses should stay open during this COVID-19 pandemic, he said: Worldwide Pandemic COVID-19 is an unprecedented pandemic that’s turned the global economy upside down in a matter of weeks. But the true cause of cities shutting down, sports leagues cancelling, and nationwide layoffs is not the novel Coronavirus per se. The true cause is uncertainty¹. Because the virus reportedly has an incubation period of up to 14 days, it’s impossible to know who has the virus. That means everyone you come in contact with is a potential threat to you and your family, and given that, society’s rational response has been to reduce the number of people we come in contact with through social distancing, quarantine, and other measures. This effort is saving millions of lives, but costing millions of jobs. It’s reducing the burden on our medical system, but increasing the economic burden on people everywhere². The degree to which uncertainty exists is the degree to which the economy must remain on lockdown. The degree to which we reduce uncertainty is the degree to which people can go back to work. The longer the economy is on lockdown, the more harm is done to the most vulnerable groups of people³ and crucially important small businesses. The question logically follows: How do we reduce uncertainty and pick up our economy? I believe we need two things. - We need to know whether we have the virus or not. That means we need lots of affordable tests. I won’t spend time on this point — the medical community is working at lightspeed to make this happen, and recent/upcoming FDA approvals look promising. - We need to know whether others have the virus or not. We need to be able to share our status and verify the status of others. That means we need a scalable, privacy-respecting infrastructure for sharing trustworthy information. This is exactly the point Bill Gates was alluding to. Trusted data Gates suggests that a digital certificate is needed because it will enable people to share trustworthy information with others. In other words, it is a tool at our disposal to help us reduce uncertainty around the virus. As uncertainty is reduced, additional information enables risk decisions⁴ to be made to ensure our economy doesn’t slip into a total depression. More people can go back to work, faster. Bill Gates’ comment on Reddit caught attention among my colleagues, customers, and partners because there is already a W3C technology standard to accomplish this called verifiable credentials (VC). Hundreds of organizations, including the largest companies in the world, are using VCs for all sorts of things. Verifiable credentials are like digital certificates but with special superpowers that give people privacy, control, and convenience. Community Weeks ago, various partners and customers of ours began reaching out and discussing the possibility of using VCs to respond to the COVID-19 situation. We’ve been collaborating with th
Trinsic,Trinsic,,,,,,,,,Decreased Unemployment Among African Youth Using Verifiable Credentials,"In Africa, these difficulties are magnified by the pre-existing high unemployment rate among African youth. Yoma is a platform that uses verifiable credentials to help African youth build up their digital CV and find employment that matches their skills. Although Yoma and its benefits were relevant and needed before the pandemic, the economic impacts of COVID-19 have only increased the platform’s effectiveness for African youth.
Below is the interview we had with Lohan Spies, the individual responsible for integrating verifiable credentials into the Yoma platform using the Trinsic platform.",,https://trinsic.id/decreasing-unemployment-verifiable-credentials/,,Interview,,Explainer,,,,,,,,2020-08-04,,,,,,,,,,,,,
Trinsic,Trinsic,,,,,,,,,SSI Has an Identity Problem,"there is a new category of technology and business solutions that seeks to solve the proverbial “dog on the internet” identity problem for individuals, organizations, and connected devices. Most often called ‘SSI’ (for ‘self-sovereign identity’) or ‘decentralized identity’, these terms are often used in the same way ‘elephant’ is used—with a wealth of meaning and nuance not apparent to beginners. A review of the different terms used to reference SSI provides a helpful introduction.",,https://trinsic.id/ssi-has-an-identity-problem/,https://trinsic.id/wp-content/uploads/2020/11/elephant.png,Post,,Explainer,,,,,,,,2020-11-24,,,,,,,,,,,,,
Trinsic,Trinsic,,Medium,,,,,,,The Story of Decentralized Identity,"Most of the time we don’t realize how much our private data is exposed and shared. Often we don’t even question how much information about us we should share to get something. Do you really need all those sensitive details about me to go through even a simple process as a rental application for a tiny apartment? Why do you need to see my bank history to verify I have sufficient income, or see my name and address on my ID to verify I’m over 21? Why do we still rely on physical documents to prove something about us in this age of technological advancement?","The Story of Decentralized Identity Three years ago I was moving from my Jersey City apartment to a new apartment in midtown Manhattan. The real estate agent seeing me through the process explained all the necessary documentation I will need to present to the landlord to prove I’m eligible and worthy of renting a place in the middle of the island. This was not an ordinary rental application — I had to provide proof of employment, rental…",https://medium.com/trinsic/the-case-for-decentralized-identity-820b48527cba,,Post,,Explainer,,,,,,,,2018-08-19,,,,,,,,,,,,,
Trinsic,Trinsic,,,,,,,,,Trinsic Basics: The Three Models of Digital Identity,"Digital identity has advanced over time, most recently culminating in self-sovereign identity (SSI). In this Trinsic Basics post, we are going to briefly cover the different models of digital identity and how SSI is the next step in the digital identity evolution. The content in this post is inspired by ablog post",,https://trinsic.id/the-three-models-of-digital-identity/,,Post,,Explainer,,,,,,,,2020-09-25,,,,,,,,,,,,,
Trinsic,Trinsic,,,,,,,,,Trinsic Basics: What Are Decentralized Identifiers (DIDs)?,"Most identifiers are given to us by centralized registration authorities like governments, telephone companies, and email providers. But that puts an organization in between us and our ability to access basic services, compromising privacy and putting individuals in a position of powerlessness. The answer to this problem is aW3C standardcalled Decentralized Identifiers (DIDs).",,https://trinsic.id/trinsic-basics-what-are-decentralized-identifiers-dids/,,Post,,Explainer,,,,,,,DID,2020-09-03,,,,,,,,,,,,,
Trinsic,Trinsic,,,,,,,,,Trinsic Basics: What Are SSI Digital Wallets?,"A digital wallet, in the context of self-sovereign identity, is a software application and encrypted database that stores credentials, keys, and other secrets necessary for self-sovereign identity.³\",,https://trinsic.id/what-are-ssi-digital-wallets/,,Post,,Explainer,,,,,,Wallet,,2020-08-20,,,,,,,,,,,,,
Trinsic,Trinsic,,,,,,,,,Verifiable Credentials and Smart Contracts for COVID-19 Data Management,"The app is called “State Surveillance System for Covid19 Testing and Vaccine Distribution Management”. It is a prototype app developed using DAML (Digital Assets Modeling Language) and W3C’s verifiable credentials. The app showcases a prototype solution that provides a digital, secure experience for citizens, health clinic providers, and state agencies to share COVID-19 test results, “proof of vaccine” administration, and other “immunity proofs” using a centralized ledger.",,https://trinsic.id/verifiable-credentials-and-smart-contracts-for-covid19-data-management/,,Post,,Explainer,,,,,,,,2020-09-10,,,,,,,,,,,,,
Trinsic,Personal,,,Damien Bowden,,,,,,Creating Verifiable credentials in ASP.NET Core for decentralized identities using Trinsic,This article shows how verifiable credentials can be created in ASP.NET Core for decentralized identities using the Trinsic platform which is a Self-sovereign identity implementation with APIs to integrate.,"This article shows how verifiable credentials can be created in ASP.NET Core for decentralized identities using the Trinsic platform which is a Self-sovereign identity implementation with APIs to integrate. The verifiable credentials can be downloaded to your digital wallet if you have access and can be used in separate application which understands the Trinsic APIs. Code: https://GitHub.com/swiss-ssi-group/TrinsicAspNetCore Blogs in this series - Getting started with Self Sovereign Identity SSI - Creating Verifiable credentials in ASP.NET Core for decentralized identities using Trinsic - Verifying Verifiable Credentials in ASP.NET Core for Decentralized Identities using Trinsic - Challenges to Self Sovereign Identity Setup We want implement the flow shown in the following figure. The National Driving license application is responsible for issuing driver licenses and administrating licenses for users which have authenticated correctly. The user can see his or her driver license and a verifiable credential displayed as a QR code which can be used to add the credential to a digital wallet. When the application generates the credential, it adds the credential DID to the blockchain ledger with the cryptographic proof of the issuer and the document. When you scan the QR Code, the DID will get validated and will be added to the wallet along with the request claims. The digital wallet must be able to find the DID on the correct network and the schema and needs to search for the ledger in the correct blockchain. A good wallet should take care of this for you. The schema is required so that the data in the DID document can be understood. Trinsic Setup Trinsic is used to connect to the blockchain and create the DIDs, credentials in this example. Trinsic provides good getting started docs. In Trinsic, you need to create an organisation for the Issuer application. Click on the details of the organisation to get the API key. This is required for the application. This API Key cannot be replaced or updated, so if you make a mistake and lose this, commit it in code, you would have to create a new organisation. It is almost important to note the network. This is where you can find the DID to get the credentials produced by this issuer. To issuer credentials, you need to create a template or schema with the claims which are issued in the credential using the template. The issuer application provides values for the claims. Implementing the ASP.NET Core Issuer The verifiable credentials issuer is implemented in an ASP.NET Core application using Razor pages and Identity. This application needs to authenticate the users before issuing a verifiable credential for the user. FIDO2 with the correct authenticate flow would be a good choice as this would protect against phishing. You could use credentials as well, if the users of the applications had a trusted ID. You would still have to protect against phishing. The quality of the credentials issued depends on the security of the issuing application. If the application has weak user authentication, then the credentials cannot be trusted. For a bank, gov IDs, drivings license, a high level of security is required. Open ID Connect FAPI with FIDO2 would make a good solution to authenticate the user. Or a user with a trusted gov issued credential together with FIDO2 would also be good. The ASP.NET Core application initializes the services and adds the Trinsic client using the API Key from the organisation which issues the credentials. The Trinsic.ServiceClients Nuget package is used for the Trinsic integration. ASP.NET Core Identity is used to add, remove users and add driving licenses for the users in the administration part of the application. MFA should be setup but
Trinsic,IDCommons,,IIW,Riley Hughes,,,,,,Build an SSI proof of concept in <30 minutes,"The session began with a short introduction to SSI, an introduction to Trinsic, and an overview of how to get started. Then, everybody present starting building an SSI proof of concept, creating issuers, verifiers, and schemas to learn first-hand how it all works. A step-by-step guide on how to replicate this session can be found at the following link: [https://www.notion.so/Trinsic/Build-an-SSI-Proof-of-Concept-dae9d6e565eb4770be41b61d55e090cb](https://www.notion.so/Trinsic/Build-an-SSI-Proof-of-Concept-dae9d6e565eb4770be41b61d55e090cb)","21G/ Build an SSI proof of concept in 30 minutes Build an SSI Proof of Concept in <30 min Thursday 21G Convener: Riley Hughes Notes-taker(s): Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps: The session began with a short introduction to SSI, an introduction to Trinsic, and an overview of how to get started. Then, everybody present starting building an SSI proof of concept, creating issuers, verifiers, and schemas to learn first-hand how it all works. A step-by-step guide on how to replicate this session can be found at the following link: https://www.notion.so/Trinsic/Build-an-SSI-Proof-of-Concept-dae9d6e565eb4770be41b61d55e090cb",https://iiw.idcommons.net/21g/_build_an_ssi_proof_of_concept_in_30_minutes,,Session,,HowTo,,,,Ecosystem,,,,2021-05-06,,,,,,,,,,,,,
Trinsic,Trinsic,,,,TOIP; TOIP Founder,,,,,Joined Trust over IP Foundation as Founding Member,"As technology was developed to enable voice to travel over the Internet Protocol, a technology that powers Zoom, call centers, and more, it was coined Voice over IP. Other examples abound, including PC over IP, AV over IP, etc. Trust over IP (ToIP) is exactly what it sounds like. For the first time, the internet can add an element of human trust that would not have been possible before.",,https://trinsic.id/streetcred-id-joins-trust-over-ip-foundation-as-founding-member/,,Post,,Meta,,,,,,,,2020-05-05,,,,,,,,,,,,,
Trinsic,Trinsic,,,,,,,,,Trinsic just raised $8.5M🎉and we want to celebrate with you!,"developers face a dizzying number of standards to be compatible with—“SoulBound Tokens” and “Web5” being the latest additions to the litany of W3C, ISO, DIF, ToIP, and other existing specs. Trinsic offers teams a single API that acts as an abstraction layer that bridges ecosystems, strips complexity away from the development process, and ensures products are future-proof.",,https://trinsic.id/trinsic-raises-8-5m-for-decentralized-identity-platform/,,Post,,Meta,,,,,,,,2022-06-28,,,,,,,,,,,,,
Trinsic,Trinsic,,,,,,,,,Trinsic Leads SSI Digital Wallet Portability,"“Portable” is one of the 10 principles of self-sovereign identity (SSI). In order to achieve portability or self-sovereignty, an individual must be able to control where their identity information and credentials are stored. They must be able to leave their current provider and move to a new provider and never be trapped in vendor lock-in.
