Decentralized digital ID providers pitch privacy, monetization features
Decentralized digital identity appeals to businesses and individuals for several reasons, including potential privacy benefits, increased user control and greater efficiency. SpruceID has an idea for preserving the first, Dock is introducing credential monetization, and Swisstronik is launching its blockchain platform. Getting the most of this developing ecosystem is still a challenge for many organizations, and to address that challenge, Indicio and DNP are bringing decentralized ID education to Japan.
Protecting privacy by preventing collusion
SpruceID has a proposal for how digital signatures and identities can build in “unlinkability” to avoid the risk of people being profiled “by collating data from their use of digital credentials.”
The approach is explained in a blog post, which sets out how data linkability through verifier collusion can break down user privacy. SpruceID notes the rapid growth of mobile driver’s licenses (mDLs) in the U.S. as a sign that digital identity has reached the point where mass adoption and frequent use will create the conditions in which unscrupulous verifiers would have enough notes to compare.
The post by SpruceID CEO and Co-founder Wayne Chang suggests rotating signatures, based on the different points of identity data that different verifiers need. The issuing authority provisions the verifiable digital credential with many different signatures, and “(a) properly configured digital wallet would then use a fresh signature (and potentially a fresh key) every time an ID holder uses their VDC to attest to particular pieces of information, ideally preventing linkage to the user through the signatures.”
Rotating signatures are compatible with ISO/IEC 18013-5 mDL, SD-JWT, and W3C Verifiable Credentials standards for digital credentials, and the FIPS 140-2/3 cryptographic security standard, Chang writes. It also aligns with emerging technologies like post-quantum cryptography and zero-knowledge proofs (ZKPs).
Collusion between issuers and verifiers can also be prevented if the issuing authority does not retain the signatures. Chang explains how digital credentials can be issued to Trusted Execution Environments to create “provably forgotten signatures.”
Monetizing credentials
Dock has launched privacy-preserving credential monetization for its decentralized digital ID platform, allowing issuers to generate revenue through verification of the credentials they supply.
The feature allows administrators to track paid verifications without identifying the specific user, or even credential. Users give explicit consent, and get faster onboarding processes and transaction speeds, according to the announcement.
Credentials can only be verified by ecosystem participants with a billing relationship due to Keyed Verification Anonymous Credential (KVAC) cryptography.
Swisstronik launches DID
Swisstronik has introduced a protocol-level decentralized digital identity based on blockchain and advanced cryptographic techniques that supports know your customer (KYC) and anti-money laundering (AML) checks, according to a company announcement.
Verification results and metadata are stored on Swisstronik’s blockchain, and decentralized applications (dApps) and other blockchain services check on-chain verification data. dApps can request additional off-chain data from the issuer or user, which is often returned as a ZKP.
The company says its DID solution will deliver user privacy and control, security against hacks and breaches, more efficient and reliable identity checks, and compliance with data protection regulations.
Putting it all together properly
The Indicio Academy is bringing its training workshops and professional certification program from decentralized digital identity to Japan through a partnership with Dai Nippon Printing (DNP).
Indicio has licensed all marketing and distribution rights to its training program to DNP, which was impressed by the training and certification process its in-house team went through.
Certifications now available in Japan through DNP and Indicia Academy include Verifiable Data Fundamentals, Business Professional, and Technology Professional courses.
Indicia CEO Heather Dahl says market interest in decentralized digital identity in Japan is high, and “new and powerful technologies need to be understood from all angles — through every aspect of design and implementation and marketing — if they are to be successful. We’re using the knowledge behind our success and the successes of our customers to ensure that others who adopt this technology can get everything they and their customers need from it.”
DNP has been ramping up its international partnerships, joining OIX a month ago.
Article Topics
blockchain | data privacy | decentralized ID | digital identity | Dock | Indicio | SpruceID | Swisstronik | verifiable credentials
Comments