Developing a more secure digital identity ecosystem using verifiable credentials
By Abbie Barbir and Kim Hamilton, OASIS Open
Verifiable credentials (VCs) are digital credentials that enable individuals to prove their identity and qualifications in a secure and tamper-proof way. VCs can be used in a variety of real-life scenarios, from representing a driver’s license and enabling secure access to your medical records to verifying college and university degrees and academic achievements.
Many industries, such as financial services, healthcare, transport, IoT, government, and education are beginning to adopt VCs to manage a sizable amount of sensitive and confidential information about their clients, including financial and personal data. But companies are just beginning to investigate what is required to comply with various regulations and standards to protect their clients’ information and maintain their trust. By adopting a standard for VCs, companies can streamline their processes for verifying clients’ identities and credentials, reducing the risk of fraud and identity theft.
New verifiable credentials standard underway
OASIS Open is launching a new standards effort called the Lightweight Verifiable Credential Schema and Process (LVCSP) Technical Committee (TC). Based on the W3C Verifiable Credential standard, the TC seeks to define a lightweight identity credential schema that will allow people (VC subjects) to share their verified identity attestations across various platforms and services.
The goal is to enable interoperability between different systems and organizations, allowing companies to easily and securely exchange information with their partners and customers. This could improve the customer experience by simplifying the process of onboarding new clients and accessing services, while also reducing operational costs and improving regulatory compliance.
The lightweight schema aims to promote onboarding efficiency while limiting the unnecessary proliferation of personally identifiable information (PII). The LVCSP TC aims to advance the standardized schema to improve alignment among issuers and create a more effective, reliable, and safe digital identity environment.
Reasons to participate in the OASIS LVCSP TC
The LVCSP Technical Committee is currently being formed. We invite technical experts, leading developers, and industry leaders in the identity space to join us. Aetna, Hitachi, HYPR, NEC, Trusona, and others are already involved. If you’re interested in contributing your expertise and being a part of this effort, we would welcome your participation.
As a member of the LVCSP TC, you not only have the opportunity to contribute towards the development of industry-leading standards, but you’ll also gain access to a range of benefits, including:
- Influence on the development of standards. Have a direct impact on what will become an international VC standard. Since LVCSP is being developed at OASIS, it will have the potential to follow in the footsteps of foundational standards like SAML, STIX, and ODF and be approved by ISO, IEC, or ITU. Make sure your requirements, use cases, and ideas are represented.
- Improved interoperability: Standardization is critical for achieving interoperability between different systems and organizations. By participating in the LVCSP TC, you can help ensure that the resulting standards are widely adopted, which will improve interoperability and streamline operations.
- Access to expertise: The TC will be composed of experts from various industries, including finance, healthcare, and technology. By being part of this group, you can gain access to this braintrust and leverage it to improve your own operations and offerings. You’ll be able to stay up-to-date with the latest trends and best practices and have opportunities for collaboration and partnerships.
- Early access to new technologies: Get insights and early access to the standard as it’s being developed. This will give you a headstart on compliance.
We’re excited to kick off the LVCSP TC and we invite you to consider being a part of it.
About the authors
Abbie Barbir, LD Dir, Security Engineering, CVS Health, serves as a Senior Security Advisor in the areas of identity management, mobile devices and authentication. Abbie has extensive experience in identity and access management. Abbie is the co-founder of ADI Association. He has worked with many standard organizations on developing next generation authentication technologies and is member of the FIDO Board of Directors. Barbir holds a Ph.D. in computer engineering from Louisiana State University. In his more than 25 years in the software and security industry, he has been a Professor of Computer Science, an Application Developer, Data Compression and Encryption Inventor, Systems Architect, Security Architect, Engineering Manager, Consultant, Author and Inventor of numerous security algorithms and articles.
Kim Hamilton is the Director of Identity and Standards at Centre Consortium, where she leads Verite, a decentralized identity standard and set of solutions for finance. Kim had numerous leadership roles in decentralized identity space, including W3C Credentials Community Group Co-Chair, a Decentralized Identity Foundation SC member, and Rebooting Web of Trust board member. Kim currently leads the World Economic Forum Digital Identity Technical Working Group.
DISCLAIMER: Biometric Update’s Industry Insights are submitted content. The views expressed in this post are that of the author, and don’t necessarily reflect the views of Biometric Update.