Wallet portability for individuals has always been an aspiration of wallet providers, but until today, has never been successful. We’re proud to announce that Trinsic has achieved interoperable wallet portability with two other SSI wallet vendors—Lissi and esatus AG. For the first time, an individual can “fire their wallet”¹ and use a new one.",,https://trinsic.id/ssi-digital-wallet-portability/,,Post,,Meta,,,,Portability,,Wallet,,2020-08-18,,,,,,,,,,,,,
Trinsic,Trinsic,,,,,,,,,Trinsic raises pre-seed funding and rebrands from Streetcred ID to Trinsic,"Salt Lake City, UT / June 10, 2020 / — Streetcred ID, a SaaS platform for decentralized identity, announced today that it rebranded to the name Trinsic and closed a pre-seed funding round with institutional investors. Kickstart Seed Fund (Kickstart), a seed-stage venture capital firm in the Mountain West, led the round. Trinsic is Kickstart’s first investment of its recently-closed, oversubscribed $110 million fund.",,https://trinsic.id/streetcred-id-rebrands-to-trinsic-raises-pre-seed-funding/,,Post,,Meta,,,,,,,,2020-06-10,,,,,,,,,,,,,
Trinsic,Trinsic,,,,,,,,IIW #28,Trinsic Cements its Commitment to Interoperability Ahead of Internet Identity Workshop XXXI,Interoperability has always been of paramount importance to Trinsic. That story begins at anIIW #28 demo,,https://trinsic.id/trinsic-commitment-to-interoperability-ahead-of-iiw/,,Post,,Meta,,,,,,,,2020-10-20,,,,,,,,,,,,,
Trinsic,Trinsic,,,,,,,,,Company Culture & Trinsineers,"Trinsineers are people who’ve agreed to take the journey to make the world more accessible to people everywhere. We’re a team ofpeoplewho happen to be working together inside a legal entity called Trinsic. This journey is not a casual stroll, but an expedition. As Trinsineers, we’re developing a culture that is not only helping us accomplish our goals but bringing fulfillment and enjoyment along the way.",,https://trinsic.id/on-company-culture-trinsineers/,,Post,,Meta,,,,,,,,2021-02-09,,,,,,,,,,,,,
Trinsic,Trinsic,,,,Verity,,,,,Trinsic Api's,Developers are thrilled when they discover Trinsic’s APIs because they are the simplest way to integrate self-sovereign identity into any application. <br>,The backend to the most innovative SSI applications Developers are thrilled when they discover Trinsic’s APIs because they are the simplest way to integrate self-sovereign identity into any application. Used by savvy developers around the world.,https://trinsic.id/powerful-apis/,,Code,,Product,,,,,,,,2020-04-06,,,,,,,,,,,,,
Trinsic,Trinsic,,,,MedCreds,,,,,MedCreds: Reducing the Risk of Returning to Work,"Looking to do its part in the fight against the COVID-19 pandemic, Trinsic announced three months ago that it would waive all fees for anyone working on projects related to the pandemic. Since then, we have seen a myriad of use cases ranging from using verifiable credentials for HIPAA certifications, to privacy-first contact tracing, to credentialing doctors for telemedicine.<br><br>The use case with the strongest traction has been creating verifiable COVID-19 test results in digital form. Currently, the process of receiving and using a paper-based COVID-19 test result is fraud-prone and clunky. Verifiable credentials makes this process more secure and streamlined.<br><br>One of our partners, MedCreds, is on the leading edge of providing secure, privacy-respecting, and regulatory-compliant solutions and has recently taken their COVID-19 verifiable test-result product to market",,https://trinsic.id/medcreds/,,Page,,Product,,,,,,,,2020-07-17,,,,,,,,,,,,,
Trinsic,Trinsic,,Medium,,,,,,,AgentFramework for.NET joins Hyperledger Aries,"We’re excited to announce that AgentFramework for .NET — a library for building interoperable SSI agents for the .NET Core runtime, joined the Hyperledger Aries family of frameworks. Aries provides a shared, reusable, interoperable tool kit designed for initiatives and solutions focused on creating, transmitting, and storing verifiable digital credentials.","AgentFramework for .NET joins Hyperledger Aries We’re excited to announce that AgentFramework for .NET — a library for building interoperable SSI agents for the .NET Core runtime, joined the Hyperledger Aries family of frameworks. Aries provides a shared, reusable, interoperable tool kit designed for initiatives and solutions focused on creating, transmitting, and storing verifiable digital credentials.",https://medium.com/trinsic/agentframework-for-net-joins-hyperledger-aries-14aba357da41,,Post,,Product,,,,,,"AgentFramework,.NET",,2019-08-24,,,,,,,,,,,,,
Trinsic,Trinsic,,,,,,,,,How to Create Connections in Trinsic Studio,"In this blog post, we will explain how to create connections in Trinsic Studio. Throughout the steps below, we will be referring to a fictitious person, Alice Smith, who is a recent graduate of Faber College and is applying for a job. Alice has already received her digital diploma in the form of a verifiable credential and is wanting to apply to work for a company called ACME Corp. In order to start the online job application, Alice must first make a connection with ACME Corp.",,https://trinsic.id/how-to-create-connections-in-trinsic-studio/,,Post,,Product,,,,,Trinsic studio,,,2020-12-02,,,,,,,,,,,,,
Trinsic,Trinsic,,,,Yoma,,,,,How Yoma Uses Trinsic to Help African Youth Build Digital CVs,"Verifiable credentials is a beautiful set of technology that allows people and organizations to get the data in a verifiable form that still respects agency.” Lohan Spies, Technical Lead, Yoma",,https://trinsic.id/customer-story-yoma/,,Post,,Product,,,,,,,,2023-05-09,,,,,,,,,,,,,
Trinsic,Trinsic,,,,,,,,,Partnered with Zapier to Bring SSI to 2000+ Applications,"In our eternal quest to make SSI easier to adopt, Trinsic partnered with leading workflow automation platform Zapier to enable Trinsic’s developer community to integrate self-sovereign identity with 2000+ common applications without coding! While Trinsic specializes in building the world’s best developer toolkit for decentralized identity, we recognize that plenty of non-technical people want to build SSI integrations. Zapier is the best tool we found to connect the APIs of various different services behind the scenes, making SSI more accessible than ever before.",,https://trinsic.id/trinsic-and-zapier-partner/,,Post,,Product,,,,,,,,2020-10-07,,,,,,,,,,,,,
Trinsic,Trinsic,,,,,,,,,Simplifying SSI-Based Solutions to Focus on Adoption,"After the COVID-19 pandemic hit the state of Oregon and we shuttered shops and public places, here in my little piece of heaven—the city of Sisters—I went to some of my friends atEconomic Development for Central Oregon",,https://trinsic.id/simplifying-ssi-based-solutions-to-focus-on-adoption/,,Post,,Product,,,COVID,,,,,2020-09-01,,,,,,,,,,,,,
Trinsic,Trinsic,,,,ESSIFLab,,,,,Trinsic Builds Open Source Trust Registry Sponsored by eSSIF-Lab,"Driven by our motivation to make SSI more adoptable, we built the world’s first turn-key, open source trust registry solution. This work was sponsored by the European Self-Sovereign Identity Framework Lab, which is an EU consortium that provides funding for projects that build SSI open source tools. Any ecosystem provider can use the trust registry implementation to enable governance in their verifiable data ecosystem.",,https://web.archive.org/web/20220810154637/https://trinsic.id/trinsic-builds-open-source-trust-registry-sponsored-by-essif-lab/,,Post,archived,Product,,,,,,Trust Registry,,2022-08-10,,,,,,,,,,,,,
Trinsic,Trinsic,,,,,,,,,Trinsic Introduces Interactive Connections in Trinsic Wallet & Platform,"Current digital wallet implementations fall short of the vision of self-sovereign identity (SSI) because they only allow wallet holders to respond to, not initiate, interactions with institutions. This reduces wallet holders to a passive role, which at best delivers suboptimal utility to the holder, and at worst can reinforce the unhealthy power asymmetries between institutions and people that exist today. Interactive connections solve this problem by creating a two-way street between a wallet holder and an institution. Instead of a passive responder, the wallet holder is a peer who can initiate actions of their own. In addition, wallet holders can interact not only with institutions, but also with other wallet holders, to communicate securely and share verified information.",,https://trinsic.id/interactive-connections/,,Post,,Product,,,,Wallets,,,,2020-11-03,,,,,,,,,,,,,
Trinsic,Trinsic,,,,,,,,,Announcing Trinsic’s Largest Platform Update Ever,"The next version of the Trinsic platform is 10x as accessible, 100x more performant, and 1,000x more scalable. And it is available now.",,https://trinsic.id/announcing-trinsics-largest-platform-update-ever/,,Post,,Product,,,,,,,,2021-07-08,,,,,,,,,,,,,
Trinsic,Trinsic,,,,,,,,,Introducing Trinsic Ecosystems,"Once an ecosystem is configured, providers need to onboard participants like issuers and verifiers. Trinsic Ecosystems comes with an API that’s extremely easy for any issuer or verifier to integrate and can be white-labeled with the name of the provider. In addition to the API, ecosystem participants can use the Trinsic Studio, a white-labeled web dashboard.",,https://trinsic.id/introducing-trinsic-ecosystems/,,Post,,Product,,,,,,,,2021-04-19,,,,,,,,,,,,,
Trinsic,Trinsic,,,,,,,,,Combining Verifiable Credentials and Smart Contracts for COVID-19 Data Management,"The app is called “State Surveillance System for Covid19 Testing and Vaccine Distribution Management”. It is a prototype app developed usingDAML(Digital Assets Modeling Language) andW3C’s verifiable credential. The app showcases a prototype solution that provides a digital, secure experience for citizens, health clinic providers, and state agencies to share COVID-19 test results, “proof of vaccine” administration, and other “immunity proofs” using a centralized ledger.",,https://trinsic.id/verifiable-credentials-and-smart-contracts-for-covid19-data-management/,,Post,,Product,,,COVID,,,Digital Assets Modeling Language,Verifiable Credentials,2020-09-10,,,,,,,,,,,,,
Trinsic,Trinsic,,,,Verity,,,,,Trinsic Wallets,"In Trinsic’s platform, identity wallets are secure, partitioned data stores scoped to a single holder, capable of storing and sharing credentials and proofs. Endless configurations of wallets exist (custodial, non-custodial, etc.) each with different trade-offs; Trinsic has designed a hybrid-cloud wallet system intended to strike the ideal balance between security and usability:","Trinsic Wallet: It's like your physical wallet, but digital. One place for all things you You have been collecting paper and plastic representations of your identity, achievements, certifications, and experiences since you were a child. But until now, there has been no standard way to do this digitally. Trinsic allows you to simplify your digital life by obtaining digital versions of all these credentials so that they’re there when you need them—easily, securely, and privately. Trinsic Studio + Trinsic Wallet: The perfect marriage The Trinsic Wallet works seamlessly with the Trinsic Studio, the fastest way to issue credentials to a digital wallet. Use the API for more advanced integrations. Get started for free or check out our additional plans. A wallet for every requirement Mobile Wallet SDK Integrate an embedded digital wallet into any application. White Label Wallet Skip the development effort by white labeling Trinsic’s popular mobile wallet.",https://docs.trinsic.id/learn/concepts/wallets/,,Documentation,,Product,,,,,,,,2020-04-06,,,,,,,,,,,,,
Trinsic,Trinsic,,,,,,,,,Webinar Recap: Making Money with SSI,"In our recent expert-panel webinar, “Making Money with SSI,” we dive in to the details of creating a business out of SSI from experts who’ve done it. Whether you missed the webinar or just want to refer back to the best parts, we’ve got you covered with a full recording. Scroll below the recording to view a highlight reel!",,https://trinsic.id/webinar-recap-making-money-with-ssi/,,Post,,Recap,,,,Business,,,,2020-10-30,,,,,,,,,,,,,
