Last Update 7:04 PM September 20, 2020 (UTC)

Identosphere - Organization Blog Feeds

Brought to you by Identity Woman and Infominer.
Please do support our collaboration on Patreon!!!

Friday, 18. September 2020

Hyperledger Foundation

Weekend Update: This Week’s Round-up of Remote Blockchain Learning Resources

Welcome to the Weekend Update. Our goal with this weekly post is to share quick updates about online education, networking and collaboration opportunities and resources for the open source enterprise... The post Weekend Update: This Week’s Round-up of Remote Blockchain Learning Resources appeared first on Hyperledger.

Welcome to the Weekend Update. Our goal with this weekly post is to share quick updates about online education, networking and collaboration opportunities and resources for the open source enterprise blockchain community. 

If you have suggestions for resources or events that we should spotlight in a future Weekend Update, let us know here using #HLWeekendUpdate. 

2020 Forbes Blockchain 50 Symposium

Forbes will be honoring the companies on the 2020 Forbes Blockchain 50 list with a free event on Tuesday, September 22, at 2:00 pm EDT. The virtual gathering will include a pair of roundtable discussions with key industry leaders about profitable strategies for moving forward in the new decade. Hyperledger’s Daniela Barbosa will take part in the panel “Infrastructure Players: Smart Strategies for Building on Blockchain.” 

For more information and to register, go here.

Telecom Special Interest Group Discussion: Using Hyperledger Fabric to Fight Spam Calls in India

All are welcome to join Tech Mahindra’s Rajesh Dhuddu for a presentation and discussion about a plug-n-play solution to curb spam calls, built on Hyperledger Fabric, that is deployed by three major telcos in India. The talk is hosted by the Hyperledger Telecom Special Interest Group (SIG).

Tune in on Thursday, September 24, at 9 a.m. PDT. Go here for more information. 

Blockchain Developer Course en Español 

The Hyperledger Latinoamérica Chapter continues its Spanish language Hyperledger Fabric training course series with sessions this week on use of private data in permissioned networks (September 19) and implementation and use of metrics with Hyperledger Caliper (September 24). 

For more details and the full schedule, go here

Virtual Meetups

Saturday, September 19, at 13:00 UTC / 15:00 CEST: Hyperledger Sweden hosts “Online Certification Study Circle” Tuesday, September 22, at 17:00 UTC / 11:00 MDT: Hyperledger Denver hosts “Can The Public Sector Benefit From Blockchain?” Thursday, September 24, at 1:00 UTC on Sep 25 / 18:00 PDT: Hyperledger Eugene hosts “Hyperledger Fabric, Java and Performance” Friday, September 25, at 22:00 UTC / 18:00 EDT: Hyperledger Toronto hosts “The Future of Digital Identities : Hyperledger Aries”

See the full Virtual Meetup schedule here

The post Weekend Update: This Week’s Round-up of Remote Blockchain Learning Resources appeared first on Hyperledger.


One World Identity

We Don’t Talk Anymore: Friday Dealbook for 9/18/2020

News of the day: the Trump Administration issued new rules this morning banning downloads of WeChat and TikTok from US app stores, drawing the ire of tech companies, who protest the lack of an organized policy process, and the confusion of cybersecurity experts, who cannot discern why only these two apps were targeted out of … We Don’t Talk Anymore: Friday Dealbook for 9/18/2020 Read More »

News of the day: the Trump Administration issued new rules this morning banning downloads of WeChat and TikTok from US app stores, drawing the ire of tech companies, who protest the lack of an organized policy process, and the confusion of cybersecurity experts, who cannot discern why only these two apps were targeted out of a sea of other similar Chinese apps. In any case, this continuation of nationalism and its threat to digital identity is worrisome – read about our thoughts on this subject in this multi-part blog series (Part 1, Part 2, Part 3).

This week’s deals target an assortment of steps along the digital identity lifecycle, from Alloy and identity verification to Britive and authorization. Clearly, identity is becoming increasingly integrated into everyday life, whether through financial services or social media, and it’s our responsibility to approach this ecosystem with thoughtfulness, intent, and organization.

 

We live for conversations like this. If you are interested in learning more about these deals and deals like them, let’s talk.

 

Alloy \ alloy.co \ Founded in 2015

 

Developer of an identity verification platform designed to check frauds and make identity management effective and simple for banks and financial institutions. The company’s platform combines a single API and dashboard centralizing case management, alerts, decision audit trail, and reporting and helps financial institutions integrate multiple sources of data and customer identification program rules to manage identity verification from signup through the life of the customer, enabling banks and fintech companies to automate their identity compliance and fraud decisions.

 

The company raised $40 million of Series B venture funding in a deal led by Canapi Ventures on September 16, 2020. Primary Venture Partners, Eniac Ventures, Bessemer Venture Partners, Avid Ventures, and Felicis Ventures also participated in the round. The funds will be used primarily for investments into the company’s team, scale its sales and marketing business units to keep up with the increasing demand, and expand its R&D to bring new products to market related to transaction and credit decisioning as well as document verification.

 

Sentinel \ thesentinel.ai \ Founded in 2019

 

Developer of a fake media detection platform designed to protect democracies against the threats of deepfakes and information warfare. The company’s platform leverages artificial intelligence based detection methods to identify disinformation attacks, synthetic media and influence campaigns, enabling governments and media organizations minimize risk through automated authentication of digital media. 

 

The company raised $1.35 million of seed funding from UnitedAngels VC, Jaan Tallinn and Taavet Hinrikus on September 14, 2020. Ragnar Sass and Martin Henk also participated in the round.

 

Britive \ britive.com \ Founded in 2018

 

Provider of cloud security software designed to solve issues associated with privileged access. The company’s software offers complete visibility and access, enforces access policies and monitors compliance, detect privileged access threats for cloud users, enabling organizations to address dynamic threats in the cloud environment.

 

The company raised $5.4 million of seed funding in a deal led by Upfront Ventures on September 10, 2020. One Way Ventures, SmartGateVC, Andrew Peterson, and Dave Cole also participated in the round. The funds will be used to further develop company’s platform technology for monitoring, analyzing, and dynamic orchestration of access privileges across cloud applications and infrastructure, as well as to expand its go-to-market capability

 

Investor Highlight

 

Canapi Ventures \ canapi.com \ Founded in 2018

 

Founded in 2018, Canapi is a venture capital firm that is based in Washington, District of Columbia. The firm prefers to invest in early to growth-stage fin-tech companies.

 

Active Portfolio – 5

Investments (TTM) – 4

Med. Round Amount – $40.00M

Med. Valuation – $861.00M

# of Exits – n/a

Alloy

Blend

Nova Credit

The post We Don’t Talk Anymore: Friday Dealbook for 9/18/2020 appeared first on One World Identity.

Thursday, 17. September 2020

Me2B Alliance

Re: Introducing new co-chair for the Me-s WG

Thanks for the introduction, Lisa. It's great to meet you, Muriel! We've got lots to learn and many discussions ahead about the impacts of technology on Me's, and thank you for all your work and leadership to get us there! Looking forward to speaking soon, Sincerely, Zach
Thanks for the introduction, Lisa.
It's great to meet you, Muriel!
We've got lots to learn and many discussions ahead about the impacts of technology on Me's, and thank you for all your work and leadership to get us there!
Looking forward to speaking soon,
Sincerely, Zach



Wednesday, 16. September 2020

ID2020

ID2020 Celebrates International Identity Day

Please join us today in celebrating International Identity Day. Identity is a fundamental and universal human right. Unfortunately, one in seven people globally — more than one billion individuals — are unable to prove who they are by any widely recognized means. This most fundamental function — the ability to prove who we are — is something that many of us take for granted. Yet it is an in

Please join us today in celebrating International Identity Day.

Identity is a fundamental and universal human right. Unfortunately, one in seven people globally — more than one billion individuals — are unable to prove who they are by any widely recognized means.

This most fundamental function — the ability to prove who we are — is something that many of us take for granted. Yet it is an incredibly important one, allowing us to enjoy rights and protections under the law, access a variety of services, participate as citizens and voters, transact in an increasingly digital economy, and much more.

ID2020 was launched in 2016 to address this global issue by fostering collaboration between the private sector, government, and nonprofit organizations toward a common vision: good ID for all.

Our work is premised on the notion that we all deserve better ways to prove who we are, both in the physical world and online. But achieving our vision will require an intentional focus and sustained commitment to ensuring that the needs of the most vulnerable in society are met. If past experience has taught us anything it is that, absent this focus, hundreds of millions of people will be left behind.

In 2018, in collaboration with the UN High Commissioner for Refugees (UNHCR), we published the ID2020 Manifesto. The Manifesto outlines our values and serves as the basis for the ID2020 Certification for digital ID solutions, our advocacy activities, and the programmatic work we are undertaking in partnership with governments and development and humanitarian organizations.

ID2020 Alliance partners recognize that achieving our shared vision will also require businesses, government, and civil society to collaborate and make simultaneous progress along four tracks:

Continuing to advance digital ID technologies and test them in the field Promoting public and private sector implementations Establishing the technical standards and legal and regulatory frameworks necessary to ensure that these systems are privacy-protecting, user-controlled, portable, interoperable, and persistent across an individual’s lifespan Working across sectors — and with a wide array of stakeholders — to build trust in these systems and support their adoption

ID2020 exists to support this type of collaboration.

Each year, the United Nations recognizes official days of observance for a variety of issues on the international development and human rights agenda. These days promote awareness of, and global action on, important political, social, cultural, humanitarian, or human rights issues.

This is a marathon, not a sprint, and a mission we cannot accomplish alone. We are proud to support efforts, such as the International Identity Day Coalition, that expand awareness of this critical development goal.

We hope that you will consider joining ID2020 as a member of the International Identity Day Coalition. The Coalition brings together development agencies, governments, and public interest organizations to advocate for the formal recognition of International Identity Day by the United Nations and its member nations.

For more information about the Coalition, please visit their website: https://www.id-day.org

ID2020 Celebrates International Identity Day was originally published in ID2020 on Medium, where people are continuing the conversation by highlighting and responding to this story.


ID2020 Celebrates International Identity Day

Please join us today in celebrating International Identity Day. Identity is a fundamental and universal human right. Unfortunately, one in seven people globally — more than one billion individuals — are unable to prove who they are by any widely recognized means. This most fundamental function — the ability to prove who we are — is something that many of us take for granted. Yet it is an in

Please join us today in celebrating International Identity Day.

Identity is a fundamental and universal human right. Unfortunately, one in seven people globally — more than one billion individuals — are unable to prove who they are by any widely recognized means.

This most fundamental function — the ability to prove who we are — is something that many of us take for granted. Yet it is an incredibly important one, allowing us to enjoy rights and protections under the law, access a variety of services, participate as citizens and voters, transact in an increasingly digital economy, and much more.

ID2020 was launched in 2016 to address this global issue by fostering collaboration between the private sector, government, and nonprofit organizations toward a common vision: good ID for all.

Our work is premised on the notion that we all deserve better ways to prove who we are, both in the physical world and online. But achieving our vision will require an intentional focus and sustained commitment to ensuring that the needs of the most vulnerable in society are met. If past experience has taught us anything it is that, absent this focus, hundreds of millions of people will be left behind.

In 2018, in collaboration with the UN High Commissioner for Refugees (UNHCR), we published the ID2020 Manifesto. The Manifesto outlines our values and serves as the basis for the ID2020 Certification for digital ID solutions, our advocacy activities, and the programmatic work we are undertaking in partnership with governments and development and humanitarian organizations.

ID2020 Alliance partners recognize that achieving our shared vision will also require businesses, government, and civil society to collaborate and make simultaneous progress along four tracks:

Continuing to advance digital ID technologies and test them in the field Promoting public and private sector implementations Establishing the technical standards and legal and regulatory frameworks necessary to ensure that these systems are privacy-protecting, user-controlled, portable, interoperable, and persistent across an individual’s lifespan Working across sectors — and with a wide array of stakeholders — to build trust in these systems and support their adoption

ID2020 exists to support this type of collaboration.

Each year, the United Nations recognizes official days of observance for a variety of issues on the international development and human rights agenda. These days promote awareness of, and global action on, important political, social, cultural, humanitarian, or human rights issues.

This is a marathon, not a sprint, and a mission we cannot accomplish alone. We are proud to support efforts, such as the International Identity Day Coalition, that expand awareness of this critical development goal.

We hope that you will consider joining ID2020 as a member of the International Identity Day Coalition. The Coalition brings together development agencies, governments, and public interest organizations to advocate for the formal recognition of International Identity Day by the United Nations and its member nations.

For more information about the Coalition, please visit their website: https://www.id-day.org


Me2B Alliance

Introducing new co-chair for the Me-s WG

Hi everyone,   I’m delighted to introduce you all to Muriel Shockley who has volunteered to co-chair the Me-s WG with Jeff Orgel.   Muriel is the program director for undergraduate studies at Goddard College in Vermont, and has a rich background of skills and expertise, with a BS in Econ from Smith College, a masters in Clinical Psychology from Antioch University and a PhD in Leade

Hi everyone,

 

I’m delighted to introduce you all to Muriel Shockley who has volunteered to co-chair the Me-s WG with Jeff Orgel.

 

Muriel is the program director for undergraduate studies at Goddard College in Vermont, and has a rich background of skills and expertise, with a BS in Econ from Smith College, a masters in Clinical Psychology from Antioch University and a PhD in Leadership and Change from Antioch University.  We are fortunate indeed to have Muriel engaged as a co-chair of the Me-s working group.

 

Please join me in welcoming Muriel to the Me2B Alliance family.

 

Lisa


WomenInIdentity

Member Interview – Shilpa Maher

What do you do and what is it about your job that gets you out of bed in the morning?  I’m working for HSBC and have been here since May… The post Member Interview – Shilpa Maher appeared first on Women in Identity.
What do you do and what is it about your job that gets you out of bed in the morning? 

I’m working for HSBC and have been here since May 2016 doing a variety of roles, but recently (well since Jan 2018), I have been getting my fingers dirty in something very exciting –  defining and creating a brand new strategic capability for the Bank called – Events Based Data Assurance – which will underpin our Digital Identity efforts.

Essentially, all Digital Identity is customer data that we trust. We have a lot of customer data in the Bank but we don’t record why we trust this data and so we ask the customer to prove who they are over and over again. i.e. when someone wants to open a new account, we ask them to prove their ID by showing us their passport. Someone in the Bank will look at the passport, match the photo on the passport to the person standing in front of them, and confirm that they match. However, what is recorded is the person’s name, DOB, Nationality BUT not the event of ‘passport check in branch’.

If we recorded ‘why we trust the data’ using a new type of data called ‘EVENTS’ i.e. the event which led to us knowing why we trust a piece of data (in the above example, Suzie, a Branch advisor in our Canary Wharf branch checked that the photo on the passport matched the person in front of them and it matched, it unlocks a huge opportunity inside the bank to ‘RE-USE’ data across markets and functions – resulting in a fantastic customer experience and reduction in costly and often duplicative processes.

How did you get to where you are today?

I started on the Barclays Bank Graduate Programme and tended to move around every 3 years or so to new places.

I had a curious mind and wanted to do ‘new’ things rather than be in a BAU type role.

I was hungry to learn and develop and so sought opportunities every time I felt like I had learnt all I could from an organisation. I’ve tried my hand at all sorts of things from Banking, to Management Consulting, to starting up a brand new dotcom business, to digitising an insurance company, studying for an MBA, moving to the online travel industry and then back to Digital Banking and now most recently, qualifying as a Personal Performance Coach and setting up a Coaching Business as a side hustle!  I absolutely love helping people understand what their potential is and to guide them to go and realise this!

What is the most important lesson you have learned along the way?

The most important lesson I have learnt along the way is to be your authentic self, don’t try and be someone who you’re not. I know this is difficult because we all suffer from this, especially us women. We’re always comparing ourselves with the person who is always getting the promotions, the attention, the recognition etc – but by trying to be like her, you slowly start to move away from who you are at your core – your authentic self.

This will only result in a lot of frustration and unhappiness which can become a huge problem.

Remember, you’re an individual with skills, experience and a personality which is unique to you. Embrace this and become comfortable in your own skin and let people see the real you! You’ll be surprised where this can lead!

What’s your pitch to CEOs in the identity space? What do you suggest they START / STOP / CONTINUE doing and why? Writing down your internal business activities in a granular way – so that others can understand why they should trust this piece of data Agree on a common data model which can be used to describe events Define the key trusted providers in your country (utility companies, passport office, mobile phone companies, travel companies) who are willing to start exchanging data/ events with you; get them to write down what they do to assure data in a machine readable way (using the same data model) Stop: Trying to solve for the World – start small, and then scale focusing on real life use cases Continue: to have dialogue with organisations, governments and customers/ citizens to keep the conversation going so that potential solutions/ way forward are relevant to define key customer/ citizen/ employee pain points and look to solve for these In one sentence, why does diversity matter to you?

We are all unique and with this uniqueness, we each bring a different viewpoint to the same problem so be tolerant, embrace this difference and experience the powerful results that follow.

What book/film/piece of art would you recommend to your fellow members? Why?

I’d highly recommend ‘Man’s search for meaning’ by Viktor Frankl because it teaches us/demonstrates the power of the mind and resilience.

I absolutely love the quote in the book: “he who has a WHY to live can bear with almost any HOW……and what alone remains is the last of human freedoms is the ability to choose one’s attitude in a given set of circumstances.”

What advice would you give to the teenage ‘you’?

Don’t be afraid, speak your mind, be yourself and think positive thoughts. As a kid growing up in the UK, I suffered from both racial discrimination and bullying – which impacted hugely on my self -confidence. I hid in my shell and didn’t feel as valued, important or equal to my peers and therefore didn’t take the opportunities that presented themselves to me because of this.

Don’t worry about what people will think; ask the ‘stupid’ questions and never feel that you’re not good enough!

Where can we find you on social media / the Web?

LinkedIn: linkedin.com/in/shilpamaher

Twitter: @shilpamaher

Instagram: shilpamahercoaching

Facebook: shilpamahercoaching

Website: www.shilpamahercoaching.com

The post Member Interview – Shilpa Maher appeared first on Women in Identity.


Hyperledger Foundation

Hyperledger is Enabling New Blockchain-Based Business Models for 5G

The fifth generation of cellular networks or 5G promises revolutionary improvements compared to the previous generation that reaches beyond merely multiplying the bandwidth and reducing latency. 5G is expected to... The post Hyperledger is Enabling New Blockchain-Based Business Models for 5G appeared first on Hyperledger.

The fifth generation of cellular networks or 5G promises revolutionary improvements compared to the previous generation that reaches beyond merely multiplying the bandwidth and reducing latency. 5G is expected to enable a wide range of new internet-based services such as vehicular communications and Smart City infrastructure that, in addition to connectivity, require on-demand fine-grained infrastructure and resource access to operate. Hence, the allocation of the underlying resources has to be capable of supporting and adapting to sudden changes in demand for resources and be able to flexibly provide customized bundles of resources to fit the demands of the vertical industries using the 5G infrastructure.

Entering the 5G market, an operator may experience up to 65% increase in RAN deployment and infrastructure costs [1]. Discovering new ways to more efficiently allocate resources can, to some extent, alleviate the massive increase in the infrastructure cost. Network and infrastructure sharing is one of the solutions that could help major operators to gain considerable returns by leasing out portions of their idle resources to other service providers that o are willing to operate in the same geographical region.

A Decentralized Marketplace for Network Infrastructure Sharing

The practice of infrastructure/network sharing dates back to the previous generations of cellular networks. However, these sharing models were typically in the form of bilateral agreements and were limited to long-term sharing of passive and seldom active network resources. Such sharing models cannot support either the on-demand short term sharing requests or the larger markets where the parties involved in resource trading exceed only two operators. On the other hand, the intense competition in the telecoms industry rules out the prospect of a centralized marketplace where a trusted intermediary is in charge of the market and makes the final decision regarding the allocation of the resources and the price. Therefore, a decentralized approach is required to incentivize participation by the infrastructure providers, network operators, and over-the-top service providers.

Hyperledger Fabric blockchain technology can provide the foundation for the described decentralized marketplace where all the market players could participate in the resource allocation and pricing process in a transparent and trustworthy way and without relying on a third party. 

Case Study: 5G Network Slicing

Network virtualization technology allows the division of network resources into isolated virtual slices of the network that could be then offered to other users. This creates a new business opportunity for network operators and infrastructure providers to monetize their idle resources. Therefore a new business model has been gaining attention where operators and service providers can trade network resources in a marketplace equipped with a market mechanism(e.g., auctions). The aim is to develop a marketplace that does not rely on a third-party broker to conduct the market.

Why Hyperledger?

Hyperledger Fabric is an open-source project that is built as a modular software so that every piece of it can be tailored into the needs of the developers. Besides, with Hyperledger Fabric, there are no coding language lock-ins as the platform does not force the developer to use a particular language for the smart contracts. Finally, compared to other blockchain frameworks, the supported high transaction throughput and low latency make it a right candidate for 5G use cases.

Scenario:

A number of operators and service providers are participating in a marketplace to buy/sell network slices [2]. They each offer ask/bid prices for the offered quantity of a network slice and the smart contract that has to be endorsed by every single operator decides the final allocation and price of the network slices.

The commodity: A network slice consisting of computing, RAN, and storage resources. Member organizations: Infrastructure providers, network operators, and service providers. Technology: Hyperledger Fabric v 1.4.1, Raft ordering service Architecture: Five organizations each with one peer node and 10 Raft orderers. The Smart Contract: A sealed-bid double-sided auction mechanism that allows bilateral trade of network slices. Conclusions:

The research team at Connect Centre [3] have developed the smart contracts and deployed the Hyperledger Fabric network on one of the major public cloud provider’s infrastructure. The results of the performance benchmarks of the blockchain solution are reported in [2]. In addition to the 5G slicing, other resource sharing problems in 5G are expected to benefit from the blockchain technology. One other example is Virtual Network Function (VNF) marketplaces where network operators and software vendors could offer their virtualized network services such as Firewall, DNS, CDN, etc. 

[1] Future Networks. “5G-Era Mobile Network Cost Evolution.” Accessed September 10, 2020. https://www.gsma.com/futurenetworks/wiki/5g-era-mobile-network-cost-evolution/.

[2] N. Afraz. and M. Ruffini, “5G Network Slice Brokering: A Distributed Blockchain-based Market,” in EuCNC conference 2020.

[3] CONNECT – the Science Foundation Ireland Research Centre for Future Networks and Communications, https://connectcentre.ie/

If you’re interested in how blockchain is being used in the telecom industry, get involved with the Hyperledger Telecom Special Interest Group

About the author
Nima Afraz is a postdoctoral researcher with Connect Centre for Future Networks and Communications, Trinity College Dublin. He is a member of Hyperledger Telecom Special Interest Group. His research interests include network economics, network virtualization and blockchain for telecoms.

Cover image by mohamed Hassan from Pixabay

The post Hyperledger is Enabling New Blockchain-Based Business Models for 5G appeared first on Hyperledger.


Kantara Initiative

Canada commences testing of digital ID framework

The Digital ID & Authentication Council of Canada (“DIACC”) today announced the launch of the Pan-Canadian Trust FrameworkTM (“PCTF”), a set of digital ID and authentication industry standards that will define how digital ID will roll out across Canada. Its launch marks the shift from the framework’s development into official operation and will begin alpha […]

The Digital ID & Authentication Council of Canada (“DIACC”) today announced the launch of the Pan-Canadian Trust FrameworkTM (“PCTF”), a set of digital ID and authentication industry standards that will define how digital ID will roll out across Canada.

Its launch marks the shift from the framework’s development into official operation and will begin alpha testing by public and private sector members in Canada. The alpha testing will inform the launch of DIACC’s PCTF Voila Verified Trustmark Assurance Program (“Voila Verified”), set to launch next year.


Digital ID framework to begin testing in Canada

The Digital ID & Authentication Council of Canada (DIACC) today announced the launch of the Pan-Canadian Trust Framework (PCTF), a set of digital ID and authentication industry standards that will define how digital ID will roll out across Canada.

The Digital ID & Authentication Council of Canada (DIACC) today announced the launch of the Pan-Canadian Trust Framework (PCTF), a set of digital ID and authentication industry standards that will define how digital ID will roll out across Canada.

Tuesday, 15. September 2020

WomenInIdentity

Supporting International Identity Day on 16th September

The post Supporting International Identity Day on 16th September appeared first on Women in Identity.
Supporting the campaign to make every 16th September International Identity Day.

Why September 16th?

The choice of the date is in recognition of the UN’s Sustainable Development Goal (SDG) 16.9 which calls for a legal identity for all including birth registration by 2030.

In support of this, we asked some of the WiD team  to tell us about themselves and what identity means to them…

Kay Chopard Cohen Teresa Wu Esther Hoeksema-Westra Dia Banerji Diane Joyce Tamara Al-Salim

Join the conversation! Share your video messages with us!!

Email communications@womeninidentity.org.

The post Supporting International Identity Day on 16th September appeared first on Women in Identity.