Trinsic,Trinsic,,,,,,,,,Trinsic has released some tools to issue verifiable credentials,"All verifiable credentials come from credential templates. These templates specify what information should be included in a credential. Faber College would most likely want the credential template of its digital diplomas to include a graduate’s first and last name, what they got their degree in, what year they graduated, and thier GPA. Let’s begin!",,https://trinsic.id/how-to-issue-credentials-in-trinsic-studio/,,Post,,Resources,,,,,,,Verifiable Credentials,2020-10-19,,,,,,,,,,,,,
Ubisecure,Ubisecure,,LTADI,,Truprofile.io,,United Kingdom,,,Digital identity in the UK in 2021 with TrueProfile.io’s René Seifert,"“I think it’s interesting if we overlay this utopia of a self-sovereign identity that sounds maybe like science fiction today, and where these UK digital initiatives are geared, and my best guess is we can and will land somewhere in the middle.”","with René Seifert, Co-Founder & Co-Head at TrueProfile.io. In episode 37, René Seifert talks about the current status of identity in the UK; the government’s recent call for evidence and DIU (digital identity unit); the resultant six guiding principles – including privacy and inclusivity; the potential of self-sovereign identity to solve some of these issues; TrueProfile.io and the importance of verified credentials in an HR context; plus the ethical, political and technical challenges of ‘immunity passports’. [Scroll down for transcript] “I think it’s interesting if we overlay this utopia of a self-sovereign identity that sounds maybe like science fiction today, and where these UK digital initiatives are geared, and my best guess is we can and will land somewhere in the middle.” René Seifert is a serial entrepreneur and co-head of TrueProfile.io, a credential verification solution provider. Powered by the DataFlow Group, TrueProfile.io provides these services in a modern environment via the adoption of Ethereum blockchain. Prior to this, René was the co-founder and co-CEO of Venturate AG, a crowdfunding platform allowing regular people to invest side-by- side with experienced business angels. In addition, he has been involved in founding several internet, tech and media companies, among the Holtzbrinck eLab. René, half German and half Croatian, began his career hosting radio shows and running an advertising agency parallel to his studies. He was head of marketing and presenter at the radio station Bayern 3. During the “new economy” he headed the entertainment department at Lycos Europe. Find René on Twitter @reneseifert and on LinkedIn. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @Ubisecure! Go to our YouTube to watch the video transcript for this episode. Or subscribe with your favorite app by using the address below Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thank you for joining today, an episode in this New Year 2021 and we are going to discuss, especially now, the digital identity in the UK for this New Year 2021. I have a super special guest today who is René Seifert. He is a serial entrepreneur and co-head of TrueProfile.io, the industry leader in document verification. Powered by the DataFlow Group, TrueProfile.io provides these services in a modern environment via the adoption of Ethereum blockchain. Prior to this, René was the co-founder and co-CEO of Venturate AG, a crowdfunding platform allowing regular people to invest side-by-side with experienced business angels. In addition, he has been involved in founding several internet, tech and media companies among the Holtzbrinck eLab. René, half German and half Croatian, began his career hosting radio shows and running an advertising agency parallel to his studies. He was head of marketing and presenter at the radio station Bayern 3. During the “new economy” he headed the entertainment department at Lycos Europe. Hello René. Welcome. René Seifert: Hi, Oscar. And Happy New Year! My pleasure for this podcast. Oscar: It’s great talking with you. Thank you. Hope you are having a great start of the New Year 2021. First, we would like to hear more about you particularly, how you have been doing in media and other very interesting things about technology, how your life ended in this world of digital identity? René: If I knew that myself… I think it’s a quite unlikely scenario that panned out. And maybe you also heard that famous commencement speech from Steve Jobs in Harvard that
Ubisecure,Ubisecure,,LTADI,,,,,,,"Enhancing the Privacy of Mobile Credentials, with John Wunderlich","what are the challenges and solutions surrounding mobile credentials, what is IAM’s role in this and how systems need to be developed around trust.","with John Wunderlich, Information Privacy and Security Expert. Join Oscar and John Wunderlich in this week’s podcast episode, 71, as they discuss mobile credentials – what are the challenges and solutions surrounding mobile credentials, what is IAM’s role in this and how systems need to be developed around trust. [Transcript below] “So, you have different levels of assurance in the physical world, just as you do in the digital world. So, anybody can issue a credential, the question is what level of authority you give to the credential.” John Wunderlich is an information privacy & security expert with extensive experience in information privacy, identity management and data security. He has designed, built, operated and assess systems for operations and compliance in the private and public sectors for over 25 years. This included working or consulting for Fortune 500 corporations, government ministries, small companies, volunteer organisations, regulators and health system organisations of all sizes. Connect with John on LinkedIn and Twitter or email him at [email protected]. This is the Report on mobile Driving License Privacy: kantarainitiative.org/download/pimdl-v1-final/ We’ll be continuing this conversation on Twitter using #LTADI – join us @Ubisecure! Go to our YouTube to watch the video transcript for this episode. Or subscribe with your favorite app by using the address below Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: In the recent years, there have been organisations across the world creating, for instance, mobile credentials, and specifically mobile driving licenses. So, we’re going to discuss about this topic, and also the privacy side of this super interesting system that has been around. So, for that, we have an expert who is joining us today. My guest today is John Wunderlich. He is an information privacy and security expert with extensive experience in information privacy, identity management, and data security. He has designed, built, operated, and assessed system for operations and compliance in the private and public sectors for over 25 years. These includes working or consulting for Fortune 500 corporations, government ministries, small companies, volunteer organisations, regulators, and health system organisations of all sizes. Hello, John. John Wunderlich: Hi, Oscar, how are you doing? Oscar: Very good. It’s a pleasure talking with you. John: Likewise. Oscar: Fantastic. That’s a super interesting topic we’re going to discuss today about mobile credentials, so yeah, let’s talk about digital identity. But first, of course, we want to hear something a bit more about you as a guest. So please tell us your journey to the world of digital identity. John: Long story short, I used to be Corporate Systems Administrator, Network Administrator, Operations Manager, and the Federal Privacy Law in Canada was introduced, I took that as a project at my company, and it turned into a career. When I moved from the corporate side to working for a regulator, I first met Kim Cameron, a name that most of your listeners will know, working with the Privacy Commissioner of Ontario, shortly after he introduced the Seven Laws of Identity. And around the same time, my former boss introduced the idea of Privacy by Design. So, for me going back 15, 16 years privacy and identity have been in lockstep. There’s a very large Venn diagram overlap between the two. And I’ve been consulting and working on standards and volunteer areas in that joint area since then. Oscar: Excellent. Yes, just a few years ago, maybe almost two, a bit more than two years ago, we met in Kantara Initiative, in one of the working groups, and you are super involved there. And
Ubisecure,Ubisecure,,LTADI,,Verimi,,Germany,,,Germany’s digital identity landscape with Verimi’s Roland Adrian,"In episode 40, Roland fills us in on how Verimi works and its privacy-by-design cornerstones, including data minimisation. Oscar and Roland also discuss the digital identity landscape in Germany","with Roland Adrian, Managing Director at Verimi. In episode 40, Roland fills us in on how Verimi works and its privacy-by-design cornerstones, including data minimisation. Oscar and Roland also discuss the digital identity landscape in Germany and how it’s been affected by the pandemic, plus the future of identity in Germany and what needs to happen next. [Scroll down for transcript] “Customer experience is king at digital identity. And really, technology, security, privacy, whatever it is – it’s important, but in a sense it’s a commodity.” Roland Adrian has been Managing Director and Spokesman of the Management Board at Verimi since January 2019. Previously, he was Managing Director and Spokesman of the Executive Board at Lufthansa Miles & More GmbH for four years. The business degree holder started his career in 1996 at Roland Berger Strategy Consultants in Munich. After holding leading positions in the KarstadtQuelle Group, he built up the HappyDigits bonus programme from 2002 as a joint venture between Arcandor AG and of Deutsche Telekom AG. In 2009, he moved to PAYBACK in Munich and from 2010 focused on the launch of the programme in India. As Vice President, he led PAYBACK’s expansion into various markets worldwide. Find Roland on LinkedIn or email him at [email protected]. Verimi is the European cross industry identity and trusted platform. Verimi combines a convenient central login (Single Sign On), the highest data security and protection standards in line with European law and the self-determination of users regarding the use of their Personal data. Verimi was founded in spring of 2017. The identity and trusted platform is supported by a network of thirteen international corporations. The shareholder network includes Allianz, Axel Springer, Bundesdruckerei, Core, Daimler, Deutsche Bahn, Deutsche Bank and Postbank, Deutsche Telekom, Giesecke+Devrient, Here Technologies, Lufthansa, Samsung and Volkswagen. Verimi is a Ubisecure partner. Read more about the partnership in the press release: https://www.Ubisecure.com/news-events/verimi-partnership/ We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @Ubisecure! Go to our YouTube to watch the video transcript for this episode. Or subscribe with your favorite app by using the address below Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hi, and thanks for joining. Today, we are going to hear about the digital landscape in Germany. And for that our special guest is Roland Adrian. He is Managing Director and Spokesman of the Management Board at Verimi since January 2019. Previously, he was Managing Director and Spokesman of the Executive Board at Lufthansa Miles and More for four years. He built up the HappyDigits bonus programme from 2002 as a joint venture of Deutsche Telekom. In 2009, he moved to PAYBACK. And as Vice President, he led PAYBACK’s expansion into various markets worldwide. Hi, Roland. Roland Adrian: Hi Oscar. Oscar: Nice talking with you Roland and really happy to hear what is going on in Germany in terms of digital identity and everything related to that. And happy to know more about Verimi. I’ve been hearing ‘Verimi’ already for the last years and definitely need to hear more details. What are the products you are building and offering today? So please, tell us a bit of your journey how you became the managing director at Verimi. Roland: Yes. Thank you, Oscar. And many thanks for the invitation. Glad to be here and talk to you a little bit about the market in Germany. So yeah, what was my journey becoming Managing Director of Verimi. Actually, my journey, professional journey, start
Ubisecure,Ubisecure,,LTADI,,WomenInID,,,,,"Inclusive identity: are we doing enough? With Tricerion, Women in Identity and FinClusive",One of the clearest areas of digital identity where we see the impact of not doing enough to include vulnerable people is authentication – the point where a user must verify their identity in order to gain access to a service.,"with Schehrezade Davidson, CEO of Tricerion, Sarah Walton, Code of Conduct Programme Manager at Women in Identity, and Amit Sharma, Founder and CEO at FinClusive. Episode 67 explores inclusive identity. Making identity solutions inclusive for everyone wanting (or needing) to use them is a topic that’s coming more and more to the forefront of the identity industry. From logging into apps, to accessing essential services; to how barriers to organisation identity is impacting individuals – in this episode, we speak to three guests from the identity industry on what they’re doing to help solve these issues. [Transcript below] Schehrezade Davidson is the CEO of Tricerion Limited, a company that owns novel patented mutual authentication software using image passwords. Find Schehrezade on LinkedIn. Find out more about Tricerion at tricerion.com. Schehrezade has appeared on the podcast twice before, talking about: neurographic passwords (episode 26) and immunity passports (episode 41). “If the onus is on the individual to authenticate themselves, those in the industry need to make it truly inclusive with alternative ways, depending on a customer’s needs.” Dr Sarah Walton is a digital consultant, author, coach and public speaker. She founded Counterpoint in 2003 to support organisations become digital, innovate and grow. Most recently she led the UK Open Finance programme and is Women in Identity’s ID Code of Conduct Programme Manager, as well as being commissioned by the Open Identity Exchange to author ID Inclusion reports. Find Sarah on Twitter @sarahlwalton and on LinkedIn. Find out more about Women in Identity at www.womeninidentity.org. “This is very much something that is very commercially important but it’s also extremely important to people’s lives and livelihoods on an individual basis.” Amit Sharma has engaged in a myriad of roles that intersect financial markets, risk management, regulatory compliance, and international development. He is the Founder and CEO of FinClusive, a hybrid FinTech and RegTech company dedicated to financial inclusion. Connect with Amit on Twitter @ASharma_VT and on LinkedIn. Find out more about FinClusive at finclusive.com. Amit has featured on the podcast before, discussing the role of identity in financial inclusion (episode 51). “From a macroeconomic perspective, it’s important to note that identity challenges are often seen as just at the individual level, but these at the institutional or entity level are equally important.” We’ll be continuing this conversation on Twitter using #LTADI – join us @Ubisecure! Go to our YouTube to watch the video transcript for this episode. Or subscribe with your favorite app by using the address below Podcast transcript Welcome to the Let’s Talk About Digital Identity podcast. I’m Francesca Hobson and I’ll be guest hosting this episode of the podcast all around inclusive identity. Francesca: When I say I work in Identity, my friends and family usually don’t know what I’m talking about. To explain, I’ll often give the example of signing up to an app and logging in – which really doesn’t begin to cover the myriad of use cases that identity enables (some of which we’ve explored on this podcast), but it’s such a common experience that it’s often the easiest for them to relate to. They’re touching our industry several times a day, many of them without really thinking of Identity as the key to so many processes. Of course, that’s not the case for everyone. Some people, often the more vulnerable in society, are only too aware of how important identity is to accessing and using services. Security is clearly high priority for service providers when i
Ubisecure,Ubisecure,,LTADI,,Global Assured Identity Network,,,,,Launching the Global Assured Identity Network (GAIN) with Elizabeth Garber,"Ubisecure fills us in on what the GAIN project is, explaining how it’s different from other trust networks and why GAIN is good for financial institutions. She also discusses the role of the Global Legal Entity Identifier Foundation (GLEIF) in the project, and what’s next for GAIN.","with Elizabeth Garber, Editor of GAIN. In episode 52, Elizabeth explores the recently announced Global Assured Identity Network (GAIN) initiative. She fills us in on what the GAIN project is, explaining how it’s different from other trust networks and why GAIN is good for financial institutions. She also discusses the role of the Global Legal Entity Identifier Foundation (GLEIF) in the project, and what’s next for GAIN. “This is really going to unleash creativity and expand access to individuals and communities and sellers all around the world.” Elizabeth Garber is a customer and product strategist who started her career in telecommunications and honed her craft in six different industries before joining one of the world’s largest retail banks. She is an expert in designing experiences and delivering transformational change based on a deep understanding of people. This interest has underpinned her graduate studies of the psychology of cross functional teams as well as how customers define value in relation to services they use. In 2015, she was named one of the top 3 marketers under 30 by the UK Marketing Society and was recognised by Energy UK and EY for her work building Trust across the UK energy industry. In 2017 she won the Financial Times/30% club ‘Women in Leadership’ award. Find Elizabeth on LinkedIn. Elizabeth recently played a leading role editing the paper published by more than 150 Identity experts – GAIN: How Financial Institutions are taking a leadership role in the Digital Economy by establishing a Global Assured Identity Network. It was announced at the European Identity and Cloud Conference on 13 September by Nat Sakimura, chairman of the OpenID Foundation, and Gottfried Leibbrandt, former CEO of Swift, and then published by, among others, the Institute of International Finance. To get involved, email [email protected] or join the LinkedIn group. We’ll be continuing this conversation on Twitter using #LTADI – join us @Ubisecure! Go to our YouTube to watch the video transcript for this episode. Or subscribe with your favorite app by using the address below Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello, and thanks for joining. Our guest today played a leading role editing a paper published by more than 150 identity experts. The paper is called GAIN: How Financial Institutions are taking a leadership role in the Digital Economy by establishing a Global Assured Identity Network. It was announced at the European Identity and Cloud Conference last 13th of September by Nat Sakimura, who is the Chairman of the OpenID Foundation, and Gottfried Leibbrandt, former CEO of Swift, and then was published by, among others, the Institute of International Finance. Our guest today is Elizabeth Garber. She is a customer and product strategist who started her career in telecommunications and honed her craft in six different industries before joining one of the world’s largest retail banks. She is an expert in designing experiences and delivering transformational change based on a deep understanding of people. This interest has underpinned her graduate studies of the psychology of cross functional teams, as well as how customers define value in relation to the services they use. In 2015, she was named one of the top three marketers under 30 by the UK Marketing Society, and was recognised by Energy UK and EY for her work building trust across the UK energy industry. In 2017, she won the Financial Times 30% club Women in Leadership Award. Hello, Elizabeth. Elizabeth Garber
Ubisecure,Ubisecure,,LTADI,,Me2BA,,,,,Lisa LeVasseur on the ethical behaviour of technology and the Me2B Alliance LTADI,"the Me2B Alliance and how it aims to make technology better for humans, plus the businesses (B-s) which are shining a light on privacy issues and giving the Me-s more control. “We used to call ourselves something like the ‘organic food label’. But that’s actually not right. We’re more like independent automobile crash testing.”","with Lisa LeVasseur, Executive Director at Me2B Alliance. In episode 38, Lisa and Oscar discuss the Me2B Alliance and how it aims to make technology better for humans, plus the businesses (B-s) which are shining a light on privacy issues and giving the Me-s more control. [Scroll down for transcript] “We used to call ourselves something like the ‘organic food label’. But that’s actually not right. We’re more like independent automobile crash testing.” Lisa LeVasseur is Executive Director at Me2B Alliance, a non-profit organisation that is setting the standard for respectful technology. An MBA technologist with a background in Computer Science and Philosophy, Lisa began strategic work in cellular telecom industry standards in the late ‘90s while at Motorola. Since then, she has participated in 3GPP, 3GPP2, MEIF, WAP Forum, IETF, W3C, IEEE and Kantara Initiative. Find out more about Me2B Alliance at me2ba.org. Join as a ‘Me’ or a ‘B’ at me2ba.org/membership. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @Ubisecure! Go to our YouTube to watch the video transcript for this episode. Or subscribe with your favorite app by using the address below Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining today. We are going to discuss today something pretty different about the ethical aspects of technology. A lot of technology we are already using. We are using a lot of technologies brought by big tech, by many organisations around the world and we are going to hear what could be a better vision for how the technology treats people in a more respectful way. For that, I have a very special guest who is Lisa LeVasseur. She is the Executive Director at Me2B Alliance, a non-profit organisation that is setting the standard for respectful technology. An MBA technologist with a background in Computer Science and Philosophy, Lisa began strategic work in cellular telecom industry standards in the late ‘90s while working at Motorola. Since then, she has participated in several other standards organisations such as 3GPP, 3GPP2, MEIF, WAP Forum, IETF, W3C, IEEE and Kantara Initiative. Hi Lisa. Lisa LeVasseur: Morning. Or evening! Oscar: Yes, exactly. We’re in the opposite. Quite early for you. The night is falling here in Helsinki. So it’s a pleasure talking with you Lisa. Welcome and let’s talk about digital identity and this very interesting concept and project you are embarking on, Me2B. But I would like to hear more about your beginnings and how things led to the world of digital identity and this latest project you have. Lisa: Sure. Thanks Oscar. Thanks for having me. I’m really honoured to be here talking with you. So how I got involved in this world was back in 2009, I started working on a product that was designed to put families really in control of their information and the services that they use, whether those services were in the brick-and-mortar world or online services. And it was through research in that project where I really became aware of – I think it was initially Doc Searls and I maybe became aware of some trust framework stuff and then I sort of unlocked the door to this whole world of people working on identity management and identity standards and realised that there was a whole world of people sort of on the leading edge of this work. That’s how I kind of stumbled in. It was probably around 2012 or so. Oscar: At that time you were the product manager, buildin