FIDO Alliance

Information Security Media Group: Accelerating the Path to Passwordless Authentication

In an exclusive video interview with Information Security Media Group, Dr. Rolf Lindemann of Nok Nok Labs discusses the value of a FIDO-based approach and the road to passwordless authentication. The post Information Security Media Group: Accelerating the Path to Passwordless Authentication appeared first on FIDO Alliance.

In an exclusive video interview with Information Security Media Group, Dr. Rolf Lindemann of Nok Nok Labs discusses the value of a FIDO-based approach and the road to passwordless authentication.

The post Information Security Media Group: Accelerating the Path to Passwordless Authentication appeared first on FIDO Alliance.


The Next Web: Stop Confusing Facial Recognition with Facial Authentication

Andrew Shikiar, Executive Director and Chief Marketing Officer of the FIDO Alliance, writes how facial authentication is the easiest and most secure method to log into your device—and soon to […] The post The Next Web: Stop Confusing Facial Recognition with Facial Authentication appeared first on FIDO Alliance.

Andrew Shikiar, Executive Director and Chief Marketing Officer of the FIDO Alliance, writes how facial authentication is the easiest and most secure method to log into your device—and soon to websites. It should not be confused with a related, but fundamentally different technology. 

The post The Next Web: Stop Confusing Facial Recognition with Facial Authentication appeared first on FIDO Alliance.


Help Next Security: Five Ways to Maximize FIDO

by Jeremy Walker, Director of Sales Engineering, Identité Jeremy Walker, Director of Sales Engineering at Identité, shares five ways to maximize FIDO: use all three factors, make it simple and […] The post Help Next Security: Five Ways to Maximize FIDO appeared first on FIDO Alliance.

by Jeremy Walker, Director of Sales Engineering, Identité

Jeremy Walker, Director of Sales Engineering at Identité, shares five ways to maximize FIDO: use all three factors, make it simple and secure, fully leverage existing MDM features, get rid of passwords, use bidirectional authentication. 

The post Help Next Security: Five Ways to Maximize FIDO appeared first on FIDO Alliance.


Mobile ID World: FIDO Provides Update on 2020 Hackathon in South Korea

The FIDO Alliance’s Korea Working Group hosted a Mid-Term Meetup Event at Telecommunication Technology Association (TTA) on July 1, giving participants the opportunity to share their projects and get feedback […] The post Mobile ID World: FIDO Provides Update on 2020 Hackathon in South Korea appeared first on FIDO Alliance.

The FIDO Alliance’s Korea Working Group hosted a Mid-Term Meetup Event at Telecommunication Technology Association (TTA) on July 1, giving participants the opportunity to share their projects and get feedback from members of the Korea Working Group. The top five teams will present their projects and receive awards at the FIDO Seoul Public Seminar.

The post Mobile ID World: FIDO Provides Update on 2020 Hackathon in South Korea appeared first on FIDO Alliance.


Tech Radar Pro: Using Identity to Forge a New, Passwordless Future

by Nick Caley, ForgeRock Vice President of UK and Ireland Nick Caley, ForgeRock Vice President of UK and Ireland shares how can businesses move towards an alternative to username and […] The post Tech Radar Pro: Using Identity to Forge a New, Passwordless Future appeared first on FIDO Alliance.

by Nick Caley, ForgeRock Vice President of UK and Ireland

Nick Caley, ForgeRock Vice President of UK and Ireland shares how can businesses move towards an alternative to username and password-based credentials and names FIDO as an important driver of passwordless authentication. 

The post Tech Radar Pro: Using Identity to Forge a New, Passwordless Future appeared first on FIDO Alliance.


Identity at the Center #56: What is FIDO with Andrew Shikiar

In this episode of Identity at the Center, Jim McDonald and Jeff Steadman speak with Andrew Shikiar, Executive Director and Chief Marketing Officer of the FIDO Alliance, about FIDO and […] The post Identity at the Center #56: What is FIDO with Andrew Shikiar appeared first on FIDO Alliance.

In this episode of Identity at the Center, Jim McDonald and Jeff Steadman speak with Andrew Shikiar, Executive Director and Chief Marketing Officer of the FIDO Alliance, about FIDO and the challenges it seeks to solve.

The post Identity at the Center #56: What is FIDO with Andrew Shikiar appeared first on FIDO Alliance.


Apple @ Work Podcast: iOS 14 and macOS Big Sur bring new password technology to market

In this episode of the Apple @ Work podcast, Andrew Shikiar, Executive Director and Chief Marketing Officer of the FIDO Alliance, joins Bradley Chambers to discuss FIDO’s mission to eliminate […] The post Apple @ Work Podcast: iOS 14 and macOS Big Sur bring new password technology to market appeared first on FIDO Alliance.

In this episode of the Apple @ Work podcast, Andrew Shikiar, Executive Director and Chief Marketing Officer of the FIDO Alliance, joins Bradley Chambers to discuss FIDO’s mission to eliminate dependence on passwords and the latest developments with Apple.

The post Apple @ Work Podcast: iOS 14 and macOS Big Sur bring new password technology to market appeared first on FIDO Alliance.


Digital ID for Canadians

Newly Launched Digital ID Framework to Begin Testing in Canada

Governments and Businesses to Begin Testing Across Canada TORONTO, September 15, 2020 – The Digital ID & Authentication Council of Canada (“DIACC”) today announced the…
Governments and Businesses to Begin Testing Across Canada

TORONTO, September 15, 2020 – The Digital ID & Authentication Council of Canada (“DIACC”) today announced the launch of the Pan-Canadian Trust FrameworkTM (“PCTF”), a set of digital ID and authentication industry standards that will define how digital ID will roll out across Canada. Its launch marks the shift from the framework’s development into official operation and will begin alpha testing by public and private sector members in Canada. The alpha testing will inform the launch of DIACC’s PCTF Voila Verified Trustmark Assurance Program  (“Voila Verified”), set to launch next year.

“The pandemic has pushed digital adoption five years into the future. Without the proper infrastructure for digital ID and authentication in place, we’ve seen firsthand how Canadians have been left vulnerable and with limited access to essential services” said Eros Spodotto, Executive Vice-President, Technology Strategy and Business Transformation at TELUS

“Trust and security are the foundations of the digital economy. The key to unlocking a true digital experience comes from having a digital ID ecosystem that extends beyond any one sector.”
– Franklin Garrigues, VP Digital Channels at TD Bank, and DIACC Board Vice-Chair

From open banking to e-health, digital ID is a key enabler in unlocking the next frontier of our digital economy. Banks and telcos fortunately have been able to leverage existing digital ID services to support Canadians. “Digital identity verification has helped countless Canadians receive financial aid during the pandemic,” notes Andre Boysen, Chief Identity Officer at SecureKey, “but it’s not enough. Now, we need to leverage that momentum, and push out a solution for digital ID in all levels of society. The PCTF is that answer.”

“The PCTF launch marks an important milestone in Canada’s digital transformation initiatives,” exclaims Dave Nikolejsin, Board Chair at DIACC, “Canadians have had to deal with identity theft and fraud, high anxiety in accessing services that they were in dire need of while facing social distancing measures, and attempting to go about their lives as normally as possible. Digital ID minimizes all of those pain points, and elevates the livelihoods of Canadians everywhere.” Joni Brennan, President of DIACC, adds, “Our economy has also been heavily impacted by all this, and we know digital identity has the potential to add at least 3 percent of GDP, which is potentially almost $100 billion back into our Canadian economy. This is why we’ve accelerated the launch of the PCTF. The time for digital ID is now.”

“The Digital ID Laboratory of Canada is a proud partner of the DIACC, with a strong community that is ready to support the launch of the PCTF and ensure that together, we can accelerate the adoption of user-centric and interoperable digital ID solutions across the country.”
– Pierre Roberge, General Manager of the Digital ID Laboratory of Canada

Alpha testing of the PCTF will be carried out by over 20 Canadian public and private sector DIACC member organizations during the next two quarters with the purpose of operationalizing the framework as fast as possible. Organizations that have volunteered to take part in the alpha test seek to gain strategic and operational insights to become demonstrated leaders in digital identity. 

Learnings taken from the alpha testing will help DIACC identify what is needed to scale up a digital identity infrastructure across Canada, and help Canada secure international digital interoperability and accreditation by working with international and third party partners such as eIDAS and Kantara Initiative IAF

A Digital ID Trademark You Can Trust

The alpha testing will also inform the launch of the DIACC PCTF Voila Verified Trustmark Assurance Program (“Voila Verified”). The program is set to launch in fall 2021, and will issue a PCTF Voila Verified Trustmark to organizations who demonstrate compliance with PCTF components. Voila Verified will enable solutions and service providers to leverage the trustmark to elevate their market leadership and allow them to collaborate securely with assurance, providing their customers with the digital-first experience that they demand. 

“We’re pleased to work with the DIACC to help recognize the Voila Verified Program on an international scale. It is through secure global credentials that we can transform the state of digital identity, and progress the digital economy worldwide.”
– Colin Wallis, Executive Director of Kantara Initiative

Multijurisdictional Collaboration: Enabling Trusted Digital Inclusion for All

The launch of the PCTF comes at a time when having a strong digital economy is no longer a ‘nice-to have’; rather, it is imperative for Canadians. More than 70 per cent of Canadians want to see the government and private sector collaborate on a joint identity framework in Canada. “We’ve seen the benefits and advantages of digital ID for people in British Columbia during this pandemic,”, said CJ Ritchie, Associate Deputy Minister and Government Chief Information Officer for the Province of British Columbia, “From government to healthcare, commerce, and financial services, the entire provincial economy is being impacted by COVID-19. Having a robust digital identity/trust ecosystem allows all Canadians to do more online, in a safer, more secure and confident way.”

The PCTF was developed collaboratively between public and private sector stakeholders, with contributions from a broad array of individuals and organizations around the world. Over 3,400 public comments were provided over four years that helped progress the framework to its launch today. 

“The framework released today was created through an incredible collaboration involving hundreds of people who worked to contribute, comment, and lend their ideas,” noted Peter Watkins, Program Executive for the Pan-Canadian Digital ID at the Institute for Citizen-Centred Service, “we’re committed to continuing our multi-jurisdictional collaboration as we move into the next stages for this important work.”

About the PCTF & Voila Verified Program

Details on the PCTF may be found in this backgrounder.
Details on the Voila Verified Program may be found in this backgrounder.

Monday, 14. September 2020

Oasis Open

Invitation to comment on Open Document Format for Office Applications (OpenDocument) v1.3 - ends Sept. 29th


OpenID

Registration Open for OpenID Foundation Virtual Workshop — Wednesday, October 28, 2020

Workshop Overview OpenID Foundation Workshops provide technical insight and influence on current Internet identity standards. This virtual workshop is a reschedule of the planned face-to-face workshop prior to IIW Fall 2020. This workshop includes a panel discussion on the Foundation’s ongoing relationship and efforts with the Financial Data Exchange focused on open banking initiatives. The […]

Workshop Overview
OpenID Foundation Workshops provide technical insight and influence on current Internet identity standards. This virtual workshop is a reschedule of the planned face-to-face workshop prior to IIW Fall 2020. This workshop includes a panel discussion on the Foundation’s ongoing relationship and efforts with the Financial Data Exchange focused on open banking initiatives. The workshop will provide updates on all OpenID Foundation Working Groups as well the OpenID Certification Program.

Technologists from member organizations and others will update key issues and discuss how they help meet social, enterprise and government Internet identity challenges.


Workshop Details
WHEN: Wednesday, October 28, 2020 — 9am-11:30am PT
REGISTRATION REQUIRED: https://www.eventbrite.com/e/openid-foundation-virtual-workshop-tickets-121075932373


Workshop Agenda

TIME (PT) PRESENTATION PRESENTER 9:00-9:05 Welcome & Introduction Nat Sakimura & Don Thibeau (OpenID Foundation) 9:05-9:20 Panel Discussion: OpenID Foundation & Financial Data Exchange’s Ongoing Collaboration in Open Banking ·   Moderator: Don Thibeau – OpenID Foundation

·   Panelist: Nat Sakimura – OpenID Foundation

·   Panelist: Don Cardinal – FDX

·   Panelist: Anoop Saxena – Intuit

9:20-9:30 OpenID Certification Program Update Joseph Heenan – Fintech Labs 9:30-9:40 WG Update – AB/Connect Michael Jones – Microsoft 9:40-9:50 Self-issued OpenID Provider (SIOP) Update Kristina Yasuda — Microsoft 9:50-10:00 OpenID Federation Update Roland Hedberg — Catalogix 10:00-10:10 WG Update – eKYC-IDA Torsten Lodderstedt – yes.com 10:10-10:20 WG Update – Enhanced Authentication Protocol (EAP) Michael Jones – Microsoft 10:20-10:25 BREAK 10:25-10:35 WG Update – Fast Federation (FastFed) Darin McAdams – Amazon 10:35-10:45 WG Update – Financial-grade API (FAPI) Anoop Saxena — Intuit

 

10:45-10:55 WG Update – HEART Debbie Bucci – Consultant 10:55-11:05 WG Update – MODRNA (Mobile OpenID Connect Profile) Bjorn Hjelm – Verizon

 

11:05-11:15 WG Update – Shared Signals & Events Atul Tulshibagwale – Google

 

11:15-11:30 Open Q&A Session and Closing Remarks

 

The post Registration Open for OpenID Foundation Virtual Workshop -- Wednesday, October 28, 2020 first appeared on OpenID.


MyData

Guest Blog: Interesting outcome of the MyData Accelerator project

– What a datafied future of work & skills might be like To this day, ten months have passed since the launch of the MyData Accelerator in November 2019. We coordinated the Accelerator at Vake, the Finnish State Development Company, supported by the Technology Industries of Finland and Sitra. It has been a learning experience... Read More
– What a datafied future of work & skills might be like To this day, ten months have passed since the launch of the MyData Accelerator in November 2019. We coordinated the Accelerator at Vake, the Finnish State Development Company, supported by the Technology Industries of Finland and Sitra. It has been a learning experience... Read More

Saturday, 12. September 2020

Digital ID for Canadians

Progressing the Pan-Canadian Trust Framework (PCTF)

Since 2016, the Digital ID & Authentication Council of Canada’s (DIACC) Trust Framework Expert Committee (TFEC) has been developing the Pan-Canadian Trust FrameworkTM (PCTF). It…

Since 2016, the Digital ID & Authentication Council of Canada’s (DIACC) Trust Framework Expert Committee (TFEC) has been developing the Pan-Canadian Trust FrameworkTM (PCTF). It is one framework with many partners, and we thank all of those involved for their contribution in this momentous achievement.  

Four years and 41 review and comment periods later, this engaging infographic highlights how the framework has progressed over the years to the launch of the PCTF MVP in September 2020.

Download the infographic: Progressing the Pan-Canadian Trust Framework (PCTF).

Friday, 11. September 2020

FIDO Alliance

CISA Cites FIDO Authentication to Protect Political Campaigns

Andrew Shikiar, FIDO Alliance Executive Director & CMO  The US Cybersecurity and Infrastructure Security Agency (CISA),  issued an advisory Thursday recommending cyber attack remedies for election-related activities  including the use […] The post CISA Cites FIDO Authentication to Protect Political Campaigns appeared first on FIDO Alliance.

Andrew Shikiar, FIDO Alliance Executive Director & CMO 

The US Cybersecurity and Infrastructure Security Agency (CISA),  issued an advisory Thursday recommending cyber attack remedies for election-related activities  including the use of FIDO authentication to thwart phishing  attempts and account takeover. 

The advisory, entitled “ACTIONS TO COUNTER EMAIL-BASED ATTACKS ON ELECTION RELATED ENTITIES” noted that 78 percent of cyber-espionage incidents are enabled by phishing. CISA makes specific recommendations on protecting against cyber attacks to aid organizations involved in election-related activities.

Among other recommendations, FIDO Authentication was highlighted to thwart phishing attempts and protect against account takeover for cloud email and other high-value services. Specifically, CISA cites FIDO2 Security Keys as a tool that campaigns and organizations can, and should, use to protect themselves. The advisory also recommends that, when available, campaigns and organizations should enroll users in advanced protection services such as Google Advanced Protection, which leverages FIDO Security Keys as a best practice over other 2FA methodologies to protect workforces from account takeovers related to malicious attacks.

FIDO security keys offer protection against phishing attacks by working as a second, physical factor of authentication and only authenticating when a user is on the correct website. Thus, even if a user is tricked into supplying their password to a phishing website, the physical security key will still block attackers from accessing their account. 

Phishing continues to be a problem and remains one of the most popular means by which cybercriminals obtain data. Embracing FIDO technology is smart politics, and smart policy for those who understand the gravity of the cyber threat. As the election draws near, we’re increasingly seeing foreign agents attempting to infiltrate, influence and disrupt our elections.

As the CISA advisory implies, phishing and other cyber attacks are a critical issue with widespread and damaging implications to U.S. national security. The CISA advisory highlights the importance of locking down email systems, which have become a preferred vector for malicious activity. The CISA recommendations are intended as a preferred method for protecting the 2020 and future political campaigns. 

The post CISA Cites FIDO Authentication to Protect Political Campaigns appeared first on FIDO Alliance.


Hyperledger Foundation

Weekend Update: This Week’s Round-up of Remote Blockchain Learning Resources

Welcome to the Weekend Update. Our goal with this weekly post is to share quick updates about online education, networking and collaboration opportunities and resources for the open source enterprise... The post Weekend Update: This Week’s Round-up of Remote Blockchain Learning Resources appeared first on Hyperledger.

Welcome to the Weekend Update. Our goal with this weekly post is to share quick updates about online education, networking and collaboration opportunities and resources for the open source enterprise blockchain community. 

If you have suggestions for resources or events that we should spotlight in a future Weekend Update, let us know here using #HLWeekendUpdate. 

Webinar: Introduction to Minifabric and How to Use It

Minifabric is the tool to help you set up a Fabric network easily and quickly. It also helps application developers with needed connection profiles and wallets when a Fabric network is up and running. In this talk, Tong Li from IBM will introduce to the audience Minifabric and also demonstrate how to develop go applications using these profiles and monitor the Fabric network using Hyperledger Explorer.

Tune in on Wednesday, September 16, at 10 a.m. EDT. Go here for more information. 

Case Study: CULedger’s MemberPass – a permanent, portable digital identity solution for credit union members

Get the details on how CULedger protects credit unions from fraud with Hyperledger Indy in this new case study.

Blockchain Developer Course en Español 

The Hyperledger Latinoamérica Chapter continues its Spanish language Hyperledger Fabric training course series with sessions this week on digital identity with PKI services on Hyperledger Fabric (September 12) and distributed orderer with RAFT (September 17). 

For more details and the full schedule, go here

Virtual Meetups

Saturday, September 12, at 12:00 UTC / 15:00 EAT: Hyperledger Nairobi hosts “Hyperledger Africa Blockchain Modelling Session: Part II” Saturday, September 12, at 13:00 UTC / 15:00 CEST: Hyperledger Sweden hosts “Online Certification Study Circle” Monday, September 14, at 17:00 UTC / 10:00 PDT: Hyperledger San Francisco hosts “Hyperledger Performance Improvements (demos and discussion)” Wednesday, September 16, at 22:00 UTC / 17:00 CDT: Hyperledger Austin hosts “The Impact of Cryptocurrency Adoption on Government” Friday, September 18, at 12:00 UTC / 17:50 IST: Hyperledger Pune hosts “Blockchain Hype to Production Networks: Global perspective -Local experience”

See the full Virtual Meetup schedule here.

The post Weekend Update: This Week’s Round-up of Remote Blockchain Learning Resources appeared first on Hyperledger.


FIDO Alliance

FIDO Alliance Submits Comments to NIST on Digital Identity Guidelines, Asks for Stronger Differentiation for Phishing-resistant Authentication Tools

In June, NIST put out a call for comments on the next iteration of its Digital Identity Guidelines, SP 800-63-4. We welcomed the opportunity to comment; read our full comments […] The post FIDO Alliance Submits Comments to NIST on Digital Identity Guidelines, Asks for Stronger Differentiation for Phishing-resistant Authentication Tools appeared first on FIDO Alliance.

In June, NIST put out a call for comments on the next iteration of its Digital Identity Guidelines, SP 800-63-4. We welcomed the opportunity to comment; read our full comments in the Government & Public Policy area of the website.

Up front, we note that SP 800-63-3 represented a significant improvement in NIST’s Digital Identity Guidelines, taking a more modern approach to identity proofing, authentication, and federation. That said, technology and threat are both never static, and we are encouraged to see that NIST is embarking on another revision of the document.

In our comments, we make three recommendations for SP 800-63-4:

1. NIST should adjust its approach to AALs to help implementers clearly differentiate between tools that are phishing resistant and those that are not. 

Today, a variety of authenticators based on shared secrets – including Look-Up Secrets, Out-of-Band Devices (i.e., Push), and OTP apps and tokens – are given the same weight in AAL2 as authenticators based on asymmetric public key cryptography, such as FIDO. Given how attackers have caught up with the former, it no longer makes sense to combine  these two types of authenticators under a single designation. Doing so misleads implementers into thinking these two categories of authenticators are equivalent in strength or resiliency. In our comments, we provide NIST with several ideas for how it can adjust the AALs to provide more differentiation between tools that are phishing resistant and those that are not. 

2. NIST should engage with FIDO Alliance to explore other alternatives to enable FIDO authenticators to meet AAL3 requirements

When SP 800-63-3 was first published, it created a path for some FIPS 140 validated FIDO authenticators to meet AAL3 – if those authenticators were deployed in concert with Token Binding to deliver Verifier Impersonation Resistance. Since that time, most major browser vendors have withdrawn support for token binding. Per discussions with NIST, we understand that this means that FIDO authenticators can no longer meet AAL3 without implementing other approaches to mitigate the loss of token binding. As NIST embarks on the next revision of SP 800-63, we urge NIST to engage with FIDO Alliance to explore other alternatives to enable FIDO authenticators to meet AAL3 requirements.

3. Provide more direct references to FIDO

SP 800-63B describes Requirements by Authenticator Type but is inconsistent in how it points to standards that support that type. This has created some confusion in the marketplace when implementers consult SP 800-63B and see reference to standards like OTP and PKI but do not see any specific reference to FIDO. In our comments, we offer three suggestions for how the guidance can directly reference FIDO so that implementers have a clearer understanding of where FIDO fits in and supports the requirements. 

We greatly appreciate NIST’s consideration of our comments and look forward to ongoing dialogue and collaboration as they seek to update the Digital Identity Guidance.

The post FIDO Alliance Submits Comments to NIST on Digital Identity Guidelines, Asks for Stronger Differentiation for Phishing-resistant Authentication Tools appeared first on FIDO Alliance.


One World Identity

Face the Facts: Friday Dealbook for 9/11/2020

Facial biometric technology is one of the hottest and most controversial tech topics of the year. From protests and policing, to payments and travel, to lawsuits and city-wide bans, facial biometrics and facial recognition have taken the world by storm, for good or otherwise. Our deals this week also reflect the rampant interest in this … Face the Facts: Friday Dealbook for 9/11/2020 Read More

Facial biometric technology is one of the hottest and most controversial tech topics of the year. From protests and policing, to payments and travel, to lawsuits and city-wide bans, facial biometrics and facial recognition have taken the world by storm, for good or otherwise. Our deals this week also reflect the rampant interest in this technology, with AnyVision and Wee Digital bringing in more than $44 million collectively for their facial recognition-based services. 

 

What are your thoughts on the use of facial recognition? Is more government oversight needed, or are we sleeping on a valuable opportunity? 

If you are interested in learning more about these deals and deals like them, let’s talk.

 

The Top Deals Covered by OWI this Week

 

Sumsub \ sumsub.com \ Founded in 2015

Developer of an identity verification platform intended to speed up verification, reduce costs, and detect digital fraud. The company’s platform is an artificial intelligence-based identity verification and compliance risk management toolkit that automates identity verification and translates the organization’s AML policy into automated digital workflows, enabling clients to make identity verification and background checks within a minute for conversation rates of up to 97%.

The company raised $6 million of Series A venture funding in a deal led by MetaQuotes Software on September 8, 2020. Flint Capital and Ilia Perekopsky also participated in the round. The funding raised will be used to further develop its products, expand into new markets, and grow its enterprise customer base.

 

AnyVision \ anyvision.co \ Founded in 2015

Developer of a facial recognition technology designed to shape the future of AI. The company’s technology analyzes face recognition results with an open-source intelligence dashboard based on a social network database and reveals contacts, collaborators, and insights about the given target, thereby enabling businesses to get an advanced object and facial recognition technology integrated with their cameras.

The company raised $43 million of Series B venture funding from Qualcomm Ventures, Robert Bosch, and Lightspeed Venture Partners on September 3, 2020. DFJ Growth, O.G. Tech Ventures, Eldridge Industries, and other undisclosed investors also participated in the round. The funds will be used to scale its touchless access control and remote authentication products. 

 

Wee Digital \ weedigital.vn \ Founded in 2016

Developer of face recognition technology designed to offer digital banking experience. The company’s platform offers biometric technology for financial institutions on mobility and digitalization in order to shape the future banking and payment landscape, enabling clients to change micro- transaction behavior and move towards a cashless society.