Ubisecure,Ubisecure,,LTADI,,Spherical Cow,,,,,"Making Identity Easy for Everyone - Heather Flanagan, Spherical Cow Consulting","how to explain digital identity to people outside of the identity industry, why is it important for everyone to understand, and what the industry can do to improve the understanding of identity for everyone.","with Heather Flanagan, Principal at Spherical Cow Consulting. In episode 74, Heather Flanagan discusses making identity easy for everyone – how to explain digital identity to people outside of the identity industry, why is it important for everyone to understand, and what the industry can do to improve the understanding of identity for everyone. [Transcript below] “If you talk to any identity professional, they will agree that passwords are one of the biggest, possibly the biggest challenge facing the industry. So how are we solving it?” Heather Flanagan, Principal at Spherical Cow Consulting and choreographer for Identity Flash Mob, comes from a position that the Internet is led by people, powered by words, and inspired by technology. She has been involved in leadership roles with some of the most technical, volunteer-driven organisations on the Internet, including IDPro as Principal Editor, the IETF, the IAB, and the IRTF as RFC Series Editor, ICANN as Technical Writer, and REFEDS as Coordinator, just to name a few. If there is work going on to develop new Internet standards, or discussions around the future of digital identity, she is interested in engaging in that work. Connect with Heather on LinkedIn. We’ll be continuing this conversation on Twitter using #LTADI – join us @Ubisecure! Go to our YouTube to watch the video transcript for this episode. Or subscribe with your favorite app by using the address below Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thank you for joining us. Today, we are going to hear from an expert in identity about – how from the perspective of, let’s say regular people, most of the people, who are not involved in the identity industry, how much they understand the identity, the methods, the technology and everything that we in this industry are building. So, we’re going to talk about how we can make identity easy for everyone. For that, our guest is Heather Flanagan. She is Principal at Spherical Cow Consulting, and Choreographer for Identity Flash Mob. She comes from a position that the Internet is led by people powered by words and inspired by technology. She has been involved in leadership roles with some of the most technical, volunteer-driven organisations on the internet, including IDPro as Principal Editor, the IETF, the IAB as RFC Series Editor, ICANN as Technical Writer just to name a few. Hello, Heather. Heather Flanagan: Hello, Oscar. Oscar: Nice having you. Heather: Thank you. It’s great to be here. Oscar: Excellent. This is going to be super fun talking about how to make identity easy for everyone. Let’s see how our conversation goes. So yeah, let’s get started, let’s talk about digital identity. First, I would like to hear a bit more about yourself, please tell us your journey to this world of identity. Heather: Oh, you know, very few people actually decide that “You know, digital identity, that’s going to be my career.” In my case, I have a liberal arts degree as a history major, and a library science degree for my master’s degree. I mean, I was supposed to be a librarian when I grew up. But as is often the case, once the person falls into tech, everything ends up touching on digital identity. So immediately after university, I ended up working for the public research division of a newspaper that was just starting up an ISP. So, this was the mid ’90s, there weren’t a lot of experienced tech people to hire. And that ISP started hiring people who, you know, are you smart? Are you logical? Can you learn from a book? And there, as a sysadmin, I had to worry about creating user accounts and maki
Ubisecure,Ubisecure,,LTADI,,Kantara,,,,,"Meet Kantara’s new Executive Director, Kay Chopard",Lets Talk about Digital Identity Kay explores why identity is so critical in so many applications; her hope for more promotion of Kantara’s great work and to advance opportunities for collaboration; Kantara’s new mobile drivers licenses (mDLs) work group; Women in Identity and the problem of lack of diversity in standards working groups; and why access and inclusion is one of the biggest challenges facing identity today.,"with Kay Chopard, Executive Director at Kantara Initiative. In this first episode of series 3, we put your burning questions to Kantara’s newly appointed Executive Director, Kay Chopard. Kay explores why identity is so critical in so many applications; her hope for more promotion of Kantara’s great work and to advance opportunities for collaboration; Kantara’s new mobile drivers licenses (mDLs) work group; Women in Identity and the problem of lack of diversity in standards working groups; and why access and inclusion is one of the biggest challenges facing identity today. [Scroll down for transcript] “Digital identity is going to be one of the most critical issues going forward, for the world.” Kay Chopard is the newly appointed Executive Director of the Kantara Initiative, a non-profit corporation. She is the former President and CEO of Chopard Consulting based in the Washington, DC metro area and is the founder of the Women’s Leadership Institute. Kay has more than 30 years’ experience in executive leadership in government, non-profit, and business organisations, with leadership positions in several organisations including: Identity Ecosystem Steering Group (IDESG), National District Attorneys Association (NDAA), National Criminal Justice Association (NCJA) and the National Highway Traffic Safety Administration (NHTSA). She is an attorney and has served as a prosecutor and maintained a private practice. Ms. Chopard also serves on the Board of Directors of Women in Identity US and volunteers in the leadership of the Women in Identity UK. Find Kay on Twitter @KayChopardCohen and on LinkedIn. The Kantara Initiative is a unique global ‘commons’ that operates conformity assessment, assurance and grant of Trust Marks against de-jure standards under its Trust Framework programme, while at the same time nurturing ‘beyond-the-state-of-the-art’ ideas and developing specifications to transform the state of digital identity and Personal data agency domains. Find out more about Kantara at kantarainitiative.org. We’ll be continuing this conversation on Twitter using #LTADI – join us @Ubisecure! Go to our YouTube to watch the video transcript for this episode. Or subscribe with your favorite app by using the address below Podcast transcript Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and thanks for joining today. We are after our summer break in 2021. We are coming back with amazing conversations, episodes talking about digital identity from many aspects. And now we have a great pleasure to start this new third season with a person who is the leader of an organisation in the identity industry that is very close to my heart. So let’s introduce her. Mrs. Kay Chopard is the newly appointed Executive Director of the Kantara Initiative, a non-profit organisation. The Kantara Initiative is a unique global ‘commons’ that operates conformity assessment assurance and grant of Trust Marks against de-jure standards under its Trust Framework programme, while at the same time nurturing beyond the state-of-the-art ideas and developing specifications to transform the state of digital identity and Personal data agency domains. Kay has more than 30 years’ experience in executive leadership in government, non-profit, and business organisations in the DC area. She has led several organisations but in identity especially, I would like to mention she was Executive Director of the Identity Ecosystem Steering Gr
Ubisecure,Ubisecure,,,,,,,,,How LEIs streamline KYC,"Ubisecure brought innovation to the LEI market by automating LEI issuance. Revolutionising how quickly and effectively an LEI can be registered. While improving data accuracy along the way by connecting directly to business registries globally. This innovation has helped RapidLEI to become the #1 LEI Issuer globally, issuing about 1 in 4 new LEIs monthly, in just 3 short years.",,https://www.ubisecure.com/legal-entity-identifier-lei/lei-in-KYC/,,Post,,Explainer,,,,KYC,,,,2022-06-15,,,,,,,,,,,,,
Ubisecure,Ubisecure,,,,,,,,,Verifiable Credentials – how does it work? Understanding key VC principles,"The Verifiable Credentials specification by W3C provides a way to express credentials on the web. In this article I’m giving an overview of components and terminology related to VCs, and also some information about other technologies and specifications that are needed when implementing Verifiable Credentials.","As part of our series on understanding more about the vLEI, the new Verifiable Credential to identify organisations and organisation representatives, this article is a follow-up to a previous post Introduction to Verifiable Credentials. This time, we will look in more detail at how W3C specification verifiable credentials work. The Verifiable Credentials (VC) specification by W3C provides a way to express credentials on the web. In this article I’m giving an overview of components and terminology related to VCs, and also some information about other technologies and specifications that are needed when implementing verifiable credentials. Claims Before I go into the components, I’ll run through a quick explanation on claims as a critical concept to understand for verifiable credentials. A claim is a name-value statement about a subject. The subject is typically a person, but it could also be a thing, such as hardware device. Examples of claims are: - Person’s first and last name, date of birth etc. - Organisation name - Personal ID - … and many others The concept of claims is familiar to those who have been working with federation protocols, such as OpenID Connect and SAML. Example “credentialSubject” : { “id”: “did:example:7564cb9c-165c-4857-a887-bfc2460af867”, “birth_date”: “1970-01-01” } Components of Verifiable Credentials A Verifiable Credential (VC) is a collection of claims made by an issuer (recap issuers in Introduction to Verifiable Credentials). VC metadata describes properties such as type, expiration and issuer of a credential. VC proof is used to verify the integrity of a credential. A proof is typically expressed as a digital signature, made with the private key of the issuer. Example { ""@context"": [], ""id"": ""e9ea3429-b32f-44ad-b481-b9929370bb90"", ""type"": [ ""VerifiableCredential"", ""ExampleCredential"" ], ""issuer"": { ""id"": ""did:example:2d28bb79-87a9-4224-8c63-d28b29716b67"" }, ""issuanceDate"": ""2022-01-01T00:00:00Z"", ""credentialSubject"": { ""id"": ""did:example:7564cb9c-165c-4857-a887-bfc2460af867"", ""birth_date"": ""1970-01-01"" }, ""expirationDate"": ""2023-01-01T00:00:00Z"", ""proof"": {} } Verifiable Presentation Verifiable Presentation (VP) is a collection of Verifiable Credentials (VC). Typically, a VP contains a single VC, but in more complex scenarios (such as selective presentation or delegation) there could be many VCs within a single VP. VP proof is used to verify the integrity of presentation. Proof is the holder’s counter signature of a collection of VCs where each VC has been individually signed by its issuer. As with verifiable credentials, proof is typically expressed as a digital signature made with the private key of the holder. Usually, the VP holder and subject of VCs within the verifiable presentation is the same. In more complex scenarios, the holder and subject could be different. In such cases some information or rules need to exist that allow correlating VCs. VP metadata describes properties such as expiration and nonce. The nonce is a random value generated by the relying party when requesting a VP, letting the relying party prevent re-play of VP tokens. In effect, VP is a classic challenge response authentication protocol. Example { ""@context"": [], ""type"": [ ""VerifiablePresentation"" ], ""verifiableCredential"": [ { ""@context"": [], ""id"": ""e9ea3429-b32f-44ad-b481-b9929370bb90"", ""type"": [ ""VerifiableCredential"", ""ExampleCredential"" ], ""issuer"": { ""id"": ""did:example:2d28bb79-87a9-4224-8c63-d28b29716b67"" }, ""issuanceDate"": ""2022-01-01T00:00:00Z"", ""credentialSubject"": { ""id"": ""did:example:7
Ubisecure,Ubisecure,,,,,,,,,vLEI 101 – Issuance and Wallets,"In my last blog, vLEI 101 – the Verifiable Legal Entity Identifier, I spoke about the potential of the vLEI. In the brief outline of the wider vLEI eco-system we saw that there were a number of types of Verifiable Credential:
LE-vLEI: a credential providing LEI data for the organisation
LE-OOR: a credential providing information about an individual holding a specific formal role within the organisation
LE-ECR: a credential providing information about an individual who has a ‘user defined’ role in relation to an organisation.
The credentials are issued by a Qualified vLEI Issuer, a QVI, and stored in a wallet. Let’s look at that in a bit more detail to understand what is going on.",,https://www.ubisecure.com/legal-entity-identifier-lei/vlei-101-issuance-and-wallets/,,Post,,Explainer,,,,,,,,2022-08-03,,,,,,,,,,,,,
Ubisecure,Ubisecure,,,,,,,,,vLEI 101 – the Verifiable Legal Entity Identifier,"We’ve been involved in some really cool work over the last few weeks focusing on the issuance of vLEIs and associated role credentials. Specifically, Ubisecure was the credential issuer for the GLEIF’s vLEI proof of concept project and issued the world’s first vLEI to the GLEIF, which was then used to sign the GLEIF’s 2021 annual report.","Understanding the potential of the vLEI – the Organisation verifiable credential We’ve been involved in some really cool work over the last few weeks focusing on the issuance of vLEIs and associated role credentials. Specifically, Ubisecure was the credential issuer for the GLEIF’s vLEI proof of concept project and issued the world’s first vLEI to the GLEIF, which was then used to sign the GLEIF’s 2021 annual report. The system works really well, but stepping back from the entire process there is a lot of technology and complexity involved behind the vLEI, as there is with most identity and/or cryptographic platforms. Like many complex systems we can break it down and take a more understandable view on what a vLEI actually is, what they do, and how we expect them to be used in the future. What is a vLEI? We are going to make a few assumptions here, the main one is that you already know about LEI (short for Legal Entity Identifiers). If you want to know more about the LEI itself we have some great material in our LEI Knowledge Base. The v in vLEI stands for “verifiable”, but what does that mean? The term verifiable in this case comes from the term “Verifiable Credential”. A verifiable credential is just a collection of information with a mechanism that allows a computer to verify that the information has not been modified and that the information was originally stated to be correct by some third party (maybe a bank, or the driving license authority). Often (almost always really) the information will include a link to the entity the information is about. With those three things the verifiable credential can be used to provide information to others in a way that allows the receiver to be very confident about the claims made by the information. Let’s take a simple, parallel example based around a driving license. Fred has his driving license as a plastic card in his wallet as issued to him by his national driving authority. He loses his card, but shortly gets a call from the local police station saying it has been handed in and he should come and claim it. When Fred gets to the police station the desk sergeant spends a long time looking at the photo (which is quite out of date now, time has not been kind to Fred!), asking Fred questions about his address, date of birth etc. Eventually the sergeant feels that Fred has answered enough correctly and hands over the license. Alice also has a driving license but her license is on her mobile phone. Unfortunately, Alice loses her phone, but again shortly gets a call from the police to say it has been handed in. When Alice gets to the station, she can prove it is her phone by using her fingerprint to unlock it. The desk sergeant does not need to use his judgement, Alice has proved control over the phone and so it must be hers. Verifiable Credentials work in the same kind of way, there is the ability to prove ownership of the credential. This process is understood by computer systems and so all the checks can be performed electronically online and in turn that allows automation and significant cost saving. Back to the vLEI, at the basic level the vLEI is simply an LEI code, a unique organisation identifier, stored as part of the information set in a verifiable credential. A standard mechanism exists to prove ‘control’ over any given vLEI and so it is possible to determine, automatically, if the entity presenting the vLEI is entitled to do so. This capability now allows organisations to participate in trusted automatic transactions. Wait, there’s more to vLEI than just the organisation The vLEI standards define more than just a verifiab
Ubisecure,PSAToday,,anchor.fm,,Ubisecure,,,,,PSA Today: Kaliya & Seth talk LEIs,"with Simon Wood, CEO of Ubisecure (#1 issuer of Legal Entity Identifiers) the evolution of LEIs since the financial crisis of 2008, the difference between high assurance and low assurance, and the relationship between rights and ownership as it relates to identity management of entities.","PSA Today By Kaliya & Seth PSA Today = Privacy, Surveillance, Anonymity. Join Kaliya Young and Seth Goldstein for a spirited conversation at the intersection of the three themes driving modern identity: privacy, surveillance and anonymity. We wrestle each week with some of the most contentious issues facing our world as we try to find opportunities for agency and self-sovereignty within shared communities, both online and off. PSA Today #34: Kaliya & Seth talk LEIs (Legal Entity Identifiers) with Simon Wood, CEO of Ubisecure PSA Today • By Kaliya & Seth • Feb 17, 2021 00:00 38:05 1x",https://anchor.fm/psatoday/episodes/psa-today-34-kaliya--seth-talk-leis-legal-entity-identifiers-with-simon-wood--ceo-of-ubisecure-eqia74,,Episode,,Meta,,,,,,,,2021-03-29,,,,,,,,,,,,,
Ubisecure,Ubisecure,,,,,,,,,How to get a vLEI Credential,Simon Wood The first step in issuance is for a representative to enter a contractual agreement with a QVI to provide the issuance service. The individual from the legal entity that undertakes this contractual signup is known as the Designated Authorised Representative (DAR),,https://www.ubisecure.com/legal-entity-identifier-lei/how-to-get-a-vlei-credential/,,Post,,Meta,,,,,,,,2020-01-01,,,,,,,,,,,,,
ValidatedID,,ValidatedID,,Fernando Pino; Santi Casas,ESSIFLab; DIF,"European Union, Spain, Catalonia, Barcelona,",Europe,,,ValidatedID,"Validated ID brings real identities to the digital world by helping businesses send and sign documents online and identify users and clients with maximum efficiency, security, trust and legal compliance.<br><br>With ViDSigner we offer a SaaS multichannel electronic signature platform that combines the security of cryptographic technology, biometrics and easy use from email certification to website and mobile integrations, smartcard and handwritten in-person signing.<br><br>With ViDChain we provide a Blockchain based one click digital identity, implementable in the optimization of user and online customer onboarding and digital procedures involving identity verification; thus saving time and money while increasing efficiency.","Partners In a global organization like United VARs, the contract signing procedure is often one of the most complicated. Since we implemented Validated ID, signatures are collected immediately and with 100% legal certainty. Detlef Mehlmann Managing Director, United VARs",https://www.validatedid.com/,,Company,,Company,Enterprise,ID,,,,,,2012,,https://Twitter.com/ValidatedID,https://www.YouTube.com/channel/UCUjvPN9zO-qVoVAF16OIluw,https://www.ValidatedID.com/blog,,,https://www.crunchbase.com/organization/validated-id,https://www.linkedin.com/company/validated-id/,,,,,
ValidatedID,ValidatedID,,,,,,,,,"Digital signatures, a fast track to digital transformation in the real estate sector",The latest real estate trend reports show how the pandemic has accelerated the use of technology and the implementation of trends such as teleworking and digitisation of processes. Find out how digital signatures are revolutionising the industry.,"This article is also available in French, German and Spanish. In the age of Google Meet or Zoom meetings, it is no surprise that the growing digital transformation is among the top trends in real estate and will have the most significant long-term impact in the coming years. The report Emerging Trends in Real Estate in Europe 2021, prepared by PwC and Urban Land Institute (ULI), presents a sector in full transformation. It also shows how the pandemic has accelerated the use of technology and the implementation of trends such as remote working and the digitisation of processes. Digital transformation in the real estate sector, then and now The incursion of new technologies has been one of the determining factors in recent years for the digital transformation in the real estate sector, but it was understood in terms of the use of digital platforms to promote properties in order to gain more visibility. On the other hand, in the last year, real estate technology has experienced a significant acceleration and specialists maintain that it will emerge stronger after the coronavirus crisis. Customer perception has evolved and the demand for the use of tools such as 360º virtual tours and digital signatures are here to stay. It is logical, considering that with the traditional methods of signing on paper or visiting a property, your clients had to physically travel to sign the required documentation or view the property. There is no doubt that these processes slow down the closing of deals and make it very difficult to follow up on ongoing transactions. Therefore, among the new trends in the real estate sector we find digital solutions that improve productivity and minimise travel. Save time and close sales on the spot without leaving your CRM The digital signature for real estate is a mere evolution of the paper signature, which allows the signing of all documents that accompany the real estate agent's work. By using our electronic signature service, real estate agents have much more operational flexibility, as they are freed from coordinating buyers and sellers with different schedules and geographic locations to close a sale. Your clients and estate agents will be able to sign contracts for rent, sale, lease or deposit, and accept offers from any mobile device, tablet or PC, quickly, safely and with maximum legal security. With VIDsigner e-signatures you can keep up with the speed of business and sign all your digital documentation remotely and without leaving your CRM. Real estate companies that manage many contracts related to their real estate portfolio on a daily basis can benefit from the integration of VIDsigner electronic signatures with SAP by getting their documents signed within the SAP Real Estate Management solution. 4 reasons to implement the electronic signature service in your real estate agency 1. Closing sales immediately Real estate agencies using VIDsigner get 99% of their contracts digitally signed. 2. Substantial reduction of face-to-face processes With electronic signatures your customers can sign documents from any device: mobile, tablet or PC and anywhere. No need to install any software. 3. Improved customer satisfaction Our service allows real estate agents to communicate a rate change or receive a signed contract without the need for the two parties to meet in the same physical space. 4. Possibility of integration within a CRM VIDsigner e-signatures are easily integrated into third-party solutions, allowing for greater productivity and coordination. As you can see, it is a solution that understands the needs of your customers and your company. Main use cases of e-signatures in real estate companies Our different digital signature mechani
ValidatedID,ValidatedID,,,,,,,,,Electronic signatures for hospitality,"Looking at the many developments that have happened lately, digitization has become the center of attention for all kinds of industries, and yet many of the typical processes within the hospitality industry remain paper-based.","This article is also available in French, German and Spanish. The world of hospitality faces the large challenge of recovering from the economic impact of COVID-19 crisis while preserving safety and customer experience. Looking at the many developments that have happened lately, digitization has become the center of attention for all kinds of industries, and yet many of the typical processes within the hospitality industry remain paper-based. Take a look at guest check-in and check-out forms, employee records, operating sheets, supplier invoices, sales reports, and cash receipts, for example. Today that approach has changed completely, hotels are going digital and contact-less in every aspect, and fortunately, electronic signatures can play a key role in offering the best experience to customers. Just as easy as the clients checked in before, new technologies such as electronic signatures enable more secure scenarios, like declaring on a digital form your details, passport, and vaccination credentials and sign them, when arriving to the hotel. Then, just like your clients checked in using an electronic biometric signature on a Tablet, they can check out using their smartphone with a remote signature and preserve social distance, and ask the staff to mail them the invoice instead of getting a hard copy on paper. Next time tourists book their stay at a hotel they may see pioneer experiences that are spreading globally like the one developed by H10 Hotels, which has successfully completed the digitalization of its check-in processes, and its integration with its corporate information systems based on Navision, thanks to its technology partner Costaisa. H10 Hotels has nearly 40 years of history and more than 60 hotels in 18 destinations around the world, and has installed up to 73 tablet devices for its customers in the Caribbean and Europe, using VIDsigner eSignature’s technology. The influence of the pandemic on the Spanish hospitality industry has been explored in depth. Moreover, the response and recovery strategies of the largest Spanish hotel chains to guarantee a COVID-19-free stay in their facilities and to recover the accommodation activity have been discussed on many European levels. In Spain, as published by law (BOE) this year and to reinforce security against COVID-19, the government updated hotel check-in to allow digital means. Check-in forms can now be completed in electronic format, allowing for more efficient management of log books. The future of technology for hospitality More and more hotels are relying on technology to position their services in the market. As consumers value this in every aspect of our lives, it is vital to offer services that are tailored to their needs and preferences. Using a check in or a check out with biometric signature on Tablet or remote signature with a smartphone means not only offering extra value to the brand and cutting inefficient costs, but also facilitating the registration of guests, allowing an automatic process that captures the information and streams the communication with the users and the authorities. Safety compliance As the vaccination process rolls out for part of the world, and tourism starts to reopen, the relationship between the front-desk employees and the tourist will become more and more digital. In addition, many destinations will require proof of vaccination to allow some travellers to skip COVID-19 tests and lengthy quarantines. And this proof for some countries may come in the form of a vaccine passport, as it is the case for the European Union. In terms of safety and legal security, an electronic signature becomes a smooth tool for employees and management who are genuinely concerned about safety, and enhances the chances on how organizations would m