The company announced a seven-digit funding round on September 8, 2020 from InterVest and existing backer VinaCapital Ventures. The company said it looks to use the fresh capital to expand in the market and to further develop products and services across the financial services sector in Vietnam.

 

Investor Highlight

Flint Capital \ flintcap.com \ Founded in 2013

Founded in 2013, Flint Capital is a venture capital firm based in Cambridge, Massachusetts. The firm seeks to invest in companies operating in consumer internet, mobile, health tech, fintech, cybersecurity and enterprise software sectors.

Active Portfolio – 33

Investments (TTM) – 11

Med. Round Amount – $6.00M

Med. Valuation – $27.96M

# of Exits – 14

 

Cyolo

Mitiga

Socure

Sumsub

 

Join our next monthly Investing in Identity Digital Forum on September 29th, for a deep dive into investing in identity.

The post Face the Facts: Friday Dealbook for 9/11/2020 appeared first on One World Identity.

Thursday, 10. September 2020

Digital ID for Canadians

Spotlight on Celero

1. What is the mission and vision of Celero? Our vision is to be a leading provider of technology solutions to the financial industry that……

1. What is the mission and vision of Celero?

Our vision is to be a leading provider of technology solutions to the financial industry that…

Others aspire to be People want to work for Clients know they can rely upon.

Celero is realizing this vision is by delivering a digital technology, integration and payments ecosystem to credit unions and financial institutions across Canada. This is accomplished through an innovative mindset, commitment to delivery, strong external partnerships and an unrelenting focus on reliability and security.

2. Why is trustworthy digital identity critical for existing and emerging markets?

As a provider of technology solutions to credit unions, we recognize the growing expectation our clients face from their members who demand convenience, innovation and robust security in every financial experience.

Digital identity is the mechanism to enable our clients to secure their members’ trust as they serve them in an increasingly digital world. Beyond that, digital identity can be an enabling force for Canadians who are unbanked or underbanked. We believe in supporting the financial health of our customers’ customers and recognize that authentication of identity is a means for a more financially inclusive Canada.

Overall, Celero recognizes we have a critical role to play in enabling our clients to build trusted and lasting relationships with their current and future members through a trusted digital identity framework.

3. How will digital identity transform the Canadian and global economy? How does Celero address challenges associated with this transformation?

To protect consumers, organizations put safety measures in place that can also cause constraints on convenience. This has been an ongoing challenge for financial institutions, and today’s ‘on-demand’ culture has served to spotlight these issues.

A trusted digital identity framework for Canada will provide a backbone of security in convenient transactions – removing barriers, streamlining service delivery, and strengthening national and global economies.

Celero can help shape the framework with a  credit union perspective and can seek out the potential use cases and applications that can benefit our clients and their members and contribute to the DIACC’s goals through our expertise in financial technology and cyber security.

For instance, the Celero Xchange™ digital integration ecosystem platform enables financial institutions to seamlessly connect their secure platforms, such as their core banking system, to fintech applications – without the complexity of managing different standards for sharing data between products and partners.

Authenticating and authorizing a credit union member without compromising the security while maintaining a seamless member user experience is a key component of our platform and value proposition.

4. What role does Canada have to play as a leader in the space?

Canada has a growing fintech industry that is constantly seeking new ways to address digital innovation challenges and better serve consumers. The industry is becoming internationally recognized, and that expertise can serve Canada well in shaping a world-class digital identity framework that sets the standard for other countries to follow.

5. Why did Celero Solutions join the DIACC?

Our goal in joining the DIACC is to participate in driving forward solutions for digital identity trust in Canada, while obtaining new insights to apply with our clients in offering their members security, flexibility and convenience in a digital first society.

Wednesday, 09. September 2020

Oasis Open

OSLC Quality Management Version 2.1 from the #OSLC Open Project is approved as our first Project Specification

Tuesday, 08. September 2020

Me2B Alliance

Re: Selling personal data -- an experiment

Hi James, I think that particular one is around complexity. They know that they cannot serve the needs of those looking for complex products very well with only a single white box to fill in. So they make more money by doing that hand-off to someone who is more geared up to do so. Google have dabbled in the space over the years with various ‘offers’ services or comparison shopping but they are n
Hi James, I think that particular one is around complexity. They know that they cannot serve the needs of those looking for complex products very well with only a single white box to fill in. So they make more money by doing that hand-off to someone who is more geared up to do so.
Google have dabbled in the space over the years with various ‘offers’ services or comparison shopping but they are not as yet that big in those areas.
Iain


Hyperledger Foundation

CULedger’s MemberPass™ delivers fraud protection for credit unions and their members using Hyperledger Indy

How many times have you answered, “What’s your mother’s maiden name?” or named your first pet when setting up a new account? Today, those common knowledge-based authentication questions have become... The post CULedger’s MemberPass™ delivers fraud protection for credit unions and their members using Hyperledger Indy appeared first on Hyperledger.

How many times have you answered, “What’s your mother’s maiden name?” or named your first pet when setting up a new account? Today, those common knowledge-based authentication questions have become the most vulnerable forms of customer identification as financial institutions are being increasingly hit by fraudsters in the call center.

CULedger, a credit union service organization (CUSO) that began when a group of credit unions came together in 2016 as a direct response to the increasing threat of fraud, took up the challenge of improving the member identity authentication process across all delivery channels. CULedger was formed specifically to bring a decentralized identity solution product for credit unions to market. Hence MemberPass—a digital identity credential held by credit union members that protects credit unions and their members from identity theft and fraud in all financial interactions, from call center authentication to lending to opening new accounts—was born.

CULedger worked with decentralized identity organization, Evernym, to build MemberPass (formerly called MyCUID) with Hyperledger Indy—a distributed ledger software project that is interoperable with other blockchains or can be used on its own to power the decentralization of identity. With Hyperledger Indy at its core, MemberPass serves as a permanent and portable digital identity that reduces member friction and injects more trust in digital interactions within credit unions.

During a pilot program with three credit unions in 2019, initial results for MemberPass were promising. Whereas authentication in the call center could take anywhere from 90 to 120 seconds—or sometimes even up to five minutes depending on the transaction—MemberPass reduced that process down to 15 seconds or less.

There are now thousands of MemberPass credentials in live production, with the expectation that number will grow year after year as the focus shifts to scaling and evolving the network. Credit unions recognized the advantages of MemberPass from the get-go and are looking to get more of their members using the digital identity credential. One participating credit union is working with CULedger on a strategy for issuing new MemberPass accounts inside its branch locations as part of their new member onboarding process. Other credit unions have expressed interest in implementing MemberPass in its Internet banking channel and its mobile banking channel. More use cases are being defined as more credit unions begin to understand the power of this privacy-enhancing technology.

Hyperledger teamed up with CULedger to capture the details behind the launch of MemberPass as well as steps that are underway to grow adoption and interoperability. Find out more in the full case study.

The post CULedger’s MemberPass™ delivers fraud protection for credit unions and their members using Hyperledger Indy appeared first on Hyperledger.


Me2B Alliance

Re: Selling personal data -- an experiment

@Iain and others – why do you think that the big players (Google, Facebook etc.) are not (yet) doing too much in those spaces and leave quite some money on the table for intermediaries? Reputational concerns, regulatory concerns, complexity…?     From: <main@Me2BAlliance.groups.io> on behalf of "Iain Henderson via groups.io" <iain.henderson@...> Reply to: "main@Me2BAllia

@Iain and others – why do you think that the big players (Google, Facebook etc.) are not (yet) doing too much in those spaces and leave quite some money on the table for intermediaries? Reputational concerns, regulatory concerns, complexity…?

 

 

From: <main@Me2BAlliance.groups.io> on behalf of "Iain Henderson via groups.io" <iain.henderson@...>
Reply to: "main@Me2BAlliance.groups.io" <main@Me2BAlliance.groups.io>
Date: Saturday, 25 July 2020 at 20:45
To: "main@Me2BAlliance.groups.io" <main@Me2BAlliance.groups.io>
Subject: Re: [Me2BAlliance] Selling personal data -- an experiment

 

Agreed James, although I suspect the steady state for ‘considered purchases’ won’t need/ benefit from intermediaries. Individuals (demand) will have standardised API’s as will the manufacturers, distributors and retailers (supply).

 

If you look at considered purchases in more detail, Google, Facebook and Amazon don’t actually try to do too much in those spaces other than hand off to sector level experts after the search phase. For example, if you do a google search for ’new car’ you get intermediaries at the top of the list as below. Behind the scenes the manufacturers are happy to let the intermediaries separate the wheat from the chaff (unless the search mentions them specifically).

 

Iain

 



Monday, 07. September 2020

Me2B Alliance

No Alliance call today

Hi Friends,   A friendly reminder that this month is a webinar month, which will be next Monday in light of the holiday in the US.      So no monthly meeting or webinar today.  Enjoy your week!   Lisa

Hi Friends,

 

A friendly reminder that this month is a webinar month, which will be next Monday in light of the holiday in the US.   

 

So no monthly meeting or webinar today.  Enjoy your week!

 

Lisa


WomenInIdentity

Launching our Singapore chapter

Local Ambassador, Helen Chua, gives a round-up of the latest WiD launch on August 28th 2020 There has been much discussion of the role of digital identity since the pandemic.… The post Launching our Singapore chapter appeared first on Women in Identity.
Local Ambassador, Helen Chua, gives a round-up of the latest WiD launch on August 28th 2020

There has been much discussion of the role of digital identity since the pandemic. Most countries have experienced lockdowns and are now looking to digitise many traditional services.

In Singapore, the pandemic clearly highlighted the digital divide. While much has already been done to fill the gap, there is still more to do. This was a key point made by Minister Indranee, the keynote speaker at our recent webinar.

She explained that the Singapore government’s enduring vision is to have a fair and just society where everyone has equal opportunity to fulfill their dreams. But, like many countries, social divisions have widened during COVID-19.

The launch of the WiD Singapore chapter is a timely one as it emphasizes the importance of digitalisation and digital identity.  The Minister believes that, in order to encourage women into careers in these areas, we have to start educating young girls to the benefits and opportunities of STEM subjects.

Ms Rama Sridhar, EVP at Mastercard, highlighted that the establishment of WiD will further encourage women to participate as subject matter experts around various aspects of technology. It is one of WiD’s core objectives to encourage and support women into leadership roles.

The establishment of WiD will further encourage women to participate in speaking as subject matter experts around various domains of technology.

Rama Sridhar, EVP at Mastercard

Personally, I am very excited about the role that WiD can play in Singapore, promoting digital identity and digital inclusion. Digital identity empowers every business and individual to reach their full potential.  This is just the beginning of our journey as the Singapore chapter and we really want to reach out to more Singaporeans to elevate, inspire and support women in their STEM careers.

Join us now at https://womeninidentity.org/become-a-member/ #ForAllByAll

The post Launching our Singapore chapter appeared first on Women in Identity.

Sunday, 06. September 2020

Me2B Alliance

Re: Local First

(Maybe safe to say that all 7 principles are a matter of opinion.)   The preference of keeping stuff local—I gotta think that’s allowed.  Maybe safe to say the principles need more contextual nuance.   And yeah, “ownership” is problematic.  BTW, I’ve been reading Sandra Petronio’s Communication Privacy Management  Theory and she makes clear that as soon as you discl

(Maybe safe to say that all 7 principles are a matter of opinion.)

 

The preference of keeping stuff local—I gotta think that’s allowed.  Maybe safe to say the principles need more contextual nuance.

 

And yeah, “ownership” is problematic.  BTW, I’ve been reading Sandra Petronio’s Communication Privacy Management  Theory and she makes clear that as soon as you disclose something, it becomes co-owned by both you and the confidant—as are the boundary management rules.  I’m finding CPM to be incredibly rich and relevant to thinking about information sharing and management (h/t to John Wunderlich for the suggestion months ago).

 

Lisa

 

Friday, 04. September 2020

Hyperledger Foundation

Weekend Update: This Week’s Round-up of Remote Blockchain Learning Resources

Welcome to the Weekend Update. Our goal with this weekly post is to share quick updates about online education, networking and collaboration opportunities and resources for the open source enterprise... The post Weekend Update: This Week’s Round-up of Remote Blockchain Learning Resources appeared first on Hyperledger.

Welcome to the Weekend Update. Our goal with this weekly post is to share quick updates about online education, networking and collaboration opportunities and resources for the open source enterprise blockchain community. 

If you have suggestions for resources or events that we should spotlight in a future Weekend Update, let us know here using #HLWeekendUpdate.

Climate Action and Accounting SIG Discussion: Designing out Waste and Pollution with Blockchain

All are welcome to join Carsten Stöcker of Spherity GmbH for a presentation and discussion on  designing out waste and pollution and using blockchain to create a system for full disclosure and accounting of emissions. The talk is presented by the Hyperledger Action and Accounting Special Interest Group (SIG). 

Tune in on Tuesday, September 8, at 8 a.m. PDT. Go here for more information. 

/dev/weekly newsletter

Sign up to receive the latest Hyperledger technical news and updates via a new weekly developer newsletter: https://hyperledger.org/developer-news

Blockchain Developer Course en Español 

The Hyperledger Latinoamérica Chapter continues its Spanish language Hyperledger Fabric training course series with sessions this week on API Rest with NODEJS (September 5) and specific blockchain and Fabric concepts (September 10). 

For more details and the full schedule, go here

Virtual Meetups

Saturday, September 5, at 13:00 UTC / 15:00 CEST: Hyperledger Sweden hosts “Online Certification Study Circle” Tuesday, September 8, at 9:30 UTC / 15:00 IST: Hyperledger Gwalior hosts “Let’s Talk about Hyperledger” Wednesday, September 9, at 16:00 UTC / 12:00 EDT: Hyperledger Boston hosts “Indicio.tech – Identity Blockchain leveraging Indy, Aries”

See the full Virtual Meetup schedule here

The post Weekend Update: This Week’s Round-up of Remote Blockchain Learning Resources appeared first on Hyperledger.

Thursday, 03. September 2020

OpenID

The eKYC & IDA Working Group Welcomes the Proposal of the European Commission to Extend the Scope of eIDAS Trust Services

The eKYC and Identity Assurance Working Group (eKYC & IDA WG) of the OpenID Foundation welcomes the proposal of the Commission to extend the scope of eIDAS trust services by introducing a new trust service for identification, authentication and for the provision of attributes, credentials and attestations and allowing the provision of identification for devices […] The post The eKYC & ID

The eKYC and Identity Assurance Working Group (eKYC & IDA WG) of the OpenID Foundation welcomes the proposal of the Commission to extend the scope of eIDAS trust services by introducing a new trust service for identification, authentication and for the provision of attributes, credentials and attestations and allowing the provision of identification for devices (Option 2 in the EC Revision of the eIDAS Inception Impact Assessment). This will allow companies operating identity solutions to contribute to securing digital transactions across the EU.

The eKYC & IDA WG is a dedicated working group of the OpenID Foundation (the technical standardisation body specifying OpenID Connect and accompanying extensions). The OpenID Foundation delivers specifications for interfaces that enable interoperability between implementations, and the eKYC and Identity Assurance Working Group is focusing on use cases and extensions to OpenID Connect for communicating strong identity assurance. (https://openid.net/wg/ekyc-ida/).

Most commercial identity providers have built their solutions on OpenID Connect because of its strong support for mobile platforms, ease of integration, formally proven security, and the ability to have users explicitly consent. Billions of transactions are performed every day using OpenID Connect. A significant number of identity providers, e.g. financial institutions or telecommunications operators, are also able to assert digital identities on a level comparable to eIDAS trust level substantial or high. A significant number of relying parties and their developers are familiar with OpenID Connect as it is used for Open Banking as well as their own use cases. In order to leverage the respective digital identities for the EU Single Market, we recommend the commission to endorse OpenID Connect beside SAML (which was already endorsed under Implementing Act 2015/1501) as a technical standard for eIDAS.

We would also like to mention that several Identity Providers provide access to government issued identities via OpenID Connect and even eID systems use OpenID Connect, namely itsme (Belgium), BankID (Norway, Sweden, & Finland), and France Connect (France). We think this is a strong evidence that OpenID Connect could facilitate the implementation of all options given in the inception impact assessment document.

We also know that most commercial identity providers provide a mixture of attributes maintained according to different trust frameworks and at different trust levels (just think of name vs eMail address) and even self asserted attributes for the same identity. Technical standards utilised to implement the updated eIDAS regulation should consider and support such use cases by providing a clear delineation between identity attributes verified and maintained according to different trust frameworks as well as accompanying metadata about sources, validation process, and trust level (https://www.slideshare.net/TorstenLodderstedt/identity-assurance-with-openid-connect).

The commission might also want to consider use cases where the digital identity of EU citizens is used beyond the boundaries of the EU. The eKYC working group focuses on an international standard that is relevant to many jurisdictions with representatives from Japan, Australia, UK, US, France, Czech, and Germany. In our experience, international use cases increase the requirement for dedicated representation of the aforementioned metadata in the technical standard for attribute provisioning in order to allow the relying party to process identity data in a robust fashion.

Since the consultation paper mentions blockchain based identity solutions, we would like to point out that technical diversity in implementations is of utmost importance for innovations. However, adoption across member states and services requires technical interoperability. That’s why there is also work under way to provide a bridge between blockchain based identity solutions and relying parties via the mature and simple integration with OpenID Connect standard.

As subject matter experts in digital identity, we are thrilled with the direction eIDAS is taking and are more than happy to offer our advice in the course of targeted stakeholder interviews.

The post The eKYC & IDA Working Group Welcomes the Proposal of the European Commission to Extend the Scope of eIDAS Trust Services first appeared on OpenID.


Digital ID for Canadians

Spotlight on Vlinder

1. What’s your organization’s mission and vision? Based in the United States and India, Vlinder’s vision is to enable an inclusive and sustainable ecosystem, with…

1. What’s your organization’s mission and vision?

Based in the United States and India, Vlinder’s vision is to enable an inclusive and sustainable ecosystem, with trust as the underpinning foundation.

Vlinder platforms are built harnessing new-gen technologies including blockchain, IoT and artificial intelligence to foster inclusion and sustainability within the ecosystem. 

Vlinder platform offerings are focused on helping private and public enterprises working towards the seventeen United Nations Sustainable Development Goals

2. How will digital identity transform the Canadian and global economy?

Globally, there are 1 billion people without proper identification, which equates to roughly one seventh of the world’s population. This population typically includes low income and vulnerable groups including women and girls, migrants, refugees, individuals with disabilities, and indigenous populations.

Not having access to proper ID restricts these vulnerable populations in obtaining basic essential services such as health, education, and financial services. 

ID is a foundational element that is a direct and indirect enabler of the United Nations Sustainable Development Goals, including:

Access to finance Gender equality and empowerment Access to basic health and education Child protection Social protection Labour Markets

Building an inclusive sustainable ecosystem will not only better the lives of vulnerable populations, but will also help improve the global economy as more people will be contributing. 

3. How does your organization address the needs of this transformation?

Vlinder has built a decentralized ID platform, Klefki, which enables citizens to:

Own their identity. Accept credentials from issuers and store them securely in mobile wallets. Share credentials with verifiers using consent on demand. Disclose selective details of credentials, as opposed to sensitive data.

Enables issuers to:

Issue credentials directly to the users wallet. View all the credentials issued.

Enables verifiers to:

Verify credentials with citizens directly.

Our platform is being piloted in various countries, and is focused on bringing trust and inclusion to the broader population, while enabling the existing system to be more efficient. 

4. What role does Canada have as a leader in the space?

All countries have a role to play in accelerating progress towards the United Nations Sustainable Development Goals. Canada is a leader in technology and with a progressive mindset is well positioned not only to transform the ID (and peripheral) ecosystem within the country, but to bring change and transformation to the world. 

Any transformation led by Canada will be seen by the world and developing economies as a reference model for adoption. 

5. Why did your organization join DIACC and what else should we know about your organization?

Vlinder joined DIACC to participate and contribute to an important initiative, which is not only transformational for the Canadian population, but to the rest of the world. 

Wednesday, 02. September 2020

Hyperledger Foundation

Hyperledger for the Blockchain Skeptic

As an enterprise software developer, I’m used to thinking about solving real world business problems. So, naturally, I was pretty skeptical of bitcoin and the blockchain when I first heard about... The post Hyperledger for the Blockchain Skeptic appeared first on Hyperledger.

As an enterprise software developer, I’m used to thinking about solving real world business problems. So, naturally, I was pretty skeptical of bitcoin and the blockchain when I first heard about it.  

Yet the idea of a “distributed ledger” kept tugging at me. Since all the apps we’ve built, from ERP to CRM to e-commerce, revolved around a ledger of transactions, what could a global, distributed ledger allow us to build?  

It took me three years of off-and-on studying and a few very smart people to finally make me realize that the blockchain, or distributed ledger technologies (DLTs), is just a small step from what we’re already used to. But that little step could unlock a new world of possibilities.  

In this post, let me address some of the common skepticism I’ve encountered as part of the Hyperledger Climate Action and Accounting Special Interest Group. Then in a follow-up post, I’ll show you why I believe climate change is the killer app for the blockchain.

I Don’t Need a Blockchain

Are you sure? Because you’ve probably already started building a few.  

With enterprise software, we often have to prove that the data we’re using is authentic. So how would you assure someone that the data you’re using has not been altered or tampered with?  You know that the data provider might change its API or the data you get from it, so 

Did you make a local copy of the data you got?   Did you record the date and time you got it?   Did you record a hash of the data, so it could be compared with the data you used for your application?   Did you store archival copies of the data and the hash so that you could prove that they are all correct?   Did you store multiple copies just to be sure?

If so, then you’ve built much of what goes into a blockchain or distributed ledger. A blockchain is really a protocol to store data across multiple nodes while assuring their consistency. It follows all the steps outlined above, plus a few more, to make sure that once stored, data cannot be lost or altered.  

So if you’ve already been building your own “distributed” data records, then you obviously need what the blockchain offers. It addresses many of the pain points of data integration that we deal with every day in enterprise software.  

The advantages of an open source blockchain platform such as Hyperledger Fabric or Hyperledger Sawtooth, compared to a homegrown solution, are many: Most obviously, there is security and scalability of a developed solution. Then there is the support for the “unknown unknowns,” use cases you may not realize exist but would surface over time. Finally, there’s the chance to work with some very smart people and learn more about this emerging technology.

Databases Are Faster than Blockchains

This is certainly true, and nobody would suggest that you replace your database with a blockchain. The two have different but very complementary uses.

Databases are great for fast read and write access of data within an organization. Blockchains are great for making sure data is stored immutably, so that its authenticity could be proven across multiple organizations.  

Another way to think about it is that databases are for building applications, while blockchains are for building collaboration.

There Are too Many Competing Blockchains for Me to Use Them Now

This probably stems from confusing blockchain with Bitcoin, just like people once confused Compuserve or AOL with the internet.  

Remember that blockchain is a technology, while Bitcoin is a protocol and a cryptocurrency implemented with blockchain. There will always be many different protocols, cryptocurrencies, and frameworks implemented with blockchain technologies, just like there were many different websites implemented on the internet.  

Blockchains are Too Energy Intensive and Bad for the Environment

I get this from climate activists, some of whom actually got angry when I mentioned the blockchain.  Again, this stems from confusing blockchain with Bitcoin, Ethereum, and other implementations of the blockchain.

The early blockchain protocols such as Bitcoin and Ethereum used proof-of-work consensus mechanisms, which required a lot of energy-intensive “mining” of cryptographic puzzles. Their  creators probably never imagined them to become as popular as they did, or that they would consume as much energy as whole countries.

Fortunately, we’re all moving away from proof-of-work because it is so energy intensive and simply slow. Hyperledger Fabric, for example, is both fast and energy efficient because it does not use proof-of-work.

Blockchains are Too Immature Right Now

This may have been true five years ago but is definitely not true any more.  There are plenty of blockchain applications — Bitcoin, Ethereum, Compound to name a few — that have billions of dollars of stored value. On the enterprise side, Hyperledger platforms have been used in production for a range of interesting use cases for a while now.

The field will continue to evolve, but, as a whole, blockchain has probably reached the level of maturity of the internet around when Amazon got started, if not further.

There is No Killer App for Blockchain

Which brings us back to the original question: What could a global, distributed ledger allow us to build?

I believe it would allow us to create collaboration on an unprecedented scale, across traditional national and industry boundaries and over long time horizons. And there’s no use case better suited, or more urgent, than climate change. Stay tuned.

About the author
Si Chen has been developing open source enterprise software since 2005.  He is a part of the Hyperledger Climate Action and Accounting Special Interest Group, which is working on using Hyperledger and blockchain to solve the climate change problem. 

Cover image: https://www.needpix.com/photo/1214471/blockchain-block-chain-technology-computer-symbol-network-connection-web

The post Hyperledger for the Blockchain Skeptic appeared first on Hyperledger.


Me2B Alliance

Re: Ethisphere

From the FAQ: The self-reported scores are combined with the qualitative assessment of an applicant company’s supplemental documentation and independent research to produce a final EQ score. It looks like it’s primarily qualitative and based on a risk assessment process that is similar to one we used to do when I was at Price Waterhouse years ago. Noreen
From the FAQ: The self-reported scores are combined with the qualitative assessment of an applicant company’s supplemental documentation and independent research to produce a final EQ score.

It looks like it’s primarily qualitative and based on a risk assessment process that is similar to one we used to do when I was at Price Waterhouse years ago.
Noreen


Decentralized Identity Foundation

Presentation Exchange: A Leap Toward Interoperability for the Decentralized Identity Ecosystem

Photo by 🇨🇭 Claudio Schwarz | @purzlbaum on Unsplash The decentralized identity ecosystem is on its inevitable path toward widespread adoption and meaningful use. There are a growing number of interpretations and implementations of various decentralized standards. These standards are at different stages in their development lifecycles, harmonizing gradually. As a result, there are lots of data
Photo by 🇨🇭 Claudio Schwarz | @purzlbaum on Unsplash

The decentralized identity ecosystem is on its inevitable path toward widespread adoption and meaningful use. There are a growing number of interpretations and implementations of various decentralized standards. These standards are at different stages in their development lifecycles, harmonizing gradually. As a result, there are lots of data, from lots of sources, that, without a little planning, won’t play nicely with other data. It is exciting to see the enthusiasm around the standards we know and love and to watch the proliferation of verifiable and portable data. With implementation boundaries as a hindrance, data interoperability will continue to be difficult. We could lose much utility and portability of the data. Luckily, in the midst of this excitement, a great opportunity presents itself: to forge bridges between data islands and promote the cross-pollination of methodologies for generating and exchanging verifiable data. Enter: the Presentation Exchange specification.

The Claims & Credentials working group has been hard at work on the Presentation Exchange specification for months. The effort, starting in January 2020, began to provide a solution to the question, “How should we request and exchange credentials across implementations and systems?” Though a few solutions have been proposed before, none have been as inclusive in the data model and transport agnosticism, or able to attract broad adoption, as Presentation Exchange. The working group is working towards the first release — at the time of writing, we have made over 100 commits and closed 37 GitHub issues.

The specification prides itself on its adaptability, aiming to be “both credential format and transport envelope agnostic, meaning an implementer can use JWTs, VCs, JWT-VCs, or any other credential format, and convey them via OIDC, DIDComm, CHAPI, or any other transport envelope.” At the same time, Presentation Exchange has garnered the interest and support of many key-players throughout the ecosystem, a step crucial to fulfilling the ambitions of the specification.

You may be wondering, what’s up with the title? Isn’t interoperability much broader than sharing credentials? Yes! Absolutely. Sharing credentials is only part of interoperability. Universal wallets, secure data storage, transports, identifiers, DIDComm, and so many more pieces are paramount to thriving in an interoperable, decentralized ecosystem. At the heart of many of these interactions, we find ourselves exchanging verifiable data. By driving a standardized method for requesting and returning verifiable data, which adapts to many data models and functional use cases, we cross an important threshold in making interoperability possible. Without working software to back up the specification, it is merely an interesting idea. We need to go further — to make it an interesting reality.

Recognizing how important the Presentation Exchange spec and reference implementations could be for accelerating real interoperability and healthy competition, we, on the Workday Credentials team, are involved in the specification’s development and are investing significantly in one of its first demonstrable implementations. Workday has been a very active member of DIF since 2019. Our interests lie across the DIF stack, with a focus on standards compliance, affording us opportunities to interoperate with community members and standards adopters alike. Towards that end, we have open-sourced much of our code and specifications relating to decentralized identity. For Presentation Exchange, we have recently pushed a Golang representation of the object model that can be useful in building and validating presentation definitions, submissions, and verifiable presentations (as defined by the W3C standards). We are building out more Presentation Exchange logic that we plan to open source in the coming months. We intend to adopt Presentation Exchange at Workday as we gain confidence in the specification and its other implementations. We are considering different ways Presentation Exchange can be useful in interoperating with verifiable data that does not originate on our platform.

We are looking forward to seeing others contribute reference implementations in other languages and we encourage you to consider contributing to Presentation Exchange and DIF! For more information, please reach out to DIF, or jump in on the public GitHub. To join DIF and contribute directly to the Presentation Exchange specification or implementations, visit here. And for an overview of the design process and goals of the project in video form, see this recording from DIF Virtual Face to Face Meeting in June 2020 (P.E. segment starts at 3.00):

Presentation Exchange: A Leap Toward Interoperability for the Decentralized Identity Ecosystem was originally published in Decentralized Identity Foundation on Medium, where people are continuing the conversation by highlighting and responding to this story.

Tuesday, 01. September 2020

Me2B Alliance

Re: Ethisphere

Agreed.  That’s why I think it will be interesting to see how their companies do on our certification—i.e. several will fail.   Lisa  

Agreed.  That’s why I think it will be interesting to see how their companies do on our certification—i.e. several will fail.

 

Lisa

 


Re: Ethisphere

I concur with this assessment. Regards, Sheryl  M:703.855.1208
I concur with this assessment.
Regards, Sheryl 
M:703.855.1208

Re: Ethisphere

it struck me as a curious collection of companies - with some I would have thought would have been included - not … so i looked further ... https://www.worldsmostethicalcompanies.com/application-process/ this suggests that unless you actually apply - you wont be considered - much less appear …. not something that i think is a good benchmark for Me2B /J
it struck me as a curious collection of companies - with some I would have thought would have been included - not … so i looked further ...
https://www.worldsmostethicalcompanies.com/application-process/
this suggests that unless you actually apply - you wont be considered - much less appear ….
not something that i think is a good benchmark for Me2B
/J




Ethisphere

Hi friends,   Found this whilst looking for something else:  https://www.worldsmostethicalcompanies.com/honorees/    It will be interesting to see how our testing results relate.   Lisa

Hi friends,

 

Found this whilst looking for something else:  https://www.worldsmostethicalcompanies.com/honorees/ 

 

It will be interesting to see how our testing results relate.

 

Lisa


Re: Local First

Some of the ideals they state are a matter of opinion (what if my privacy choice is to “trap” photos or messages on the single device where I captured them?), or dependent on the type of service (what about services that can’t function without a connection?), or specified at different levels of detail (The Long Now??). Also, “ownership” is still a fraught concept. Not to be picky, but... Eve Mal
Some of the ideals they state are a matter of opinion (what if my privacy choice is to “trap” photos or messages on the single device where I captured them?), or dependent on the type of service (what about services that can’t function without a connection?), or specified at different levels of detail (The Long Now??). Also, “ownership” is still a fraught concept. Not to be picky, but...

Eve Maler (sent from my iPad) | cell +1 425 345 6756

Monday, 31. August 2020

Me2B Alliance

Local First

Hi friends,   I shared this in the Certification WG last week and thought it was worth sharing with the whole mail list:  https://www.inkandswitch.com/local-first.html   The principles in “local first” align well with Me2B principles—perhaps something we can consider in our certification.      Also interesting to note that this was published over a year ago.

Hi friends,

 

I shared this in the Certification WG last week and thought it was worth sharing with the whole mail list:  https://www.inkandswitch.com/local-first.html

 

The principles in “local first” align well with Me2B principles—perhaps something we can consider in our certification.   

 

Also interesting to note that this was published over a year ago.

Lisa

 

 


Oasis Open

Invitation to comment on Security Playbooks v1.0 - ends Sept. 30th


One World Identity

Airside: Privacy in an Information Sharing World

Airside Chief Commercial Officer Jessica Patel joins State of Identity to discuss the history of their groundbreaking mobile passport app, how different industry verticals are coping with the identity impact of the COVID-19 crisis, and the key considerations that went into building Airside’s new mobile identity platform. Host: Cameron D’Ambrosi:  Principal, OWI Linkedin Twitter Guest: … A

Airside Chief Commercial Officer Jessica Patel joins State of Identity to discuss the history of their groundbreaking mobile passport app, how different industry verticals are coping with the identity impact of the COVID-19 crisis, and the key considerations that went into building Airside’s new mobile identity platform.

Host:
Cameron D’Ambrosi:  Principal, OWI
Linkedin
Twitter

Guest:
Jessica Patel: Chief Commercial Officer, Airside
Linkedin

Links:
State of Identity Listener Survey
Airside

The post Airside: Privacy in an Information Sharing World appeared first on One World Identity.


Adara: Predictive Traveller Intelligence

Adara COO Frank Teruel and VP of Partner Development Nguyen Nguyen join State of Identity to share their respective paths to the digital identity field, how the industry has transformed over the past ten years, discuss the foundation of reliable identity data, and unpack the implications of COVID-19 for IDV and fraud prevention in the … Adara: Predictive Traveller Intelligence Read More » Th

Adara COO Frank Teruel and VP of Partner Development Nguyen Nguyen join State of Identity to share their respective paths to the digital identity field, how the industry has transformed over the past ten years, discuss the foundation of reliable identity data, and unpack the implications of COVID-19 for IDV and fraud prevention in the travel industry.

Host:
Cameron D’Ambrosi:  Principal, OWI
Linkedin
Twitter

Guests:
Frank Teruel: Chief Operating Officer, Adara
Linkedin

Nguyen Nguyen: VP, Partner Development & Technical Services, Adara
Linkedin

Links:
State of Identity Listener Survey
Adara

The post Adara: Predictive Traveller Intelligence appeared first on One World Identity.

Sunday, 30. August 2020

One World Identity

Ockam: Architecture for Trust

Ockam Founder & CEO Matthew Gregory joins State of Identity to share how America’s Cup sailing yachts were the inspiration for founding his startup, the critical intersectionality between cryptographic security and digital identity applications, and his predictions for the future of connected devices. Host: Cameron D’Ambrosi:  Principal, OWI Linkedin Twitter Guest: Matthew Gregory: Founde

Ockam Founder & CEO Matthew Gregory joins State of Identity to share how America’s Cup sailing yachts were the inspiration for founding his startup, the critical intersectionality between cryptographic security and digital identity applications, and his predictions for the future of connected devices.

Host:
Cameron D’Ambrosi:  Principal, OWI
Linkedin
Twitter

Guest:
Matthew Gregory: Founder & CEO, Ockam
Linkedin

Links:
State of Identity Listener Survey
Ockam

The post Ockam: Architecture for Trust appeared first on One World Identity.


Incognia: Location-Based Behavioral Biometrics

Incognia Founder & CEO André Ferraz joins State of Identity to discuss his childhood interest in cybersecurity, how anonymized location data to can be leveraged to increase account security, and the impact he’s seeing from COVID-19 when it comes to digital transactions. Host: Cameron D’Ambrosi:  Principal, OWI Linkedin Twitter Guest: André Ferraz: Founder & CEO, … Incognia: Locati

Incognia Founder & CEO André Ferraz joins State of Identity to discuss his childhood interest in cybersecurity, how anonymized location data to can be leveraged to increase account security, and the impact he’s seeing from COVID-19 when it comes to digital transactions.

Host:
Cameron D’Ambrosi:  Principal, OWI
Linkedin
Twitter

Guest:
André Ferraz: Founder & CEO, Incognia
Linkedin

Links:
State of Identity Listener Survey
Incognia

The post Incognia: Location-Based Behavioral Biometrics appeared first on One World Identity.


Giant Oak: Seeing the People Behind the Data

Giant Oak Founder & CEO Gary Shiffman joins State of Identity to discuss how he’s leveraging machine learning to assist financial institutions and government agencies in identifying illicit actors and patterns of threat behavior including money laundering, human trafficking and terrorism. Host: Cameron D’Ambrosi:  Principal, OWI Linkedin Twitter Guest: Andre Boysen: Chief Identity Officer

Giant Oak Founder & CEO Gary Shiffman joins State of Identity to discuss how he’s leveraging machine learning to assist financial institutions and government agencies in identifying illicit actors and patterns of threat behavior including money laundering, human trafficking and terrorism.

Host:
Cameron D’Ambrosi:  Principal, OWI
Linkedin
Twitter

Guest:
Andre Boysen: Chief Identity Officer, SecureKey
Linkedin
Twitter

Links:
State of Identity Listener Survey
SecureKey

The post Giant Oak: Seeing the People Behind the Data appeared first on One World Identity.


SecureKey: A Primer on Decentralized Identity

SecureKey Chief Identity Officer Andre Boysen returns to State of Identity to discuss the impact of COVID-19 on digital identity and SecureKey’s latest whitepaper offering a primer on decentralized identity. Host: Cameron D’Ambrosi:  Principal, OWI Linkedin Twitter Guest: Andre Boysen: Chief Identity Officer, SecureKey Linkedin Twitter Links: State of Identity Listener Survey SecureKey The

SecureKey Chief Identity Officer Andre Boysen returns to State of Identity to discuss the impact of COVID-19 on digital identity and SecureKey’s latest whitepaper offering a primer on decentralized identity.

Host:
Cameron D’Ambrosi:  Principal, OWI
Linkedin
Twitter

Guest:
Andre Boysen: Chief Identity Officer, SecureKey
Linkedin
Twitter

Links:
State of Identity Listener Survey
SecureKey

The post SecureKey: A Primer on Decentralized Identity appeared first on One World Identity.


Me2B Alliance

Good resources from Omidyar

Hi friends,   Learned of this very nice collection of resources from Omidyar today:  https://ethicalexplorer.org/   In particular, note the 8 tech risk zones.  These might be good buckets for both the Digital Harms Dictionary and the Certification tests:       Lisa

Hi friends,

 

Learned of this very nice collection of resources from Omidyar today:  https://ethicalexplorer.org/

 

In particular, note the 8 tech risk zones.  These might be good buckets for both the Digital Harms Dictionary and the Certification tests:

 

 

 

Lisa


WomenInIdentity

Interview with Andrew Weaver, Digital Identity NZ

Esme Wardhaugh sat down with Andrew to talk about identity, and the digital community. What is it about your job that gets you out of bed in the morning? I… The post Interview with Andrew Weaver, Digital Identity NZ appeared first on Women in Identity.

Esme Wardhaugh sat down with Andrew to talk about identity, and the digital community.

What is it about your job that gets you out of bed in the morning? Andrew Weaver

I wear a number of hats – from Digital Identity Aotearoa/New Zealand, to independent consulting, helping equip organisations with payments technology through to supporting mahi aroha (literally ‘love work’) with charities and social enterprises. I love supporting people to reach their full potential, especially if it involves challenging the status quo.

How did you get to where you are today?

A common thread of applying knowledge of technology and systems (including human systems) to improve and add value. I’m most definitely not a fan of shiny tech for shiny tech’s sake!

What is the most important lesson you have learned along the way?

Knowledge and wisdom is everywhere around us – in nature, in history, in different perspectives and worldviews. My most effective and rewarding role is in exploring and drawing that wisdom out, rather than assuming my own narrow perspective is shared by everyone.

What’s your message to CEOs in the identity space? What do you suggest they start, stop or continue doing – and why?

Identity is Taonga, a Māori word meaning something that is treasured and cherished. When we change our view of identity information and recognise it as something very personal and very precious we will start to treat it with a lot more dignity, care and respect. That means stopping treating identity as a means to a monetised marketing end and stopping the wholesale harvesting and sale of personal information.

In one sentence, why does diversity matter to you?

I have to quote your own motto (which I do all the time, by the way) – Identity systems built for everyone are built by everyone. #ForAllByAll

What book/film/piece of art would you recommend to your fellow members?

Technically Wrong is a great book on inclusive design.

What advice would you give to the teenage ‘you’?

Explore More

Where can we find you on social media / the Web?

On LinkedIn and at digitalidentity.nz.

The post Interview with Andrew Weaver, Digital Identity NZ appeared first on Women in Identity.

Friday, 28. August 2020

Hyperledger Foundation

Weekend Update: This Week’s Round-up of Remote Blockchain Learning Resources

Welcome to the Weekend Update. Our goal with this weekly post is to share quick updates about online education, networking and collaboration opportunities and resources for the open source enterprise... The post Weekend Update: This Week’s Round-up of Remote Blockchain Learning Resources appeared first on Hyperledger.

Welcome to the Weekend Update. Our goal with this weekly post is to share quick updates about online education, networking and collaboration opportunities and resources for the open source enterprise blockchain community. 

If you have suggestions for resources or events that we should spotlight in a future Weekend Update, let us know here using #HLWeekendUpdate.

Webinar: Creating an API-first settlement solution 

On September 2 at 10:00 a.m. EDT, join Gal Hochberg of Clear for a discussion about tackling the major challenges for enterprise readiness and usability in the context of the telecom industry and specifics on creating an API-first settlement solution.

Go here to register for the free session.

Blockchain Summit Global

Catch two days of business, innovation and new technologies content at Blockchain Summit Global (September 3-4). Attend the sessions, which will include more than 40 speakers presenting real cases, for free online. And don’t miss Hyperledger’s Marta Piekarska-Geater’s presentation on “Hyperledger Greenhouse and its best applications” on September 3 at at 2:30 p.m. BST. 

Go here to register.

Blockchain Developer Course en Español 

The Hyperledger Latinoamérica Chapter continues its Spanish language training course series with sessions this week on smart contracts (August 29) and wallets and tokens in Java (September 3). 

For more details and the full schedule, go here

Virtual Meetups

Saturday, August 29, at 13:00 UTC / 15:00 CEST: Hyperledger Sweden Study Circle hosts “Hyperledger Ordering Services” Saturday, August 29, at 15:00 UTC / 17:00 EET: Hyperledger Libya Meetup Launch Event Wednesday, September 2, at 16:30 UTC / 11:30 UTC -5: Hyperledger Latinoamerica hosts “Casos de uso blockchain empresariales: Revolucionando la cadena de suministro con Telefónica” (Spanish)

See the full Virtual Meetup schedule here

The post Weekend Update: This Week’s Round-up of Remote Blockchain Learning Resources appeared first on Hyperledger.


WomenInIdentity

WiD Diversity & Inclusion Policy

Guiding Principles At Women in Identity, we strive for a diverse, inclusive, and equitable workplace iwhere all volunteers and members feel valued and respected, regardless of gender, race, ethnicity, national… The post WiD Diversity & Inclusion Policy appeared first on Women in Identity.
Guiding Principles

At Women in Identity, we strive for a diverse, inclusive, and equitable workplace iwhere all volunteers and members feel valued and respected, regardless of gender, race, ethnicity, national origin, age, sexual orientation or identity, education or (dis)ability, .experiences and heritages and will ensure that all voices are valued and heard equally. 

We aim to create a model for diversity and inclusion that the identity industry can adopt.  

To provide informed, authentic leadership for cultural equality, Women in Identity strives to: 

See diversity, inclusion and equality as critical to the well-being of our staff and the identity communities we serve.  Acknowledge and dismantle any inequalities within our policies, systems, programs and services and continually update and report our progress.  Explore potential underlying, unquestioned assumptions that interfere with inclusiveness.  Advocate for and support board-level thinking about how systemic inequalities impact our organisation, and how best to address that in a way that is consistent with our mission. Help to challenge assumptions about what it takes to be a strong leader and champion diversity of leadership at all levels of our organisation   Practise and encourage transparent communication in all interactions. Lead with respect and tolerance. We expect all members to embrace this notion and to express it in organisation interactions and through everyday practices.

Women in Identity commits to promoting diversity and inclusion in our workplaces: 

Pursue cultural competency throughout our organisation by creating substantive learning opportunities and formal, transparent policies. Generate and aggregate quantitative and qualitative research related to equity
to make incremental, measurable progress toward the visibility of our diversity, inclusion, and equity efforts. Once the content is curated it will be added to our website so others can access. Improve our cultural leadership pipeline by creating and supporting programs and policies that foster leadership that reflects the diversity of communities that the identity industry serves.  Pool resources and expand offerings for underrepresented constituents by connecting with other identity organisations committed to diversity and inclusion efforts. Develop and present sessions on diversity, inclusion, and equality to provide information and resources internally, and to members, the community, and the identity industry.  Develop a system for being more intentional and conscious of bias during the hiring, promoting, or evaluating process.  Include a salary range with all public job descriptions.  Advocate for public and private-sector policy that promotes diversity, inclusion, and equity. Challenge systems and policies that create inequity, oppression and disparity. Our 2020 Goals Opening a US entity Restructuring Board of Directors Renewed focus on supporting non-western markets  Ambassador in India Seeking out multiple ambassadors for Africa External Diversity Review Kick off our inaugural research project which focuses on the impact of diversity and exclusion in the identity industry. The outputs of this project will include a code of conduct and implementation framework that will give identity organisations a practical and pragmatic guide to adopting a more diverse and inclusive approach to product development

The post WiD Diversity & Inclusion Policy appeared first on Women in Identity.

Thursday, 27. August 2020

Oasis Open

Invitation to comment on KMIP Specification v2.1 and KMIP Profiles v2.1 - ends Oct. 26th


OpenID

Open Digital Trust Initiative: A Proposal for Financial Institutions to Use an Open Standards Protocol to Verify Identity, Protect Privacy and Build Trust

In the digital space, people need new solutions to know the identity of who they are dealing with and whether or not they can trust them. A number of initiatives are working on the future of digital identity. Some of them are government-led while others are linked to specific private institutions or proprietary technologies. Banks […] The post Open Digital Trust Initiative: A Proposal for Financ

In the digital space, people need new solutions to know the identity of who they are dealing with and whether or not they can trust them. A number of initiatives are working on the future of digital identity. Some of them are government-led while others are linked to specific private institutions or proprietary technologies.

Banks and insurers are in a unique position to offer trust verification services built on their long track record of protecting personal information and providing banking privacy. They also have much at stake in how digital identity develops. The future of the customer relationship could be significantly altered in some scenarios, while in others they can build on traditional strengths, leverage their capabilities and monetize services they provide to the data economy. Recent developments have heightened the implications as COVID-19 accelerated digitalization and placed greater emphasis on Digital Identity as a critical underlying building block of the economy. At the same time, large tech firms are rapidly enhancing their capabilities as hubs of health data (in addition to the other areas they dominate).

The Institute of International Finance is collaborating with the OpenID Foundation, member firms, officials and various other entities to support the Open Digital Trust initiative, an interoperable and open source development with the objectives of introducing foundational trust into the global digital economy. It aims to create a vibrant marketplace for Digital Trust services which help individuals and entities to confirm identity and understand and manage risk. Specific workstreams have been mobilized (each with their respective working groups), with the IIF leading on policy development & OpenID leading on technical standards.

Technical protocols: This group is developing updated standards by 2021. For more information, please visit openid.net or contact Don Thibeau, Executive Director at don@oidf.org Policy initiative: will develop policy recommendations, requirements, and guidance for both public and private stakeholders in support the project’s wider objectives. Publishing target Q4’2020.

The Open Digital Trust Policy Initiative will build on guiding principles with focus groups developing the specific details in the following areas:

Individual centricity / purpose: Balance protecting individual rights (control, privacy) with a perspective among all stakeholder interests (individual, societal, corporate). Look across jurisdiction and regional approaches, such as the EU and ASEAN, to balance individual privacy with broader societal interests. Liability / legal frame: Create a market-based mechanism for addressing liability and legal frameworks of reference. Interoperability: Explore frameworks across geographies and develop “concordance mapping” across platforms to demonstrate interoperability and common values across different sectors, countries, and models such as self-sovereignty. Role of governments / public sector / academia

Participation in each of these working groups and their deliberations are open to all, without any cost or obligation.

The post Open Digital Trust Initiative: A Proposal for Financial Institutions to Use an Open Standards Protocol to Verify Identity, Protect Privacy and Build Trust first appeared on OpenID.

Wednesday, 26. August 2020

Me2B Alliance

Me2B Webinar and Meeting Schedule

Upcoming Webinar Me2B 101:  An Ethical Foundation for Respectful Technology September 14, 2020 | 8:00am PT Join us for a second run of this webinar with Lisa LeVasseur, Executive Director of the Me2B Alliance. Lisa will discuss the Me2B ethos and how it is shaping the technology marketplace. We'd love to hear thoughts from our community members during the Q&A session at the end. An
Upcoming Webinar
Me2B 101:  An Ethical Foundation for Respectful Technology
September 14, 2020 | 8:00am PT
Join us for a second run of this webinar with Lisa LeVasseur, Executive Director of the Me2B Alliance. Lisa will discuss the Me2B ethos and how it is shaping the technology marketplace.
We'd love to hear thoughts from our community members during the Q&A session at the end. Any help promoting the webinar is appreciated!
Register Here

Me2B Alliance Meeting Schedule
The Alliance meeting schedule has been revised to the following:
Every other month on the first Monday of the month starting 10/5/20
We'll see you then. The meeting link is in the Groups.io calendar.


--
Ted Barthell Chief Marketing Officer E: ted@... M: 262.880.3760 Connect on LinkedIn

Video + Digital Marketing Agency
Milwaukee | Santa Barbara
www.BarthellDigital.com

Re: Omie Project Slides

Thank you very much Iain!   Appreciatively,   Jeff Orgel Primary Consultant    TAG!  We're I.T.! Technical Associates Group, LLC   What is Your Real-IT?!  