ValidatedID,ValidatedID,,,,,Ecosystem,,,,SportChain: a Decentralized Trust and Reputation Service for the Sports Industry,Do you know the story of Carlos Kaiser? He was a professional Brazilian football player [that never played a single match](https://www.theguardian.com/football/blog/2017/apr/26/the-forgotten-story-of-carlos-kaiser-footballs-greatest-conman)but managed to still have a professional football career. He wanted the lifestyle without having to do the work.,"This article is also available in French, German and Spanish. Do you know the story of Carlos Kaiser? He was a professional Brazilian football player that never played a single match but managed to still have a professional football career. He wanted the lifestyle without having to do the work. Although this is a somewhat extreme example, the issue of fake sports data is prevalent. The sports industry is undergoing a digital transformation. The world of sports has largely moved onto the web and mobile. But, despite the digital transition, challenges remain. Although the internet has created new opportunities for organizations and athletes, it has also given rise to a plethora of problems. One such problem is fake sports data. The sports industry is a multi-billion-dollar industry with a lot of different stakeholders. The stakeholders include the players, clubs, federations, sponsors, journalists, fans, media, etc. Currently, there is no central point where all parties have access to the same trustworthy information. As a result, there is a need for verifiable and trustworthy sports data that both organizations and players can rely on. Currently, identity data are often stored in so-called identity silos where users do not have control over their own data. In addition, this raises privacy and security concerns. Therefore, we are excited to present our new project, SportChain. SportChain is a blockchain-based service that aims to bring transparency, security, and efficiency to the sports industry. SportChain aims to elevate the trust in sports data and make these data verifiable, authentic, and analyzable. SportChain will achieve this by taking advantage of our decentralized identity service, VIDchain. VIDchain is a service based on Blockchain to give back control to people over their online identity and facilitate secure user access to online services. With VIDchain, only the user has full control of their information securely stored on their own Personal identity wallet, VIDwallet. In this way, you can have all your Personal data (such as your driving license, passport, vaccination credential, etc.), on your phone. In a similar way that you use your physical IDs to identify yourself in the real world, you can add Verifiable Credentials to your VIDwallet to authenticate yourself online. SportChain is the first step towards creating a decentralized ecosystem for the sports industry. By using an immutable sports ledger, all parties can write, read, and verify all information being stored on it. This will allow us to track all data regarding sports events — from player movements and scores to injury reports —with full transparency. A Blockchain-based database for player data management: This decentralized database will allow players, clubs, and agents to store any Personal information related to their careers securely. Additionally, it will enable them to grant different levels of access to different trusted parties within the sports ecosystem, such as club managers, trainers, and scouts. We envision an extension of the VIDchain services by a notarization and reputation service. Using this notarization service, we can notarize sports data using distributed ledger technology which is tamper-proof and secure. With this notarization, the data becomes trustworthy and verifiable (immutable) by anyone at any time. In addition, the reputation service can be used to perform some big data analyses taking the sports data as input. It offers huge potential for various types of applications. This project has received funding from the European Union’s Horizon 20
ValidatedID,ValidatedID,,,,,,,,,The digital transformation of the education sector,"For schools and universities, adopting the electronic signature as a tool not only implies an improvement in the experience for students and employees, but it also means a great improvement in administrative processes.","This article is also available in French, German and Spanish. The education sector has undergone a major transformation in the last year. The health crisis has forced many schools and universities to provide entirely remote teaching or to adopt hybrid models in some cases. As in any other sector, education is also immersed in the transformation processes driven by technology in an increasingly digital world. Many specialists in this sector believe that this transformation has permanently altered the landscape for students and teachers, which will remain mainly digital even in a post-pandemic world. For this, an electronic signature is an indispensable tool in the digitization of educational processes. For schools and universities, adopting the electronic signature as a tool not only implies an improvement in the experience for students and employees, but it also means a great improvement in administrative processes. This is especially important now that centers have to process thousands of documents per day, and the volume is expected to continue to increase each year. On the other hand, digital processes significantly help attract more students in circumstances that do not allow for open houses or other methods of student recruitment. The electronic signature is a useful tool not only in the area of registrations but also, among others, in human resources, purchases, finances. In addition, today's students are digital natives: most only know life with smartphones in hand. For a student, printing, scanning, faxing, and mailing documents such as the registration form or a scholarship application is an unnecessary and annoying effort. Meanwhile, teachers are improving their digital literacy while increasing their favorable attitude towards using new technologies in the classroom and outside. For teachers, reducing paper processes (such as signing their employment contracts, even student permits signed by parents) translates into more time that can be devoted to teaching and improved communication with parents and tutors. Traditionally, the management of contracting processes has been the gateway to electronic signatures, integrated by the school's technological partner. We have examples managed by some of our partners such as RIC.DOC, Avacco, Toshiba, Educaria, Peakway, Clickedu, DocTech, DocuWare or Despapeliza Chile deployed for La Salle Catalunya, Cor de María, the UOC, Escolapios or Blanquerna, the University of Vic, Finis Terrae University, Comillas Pontifical University, Alfonso X El Sabio University, and Strathallan School, among others. In recent years, however, there has been an increasing tendency to extend signings to other areas of school management, such as enrolment management, cooperation agreements, or grants, and permits, for example. Advantages of the electronic signature in the education sector - Legal guarantee of documents. - Security when collecting consents from any device. - Lower costs and risks compared to documents signed on paper. - More agile processes adapted to digital transformation. Here are some examples of use in the field of education The wave of disintegration is now fully affecting the education sector, and companies and institutions will have to adapt to the realities of the digital world. Now more than ever is the time to implement electronic signatures in schools and universities.",https://www.validatedid.com/post-en/the-digital-transformation-of-the-education-sector,,Post,,Ecosystem,,,,,,,,2021-08-27,,,,,,,,,,,,,
ValidatedID,ValidatedID,,,,,,,,,The time for the eIDAS Bridge,"The main goal of this new program was to provide an implementation of eIDAS bridge and to proof the interoperability between different provider implementations. Validated ID was selected to participate in part of the Call 1 of infrastructure. The results of this project are available as open source. If you are interested in digging into the code, you can find it all in the following repositories: [our open source version implementation](https://gitlab.grnet.gr/eSSIF-lab/infrastructure/validated-id/seb)and the [SSI eIDAS Bridge interoperability](https://gitlab.grnet.gr/eSSIF-lab/interoperability/ssi-eidas-bridge)performed with SICPA.","Public Key infrastructure (PKI) has been, and still is, a very valid technology that we use every day without even noticing. It brings us security when we navigate on the internet since it provides a way to know the site you are connecting to really is owned by who the site claims to be. In other words, if you are buying in Amazon, you need to be sure you are about to purchase in Amazon and not in a fake site. In that sense, we could say that identifying legal entities on the internet is kind of a solved matter. Nonetheless, if you wonder how many of us, users, can really take advantage of PKI for identifying ourselves on the internet, the answer is quite deceiving. This mature technology has been available for decades but has never become mainstream among the society for identifying end users. The reason is obvious, the user experience is very poor. It is not trivial to use your certificate to authenticate yourself towards a third party. It is much easier to delegate this to a third party like Google or Facebook at the expense of telling them what you do. This is where Self Sovereign Identity (SSI) comes in. This new paradigm aims to bring the control to end users by means of using Verifiable Credentials (VC). These credentials are issued by an issuer and consists of a set of attributes that define certain claims about the holder. Then, the holder can independently use this VC to create a Verifiable Presentation (VP) and deliver it to a verifier. The key issue is the holder can present this information to identify himself/herself towards the requester without the need of letting anyone else know with who is he/she interacting. The holder of this credential is sovereign on the use of credentials of his/her property. Validated ID has been working in this new paradigm for the last three years by means of developing VIDchain and contributing in relevant projects and initiatives such as the European Blockchain Service Infrastructure (EBSI) in the European Commission, Sovrin, Alastria…. to make this model become a reality. Although there are many credential wallets under development and several companies like us are looking forward this prominent paradigm, the reality is that the legal framework is still not fully mature. Currently we have the eIDAS regulation, mostly focused on traditional PKIs and Certificates. In June 2021, the EC approved a new draft of this regulation that states that the new identities of the European citizens will be based in the SSI principles and backed by identity wallets. However, this regulation still needs to be formally approved and developed”. In a nutshell, there is still not a clear trust framework. Therefore, the eIDAS bridge has raised as an in-between step. The eIDAS bridge project is an initiative by the European Commission (EC) within the ISA2 program where Validated ID participated as expert of matter in PKI and SSI. The EC developed eIDAS bridge to promote eIDAS as a trust framework for the SSI ecosystem. In a nutshell, this project pretends to provide a solution to one of the most urgent existing challenges SSI faces: having a trust framework where to rely. The result of this project, i.e. the technical specifications, integration guidelines and the legal reports produced, can be found here. Sometime later, eSSIF Lab, another EU-funded project that aims to provide an ecosystem of par