Thank you very much Iain!

 

Appreciatively,

 

Jeff Orgel

Primary Consultant

 

 TAG!  We're I.T.!

Technical Associates Group, LLC

 

What is Your Real-IT?!

 


Omie Project Slides

Hi all, this is a slide deck that I discussed on the B’s Working Group call today; just sharing with the rest of the group in case of interest. It’s a few years old and relates to the ‘Omie’ project that we were tinkering with at Customer Commons a few years back; we stopped that work when the OS project we were experimenting with closed down/ was no longer an option. Omie is essentially a
Hi all, this is a slide deck that I discussed on the B’s Working Group call today; just sharing with the rest of the group in case of interest.
It’s a few years old and relates to the ‘Omie’ project that we were tinkering with at Customer Commons a few years back; we stopped that work when the OS project we were experimenting with closed down/ was no longer an option.
Omie is essentially a ‘complete personal stack’ built from scratch, from the ground up to support the individual.
Some context at the link below.
http://customercommons.org/category/omie/
There is a possibility that the project is going to be dusted down and re-started.
Iain

Hyperledger Foundation

Hyperledger-Powered Education Solutions in Action

Just before the age of COVID began in earnest, The New York Times ran a feature on “How Technology Is Changing the Future of Higher Education.” The rise of remote... The post Hyperledger-Powered Education Solutions in Action appeared first on Hyperledger.

Just before the age of COVID began in earnest, The New York Times ran a feature on “How Technology Is Changing the Future of Higher Education.” The rise of remote learning and other pandemic-related changes and challenges have added to the need and opportunity for technology-driven advances. 

The Hyperledger community is doing its part to help the higher education market adapt to an increasingly digital world. Below we look at five Hyperledger-powered solutions that are at work now in the education market. They are helping colleges and universities modernize how they tackle a number of core tasks, including issuing and verifying academic credits, automating on-campus payments and managing students’ identity and privacy. 

Read on for more about these #HyperledgerEdu solutions, built using a mix of Hyperledger technologies:

Byacco, an on-campus payment system

Soramitsu has officially released Byacco, a payment system based on Hyperledger Iroha, for the University of Aizu, Japan. Byacco is a system that allows students and staff of the University of Aizu to use an application on their phones to pay for goods in the cafeteria and university store and to transfer funds within the campus. To make a transaction, all they need is to scan or to provide a QR code, depending on the operation. Byacco’s technology also has high standards for transfers: it follows the EMV® QR Code specification and has bank application level financial security protocols. The keys that are used to authorise transactions on the blockchain are stored only on the device, in a secure storage, so that no one except the owner can access the funds. Students of the university can join the development of the system, thus acquiring skills in creating financial systems based on Hyperledger technologies.

DoDream, a “Study Abroad Platform”

Dain Leaders is an education solution provider for universities in Korea. It serves more than 45 Korean universities by providing services for students’ career path development. As part of that effort, Dain Leader is introducing its “Study Abroad Platform,” called DoDream, to support the extended education ecosystem of the universities, accreditation and related agencies, and prospective employers. Based on Oracle Blockchain Platform Cloud Service (which is powered by Hyperledger Fabric), the platform is an O2O service that provides foreign students with information on studying in Korea and a matching service with Korean universities.

Oracle Digital Certificates Solution

In the face of fast-changing demographic and economic drivers and student expectations, the current processes for issuing and verifying student certificates are too inefficient and time consuming. They can also lead to fraudulent or counterfeit certifications.  

The Oracle Digital Certificates Solution, built on the Oracle Blockchain Platform (based on Hyperledger Fabric), provides a complete, end-to-end solution for educational institutions to issue verifiable tamper-proof and secure credential certification that improves the student experience after graduation and improves operational efficiency. The solution enables institutions to issue digital certificates along with transcripts and provide self-sovereign capability to the students who can share them securely with third parties through an access token.

This solution has been successfully deployed in production by customers like China Distance Education Holdings Limited (CDEL) and Taibah Valley University. CDEL uses Oracle Blockchain to share educational records and professional certifications across many educational institutions to help employers and recruiters verify the educational credentials claimed by individuals. 

Many other institutions like national universities, employment agencies, government organizations, professional skills academies and universities that provide student grants/scholarships are using this solution as part of ongoing or planned pilots.     

PwC Smart Credentials

Data is the new gravity in the world today and organisations are gravitating to and concentrating around trust as the ultimate currency in this data driven world. This trust is crucial for people to exchange information, especially in this digital age when trust is often violated. 

With that premise, PwC developed Smart Credentials, a credential issuance, sharing, reviewing and revocation platform levegering the inherent core benefits of blockchain technology such as immutability, tamper-proof nature, transparency, authenticity and security.

Built using Hyperleder Indy and Hyperledger Aries to support the verification process, Smart Credentials has two key pillars: Authentication (you are who you say you are) and Authorization (genuine claim). Both are crucial ingredients of building trust in any ecosystem. 

Smart Credentials recently won a “Bronze” medal for the Best Global Blockchain Innovation 2019 at the Reimagine Innovation awards (Backed by Wharton and QS) and is a finalist in the DataIQ 2020 awards “Best data product/ service” of the year category.

Verified.Me

As higher education moves deeper into online and remote learning for traditional and non-traditional students, colleges and universities are now offering a broader array of services that extend the campus experience to the digital realm. Beyond the advent of digital programming, educational institutions are also privy to sensitive personal student, faculty and alumni data from income and payment information to disciplinary records, healthcare and insurance information. 

SecureKey Technologies’ Verified.Me service is one approach that supports education’s new digital and data privacy demands. This new digital identity verification service can help verify students, alumni and faculty in a timely and secure manner, strengthening educational institutions’ ability to expand their digital offerings with confidence – while also providing much-needed cost savings. Verified.Me is built using the IBM Blockchain Platform, which is based on Linux Foundation’s open source Hyperledger Fabric.

Join the conversation about solutions and applications supporting the higher education marketing with #HyperledgerEdu this month on social channels. Also, Hyperledger has an Education Architecture Special Interest Group that is open to all.

The post Hyperledger-Powered Education Solutions in Action appeared first on Hyperledger.


Oasis Open

Baseline Protocol Achieves Key Milestone with Release of v0.1 Implementation for Enterprise IT and the Ethereum Public Blockchain


Me2B Alliance

Re: Thanks for participating in the membership dues survey!

You are welcome Lisa. Keep Safe. Good work. Best Regards. ----------------------------------------- Charlie Martial NGOUNOU President, AfroLeadership WhatsApp. +237 69999 7093 We work in Cameroon & Africa
You are welcome Lisa. Keep Safe. Good work.

Best Regards.
-----------------------------------------
Charlie Martial NGOUNOU
President, AfroLeadership
WhatsApp. +237 69999 7093
We work in Cameroon & Africa

Tuesday, 25. August 2020

Me2B Alliance

Thanks for participating in the membership dues survey!

Hi folks,   Thanks to everyone who participated in our membership dues survey.  We heard the messages loud and clear and you’ll see lower dues across the board.   Your feedback was crucial  and greatly appreciated!   Lisa

Hi folks,

 

Thanks to everyone who participated in our membership dues survey.  We heard the messages loud and clear and you’ll see lower dues across the board.

 

Your feedback was crucial  and greatly appreciated!

 

Lisa

Monday, 24. August 2020

Me2B Alliance

Re: New website

Thanks for the feedback all and look forward to hearing more. I agree Iain, that's a balance we will continue to refine as we roll out more updates. Ted
Thanks for the feedback all and look forward to hearing more.

I agree Iain, that's a balance we will continue to refine as we roll out more updates.

Ted

Saturday, 22. August 2020

One World Identity

KNOW Identity Digital Forum Recap: Identity’s Role in Re-Opening the Economy

In the latest KNOW Identity Digital Forum event, we tackled how digital identity is aiding in safely reopening the global economy. From solutions focused on robust contact tracing in healthcare to ensuring remote learning can successfully be implemented with privacy built-in, digital identity is taking on unique challenges in the face of the COVID-19 pandemic. … KNOW Identity Digital Forum Rec

In the latest KNOW Identity Digital Forum event, we tackled how digital identity is aiding in safely reopening the global economy. From solutions focused on robust contact tracing in healthcare to ensuring remote learning can successfully be implemented with privacy built-in, digital identity is taking on unique challenges in the face of the COVID-19 pandemic.

 

Highlights from these conversations were abundant but some important takeaways included: Impacts from the COVID-19 pandemic are being felt globally and cross-industry. Digital transformation is happening at an ever-quickening rate and identity has been proven to be the underpinning to many solutions Implementing contact tracing has been trialed in several geographies, but low trust and therefore adoption among consumers is rendering less useful products. Lack of medical understanding of re-infection rates is also delaying immunity credentials from gaining traction. Motivating users to enroll ‘for the greater good’ is the biggest challenge seen thus far. Remote education challenges have overlapping needs with other authentication use cases, except there are incentives for the student user to commit fraud themselves. Biometrics and liveness detection technologies can combat much of these exam proctoring hurdles.

 

In the absence of a vaccine or other treatments, monitoring and mitigating exposure to the virus is paramount for containing its spread. But how can governments and health agencies conduct this sort of surveillance without sacrificing the privacy of its citizens? In the first session, Contact Tracing & Identity’s Role in Reopening the Economy, we spoke with Robin Tombs, CEO at Yoti, and Nathan Rowe, Chief Product Officer at Evident ID, on how their respective solutions are tackling the challenge of contact tracing globally.

 

OWI: As we know, COVID is still raging across the globe. How might we begin safely bringing folks back to work, back to school…make physical spaces accessible again? What are some of the challenges are you encountering?

 

Evident ID: Health information is of the utmost sensitivity and there’s this opportunity to help our customers and help a new customer base manage and control the risk associated with COVID infections, impact to the workplace, impact to families, and do it in a way that actually helps them achieve regulatory compliance and privacy of the information. Given what we know about the fleeting nature of COVID immunity today, it’s likely that assigning immunity credentials to individuals is still a very long way off. A few states in the U.S. have released privacy-focused COVID solutions for tracking purposes, but they all have very limited adoption. Canada, which has traditionally been a pioneer in privacy regulation, has developed a privacy-focused app called COVID Alert that can let people know of possible exposures before any symptoms appear.

 

Yoti: People and not trusting that the advice they may get from the contact tracing is actually reliable. They’re not keen to quarantine in the U.K. for 14 days when there’s probably only a 30 percent chance that they may actually have COVID. So, a lot of people haven’t downloaded the app in the U.K. and of course, if not many people download the app, you get into a bad cycle where the app contacts you do a particularly good job, but not very many people use it.

 

Evident ID: These systems are going to feel like a burden to the end-user. There has to be a good bit of messaging and communication to the population to ensure they feel motivated to adopt the technology. It has to be clear that [they] are doing this for the greater good and the safety of those around them. Similarly to the argument of why you wear a mask. The mask is not to protect you, it’s to protect others. And, you know, if people can have the right mindset, it’s just going to make that easier.

 

Yoti: The biggest need for tracing is to protect people and therefore the industries most likely to really need it are those with the highest rates of interaction and closest proximity range. If you’re an individual interacting with many different people through the day, then not only do you have a greater risk of infection personally, but you carry the same risk of spreading the virus to others. Retail, travel and transport, health care, deliveries, large business hubs and sites are obvious – but the virus will jump to anyone given the chance and anywhere so we can’t apply solutions like tracing to one part of society while ignoring others. The approach needs to be joined up.

 

OWI: Looking to the future, you know, in many ways we have seen COVID as driving organizations that had been lagging behind the curve in terms of thinking about digital identity. Do we think that this could serve as a catalyst for greater both enterprise and consumer adoption of digital identity platforms? Or do we think that folks are going to fall back on old habits and methods once we no longer need to be locked down?

 

Yoti: It will be a dramatic change. The U.K. has already changed quite a few regulations where I think otherwise they would have taken another several years to do so. People are very cautious and conservative. But in the last six months, regulators have already made some very significant changes. There’s much more adoption of e signing for all sorts of things. Now, it’s possible that they will go back, but I think a huge number of regulators are now being given the chance to test out things that normally they would take a long time to take a risk on.

 

Evident ID: Regulation and law are always slow to adopt technology, some of it is they’re not as plugged in there. They’re more risk-averse. They don’t want to have this thing change too fast. They don’t have the option right now. The acceleration of telemedicine has been a great example. I mean, that wasn’t just regulators: insurers would not pay for telemedicine. In the same way, they now have to. I think what you’ll see is clearly the regulation has turned upside down on its head, but also this massive change in both the consumer and the employee expectation of what can be done and what is possible.

 

Shifting gears from public health to education, OWI was joined by Blake Hall, CEO of id.me, and Reinhard Hochrieser, VP of Product Management at Jumio, to cover School’s Out: Fool Proofing Remote Education. As communities remain closed due to the pandemic, academic institutions are grappling with the tough reality of transitioning in-person classrooms online. In a remote learning environment, how do you verify the identity of each student completing their coursework and online exams? Education is only one of the many industries where remote proofing is suddenly an immediate imperative.

 

OWI: Education is in uncharted territory with remote learning, unlike businesses where work-from-home and remote access have largely been adopted and onboarded by the workforce. What are you seeing are these challenges that schools are coming to you with and where do you see the biggest points of friction and discomfort right now in terms of transitioning from an offline to an online educational space?

 

Jumio: I think everyone remembers how we received an education. We sat in a classroom and the teachers just spread information. I think that’s what’s changing, and not just because of COVID. Of course, that’s accelerating the change. But we’ve seen that change over the last one to two years, that more universities and online education platforms are reaching out to us not just to implement a way to do identity verification, but to get guidance about how to do it because there are so many different ways. Online education doesn’t just mean that you offer material online. You need to think about how you onboard the classmates or the attendees. How do you share grades? How do you offer exams? Do you want to combine it with existing proctoring services?

 

Id.me: Education really crosses verticals. We’ve seen a number of DMVs that need to give people driver’s license exams and to do that remotely now that the field offices are closed. There’s a variety of different ways to have a workflow that’s secure. But there are some unique elements to education in that most identity verification. Typically you’re focused on preventing third-party fraud, somebody else trying to take over your identity. In education, it’s often the opposite, where the test taker has an incentive to let a smarter friend or associate or somebody they’ve paid take the test for them. You really have to make sure that that person is who they’re claiming to be.

 

OWI: There are unique challenges to the educational market: the fact that there may be children involved or those under 18 that can’t be expected to have a driver’s license or other I.D. and then to try to be as inclusive as possible from a technology perspective. Equity and education, obviously a major goal for just about everyone. How can we make sure that we are not excluding pupils who maybe don’t have the latest smartphone, who don’t have the latest webcam, who don’t have a super high-powered computer? What are those barriers and how are you seeking to drive inclusive and address the challenges of making sure that these solutions can accommodate as many people as possible, regardless of their income and technological or government-issued credential levels?

 

Jumio: We’re addressing that particular problem over the last couple of years by providing a real omnichannel solution, which means regardless if a student is using the latest and greatest iPhone or Android device or a computer with a weaker webcam, we can support all those different use cases to really ensure that each and everyone can benefit from our services. It doesn’t matter if the enrollment happens on the phone or on the computer without technology. This supports the growing demand for flexibility in regard to online education.

 

Id.me: There’s still a wide variety of folks who are using knowledge-based authentication, based on credit history to try to verify folks and that that modality is completely outdated, especially when it comes to inclusion and security. The move in the market has been toward using possession-based modalities like your device with corroboration against the telecom possession of a government I.D. From an inclusion standpoint, we lead with that device verification. Phone ownership is way, way higher than credit records, so it’s a more inclusive modality. It’s also way more secure because your phone is talking to your telecom that we’re talking to a cell phone tower every eight seconds. If you think about that versus like the credit or data broker-based methods, it’s way more inclusive.

 

There’s always more hot topics to dive into, and we’re now looking forward to seeing how the industry drives reopening forward through identity technologies. Take a moment to catch up on the sessions from this event or other KNOW Identity Digital Forums you may have missed!

The post KNOW Identity Digital Forum Recap: Identity’s Role in Re-Opening the Economy appeared first on One World Identity.

Friday, 21. August 2020

Hyperledger Foundation

Weekend Update: This Week’s Round-up of Remote Blockchain Learning Resources

Welcome to the Weekend Update. Our goal with this weekly post is to share quick updates about online education, networking and collaboration opportunities and resources for the open source enterprise... The post Weekend Update: This Week’s Round-up of Remote Blockchain Learning Resources appeared first on Hyperledger.

Welcome to the Weekend Update. Our goal with this weekly post is to share quick updates about online education, networking and collaboration opportunities and resources for the open source enterprise blockchain community. 

If you have suggestions for resources or events that we should spotlight in a future Weekend Update, let us know here using #HLWeekendUpdate.

New /dev/weekly Newsletter

Curious about technical project updates coming out of Hyperledger? We’ve launched a weekly newsletter with technical news and updates. Sign up for it here

New Case Study: How Soramitsu Helped Modernize the National Bank of Cambodia’s Retail Payment System

Get the details on a new Hyperledger Iroha-based digital payment system that Soramitsu helped develop for Cambodia’s central bank in this new case study.

Blockchain Developer Course en Español 

The Hyperledger Latinoamérica Chapter continues its Spanish language training course series with sessions this week on Docker and containers (August 22) and Hyperledger Fabric networks (August 28). 

For more details and the full schedule, go here

Virtual Meetups

Saturday, August 22, at 10:00 UTC / 15:30 IST: Hyperledger India Chapter hosts “Asia Pacific Online Certification Study Circle” Saturday, August 22, at 13:00 UTC / 15:00 CEST: Hyperledger Sweden hosts “Online Certification Study Circle” Saturday, August 29, at 15:00 UTC / 17:00 EET: Hyperledger Libya Meetup Launch Event

See the full Virtual Meetup schedule here

The post Weekend Update: This Week’s Round-up of Remote Blockchain Learning Resources appeared first on Hyperledger.


FIDO Alliance

White Paper: FIDO Transaction Confirmation

Besides generic session authentication, there is an increasing need to gather explicit user consent for a specific action, i.e. “Transaction Confirmation”. Transaction Confirmation allows a relying party to not only […] The post White Paper: FIDO Transaction Confirmation appeared first on FIDO Alliance.

Besides generic session authentication, there is an increasing need to gather explicit user consent for a specific action, i.e. “Transaction Confirmation”. Transaction Confirmation allows a relying party to not only determine if a user is involved in a transaction, but also confirm that the transaction is what the user actually intended – for example, whether they intended to pay $1000 to company X for purchasing product Y, or whether they consent to have specific data shared with another party, such as test results with a doctor.

This paper provides an overview on Transaction Confirmation and the drivers for its support including: regulatory requirements (PSD2, eIDAS); addressing friendly and mobile fraud; and to enable online binding agreements. It explains current approaches for Transaction Confirmation, including through FIDO protocols for native applications, and the value of adding support for it directly in web browsers. It concludes with a call for feedback from relying parties on whether they would like to see Transaction Confirmation should be supported directly in web browsers.

The post White Paper: FIDO Transaction Confirmation appeared first on FIDO Alliance.


One World Identity

The EU’s Localized Digital Identity Play

This is the third piece in a four-part series on nationalism and its threat to digital identity. If you missed it, read parts one and two now for the most comprehensive insights. To recap: on July 7th, the EU announced that it had revoked the Privacy Shield, a transatlantic agreement that enabled the legal transfer … The EU’s Localized Digital Identity Play Read More » The post The EU’s Loca

This is the third piece in a four-part series on nationalism and its threat to digital identity. If you missed it, read parts one and two now for the most comprehensive insights.

To recap: on July 7th, the EU announced that it had revoked the Privacy Shield, a transatlantic agreement that enabled the legal transfer of data between itself and the United States (U.S.). Remarkably, the invalidation of the Privacy Shield framework was made effective immediately, leaving no grace period for an estimated 5,400 companies that rely on the program’s protections to transfer data to and from the EU. Compounding the ambiguity of the moment is the flurry of complaints filed by European privacy groups against major companies with regional operators still relying on Google Analytics / Facebook Connect integrations (still reliant on Privacy Shield-adjacent arrangements). 


The present moment might be ostensibly described as another dip on the regulatory rollercoaster at the heart of the EU’s mandate for individual privacy. The announcement a few days ago that the European Commission has begun initiating discussions to construct a new Privacy Shield seems to encapsulate such imagery. It mirrors how the same court responsible struck down a similar decades-long data agreement in 2015, the Safe Harbour agreement, propelling the European Commission to propose and enact the Privacy Shield in 2016. 

However, we should recognize the past few years as indicative of the EU’s growing willingness to play privacy “bully-ball”, pressuring other countries — including close allies — to comply with stronger data privacy mandates as a basic requirement to conduct business in the region. Indeed, the EU is making a nationalist digital identity play, focused on addressing the control over identity’s building blocks at a regional level.

The EU’s prioritization of individual privacy is best understood as a cocktail of two countervailing forces – one part historical concerns that the union has had with overbroad government interests, and one part overbroad commercial interests. For the past three decades, the EU has always had a comprehensive, region-spanning privacy framework — first with the Data Protection Directive (DPD), transposed consequently by the General Data Protection Regulation in 2018 (GDPR). The two equally address protection against government and industry forces, applying to all organizations in the EU operating in the public and private sector. In contrast, the US has consistently been plagued by a patchwork approach. Its legal precedent has largely focused on governmental intrusions on individual privacy, and its commercial protections are industry-specific. 

The EU also has had a vested interest in pushing back against Silicon Valley (SV) incumbents, reflecting its issues with the US regulatory approach to privacy. Moreover, this interest is couched in the historical and silent cooperation of SV corporations with US intelligence agencies. In fact, it was the 2013 revelations about the scope and breadth of the US National Surveillance Agency, laid bare by Snowden, which prompted the original scrutiny in the EU leading to the 2015 Safe Harbor agreement strikedown. Previous actions the EU has taken also reflect this, with the EU citing potential NSA involvement in 2018 as it applied antitrust pressure against Google.

Although the EU is focused primarily on individual privacy — whereas China has focused on national security as its guiding principle — its strong preference for data localization suggests a similar belief that strong government actions and regulations can also play a part in re-establishing the EU as a power in the digital identity space. 

The EU’s commercial ambitions for digital identity are made chiefly evident by viewing its government initiatives in the context of anti-SV and anti-US regulatory trends. Its Data Strategy, announced in February 2020, will set into motion a €2 billion investment into EU specific data processing and sharing infrastructure. Moreover, in April 2020, the union announced plans to stand up a region-specific industrial database that could rival SV, aiming to capitalize on a EU-centric data economy worth roughly 400 billion euros and a data market worth roughly 75 billion euros. 

It’s clear that, at least when it comes to digital identity, the EU has furthered its national interest and led the narrative around who controls and shapes it. And while the impact to its data economy has yet to be captured fully, the EU has succeeded in establishing itself as a regulatory leader for data privacy. It has pushed other countries (notably, Argentina and Japan) to achieve adequacy for data protection within the region. 
In doing so, the EU has legitimized the phantom of cyber-nationalism sweeping the globe, and suggests its investment in leading and molding digital identity for both its citizens and — by proxy — the rest of the world. The EU Commission’s Data Strategy states this plainly, emphasizing that the moment to act against “sources of competitiveness for the next decades in the data economy” (i.e. SV incumbents) is now. Acting otherwise, it states, “reduces incentives” for data-driven businesses located in the region to emerge, to grow, and to compete.

The post The EU’s Localized Digital Identity Play appeared first on One World Identity.

Thursday, 20. August 2020

ID2020

New Report Highlights Public Concerns About Data Privacy

Members of the ID2020 Alliance are united in the belief that identity is a fundamental and universal human right and that we all deserve better ways to prove who we are — both in the physical world and online. As a community of technologists, advocates, implementers, and funders, we also believe that ethically implemented, privacy-protecting, user-managed, and portable digital ID solutions o

Members of the ID2020 Alliance are united in the belief that identity is a fundamental and universal human right and that we all deserve better ways to prove who we are — both in the physical world and online.

As a community of technologists, advocates, implementers, and funders, we also believe that ethically implemented, privacy-protecting, user-managed, and portable digital ID solutions offer a better alternative to the current “data as a commodity” paradigm.

A new report from KPMG entitled, The New Imperative for Corporate Data Responsibility, suggests that the American public increasingly agrees with this perspective. Based on a survey of 1,000 respondents, the report concludes that consumers expect corporations to “take significant steps to better protect, manage, and ethically use their data.”

“The findings are unmistakable,” says Orson Lucas, Principal, KPMG Cyber Security Services. “Data privacy and protection are clear priorities for consumers. Close attention to customer data handling, management, and protection practices are key, foundational elements of establishing and maintaining digital trust.”

The report outlines valuable findings regarding how the public feels about the security of their data, the issues that concern them, and who they believe bears responsibility for creating a more secure and trustworthy digital ecosystem.

Key Findings: Beliefs

97 percent of respondents say that data privacy is important to them 87 percent believe that data privacy is a human right 86 percent believe that data privacy is a growing concern 68 percent don’t trust companies to ethically sell their private data 54 percent don’t trust companies to use their personal data in an ethical way 53 percent don’t trust companies to collect data in an ethical way 50 percent don’t trust companies to protect their personal data

These insights should not surprise us. After all, a majority of Americans have, at one time or another, been personally affected by a data breach. On the one hand, it is encouraging to see that public opinion is shifting; our experiences have made us all more cognizant of how our identity and personal data are being misused and mismanaged. On the other hand, these experiences are also contributing to a growing mistrust of all forms of digital ID. For those who work in this space, this is a timely reminder that, as we develop and deploy new forms of digital ID, we must do so with an intentional focus and abiding commitment to rebuild and maintain public trust.

Key Findings: Concerns

83 percent of respondents worry most about the theft of their Social Security Number, followed by their credit card number (69 percent), and their passwords (49 percent) Only 16 percent are worried about their medical records being stolen. Medical records are the most commonly cited example of data that consumers trust companies to protect (57 percent)

Given these rapidly changing consumer opinions, and with our vision of good digital ID for all as our guiding star, we at ID2020 regularly revisit the question: how do we get there?

The data suggest what we have long believed: that, in the coming years, market forces (i.e. consumer demands) will drive tectonic shifts in the data economy. But will market forces be enough?

Most telling in the data is that the public is most likely to trust healthcare companies to protect the privacy of their medical records. Laws such as the Health Insurance Portability and Accountability Act (HIPAA) and the California Consumer Protection Act (CCPA) establish robust data protections and stiff penalties for companies that mishandle data. These offer the public a degree of confidence that their health information will be held sacrosanct.

The house is on fire and that the public is finally smelling the smoke when it comes to data security. Market forces can be extremely powerful, but we expect that governments will play an equally important, catalytic role by establishing the regulatory frameworks and consumer protections necessary to rebuild trust and encourage the broad adoption of safe and secure digital ID applications.

Here as well, the KPMG data provides some valuable insights for policymakers.

Key Findings: Who is Responsible

91 percent of respondents say that corporations should take the lead in establishing corporate data responsibility 56 percent say that companies should prioritize giving consumers more control over their data in 2020 84 percent are open to state legislatures giving consumers more control over their data
“Data privacy issues are not going to go away,” says KPMG Cyber Security Services Principle, Steve Stein. “In fact, consumer protections around data privacy, like the ones provided by the CCPA, are very likely to be codified in other states and eventually at the federal level. Simply put, privacy laws are only going to increase in volume and rigor. That’s why visibility, protection, and trust is gaining such momentum in the marketplace and also why leading-edge companies are not looking at data privacy as just another compliance or check-the-box exercise. They see privacy as one of the pathways to growing their business by improving trust with their customers.”

So…How DO We Get There?

Identity systems rely on trust to function; trust between issuers of identity and relying parties and, critically, that of those who use the system to prove their identity to access various goods, services, and privileges.

ID2020 was established in 2016 to promote the adoption and implementation of user-managed, privacy-protecting, and portable digital ID solutions. To achieve this vision, we are working simultaneously along three tracks.

We are helping shape the market through the ID2020 Certification, which applies 41 rigorous, outcome-based Technical Requirements to certify best-in-class digital ID solutions. We are working with policymakers in the United States and internationally to advocate for the ethical implementation of better forms of digital ID. And, as the technologies continue to evolve, we are implementing programs in the field to test and apply what we learn as these systems are replicated and brought to scale.

Fully realizing the potential of digital ID will require businesses, technology providers, policymakers, and civil society to collaborate — and quickly — to build and implement functional, privacy-preserving, user-managed ID systems, and work to overcome the mistrust which could impede their broad adoption. We developed the ID2020 Alliance model to foster this collaboration.

The road to good ID for all is riddled with potholes…and we have one chance to get this right.

About ID2020

ID2020 is a global public-private partnership that harnesses the collective power of nonprofits, corporations, and governments to promote the adoption and implementation of user-managed, privacy-protecting, and portable digital ID solutions.

By developing and applying rigorous technical standards to certify identity solutions, providing advisory services and implementing pilot programs, and advocating for the ethical implementation of digital ID, ID2020 is strengthening social and economic development globally. Alliance partners are committed to a future in which all of the world’s seven billion people can fully exercise their basic human rights, while ensuring data remains private and in the hands of the individual.

New Report Highlights Public Concerns About Data Privacy was originally published in ID2020 on Medium, where people are continuing the conversation by highlighting and responding to this story.

Wednesday, 19. August 2020

Hyperledger Foundation

Blockchain Stories 2020: Highlights from Five Weeks of Community Sharing in Asia Pacific

We all have heard blockchain stories. Stories that redefined the way businesses operate. Stories that created new business across the domains. Stories that propelled innovation. Stories that are defining the... The post Blockchain Stories 2020: Highlights from Five Weeks of Community Sharing in Asia Pacific appeared first on Hyperledger.

We all have heard blockchain stories. Stories that redefined the way businesses operate. Stories that created new business across the domains. Stories that propelled innovation. Stories that are defining the future of technology. Stories that helped others run their business in decentralized fashion. And a lot more.

Blockchain technology has seen increasingly wider adoption across the industries. Digital transformation of businesses and innovation in the healthcare industry have seen unprecedented demand like never before during the challenging times of COVID-19. What seemed impossible in the past is now turning to be reality.

The Hyperledger India Chapter aims to bridge the gap between the blockchain technology enthusiasts and the blockchain technology experts. To us, it seemed it was time for an event to bring together booming startups and established organizations to share their blockchain journey. In these demanding times, having physical get-togethers is impossible around the world. There is a saying in Sanskrit “Vasudhaiva Kutumbakam,” which translates to “World is Indeed One Family.” The idea of having the virtual event in India transformed to one that could benefit the whole Asia Pacific audience. The event time was chosen so that everybody in the Asia Pacific region from the Middle East to Australia/New Zealand could attend.

In the last week of May and through June, Hyperledger India Chapter proudly organized a series of interactive events, the most anticipated “Blockchain Stories 2020.”

The series was an attempt to answer the questions one normally hears. Is blockchain really being adopted across the industries? What uses can blockchain solve? How do you effectively use a blockchain solution? Can blockchain transform agriculture? How does blockchain transform education and certification in the future? Is blockchain an answer to all the healthcare problems? What are the barriers for the adoption of blockchain technology?

Highlights:

25+ organizations presented their solutions. The topics covered a range of domains including supply chain, telecom, healthcare, agriculture, digitally verifiable certificates, self sovereign identity and security, digital currency, global trade, research and education.  More than 1,000 blockchain enthusiasts from across the Asia Pacific region signed up for the events. Community engagement continued across five weeks. 20+ volunteers helped tirelessly, physically separated but virtually connected. 

That’s not all. Since Hyperledger believes in inclusive community growth, sessions not only showcased solutions built on Hyperledger projects but also ones built on other platforms. These sessions focused more on how blockchain as a technology pillar is helping to design solutions to the demanding problems. The series also featured talks on how to measure and improve the performance of blockchain frameworks.

Indian blockchain firms have made an impact on Industry 4.0, which created massive hype amongst the young, brilliant and blooming minds of India. Blockchain tech has already made its way into many mainstream industries. The emerging technology startups thanked the Hyperledger India Chapter for organizing an event and providing them an opportunity to present their solution alongside the lights of big establishments. AyanWorks, a blockchain startup based in Pune, India, presented their immunity passport solution for safe reopening of the post pandemic world. Snapper Future Tech & IIT Alumni Association presented their solution on COVID-19 X-Ray analysis using  blockchain & AI, reducing the cost of testing. Tech Mahindra showed how blockchain is helping to solve the telecom’s billion subscriber problem, and countries including the USA are requesting a similar solution. The dltledgers, a blockchain startup based in Singapore, shared their digital transformation journey for cross border trade finance. Soramitsu, a blockchain technology firm based in Japan, shared their payment solution.

Arun S M, Walmart Global Tech, says “It feels amazing to see the great response from the community. What started as a thought late last year took multiple turns, shapes and forms to be finally called Blockchain Stories 2020. Hyperledger staff members made it easy for us to turn a local event into a virtual one that reached an audience throughout Asia Pacific. The community stood by us through a technical glitch on our first day of the event, showing quality and a high level of interest and engagement.”

Julian Gordon, VP, Asia Pacific, Hyperledger, says “Hyperledger’s India Chapter volunteers worked tirelessly and enthusiastically to produce this wonderful series of ‘Blockchain Stories 2020’ for the Hyperledger and wider blockchain communities. Each event featured cutting-edge blockchain solutions, addressed opportunities and challenges, and showcased exciting developments in blockchain. Hyperledger has received excellent and appreciative feedback from the series’ virtual audience. It’s particularly timely and heartening to see quality virtual events like these take place in this challenging time of Covid-19. It’s a pleasure to support Hyperledger’s India Chapter, and I would like to thank them for all their work on the ‘Blockchain Stories 2020’ series.”

Did you miss the event? We have got it covered. Watch the recap on YouTube. The Hyperledger India Chapter thanks all the volunteers and organizers for helping to make this event a success story.

About Us: The Hyperledger India Chapter is responsible for growing the Hyperledger community in India, promoting contributions to Hyperledger projects and providing a platform for collaboration, mentoring and support. The chapter aims to showcase the broad range of Hyperledger projects and initiatives to the Indian audience. Join us and share your ideas! Weekly meeting details can be found at the Hyperledger Calendar of Public Meetings.

Future Plans: There is a huge interest in the community to contribute back to open source projects. We are happy to provide a platform and connect, guide and mentor the technical community in India. Following the success of the “Blockchain Stories 2020,” we will organize a “Hyperledger Project Connect Series” to benefit tech enthusiasts in Africa, Europe and the Asia Pacific regions.

The post Blockchain Stories 2020: Highlights from Five Weeks of Community Sharing in Asia Pacific appeared first on Hyperledger.


Oasis Open

Invitation to comment on five UBL Committee Note Drafts - ends Sept. 17th


Invitation to comment on Business Document Naming and Design Rules (BDNDR) v1.1 from the UBL TC - ends September 2nd


Invitation to comment on Universal Business Language v2.3 from the UBL TC - ends September 2nd

Tuesday, 18. August 2020

Decentralized Identity Foundation

Where to begin?

An Overview of Introductory Resources (August 2020) [Note: this article is also available as a downloadable PDF. It was co-written with Kaliya-IdentityWoman.] There is no one single (or even central) place where decentralized identity technologies are being created. It is decentralized in its processes as well as its topography. Learning the “lay of the land” entails bouncing around a netwo

An Overview of Introductory Resources (August 2020)

[Note: this article is also available as a downloadable PDF. It was co-written with Kaliya-IdentityWoman.]

There is no one single (or even central) place where decentralized identity technologies are being created. It is decentralized in its processes as well as its topography. Learning the “lay of the land” entails bouncing around a network more than surveying a city from a high vantage point. But that’s ok! We recommend starting from the least familiar of these links and bouncing around, rather than reading start to finish.

Photo by Benjamin Elliot —Video Introductions to SSI An Introduction to Self-Sovereign Identity 9min
This presentation by the “SSI Ambassador” (Adrian Doerk of the LISSI project, headquartered in Frankfurt, Germany) touches on the psychology and sociology of identity definitions. It highlights why digital identity offers many different ways to present ourselves and walks through the basics of how ID today is dominated by mega-IdPs (identity providers). It gets to the conceptual heart of what SSI is about. It also shows a real live demonstration of a scooter-authorization project spearheaded by T-Mobile Germany. Self-Sovereign Identity (SSI) Foam Figure Explainer v2 9min
John Phillips from 460 Degrees, a consulting firm from Sydney, AU, updated his earlier video in January of 2020. This level-setting and first-introduction was designed to help Phillips’ clients understand what SSI looks like from a business-process perspective, which is the key perspective from which large enterprises are mostly likely to decide how much to invest in researching and considering SSI solutions. For more guidance on B2B sales and education, see his longer February presentation at SSI Meetup about how to explain SSI to C-Level executives. The True Meaning of Identity 38 min
In September 2019, Kaliya Young presented to SIBOS (the conference of the SWIFT settlement network central to global banking) in their Innovation Track. The video introduces the concept of identity and how it has evolved over time, before sharing at a high level how Self-Sovereign Identity works and why it solves widespread business problems. Domains of Identity — 33 min
In July of 2018, Kaliya Young presented to the MyData Conference and tied together her research work developing the Domains of Identity and how the various domains connects to the usage of decentralized identity technology — decentralized identifier and verifiable credentials.

The SSIMeetup series run out of Madrid, Spain by the indefatigable Alex Preukchat has been assembling a video archive of their live webinar series for years. For these, they invite leaders of influential SSI projects from around the world. These events have a loyal following of regular attendees, making for a spirited Q&A session at the end of each video. While most of the videos tend towards deep dives in specific technical, governance, business, or regional topics, some of them can be useful, accessible, and inspiring for novices. Here are a few we recommend in particular as “novice-friendlier deep dives”:

At the Core of SSI is the Decentralized Identifier (DID) 50min by Drummond Reed CIO Brief: Why SSI is Important 65min by Steve Magennis Introduction to Hyperledger Aries 71min by Nathan George Sovereignty in Historical Context 55min by Natalie Smolenski SSI In Healthcare 63min by Manreet Nijjar — Organizational Centers of Gravity in SSI Decentralized Identity Foundation (you are here)

This organization was formed as a Joint Development Foundation project in 2017 and has grown to be a major venue for IPR-protected co-development among large and small industry players. It has historically focused on the development of both working open-source code and pre-standard specifications for decentralized identity, but it is starting to branch out into non-technical forms of cooperation for the purposes of market-building and to promote all open decentralized identity technology, whether created in DIF or elsewhere.

The W3C Credentials Community Group

This public discussion group is affiliated with the Worldwide Web Consortium (W3C), a standards organization for web technologies supported by membership dues and responsible for the management of core protocols like HTML and TLS. The Credential Community Group (CCG) is not an official working group of the W3C, but is still protected under a version of W3C’s IPR regime. Work items can be proposed by W3C non-members, and these often include specifications that go on to be standardized. CCG meets every week and is a hub for coordinating activity. Their meetings are recorded and minuted, often including presentations. They also have coordinate other discussion groups open to non-members, such as the Education Credentials Task Force (“vc-ed”).

The Internet Identity Workshop

This biannual event has been the convening at the heart of the decentralized identity community for 15 years, held at the Computer History Museum in the heart of Silicon Valley. It is uniquely co-created by its participants in a mostly-organic and community-driven way, with no pre-picked speakers, keynotes, or commercial presentations aside from a demo hour. True to its name, workshopping, whiteboarding, and open (but detailed and concrete!) discussion on a massive scale are the core of the event. The books of proceedings organize and refine all of the notes taken live during all the sessions convened at each event.

MyData Global

This influential and egalitarian global organization grew out of a series of conferences first held in 2016. They advocate for a human-centric and rights-driven vision where individuals can get digital services that support them to collect their data, not just safeguarding and well serving but even empowering the data subject. Organizational members and individual members come together to create an ongoing dialogue between “consumers” and ethical businesses to shape new types of markets for digital services. Rooted in the values of the MyData Declaration, they focus primarily on elaborating refined, nuance, and bottoms-up models for data governance; only from a solid governance foundation do they begin to make policy, business, and technology decisions. They recently published the MyData Operators paper, bringing their policy, business, and technological goals more squarely into the realm of decentralized identity.

The Sovrin Foundation

Since the early days of decentralized identity, Sovrin has been one of the major hubs of innovation and entrepreneurship, serving as a kind of all-in-one community, codebase, blockchain, and better business bureau. They have also published many canonical educational and marketing texts that have been foundational to the development of “self-sovereign identity” as a sector of the software industry. The Aries project (housed in the Hyperledger Foundation) and the Trust-over-IP foundation are, in a sense, spin-outs of the Sovrin foundation, and both remain loosely based (sometimes by design, sometimes by momentum) on the Sovrin community’s codebase, ledger, and design principles. The fastest way to familiarize yourself with these is the whitepaper library on the Foundation’s website.

Standards organizations

These centers of gravity are where ideas and business models evolve in broad conversation. Inevitably, structuring ground rules and governance models for these eventually have to be negotiated between technical experts and standards adopted before major investments (of capital, but also of legislation and public good will) can be approved. See Nader Helmy’s great tour of standards organizations relevant to these centers of gravity.

— Government Initiatives: United States Federal Government

Anil John, head of the Silicon Valley Innovation Program run under the auspices of the Department of Homeland Security’s Science and Technology directorate has been funding the development of standards and business models in the nascent field for years. Their website hosts an overview of related projects articles by them, as well as guidance documents such as the Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems. Anil’s blog hosted by CyberForge includes many thoughtful pieces, such as Anil’s recent thoughts on interoperability or his article on the role of government in free-market technology, Can LESS be more?

The British Columbia Provincial Government

“BCGov” has invested significantly in the SSI IT management model and has pioneered an approach to verifiable public data represented by the Verifiable Organizations Network (“VON”). This network provides public-record credentials about registered business in a publicly accessible repository of Verifiable Credentials, bringing the traditional “orgBook” into the decentralized era. By directing much of their IT budgets towards open-source development and participating heavily in the emerging open-source community around this project, they have provided invaluable leadership, particularly within the Aries community, including such major contributions as the core of the Aca-Py Codebase.

The European Union

ESSIF (European SSI Framework) is an ongoing open-source initiative to seed and accelerate the role of SSI in the EU digital “single market” strategy. It is housed jointly between the directorate-generals responsible for IT planning and policy in Brussels and the independent European Blockchain Services Infrastructure (EBSI), a 30-country collaboration of EU and EU-affiliated countries working together to build a shared infrastructure for government blockchain projects. SSI Meetups are the best way to learn more about ESSIF and its role in the EU’s broader digital initiatives:

An overview by ESSIF Convenors Daniel du Seuil and Carlos Pastor (July 2019) ESSIF Chief Legal Counsel Nacho Alamillo gave an introduction to ESSIF’s approach to eIDAS in February 2020 and a more detailed overview of the official report of the legal review based on that approach in May of 2020 ESSIF-LAB program coordinators Oskar van Deventer and Rieks Joosten (TNO, the Hague) gave an overview of how their program incentivizes interoperability and European contributions to the broader SSI landscape (March 2020) Interested parties are encouraged to check the ec.europa.eu website for current public consultations and calls for comment. Other Notable International Consortia:

The Known Traveler Digital Identity project is led by the World Economic Forum and brings together the governments of Canada and the Netherlands, two Airlines and three airports to create a proof of concept that schedule to start real-world trials in the ill-fated Spring of 2020. Interrupted roadmaps aside, it has produced a significant corpus of documentation, policy recommendations, debate, and interest among governments and technical industries.

— Whitepapers and Publications: The Concept of Self-Sovereign Identity including its Potential by eGovernment Innovationszentrum, Gratz University of Technology Self-sovereign Identity: A position paper on blockchain enabled identity and the road ahead, by the Identity Working Group of the German Blockchain Association Decentralized Identity: Own and control your identity by Microsoft Decentralized-ID.com is a sprawling and truly bottomless collection of resources culled from conference annals, github, and technical publications. It is almost exclusively gathered and curated by anonymous independent researcher “Infominer,” who has been working in the virtual salt mines of decentralized identity, cryptocurrency, and the #indieweb movement for almost a decade.

Rebooting the Web of Trust hosts a “github journal” of whitepapers, most of them not just peer-reviewed but collaboratively written in person at 3-day “working conferences”; these range from highly technical and even cryptographic topics to business and UX-oriented contributions to the knowledge base of the broader decentralized-identity community. Some recent and still-topical highlights include:

Co-organizer Joe Andreiu’s Primer on Functional Identity Eric Welton’s Bearing Witness and Ecosystem bootstrapping via Notary VCs Pamela Dingle, Daniel Hardman, et al’s Alice attempts abuse on attack modeling the SSI credential exchange model Michael Shea, Sam Smith, and Carsten Stöcker, Cooperation beats Aggregation Kaliya Young et al., Reputation Interpretation — Monographs: Comprehensive Guide to Self Sovereign Identity (2019) — Kaliya Young / Heather Vescent Spherity’s SSI 101 Series on Medium (2020) — Juan Caballero Self Sovereign Identity (2021) — Alex Preukschat / Drummond Reed — Podcasts: Definitely Identity by Tim Bouma who leads trust framework and identity projects for the IT authority of the federal government of Canada. On the show, he interviews leaders in the field. State of Identity. The One World Identity conference and network has a podcast that covers the identity technology sector broadly, including cybersecurity, federated and centralized identity vendors, and even identity-related machine learning projects. PSAToday by Kaliya Young and Seth Goldstien. PSA stands for Privacy Surveillance and Anonymity, and covers a wide range of data rights topics.

There is, of course, much more to be recommended for deeper dives into specific technologies, business problem spaces, policy histories, and governance thinking. But we have to draw the line somewhere, and by the time you get to those advanced topics, are you really reading “introductory” texts anymore? Stay tuned for more curation, more knowledge bases, and more network exploration.

Where to begin? was originally published in Decentralized Identity Foundation on Medium, where people are continuing the conversation by highlighting and responding to this story.


ID2020

ID2020 Announces Certification of BLOK Bioscience Immunity Passport

ID2020 is proud to announce the certification of Immunity Passport from BLOK Bioscience, a digital ID-based solution for COVID health status certificates. Immunity Passport is the first COVID-focused solution to be certified by ID2020. Immunity Passport offers individuals a self-sovereign record of their testing, antibody and, ultimately, vaccination status. Initially envisioned as a means t

ID2020 is proud to announce the certification of Immunity Passport from BLOK Bioscience, a digital ID-based solution for COVID health status certificates. Immunity Passport is the first COVID-focused solution to be certified by ID2020.

Immunity Passport offers individuals a self-sovereign record of their testing, antibody and, ultimately, vaccination status. Initially envisioned as a means to help businesses and governments manage the safe and incremental return to public life in the midst of the COVID-19 pandemic, the solution is expected to be applied more broadly in the future to support immunization certificates and the transmission of other medical test results.

“The COVID-19 pandemic has thrust digital credentials into the global spotlight,” said ID2020 Executive Director, Dakota Gruener. “As we consider digital ID-based solutions for public health applications, getting the technology right is not negotiable. We intentionally set a high bar for certification and are delighted to recognize the BLOK Bioscience Immunity Passport solution for meeting our high standards for privacy protection, user-management, portability, and more.”

To be eligible for certification, solutions must adhere to 41 functional, outcomes-based Technical Requirements. In addition to providing a roadmap to help developers create better products, the ID2020 Certification also provides a “third-party seal of approval” so that implementers — and ultimately, end-users — can trust that the technology was developed in accordance with the highest ethical and technical standards.

“Pandemic management is essentially an entirely new solution domain,” said BLOK Solutions Chief Technology Officer, Areiel Wolanow. “The precedents we set now will set the standard for how the future unfolds, so we have a duty to get things right. By starting with the principle that individuals should always be the sole owner of their data, it is our hope at BLOK that this a standard that others will find it exceedingly difficult to deviate from.”

The ID2020 Certification is already impacting the technical landscape for digital ID and technology providers of all sizes are increasingly aligning their technical approaches to comport with ID2020’s requirements. To date, more than 30 technology providers from every corner of the globe have submitted applications and worked with the ID2020 staff and advisory committees to complete the application process.

Today, Immunity Passport joins Kiva Protocol, Gravity.earth, and ZAKA as part of a small, but rapidly growing, cadre of ID2020 certified digital ID solutions.

About ID2020

ID2020 is a global public-private partnership that harnesses the collective power of nonprofits, corporations, and governments to promote the adoption and ethical implementation of user-managed, privacy-protecting, and portable digital identity solutions.

By developing and applying rigorous technical standards to certify identity solutions, providing advisory services and implementing pilot programs, and advocating for the ethical implantation of digital ID, ID2020 is strengthening social and economic development globally. Alliance partners are committed to a future in which all of the world’s seven billion people can fully exercise their basic human rights and reap the benefits of economic empowerment and to protecting user privacy and ensuring that data is not commoditized.

www.ID2020.org

About BLOK BioScience, Ltd.

BLOK BioScience is part of the BLOK Group. With a network of global experts and a robust and far-reaching supply chain, we provide trusted and authentic solutions to help respond to the rapidly changing population wellness landscape.

Our unique combination of medical and strategic expertise and technical knowledge results in secure and compliant solutions for tracking and verifying immunity, and we use rapid antibody testing and recording to enable governments and industry to manage viral outbreaks and mitigate the economic and social effects of pandemics

www.blokbioscience.com

ID2020 Announces Certification of BLOK Bioscience Immunity Passport was originally published in ID2020 on Medium, where people are continuing the conversation by highlighting and responding to this story.