ValidatedID,ValidatedID,,,,,,,,,"A pilot project for interoperable decentralised identity between Aigües de Barcelona, CaixaBank and Validated ID","the solution has allowed CaixaBank, at the request of a fictitious user, to issue an account ownership credential and, subsequently, this credential has been used to proceed with the direct debit of the invoices of Aigües de Barcelona","This article is also available in French, German and Spanish. CaixaBank and Aigües de Barcelona test the interoperability between different blockchain digital identity networks with a solution coming from the startup Validated ID · Validated ID has created ani nnovative solution called VIDchain, with the aim of helping companies and users take control of their digital identity and exchange digital credentials in a simple, secure and private way. · The use cases tested during the pilot phase have made it possible to validate the use of digital identity to optimize the direct debit of bills in Aigües de Barcelona and to improve the risk scoring of a potential new CaixaBank customer. CaixaBank and Aigües de Barcelona have developed a proof of concept with the Catalan startup Validated ID, which has developed a decentralized digital identity solution based on blockchain technology. The objective of the project has been to demonstrate the feasibility of using digital identity in a decentralized manner to provide people with control of their identity and facilitate secure user access to online services. The pilot phase has helped build an identity solution that enables the identification of a customer and the exchange of secure information between two companies. Interoperability between different blockchain networks and sovereign digital identity standards has been successfully tested. During the pilot phase, carried out in a test environment without real users, the solution has allowed CaixaBank, at the request of a fictitious user, to issue an account ownership credential and, subsequently, this credential has been used to proceed with the direct debit of the invoices of Aigües de Barcelona. On the other hand, Aigües de Barcelona, also at the request of a fictitious user, has been able to issue a payment approval credential that allows it to obtain a better score when requesting a loan from CaixaBank. These are the two use cases tested during the pilot project. Control of digital identity for users Validated ID has created a sovereign identity platform called VIDchain, designed to help users take control of their digital identity and exchange digital credentials in a simple, secure and private way. Thanks to blockchain technology, users can manage their Personal identity securely and can collect and store digital credentials, as well as choose which data they want to share with third parties at any time. One of the advantages of the solution created by Validated ID is that the startup works with national and international partners, and with different standards and blockchain networks. VIDchain has been the first wallet to pass the conformity test of the European Commission's EBSI network, and is compatible with other networks such as Alastria and Ethereum. This creates an open ecosystem of decentralized identity accessible to everyone. For this proof of concept, CaixaBank has issued verifiable credentials through the Dalion ecosystem (a sovereign digital identity collaborative project based on blockchain technology) on the Alastria network (national blockchain consortium). For its part, Aigües de Barcelona has used Ethereum to issue credentials. With this, the testing of interoperability in different networks and in a transparent way for the end user has been performed. Collaboration with startups CaixaBank, together with other entities, has promoted Dalion, a collaborative project based on blockchain technology that aims to give people control over their Personal data to make a single digital identity a reality, and individually controlled and self-managed by each holder within a safe and reliable environment. With the aim of improving
ValidatedID,ValidatedID,,,,,,,,,Validated ID raises € 2M in financing round,"The new financing is led by Randstad Innovation Fund, Caixa Capital Risc, and Cuatrecasas Ventures","- The company – specialized in electronic signatures, electronic invoices, and digital identities has secured new funding to consolidate its growth and expansion in key international markets. - The new € 2M investment will also anchor its positioning in the emerging blockchain-based digital identity (SSI) market. Validated ID, the Barcelona-based tech company which specializes in the digital signature, electronic invoice, and digital identity, has raised a funding round of € 2M. The new financing is led by Randstad Innovation Fund, the corporate venture arm of Randstad – a global leader in the HR services industry helping over 670.900 candidates all over the world – and the participation of co-investor Caixa Capital Risc, CriteriaCaixa’s venture capital management company, which manages over € 215M in innovative companies. This round is also backed by founders, previous partners, and the leading law firm Cuatrecasas, via its investment vehicle for startups Cuatrecasas Ventures. In the past few years Validated ID’s digital signature solution, VIDsigner, has established a leading portfolio of secure and easy to use electronic signature services with the highest legal and security standards. It is being used by over 100 partners and over 1000 clients. This reach, along with the development of its new Self-Sovereign Identity service, VIDchain, has allowed the company to maintain steady three-digit growth. With the new resources and the support of leading companies in its sectors, Validated ID enters a new stage of expansion with the aim of intensifying the internationalization of its VIDsigner signature service, and accelerating the technological product development and market consolidation for VIDchain, its decentralized Self-Sovereign Identity service based on Blockchain for digital identity verification processes. This solution is already getting massive attention in healthcare, Public Administration, and education, due to its expected impact on data breach-related costs, IT costs, operations costs, support function costs, and personnel costs. VIDchain ensures GDPR compliance and improves procedures such as customer onboarding, AML, and KYC, and therefore is expected to be especially significant on fraud reduction and counterfeit products. We’re living an intense stage of growth in Validated ID. The time is right, our technology and our services are aligned with the market, and we have a great team that day after day is able to ride this wave. In this sense, the entry of Randstad Innovation Fund, Caixa Capital Risc, and Cuatrecasas Ventures is proof that we are on the right track. It implies that we’d be extending our digital signature service, VIDsigner, in a more ambitious way across European and LATAM countries and accelerating the evolution of VIDchain as a service-aligned with the new universal identity models. - Santi Casas, CEO of Validated ID Paul Jacquin, the Managing Partner at Randstad Innovation Fund, added that We are excited about the ongoing expansion of Validated ID’ e-signatures solution in Spain and its potential in selected markets in Europe. On top of that, we are especially strong sponsors of their involvement in Self Sovereign Identity (SSI) and the work they do with leading institutions. It is a natural development of the company’s capabilities that will play out as the SSI market matures. Xavier Álvarez, ICT Director at Caixa Capital Risc, also noted that This operation is one more example of our commitment with companies with a promising future and innovative solutions based on technology. Validated ID is a project that perfectly matches the spirit we’re looking for in companies when it comes to investing. It has a solid project and a very attractive product which makes it a company with a high potential growth. Validated ID has three main lines of business. On the one hand, VIDsigner provides
ValidatedID,ValidatedID,,,,,,,,,Validated ID turns 10 years old! The best is yet to come,"oday, we want to celebrate our ten years, reflecting on what we have accomplished and anticipating the future, because we are sure that there will be many more to come. As a result, we want to reaffirm our commitment to our objectives and mission. Moreover, we strive to improve our operations to ensure a prosperous future for our customers and partners.","This article is also available in French, German and Spanish. “I find it incredible that we are celebrating 10 years since the company was founded"" commented Santi Casas, CEO and one of the founders of Validated ID. This project was born with great enthusiasm, but they were not clear about what the result would be. The four founders: Santi Casas, Iván Basart, Jaume Fuentes and Fernando Pino today remember that they have gone through difficult and happy times, but they are very proud of what they have achieved so far and, above all, of the people who have made this company successful. We cannot talk about the history of this decade without referring to the achievements and lessons learned since they have been a fundamental part of our growth. At Validated ID we have gone from 5 employees since its foundation to more than 50 today, located not only in Spain but also in the United Kingdom, France, Germany, Ecuador, Israel and Turkey. On the other hand, thanks to the more than 200 allies that offer our digital signature, we currently serve clients in more than 30 countries in Europe, Africa, Asia and Latin America. As a result of this effort and collaboration, we have provided more than 20 million signatures worldwide since our humble beginnings, with a constant growth and a permanent innovation in our trusted services. Our commitment at Validated ID since it was founded is to provide the best digital identity and signature solutions with the aim of maximizing our clients' productivity and reducing environmental impact. On the other hand, we work hard to establish ourselves as leaders both nationally and internationally through VIDsigner, VIDchain and SP4i. We continue to work with the same passion as always in order to achieve new goals that drive us to the top. Our core values guide us in our work Our main values guide us in our work: autonomy, as we help individuals and organizations to empower themselves and achieve better results; teamwork, since we know that achievements are always the result of people; the Personalization of our services, because no two people or two companies are the same; simplicity, since the key to our success has always been to create services that are easy to use; and, finally, security, since as service providers that handle sensitive information, we understand that security is key to offer peace of mind to both our customers and suppliers. With VIDsigner, our first service, we want to offer the security that the traditional electronic signature gives us together with the new possibilities offered by the latest generation of touchscreen devices. VIDsigner, together with our electronic invoicing service SP4i, are our commitment to achieve ""zero paper"" in organizations. As Confucius said ""Study the past to design the future"". And with VIDchain, our mission is to foster a digital world where trust, privacy and security prevail to make our daily lives easier. The commemoration of this birthday is a source of pride for all of us and coincides with a difficult moment worldwide to which we have been able to adapt and see opportunities where there were obstacles. On the other hand, we remain firm in our commitment to digitization as a tool to create a sustainable planet. Today, we want to celebrate our ten years, reflecting on what we have accomplished and anticipating the future, because we are sure that there will be many more to come. As a result, we want to reaffirm our commitment to our objectives and mission. Moreover, we strive to improve our operations to ensure a prosperous future for our customers and partners. Because the past is written in st
ValidatedID,ValidatedID,,,,,,,,,Validated ID's journey to becoming EBSI compliant,"[Wallet Conformance Tests] are designed to demonstrate that the wallet provider can onboard users safely, receive verifiable credentials from a trusted issuer, and present verifiable credentials to a verifier. All of these, using of course EBSI infrastructure.","This article is also available in French, German and Spanish. We at Validated ID have been betting on EBSI since the beginning. We started working to become conformant wallet providers since the very first version of Wallet Conformance Tests (WCT) was published. The process of preparing our solution to become conformant has allowed us to appreciate how remarkable EBSI's work has been. In this article, we provide in sights into what these tests consist of, and we share with you our experience performing these tests as wallet providers. In essence, WCT are designed to demonstrate that the wallet provider can onboard users safely, receive verifiable credentials from a trusted issuer, and present verifiable credentials to a verifier. All of these, using of course EBSI infrastructure. Each scenario is clearly separated in the tests, and the wallet provider shows this by including an identifier (header) in requests sent to the EBSI APIs. Therefore, EBSI support office is later able to analyze if the flow performed by the wallet is correct. Let's take a closer look at what we had to demonstrate. Onboarding users is the first scenario. Users’ identifiers created within a wallet need to be correctly registered in the DID registry. DIDs are stored in this registry, along with their associated public keys in the blockchain. In simple terms, registering your identifier is the first step to interacting with other members of the network. It requires several steps to verify that there is a person behind the process and several cryptography challenges that follow protocols that ensure the keys are controlled by the person they are associated with. Although this might seem a bit intimidating, rest assured that the wallet handles everything behind the scenes. In our case, VIDwallet users only need to scan a QR code. This is enough to notify EBSI to register the DID created in VIDwallet. For the second scenario, EBSI has developed an“mock issuer” service by means of an API, i.e., Conformance API, that allows requesting this mock issuer to issue a credential to the wallet. A wallet requests a credential from the issuer, and this service sends the credential to the wallet. In the third scenario, the Conformance API is used to demonstrate that the wallet can create a valid verifiable presentation.In other words, the API acts as a “mock verifier” so the wallet provides a presentation that the API will verify. Once the presentation is shared with the“mock verifier”, the result of the validation is consequently responded. Whenever new technologies and ecosystems are introduced, there will be many challenging and unpredictable changes that must be addressed. We are dealing with Self Sovereign Identity (SSI), a promising technology but still in its infancy, and, because we started with the very first version of WCT, we had to adapt to several changes along the way. However, to achieve a goal you've never reached, you'll have to take steps you've never taken. Then again, let's face it, it has not been easy since we're dealing with new technology and a variety of stakeholders must agree on how to handle a process. A number of challenges were overcome, but as a result, we have a proper WCT suite that can be used by everyone. EBSI's extraordinary work and the agile way they worked with all wallet providers allowed us to provide feedback and learn during the process. The outcome is irrefutable, a refined WCT suite is now precisely defined, and any wallet provider can submit their integration much faster. As of the time of writing this article, five wallet providers have already been able to present at least a conformant scenario. We are proud to say that we were the first to pass the conformance te