Monday, 17. August 2020

FIDO Alliance

New White Paper Series Provides How-tos and Best Practices for Going Passwordless in the Enterprise

Support for FIDO in browsers and operating systems is widespread and growing fast. Enterprises now have better tools to replace easily compromised passwords with simpler, stronger FIDO Authentication and eliminate […] The post New White Paper Series Provides How-tos and Best Practices for Going Passwordless in the Enterprise appeared first on FIDO Alliance.

Support for FIDO in browsers and operating systems is widespread and growing fast. Enterprises now have better tools to replace easily compromised passwords with simpler, stronger FIDO Authentication and eliminate phishing, man-in-the-middle and other security attacks. But, if you want to deploy FIDO in your enterprise, what are the first steps? Do you need to explain “why FIDO?” to your CISO? What do the timelines look like? Should you build your own server or work with a vendor? What FIDO authenticators should you accept? How do you manage  them? 

The FIDO Alliance Enterprise Deployment Working Group (EDWG) will answer these questions, and more, in its new white paper series. The series aims to educate corporate management and IT security on the improvements available for authentication today and how to leverage them within their own organizations. This work is dedicated to eliminating passwords and securing the simple act of logging into company systems and applications. 

First up in the series is the primer “CXO Explanation: Why Use FIDO for Passwordless Employee Logins?” This document is the guide for you and/or the executive leaders in your organization as to why you should invest in FIDO2 deployment for your employees.

It addresses all of the common questions from CXOs on the value proposition of FIDO Authentication and how the FIDO2 passwordless framework addresses the authentication needs and challenges of companies for the modern workforce. Read it now at https://fidoalliance.org/white-paper-cxo-explanation-why-use-fido-for-passwordless-employee-logins/ and pass it along to colleagues.

Subsequent entries in this educational series will focus on server deployment, authenticator choices, authenticator life-cycle management, and credential acceptance in the enterprise. This series is part of the Alliance’s strategy to provide expert deployment guidance to our community in order to support the rapidly growing number of FIDO implementations across a variety of use cases. Please watch this space as we publish more in this Enterprise Series over the coming months. 

The post New White Paper Series Provides How-tos and Best Practices for Going Passwordless in the Enterprise appeared first on FIDO Alliance.


Kantara Initiative

Spotlight on Digital Identity New Zealand

In July 2020, Digital Identity New Zealand and Kantara signed an MOU to collaborate on a range of activities for the advancement of the Mission of both organizations. A month later we asked them to share some thoughts with the wider Kantara global community.     1. What’s the elevator pitch for DINZ? We are […]

In July 2020, Digital Identity New Zealand and Kantara signed an MOU to collaborate on a range of activities for the advancement of the Mission of both organizations.

A month later we asked them to share some thoughts with the wider Kantara global community.

 

 

1. What’s the elevator pitch for DINZ?

We are all about trustworthy collaboration on digital identity and personal information.  We recognise that our online experience traverses an ecosystem of providers, platforms and technologies, and that effective collaboration and interoperability is key to better customer interactions and increased productivity.  We believe that Identity is taonga (a Maori word meaning something precious and valued) – it is a treasure worthy of dignity, respect and care.  This principle guides our collaborative efforts.

 

2. How is DINZ  and its members experiencing and reacting to the current global situation?

Digital Identity NZ’s 2020 research survey has found that there is a growing awareness of the way in which our personal information is harvested and used by organisations and technology providers, coupled with a high degree of anger and disappointment about the widespread sale and sharing of that information. 91% of New Zealanders desire a greater level of control over their identity and personal information, and we are calling on organisations and their technology providers to take a greater share of responsibility.  As organisations we have done an excellent job in raising awareness of some of the risks and challenges associated with our highly connected world, yet we are placing too heavy a burden on people to protect themselves without adjusting our systems and processes to make it easier for them to understand and take action.

3. How do you see the effects of the pandemic impacting digital identity beyond 2020?

Our research shows that more and more people are looking to online interactions first, rather than face to face.  Two thirds of New Zealanders indicated that their first point of call is now online.  Enabling that online interaction is a primary function of digital identity, and it is becoming increasingly important for all organisations to engage online, be they large and small, commercial, academic or community.

4. What’s high on DINZ’s agenda right now?

The management of identity and personal information is increasingly reliant on a trustworthy ecosystem of participants, adhering not only to technical and security standards, but also embracing principles of Kāwanatanga (Honourable Governance), Rangatiratanga (Self Determination & Agency), Ōritetanga (Equity & Partnership) and freedom of choice and expression. Building a trustworthy community of practice is a key activity for us.  This is even more pertinent given the New Zealand Government’s emerging work on a legislated Trust Framework for digital identity.  We are working closely with the agency responsible for developing the new framework, seeking collaborative action to refine and build a trustworthy ecosystem.

Find out more…

• Our 2020 Research is here
• And our 2019 edition is here

For more information on Digital Identity, visit https://digitalidentity.nz/

Friday, 14. August 2020

FIDO Alliance

First Citrus Bank Eliminates the Password for Employees

Florida-based First Citrus Bank provides premier independent community banking services to individuals, professionals, executives and entrepreneurs. With 70 employees in five locations, First Citrus is ranked in the top five […] The post First Citrus Bank Eliminates the Password for Employees appeared first on FIDO Alliance.

Florida-based First Citrus Bank provides premier independent community banking services to individuals, professionals, executives and entrepreneurs. With 70 employees in five locations, First Citrus is ranked in the top five Tampa Bay community banks by asset size.

Struggling with costs, complexities and security issues with passwords, First Citrus sought to increase security and usability for its employees logging into its various systems on shared Windows workstations. After testing several alternative authentication methods, First Citrus turned to FIDO Authentication as the best option to provide strong cryptographic authentication with a much easier passwordless user experience.

Eliminating the password

First Citrus sought to move away from passwords as the primary form of authentication for its employees logging on to its systems on shared Windows workstations. Between costly resets and a negative impact on employee productivity, First Citrus’s main objective was to eliminate the need for its employees to have to enter a password while providing secure user authentication.

The bank evaluated several desktop authentication options including smart cards and time-based one-time passwords (TOTPs), but found that these options added friction for their employees’ logins, creating a poor user experience while not providing enough additional security. All of the options they reviewed also still required password entry.

Taking a standards-based approach to passwordless authentication

First Citrus then looked to FIDO Authentication, a standards-based approach to strong authentication. The interoperability that comes with taking a standards-based approach fit well into First Citrus’s broader security strategy.

FIDO standards use on-device public key cryptography techniques to provide stronger authentication over passwords and other forms of strong authentication; user credentials are never shared and never leave the user’s device. The protocols are also designed from the ground up to protect user privacy. The protocols do not provide information that can be used by different online services to collaborate and track a user across the services, and biometric information never leaves the user’s device. This is all balanced with a simple user experience that meets passwordless use cases with native biometrics on the user’s device.

It was important to First Citrus to choose an end-to-end FIDO Certified solution in order to roll out FIDO Authentication to all of its access points with assured security and interoperability. The bank chose to work with HYPR, which offers FIDO Certified platforms for FIDO UAF (mobile-based passwordless authentication) and FIDO2 (mobile and desktop passwordless and second-factor authentication) standards. The mixture of these FIDO specifications allows First Citrus to cover mobile and desktop requirements for user authentication.

Simpler, mobile-initiated authentication for all employees

First Citrus deployed HYPR’s FIDO platform to provide truly passwordless authentication for all of its employees logging into Windows 7 and 10 workstations. Deployment was straightforward: within an hour, the bank was able to have computers leveraging FIDO Authentication. After a several-month evaluation period, First Citrus rolled out the FIDO solution to all of its employees in February 2019.

For First Citrus employees, logging in is now mobile-initiated. They simply use the native biometrics on their mobile device (iOS or Android) to log in to any First Citrus desktop workstation, with far higher FIDO security and privacy over the old password model. Employee feedback has been positive; the chief financial officer has joked, “I’ve completely forgotten my password!” HYPR’s FIDO Certified platform has now become a core component of First Citrus’s internal authentication strategy, with the possibility of extending FIDO authentication options to its online banking customers in the future.

View the First Citrus Bank Case Study PDF document here.

OVERVIEW

First Citrus is ranked in the top five Tampa Bay community banks by asset size, with 70 employees in five locations.

Objective
First Citrus sought to eliminate the need for employees to have to enter a password while providing secure user authentication.

Solution
First Citrus implemented HYPR’s FIDO Certified authentication platform, which provides simpler and secure mobile-initiated biometric logins for all employees to Windows workstations.

What’s Next
FIDO and HYPR have now become core components of First Citrus’s authentication strategy, with the possibility of extending FIDO authentication options to its online banking customers in the future.

“I’ve completely
forgotten my
password!“

The post First Citrus Bank Eliminates the Password for Employees appeared first on FIDO Alliance.

Thursday, 13. August 2020

Digital ID for Canadians

Spotlight on Mavennet

1. What is the mission and vision of Mavennet? Mavennet’s vision is to build a new world of trust.  We strive to empower large enterprises…

1. What is the mission and vision of Mavennet?

Mavennet’s vision is to build a new world of trust. 

We strive to empower large enterprises with better and more effective ways to securely share information and value. We build on technologies such as blockchain and AI to help transform entire industries. Our focus extends to several industries: financial services, supply chain, energy, the public sector and media and entertainment. Our business focuses on challenging the status quo of industries that are in need for disruption, either internally or externally.

2. Why is trustworthy digital identity critical for existing and emerging markets?

Identity is at the foundation of any sharing of value or information. 

Traditional identity management systems are vulnerable to single points of failure, they raise privacy issues for the data they carry and limit the possibility of secure interoperability. In industries with business processes that rely on complex workflows or transactions amongst multiple stakeholders, the need for trustworthy digital identity becomes paramount.

At Mavennet, we are implementing decentralized identifiers to our suite of supply chain products to be able to associate a robust digital identity to actors and assets along a network. In conjunction with verifiable credentials (VCs) we enable cryptographically sound and privacy preserving claims that provide transparency and traceability to value chain participants. Ultimately, this trusted digital history of physical assets enables industries to have reliable provenance of goods and attribute actions to stakeholders. This addresses the most pressing pain points of global supply chains: traceability, auditability, flexibility and stakeholder management. 

Unlocking trustworthy digital identity in a way that is easy to implement in existing enterprise environments and can be readily adopted by multiple industries is crucial. It opens new pathways to emerging markets that are vulnerable to lack of trust amongst participants. 

3. How will digital identity transform the Canadian and global economy? How does Mavennet address challenges associated with this transformation?

The COVID-19 pandemic has demonstrated the lack of responsiveness and flexibility of global supply chains, as evidenced by the spike in closures of manufacturing facilities and the unmet demand for basic commodities. An added concern for international trade is the rise in counterfeiting, which exceeds $900 billion USD annually. These threats to the security and stability of global supply chains can be in part offset by the adoption of digital identities. Their power to unlock fast, secure and trustworthy exchanges, can significantly improve the operational and business process efficiency of industries as a whole. This overhaul of internal traditional processes translates into more globally competitive businesses and positions Canada as an incrementally valuable trading partner.

Mavennet has been deeply involved in the space of decentralized identities and VCs through the deployment of an energy traceability platform that provides end-to-end visibility of assets. This solution, called Neoflow, has laid out new standards for exchange of data in the form of VCs between supply chain stakeholders by identifying them with a unique decentralized identifier. Our goal is to aid the transformation towards digital identities by providing a set of standards and APIs that enable seamless integration with other vendors with the same vision and legacy systems.

4. What role does Canada have to play as a leader in the space?

Canada is particularly well poised to act as a leader in this space, given its strong international voice relative to its size.

Canada has a unique opportunity to drive the standards for adoption at an international level, due to its position as a global emerging innovation ecosystem and technology hub. Further, as a top global exporter of crude oil, gold, wheat, aluminum and others, Canada plays a key role in the way that international trade is conducted. The country has the international relevance to coordinate and propagate digital identity initiatives.

5. Why did Mavennet join the DIACC?

Defining identity standards collaboratively is an essential step when you are looking at transforming entire industries. Up to now we have been doing work with decentralized identity and VCs standards applied to the industries we focus on. We hope to leverage our experience and vision to contribute to the work DIACC does and help raise the water level for Canadian technology as a whole.

6. What else should we know about Mavennet?

We are currently working on exciting solutions for governments and multinational companies in Canada, US and Europe. The core IP of these solutions involves identity management, asset traceability, digital assets, analytics and artificial intelligence. Some of these are:

Neoflow – provides end-to-end digital traceability for energy. In particular we are working with the United States Department of Homeland Security  to help with traceability in the oil and gas sector. Multiparty, real-time, immutable data and insights gathered by Neoflow allows governments and key stakeholders to make data-backed decisions on supply/demand, regulation policies and tariffs.   MetalTrail – traces the steel value chain, including materials’ dependencies, to certify the true origin, quality and environmental footprint of steel products.   QCAD – is the first fully-regulated Canadian Dollar Stablecoin. This product was created through Stablecorp, a joint venture between 3iQ and Mavennet.   MavenStamp – seamlessly provides “immutability as a service” through an API. It enables non-technical users to timestamp data on the blockchain and obtain  evidence of its existence. 

Earlier this year Mavennet launched an EU sponsored multinational blockchain research project funded at $12 million CAD. Mavennet leads the consortium as the technical lead. In this way, we are excited to continue contributing to the digital identity space and to be in such a privileged company with the DIACC. 

Wednesday, 12. August 2020

FIDO Alliance

Forbes: Trust Is A Keystone Of Digital Transformation

In a talk with Forbes, FIDO Alliance’s Andrew Shikiar, Executive Director & CMO, discusses how authenticating employees and end-users can help organizations push ahead with digital transformation projects and solve […] The post Forbes: Trust Is A Keystone Of Digital Transformation appeared first on FIDO Alliance.

In a talk with Forbes, FIDO Alliance’s Andrew Shikiar, Executive Director & CMO, discusses how authenticating employees and end-users can help organizations push ahead with digital transformation projects and solve the issue of trust.

The post Forbes: Trust Is A Keystone Of Digital Transformation appeared first on FIDO Alliance.

Friday, 07. August 2020

Digital ID for Canadians

2021 Pre-Budget Submission

DIACC’s Written Submission for the Pre-Budget Consultations in Advance of the 2021 Budget Ahead of the 2021 federal budget, the House of Commons Standing Committee…

DIACC’s Written Submission for the Pre-Budget Consultations in Advance of the 2021 Budget

Ahead of the 2021 federal budget, the House of Commons Standing Committee on Finance has asked Canadians to share their input. 

DIACC is pleased to have submitted a brief, calling on the Federal Government to implement the following recommendations: 

Secure adoption of the Pan-Canadian Trust Framework by businesses and governments to ensure Canadians are well-protected and supported post-pandemic. Work with provincial and territorial partners along with Citizenship and Immigration Canada to ensure that all Canadians have access to an ISO compliant government-issued digital ID credential with economy-wide utility by December 31, 2021. Have digital identity and authentication efforts co-led by the Minister of Digital Government and the Minister of Innovation, Science, and Industry to ensure that both government service delivery and economic prosperity requirements are met. Prioritize the funding and integration of digital ID as part of the Digital Technology Supercluster Initiative.  Champion and educate on the crucial role of digital identity for businesses, health care centres, academic institutions, civil society, and all Canadians.

Read DIACC’s full Pre-Budget Consultation Submission below or download directly.

Thursday, 06. August 2020

FIDO Alliance

Authentication Attitudes, Usage & FIDO Brand Research Report

The FIDO Alliance has launched a new microsite, LoginWithFIDO.com, for high level, non-technical information about FIDO for consumers and service providers. As part of this project, we wanted to learn more […] The post Authentication Attitudes, Usage & FIDO Brand Research Report appeared first on FIDO Alliance.

The FIDO Alliance has launched a new microsite, LoginWithFIDO.com, for high level, non-technical information about FIDO for consumers and service providers.

As part of this project, we wanted to learn more about consumer attitudes and habits around authentication. What are their password habits? What do they think about the FIDO approach? Do they want to see FIDO at login?

To find out, we conducted a survey of 1,000 U.S. consumers, and created a research report.

The post Authentication Attitudes, Usage & FIDO Brand Research Report appeared first on FIDO Alliance.


2020 FIDO Hackathon in Korea Update: Mid-term Meetup Event

Joon Hyuk Lee, APAC Market Development Director, FIDO Alliance Editor’s note: For the background information on the 2020 Hackathon in Korea, see the April blog post: “2020 FIDO Hackathon: Goodbye […] The post 2020 FIDO Hackathon in Korea Update: Mid-term Meetup Event appeared first on FIDO Alliance.

Joon Hyuk Lee, APAC Market Development Director, FIDO Alliance

Editor’s note: For the background information on the 2020 Hackathon in Korea, see the April blog post: “2020 FIDO Hackathon: Goodbye Password Challenge in Korea.”  To learn more about examples of proposed development ideas, please read the June blog post: “2020 FIDO Hackathon in Korea: Learn & Implement Phase.”

In the afternoon of July 1st, 2020, a Mid-Term Meetup Event for FIDO Hackathon – Goodbye Password Challenge was held at Telecommunication Technology Association (TTA). Originally, the Hackathon Steering Committee had planned a full-day onsite final implementation and evaluation day, followed by a month and a half online training phase.  Due to the global pandemic, we had to change our schedules in accordance with school calendar disruptions and summer holidays. We decided to have a half-day mid-term meetup event for participants. This allowed us to help the teams to stay on course while providing a safe environment for people to learn from each other face-to-face.

Nineteen different teams participated in the event, half of them face-to-face with strict public health guidance applied, and the other half virtually. The meeting gave opportunities for teams to share their FIDO protocol-based online service development ideas and current development status, learn from each other and receive valuable feedback from FIDO Alliance Korea Working Group members.

In addition to sharing their projects’ current development status, the teams had the opportunity to present the “homework” they have completed after online training.  The homework was writing a simple article on the web, with answers to the following questions:

What is FIDO Alliance? What are the FIDO protocols? What are the benefits of implementing FIDO protocols? (Option) What services/products are you developing for the 2020 FIDO Hackathon and what would be the value of adopting FIDO protocols for online authentication?

We were very pleased with the articles we received. You can read examples (mostly in Korean) by visiting these following links:

No matter how passwords are complicated, they are not safe!  Learn FIDO concepts FIDO Authentication: Good security knowledge to learn while you are quarantined at home 2020 FIDO Hackathon Homework – My Plan to Develop FIDO Based IoT Solution for Home FIDO – New technology standard to solve problems with IDs and Passwords  Let’s learn about FIDO Alliance and FIDO Specs Summary on FIDO Alliance and FIDO Specs

We hope this short blog gives you a better understanding of the current status of the 2020 FIDO Hackathon in Korea.  We will be back soon with more updates after the final evaluation — scheduled for this week. 

The post 2020 FIDO Hackathon in Korea Update: Mid-term Meetup Event appeared first on FIDO Alliance.


OpenID

OpenID Certification Program – Last Call for Testing OpenID Connect Implementations on Python Platform

The OpenID Foundation has made a considerable investment in 2020 in transitioning the certification program’s conformance test suite to a single, Java-based system. The Financial-grade API (FAPI) tests have been Java-based since early 2019 and now we are preparing to finish transitioning the OpenID Connect tests to the Java-based conformance test suite on Monday, August […] The post OpenID Certi

The OpenID Foundation has made a considerable investment in 2020 in transitioning the certification program’s conformance test suite to a single, Java-based system. The Financial-grade API (FAPI) tests have been Java-based since early 2019 and now we are preparing to finish transitioning the OpenID Connect tests to the Java-based conformance test suite on Monday, August 31, 2020, at which point we plan to decommission the existing Python-based conformance suite. See https://openid.net/certification/migration/ for details on the migration.

If you are currently testing your OpenID Connect implementations, please note this transition date and migrate your testing from the Python-based suite to the Java-based suite prior to that. If you are considering testing your OpenID Connect implementations, please include the transition date in your planning.

The transition to a single code base for the conformance test suite will enable the Foundation to more efficiently manage the program and add new profiles for testing. Thank you to those community members who have assisted in “testing the tests” and helping us reach this important milestone in the Certification Program’s history.

Please send any inquiries or issues encountered to certification@oidf.org and/or submit issues about the Java-based conformance suite at https://gitlab.com/openid/conformance-suite/-/issues.

 

Don Thibeau
OpenID Foundation Executive Director

The post OpenID Certification Program – Last Call for Testing OpenID Connect Implementations on Python Platform first appeared on OpenID.


FIDO Alliance

Ars Technica: Apple has Finally Embraced Key-Based 2FA

Security keys are more secure and are finally ready for the masses, reports Ars Technica. Here’s a great overview of Google Advanced Protection Program, including the latest Apple native support, […] The post Ars Technica: Apple has Finally Embraced Key-Based 2FA appeared first on FIDO Alliance.

Security keys are more secure and are finally ready for the masses, reports Ars Technica. Here’s a great overview of Google Advanced Protection Program, including the latest Apple native support, and also the history of FIDO standards.

The post Ars Technica: Apple has Finally Embraced Key-Based 2FA appeared first on FIDO Alliance.


Progress Report: FIDO’s Effort to Eliminate Passwords

“Progress Report: FIDO’s Effort to Eliminate Passwords” FIDO Alliance’s Andrew Shikiar, Executive Director & CMO, describes our latest efforts to reduce reliance on passwords, overcome its barriers & educate consumers, […] The post Progress Report: FIDO’s Effort to Eliminate Passwords appeared first on FIDO Alliance.

“Progress Report: FIDO’s Effort to Eliminate Passwords” FIDO Alliance’s Andrew Shikiar, Executive Director & CMO, describes our latest efforts to reduce reliance on passwords, overcome its barriers & educate consumers, reports InfoRisk Today.

The post Progress Report: FIDO’s Effort to Eliminate Passwords appeared first on FIDO Alliance.


Apple @ Work Podcast: iOS 14 and macOS Big Sur Bring New Password Technology to Market

In this episode of the Apple @ Work podcast, Bradley is joined by Andrew Shikiar from the FIDO Alliance to discuss the history of the FIDO Alliance and what iOS 14 and macOS […] The post Apple @ Work Podcast: iOS 14 and macOS Big Sur Bring New Password Technology to Market appeared first on FIDO Alliance.

In this episode of the Apple @ Work podcast, Bradley is joined by Andrew Shikiar from the FIDO Alliance to discuss the history of the FIDO Alliance and what iOS 14 and macOS Big Sur are doing for password management.

The post Apple @ Work Podcast: iOS 14 and macOS Big Sur Bring New Password Technology to Market appeared first on FIDO Alliance.

Wednesday, 05. August 2020

WomenInIdentity

Interview with Dia Banerji, UK Ambassador at WiD

We interviewed Dia Banerji, one of our UK Ambassadors, to find out more about her passion for innovation and technology. What gets you out of bed in the morning? I… The post Interview with Dia Banerji, UK Ambassador at WiD appeared first on Women in Identity.

We interviewed Dia Banerji, one of our UK Ambassadors, to find out more about her passion for innovation and technology.

What gets you out of bed in the morning? Dia Banerji

I am passionate about the power of innovative technology & its potential in creating a better world. As an individual, I enjoy solving problems with technology solutions. I consider myself to be fortunate to be able to pursue my passion in the work I do.

I am the founder of ID4V. It is an early stage start-up focused on building a platform to enable Self Sovereign Digital Identity for Cross-Border Travel Visa Applications using Blockchain Technology. ID4V aims to address the inefficiency in our travel visa application system which affects millions of people around the world. Very few experiences in life can be compared to the joy of creation. I am thrilled to be on this journey.

I also work as a Consultant to the Blockpass identity Lab at Edinburgh Napier University where I advise on commercialization of emerging technology. I help identify industry applications for Blockchain & Privacy Preserving Machine Learning research. Every day I spend at the lab I learn something new. I am surrounded by brilliance and get to work with innovative cutting-edge research. It is truly inspiring.

This is a very exciting time to be in Identity. We are creating a gateway to access the digital economy. What we build today & how we build it, will shape our future. My work in Identity allows me to be part of this incredible evolution.

Roosevelt once said “Far and away the best prize that life has to offer is the chance to work hard at work worth doing.” To me, working in Identity as an Entrepreneur and a Professional is work worth doing and I love it!

How did you get to where you are today?

The short answer would be ‘CURIOSITY’!

Prior to embarking a career in the technology sector, I spent over fifteen years in the financial services industry and worked for some of the top global banks in the world. Around 2016, within my fraternity there was a lot of noise about Bitcoin. Most of my peers and friends who were in Financial Services were naysayers and opposed Bitcoin with the utmost passion. Wall street greats like Warren Buffet famously called Bitcoin ‘Rat Poison Squared’! This got me curious. I wanted to learn more about Bitcoin to be able to figure out where I stood on the debate. This pursuit led me to studying Blockchain and Distributed Ledger Technologies. I was amazed with the potential of this technology in solving real world problems. I wanted to be part of it. So, I pivoted my career to outlining use cases for Blockchain especially within Financial Services sector. And in that journey, I came to narrow my focus on Digital Identity and got to where I am today.

What is the most important lesson you have learned along the way?

The most important lesson that I learned was not to be intimidated by the things I did not know and appreciate the value of stepping outside my comfort zone. I was a financial service professional before I entered the world of Technology and Digital Identity. I have an MBA and not a computer science degree. There will always be somethings that we do not know and that is absolutely fine! Especially when one is working within the Identity Industry which is constantly changing and new standards are being incubated as we speak. Knowledge has a way of demystifying complex concepts. And once you understand something in depth you are no longer intimidated by it. The key thing is to never stop learning. And one of the most enjoyable aspects of my work is that I get to learn something new all the time. This to me this is both inspiring and empowering.

What should leaders in identity start, stop and continue – and why?

The concept of identity has been broadly accepted as a fundamental human right. A legal identity enables individuals to participate in society and have access to rights and services. It is a prerequisite to financial & social inclusion.

Identity management is a global problem. The current system does not scale and is in much need for disruption. For, those of us in the developed world we are plagued with inefficiencies of legacy systems, data privacy breaches & leaks leading to trust issues with central authorities. For the citizens of the developing nations many are denied access to financial & social services for lack of verifiable identity. According to World Bank, it is estimated that approximately one billion people across the world do not have access to an officially recognizable identity!

As the world transitions to a digital economy we need to have a more secure, scalable, interoperable and citizen focused digital identity management solutions to ensure inclusion.

So, my advice to the CEO’s in the identity space would be the following:

START: Collaborating with one another and build solutions and platforms which are interoperable. Have diverse teams within the organisation so that the solutions reflect the wider needs of society. Both are imperative for mass adoption!

STOP: Building centralized identity management solutions! Be citizen focused and build applications on the principles of self-sovereign digital identity. Allow individuals to own, control and manage the distribution of their personal identity. This is essential to be able to build scalable and secure systems with no central point of failure and reduce risk of data theft.

CONTINUE: Identifying new uses cases for Identity management solutions and apply innovative technologies to enhance efficiency and security of applications. Digital Identity is a relatively new industry and is constantly changing. We need to continue to fund new research and explore new use cases. This is crucial, for the creation of robust digital identity management platforms for the future.

In one sentence, why does diversity matter to you?

I have always looked to nature to find order and to me diversity is the purest form of natural existence and the only way to live and thrive in this world.

What book/film/piece of art would you recommend to your fellow members? Why?

I would recommend the film, The Matrix. It is a beautiful film and the script is almost Shakespearean. If one sees beyond the action-packed computer graphics there is a deep spiritual message and a tale about the constant strife between ignorance and enlightenment faced by mankind. Like most great works of art, it leaves you questioning. Definitely worth a watch!

What advice would you give to the teenage ‘you’?

I would advise my teenage self to be ‘fearless’ and ‘take chances’. In order to walk the path that no one has ever walked before requires one to be brave and follow one’s gut. Greatness is seldom achieved by being careful. So, go ‘ALL IN’ and follow your passion and don’t seek external validation. Believe in yourself!

Where can we find you on social media / the Web?

You can find me on LinkedIn.

The post Interview with Dia Banerji, UK Ambassador at WiD appeared first on Women in Identity.


Interview with Janelle Riki-Waaka

Esme Wardhaugh interviewed Janelle Riki-Waaka, for an interesting discussion on the digital identity sphere. What do you do and what is it about your job that gets you out of… The post Interview with Janelle Riki-Waaka appeared first on Women in Identity.

Esme Wardhaugh interviewed Janelle Riki-Waaka, for an interesting discussion on the digital identity sphere.

What do you do and what is it about your job that gets you out of bed in the morning? Janelle Riki-Waaka

As Queen Whitney says, I believe the children are our future, teach them well and let them lead the way! Cheesy I know but no truer words were spoken. I am so privileged to work with educators and support them in their professional learning needs.

Education systems world wide originated from the need to prepare kids for the workforce. In the industrial era this meant reflecting the work conditions they would eventually go into – large warehouses became classrooms and the smoko bell became the school bell. In terms of education for young girls, it was often crafted around antiquated expectations of a ‘woman’s work’. In terms of education for indigenous kids, this was primarily designed to assimilate them into the dominant culture. This practice was considered to be ‘in their best interests’ and would ensure a more ‘fair’ and just society for all. The education system wasn’t designed to empower indigenous kids to be deeply connected to their language, identity and culture and we are still feeling the ramifications of the trauma that this caused for indigenous people across the world. Until we actively start to redress that trauma, we will continue to experience inequity in its most harmful forms.

So what gets me out of bed in the morning? It’s the responsibility I feel to be a voice for those indigenous kids who are continuing to experience inequity in our education system. It’s the understanding I have through my own learned experiences that our kids rely on us to be their allies, their advocates and their cheerleaders. They deserve to walk into schools and be empowered to be who and what they are and be secure in the knowledge that they are surrounded by adults who are working really hard to know better and do better.

How did you get to where you are today?

Pure determination to prove people wrong! I hated the stereotypes about Māori women so becoming a single mother in my early 20’s lit a fire in me to push as hard as I could against those stereotypes and become more than what society expected of me. I worked really hard and I leaned into my support network. I read and learned and listened to people that inspired me and I set goals and just ticked them off one at a time. I went from a high school failure and a young single mother, to a self sufficient, empowered woman with a Masters Degree. At the start of my journey the degree was my aspiration and I was fuelled by wanting to prove a point. But the real reward for me was the self assurance that I could in fact achieve anything I dared to dream about.

What is the most important lesson you have learned along the way?

Gosh so many! I think the most valuable lesson for me was to learn to trust my gut. Over the years I have come to realize that female intuition is probably the most powerful tool in our arsenal! I’m not referring to that little voice in our head that is most often our harshest critic, I’m talking about that gut feeling you get right when you need to get it! Looking back over things you can often remember a time when your gut warned you this was the wrong path. Or it screamed at you to just have faith. When things are tough in my world and I can’t see the wood for the trees, I always try to block out the noise and tune into my female intuition to allow it to guide me on my journey.

What’s your advice to CEOs in the identity space?

STOP considering only your learned perspective of what identity is. There are so many diverse definitions of identity and it’s important we don’t narrow the lens here. It would be dangerous to assume there is one definition of identity and even more dangerous to assume the western world view is the correct one! We need to allow diverse perspectives of identity to inform our practice for the future as one size will definitely not fit all and it’s too important to get wrong.

START educating people about digital identity. If you work in this space you might be forgiven for assuming everyone understands it but I assure you this is far from the case. Education should empower people to make informed choices and we must be careful not to educate through fear. We need to start to look at how we can educate our kids about their digital identity and integrate this important knowledge into school curriculum.

CONTINUE exploring alternative ways, processes and perspectives. You know what they say true collaboration is – it’s about the ideas that don’t exist until you get everyone in the room! So as you are continuing to explore innovative solutions to new emerging challenges ask yourselves this – who’s voice is missing in the conversation. And then go engage with those missing voices. They may just have the very solution you’ve been searching for.

We need to allow diverse perspectives of identity to inform our practice for the future as one size will definitely not fit all and it’s too important to get wrong.

In one sentence, why does diversity matter to you?

Because everyone should feel important and valued for who they are.

What book/film/piece of art would you recommend to your fellow members? Why?

The Whale Rider is an amazing book by Witi Ihimaera and the film is phenomenal. It gives a great insight into the Māori culture and practices and it’s a go to for me when I need a reminder about having faith and trusting my intuition. It also explores a Māori perspective on identity and the importance of understanding indigenous world views and practices.

What advice would you give to the teenage ‘you’?

Have faith, be present and take it easy on yourself! You’re loved and strong and trust me, it’s all coming to you.

Where can we find you on social media / the Web?

Find me on the web at https://core-ed.org/about-core/our-team/professional-learning-solutions/janelle-riki-waaka, on Twitter @jayeriki and on LinkedIn.

The post Interview with Janelle Riki-Waaka appeared first on Women in Identity.

Monday, 03. August 2020

Oasis Open

ISO Approves OASIS ebMS3 and AS4 as International Standards for Messaging

Friday, 31. July 2020

MyData

MyData Online 2020 Conference Call for Proposals open from 30 July to 6 September

The main programme of the conference is content made by the MyData community through the Call for Proposals. The call started on 30 July. After the call ends on 6 September, all submissions will be reviewed twice by our community of reviewers. Notification of acceptance will be sent out on 18 September. The full conference programme will be published... Read More
The main programme of the conference is content made by the MyData community through the Call for Proposals. The call started on 30 July. After the call ends on 6 September, all submissions will be reviewed twice by our community of reviewers. Notification of acceptance will be sent out on 18 September. The full conference programme will be published... Read More

Thursday, 30. July 2020

Decentralized Identity Foundation

The Universal Resolver Infrastructure

A DIF-hosted resource for community development Introduction It has been almost three years since DIF began working on the Universal Resolver (GitHub: Universal Resolver) — a foundational piece of infrastructure for the Decentralized Identity ecosystem (see the original announcement). Since then, our vision of being interoperable across ledgers and DID methods has seen a lot of support. Thanks t
A DIF-hosted resource for community development Introduction

It has been almost three years since DIF began working on the Universal Resolver (GitHub: Universal Resolver) — a foundational piece of infrastructure for the Decentralized Identity ecosystem (see the original announcement). Since then, our vision of being interoperable across ledgers and DID methods has seen a lot of support. Thanks to community contributions, the Universal Resolver now supports around 30 different DID methods.

Today, we are happy to announce an updated set of instances where the Universal Resolver is deployed. One stable and one experimental version will be iterated, maintained, and hosted by DIF as a service to the community!🎉

While this is undoubtedly a useful resource for research, experimentation, testing, and development, it is important that it not be mistaken for a production-grade universal resolver. It should be pointed out that:

This infrastructure is neither intended or approved for production use cases and that nobody should rely on it for anything other than for development and testing purposes. These two specific deployments are not production-ready. The preferred scenario continues to be that all DID-based information systems, run by a method operator or otherwise, production or otherwise, host their own instance of the Universal Resolver (or other DID Resolution tools). DIF withholds the right to limit or modify the performance of this free service in case usage for production, commercial, and/or malicious purposes is detected. Two Deployments

The following two deployments are now available as a community service:

* https://resolver.identity.foundation/ — Hosted on IBM Cloud by DIF (thanks IBM!). While not considered production-ready, this instance is expected to be relatively stable. It will be tested before and after manual updates from time to time, with versioned releases.
* https://dev.uniresolver.io/ — Hosted on AWS by DIF. This instance is more experimental, will be updated frequently, and is connected to CI/CD processes. It may be down from time to time or have unexpected functionality changes.

Note: For backward compatibility, the original URL https://uniresolver.io/ will now redirect to https://dev.uniresolver.io/.

Documentation

See the following links for more information about testing, release, and deployment processes of the Universal Resolver:

Photo by Anne Nygård AWS Architecture: https://github.com/decentralized-identity/universal-resolver/blob/master/docs/dev-system.md CI/CD Process: https://github.com/decentralized-identity/universal-resolver/blob/master/docs/continuous-integration-and-delivery.md Branching Strategy: https://github.com/decentralized-identity/universal-resolver/blob/master/docs/branching-strategy.md Release process: https://github.com/decentralized-identity/universal-resolver/blob/master/docs/creating-releases.md Periodically, this standing work item is discussed in the Identifiers and Discovery Working Group, so that group’s recorded meetings and discussions on Slack and mailing list may contain further insight on the above topics.

The Universal Resolver Infrastructure was originally published in Decentralized Identity Foundation on Medium, where people are continuing the conversation by highlighting and responding to this story.

Wednesday, 29. July 2020

FIDO Alliance

Webinar: Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com

The FIDO Alliance has launched a new microsite, LoginWithFIDO.com, for high level, non-technical information about FIDO for consumers and service providers. As part of this project, we wanted to learn […] The post Webinar: Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com appeared first on FIDO Alliance.

The FIDO Alliance has launched a new microsite, LoginWithFIDO.com, for high level, non-technical information about FIDO for consumers and service providers. As part of this project, we wanted to learn more about consumer attitudes and habits around authentication. What are their password habits? What do they think about the FIDO approach? Do they want to see FIDO at login?

To find out, we conducted a survey of 1,000 U.S. consumers – the results of which were shared on this webinar. These slides include the findings from our research and how you may be able to utilize the data for your own FIDO offerings and/or deployments. Find the slides here.

The post Webinar: Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com appeared first on FIDO Alliance.


Webinar: Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com

The FIDO Alliance has launched a new microsite, LoginWithFIDO.com, for high level, non-technical information about FIDO for consumers and service providers. As part of this project, we wanted to learn […] The post Webinar: Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com appeared first on FIDO Alliance.

The FIDO Alliance has launched a new microsite, LoginWithFIDO.com, for high level, non-technical information about FIDO for consumers and service providers. As part of this project, we wanted to learn more about consumer attitudes and habits around authentication. What are their password habits? What do they think about the FIDO approach? Do they want to see FIDO at login?

To find out, we conducted a survey of 1,000 U.S. consumers – the results of which were shared on this webinar. These slides include the findings from our research and how you may be able to utilize the data for your own FIDO offerings and/or deployments. Find the video here.

The post Webinar: Consumer Attitudes Toward Strong Authentication & LoginWithFIDO.com appeared first on FIDO Alliance.


Oasis Open

OASIS Approves Four Public-Key Cryptography (PKCS) #11 Standards


MyData

Press release: MyData Operator 2020 status awarded to 16 organisations from around the world

MyData Global Press release Helsinki, July 29th 2020 Embargo 16:30 CEST    A bold new initiative to shape the new normal of data has arrived – MyData Operator 2020 status awarded to 16 organisations from around the world   As the CEOs of US data giants face inquiry in the country’s Congress, an alternative to... Read More
MyData Global Press release Helsinki, July 29th 2020 Embargo 16:30 CEST    A bold new initiative to shape the new normal of data has arrived – MyData Operator 2020 status awarded to 16 organisations from around the world   As the CEOs of US data giants face inquiry in the country’s Congress, an alternative to... Read More

OpenID

The OpenID Foundation and Financial Data Exchange Host Workshop Focused on Fintech Standards and Certification

The OpenID Foundation (OIDF) and Financial Data Exchange hosted a joint workshop on July 21, 2020 to share information on their respective standards and certification programs. OIDF Chairman, Nat Sakimura provided a global view of the state of financial APIs followed by FDX Managing Director, Don Cardinal, who described FDX’s focus as the financial services […] The post The OpenID Foundation and

The OpenID Foundation (OIDF) and Financial Data Exchange hosted a joint workshop on July 21, 2020 to share information on their respective standards and certification programs.

OIDF Chairman, Nat Sakimura provided a global view of the state of financial APIs followed by FDX Managing Director, Don Cardinal, who described FDX’s focus as the financial services industry’s standards development and certification center of excellence in the US. Torsten Lodderstedt, CTO at yes.com and a OIDF contributor overviewed the roadmap of the Foundation’s Financial-grade API (FAPI). FDX Director Product, Dinesh Katyal, shared a high level look at the FDX API plans. All this led to the key part of the conversation: how the two organizations may best to continue to collaborate. The workshop concluded with a demonstration of the OIDF certification suite including FAPI certification by Joseph Heenan, Fintech Labs CTO and lead developer of the OIDF Certification Program.

 

Workshop Presentations

OpenID Foundation Overview by Nat Sakimura

Financial Data Exchange Overview by Don Cardinal

Financial-grade API (FAPI) Overview and Roadmap by Torsten Lodderstedt

FDX API Presentation by Dinesh Katyal

OpenID Certification Program Overview by Joseph Heenan

The post The OpenID Foundation and Financial Data Exchange Host Workshop Focused on Fintech Standards and Certification first appeared on OpenID.

Tuesday, 28. July 2020

Decentralized Identity Foundation

Where to begin with OIDC and SIOP

and how today’s most powerful authentication mechanisms can be decentralized It is a mouthful of an acronym: it stands for OpenID Connect — Self-Issued Identity Provider. Unless you are familiar with the terminology of the OpenID community, knowing what the acronym stands for doesn’t illuminate much, but rest assured, this is one of the most exciting developments to support the widespread adoptio
and how today’s most powerful authentication mechanisms can be decentralized

It is a mouthful of an acronym: it stands for OpenID Connect — Self-Issued Identity Provider. Unless you are familiar with the terminology of the OpenID community, knowing what the acronym stands for doesn’t illuminate much, but rest assured, this is one of the most exciting developments to support the widespread adoption of Verifiable Credentials across the web.

This post will explain how it’s exciting and what kinds of adoption it could galvanize. First, we will cover OpenID & OpenID Connect, then touch on how decentralized identity (or “self-sovereign identity”) relates to “authentication” and “user accounts,” and finally how they can work together, with two educational videos along the way.

While there is substantial and sophisticated prior art, particularly in the Aries community, for integrating verifiable credentials with OpenID Connect, using DIDs for OIDC is still emerging and approaching its first stable specification in the coming months. This is the culmination of substantial collaborative work to develop this bridge between the DID Authentication Working Group at DIF and various interlocutors at the OpenID Foundation. This post breaks down key elements of this development and shares more resources if you want to explore it further.

What is OpenID & OpenID Connect

The first seeds of OpenID were sprouted at the very first Internet Identity Workshop in 2005. All the companies interested in URL-based protocols got together and collaborated together on their various models for designing authentication for users against URLs they controlled, like their personal blogs. This protocol has evolved and the latest iteration is based on sophisticated OAuth (Open Authorization) standards and tooling.

The basic and most typical flow used by OpenID Connect can be described as follows: an individual, which in this context can be called a “user” of the identity system, first gets a fresh proof of authenticity of their digital identity. This unique proof is minted in the course of an interaction with a service called an “Identity Provider” (IP), i.e. Google or Facebook. This proof usually takes the form of a “token,” a single-use cryptographic access code linked to the corresponding identity record at the IP. The user then takes that token to a second site that they are going to login to, with is called the “Relying Party” or RP, which can then trust they are dealing with the same person identified (usually very strongly) by the Identity provider.

OpenID Login Flow

The teams of professionals that created OpenID Connect had enough imagination to anticipate more complex use-cases that weren’t immediately needed by the commercialized web of 2005, but for which the technical foundations were still worth laying. Among there, there was a clear idea that users would, in some cases, prefer or need to bring their own identity with them rather than a pointer to a record on an IP’s server. This identity would thus be “self-issued,” a capability they designed into the OpenID core specification.

The vision of DID-SIOP is a way of bringing decentralized identity concepts into alignment with the ideas of “self-issued” portable identity that the original OpenID innovators had. It was good that they included and preserved this underutilized capability in their immensely popular and internet-powering framework, which is the basis of modern social login (i.e., “Sign on with Google/Facebook/etc”). After all, it would have been simpler not to, but enough of designers and thinkers involved anticipated much of what has developed in parallel, the decentralized identity technology that the DIF serves to support.

How do decentralized identity systems work?

In this conceptual framework, the “Identity Provider” has been cut down a notch, and is instead referred to as a mere “Issuer” (of credentials and information, perhaps of identities over which it has less control).Similarly, the “user” is defined less by borrowed tools and more by owned ones, assuming the title of “Holder” of information and identity, whether issued or self-issued.. The “verifier” relies less on the identity provider, choosing instead to verify information and identities presented by their holder on their own terms (with some cryptographic assurances about the issuer).

One interesting difference between traditional OIDC and decentralized systems is that in the latter, all parties have identifiers that make it possible to verify signatures; it is hard to tell from a DID whether it corresponds to an institution, an individual, or an inanimate object, because it could be any or all of those. Whatever it represents, it points to ways of verifying signatures with so-called “key material” (public keys, hints to how to classify and use them). Most often, this happens by looking up the material on a distributed ledger, but this is not, strictly speaking, definitive of the framework..

The key material from an OIDC issuer proves the veracity of whatever information or identity is being presented in a way that is tied back to that issue by similar key-material guarantees, and a self-issued OIDC token works the same way. (In a self-issued OIDC credential, the holder’s key material is used in the place of an institutional issuer’s).

How OpenID and Decentralized ID can fit together

One of the big challenges for any new technology that needs an identity system is getting adoption of the needed components so the system can actually work at a sustainable scale. This usually required buy-in from various kinds of actors in an ecosystem: at the very least, it needs critical mass of users/holders, IPs/issuers, and RPs/verifiers, each maintaining their end of the infrastructure and “keeping the lights on,” as it were.

This is exactly where the two systems can really help each other: achieving and maintaining critical mass of all three, as the distribution of more and less centralized solutions changes, and self-issued credentials come to be accepted in theory and in practice. OpenID Connect has a large “install base”: there are literally millions of websites running OpenID Connect tooling as the authentication mechanism at their “front door” for users. Indeed, while a vanishingly small portion of internet users have ever heard of OIDC, it is the nuts and bolts of the most universal and familiar UX and user flow of the contemporary commercial web, including online banking and government services.

OIDC-SIOP leverages the code that OpenID Connect relying parties already have in place across all these millions of sites, and the lion’s share of the 10,000 most used websites. Think of the screen that reads, “Log in with Google / Facebook / Twitter / Github / etc.” OIDC-SIOP enables organizations to ask for Verifiable Credentials that an individual holds in their wallet instead of a token from Google / Facebook / Twitter / Github. These can be single-use access codes with cryptography built in, or more reusable credentials, or richer credentials containing various kinds of information otherwise requested from an IP. This mechanism is provided by the Self-Issued OpenID Provider flow described by the core specification:

If successful, this will be a huge win for decentralized identity, because it addresses the perennial “Relying Party” problem of adoption: how do you get relying parties to adopt a new technology, install and trust a new “doorway,” adapt their security and business processes to a new set of strengths and weaknesses? In the popular imagination and even in much of the technology press, scaling a business or a technology is often imagined as a quest for users, but they are often the easiest shareholder to get on board, particularly for something convenient and powerful. The relying parties (or, in economic terms, the “demand side” of identity) is often a much harder business problem, and in this case, no “big lift” is required of the verifiers or “relying party” consuming a new kind of authentication credentials because they only have to make minor adjustments to the nearly universal OIDC tooling they already have.

Further Reading

The purpose of the DID Authentication Working Group at DIF is to design, recommend, and implement authentication protocols that rely on open standards and cryptographic protocols tailored to today’s and tomorrow’s systems for handling DIDs and DID documents, the primitives of decentralized identities. In last six months, the group has been actively working on the OIDC bridge, and they presented their latest work at DIF’s June 2020 virtual “face to face” meeting:

Here is a link to their draft specification, nearing stability and ratification at time of press: https://identity.foundation/did-siop/. For an explanation of some of the design principles and conceptual fine points, see the article “If You Build an Island You Need a Boat” from DIF member Mattr Global (NZ).

Finally, if you want to go even deeper into the technical nitty gritty (particularly if you are unfamiliar with OIDC best practices), watch this video of a two hour presentation about OIDC-SIOP put on jointly with the DIDAuth group and the OpenID Foundation June 25th 2020.

Where to begin with OIDC and SIOP was originally published in Decentralized Identity Foundation on Medium, where people are continuing the conversation by highlighting and responding to this story.


ID2020

Grameen Foundation Joins the ID2020 Alliance

ID2020 is proud to announce that Grameen Foundation, one of the world’s leading nonprofits using technology to alleviate poverty and hunger, has joined the ID2020 Alliance. “Over the past 23 years, Grameen Foundation has demonstrated what we can accomplish when we empower women to help their families escape the cycle of poverty and hunger,” said ID2020 Executive Director, Dakota Gruener. “Given G
ID2020 is proud to announce that Grameen Foundation, one of the world’s leading nonprofits using technology to alleviate poverty and hunger, has joined the ID2020 Alliance.

“Over the past 23 years, Grameen Foundation has demonstrated what we can accomplish when we empower women to help their families escape the cycle of poverty and hunger,” said ID2020 Executive Director, Dakota Gruener. “Given Grameen Foundation’s enthusiastic embrace of technology to enhance the delivery of financial and other development services, we are delighted to welcome them to the Alliance and look forward to collaborating with them as they continue to incorporate digital ID into their programs.”

Grameen Foundation was inspired and encouraged by Nobel Laureate Professor Muhammad Yunus, the founder of Grameen Bank and a global leader in the fight against poverty. Rooted in the microfinance movement, Grameen Foundation works across Africa, Asia, the Americas, and the Middle East to extend financial and other services to the world’s poorest people.

Today, Grameen Foundation embraces a multidimensional approach to the complex problems of poverty, using technology to strengthen resilience and food security, increase incomes, enhance health, and build financial security.

Their work is guided by five principles:

· Give poor women a better way to manage their money.

· Give poor farmers a better way to grow crop income.

· Stay data-driven, evidence-based, and human-centered.

· Use digital as a tool, people will make the change.

· Design to be scalable and sustainable.

“We are pleased to join the ID2020 Alliance in support of its work toward ethical implementation of digital identity solutions,” said Steve Hollingworth, president and CEO of Grameen Foundation. “Grameen’s work has long been guided by the principle that digital technologies are our most promising path to empower the poor to break the cycle of poverty.”

We are excited to welcome the Grameen Foundation to the ID2020 Alliance.

###

About ID2020

Globally, one person in seven is unable to prove her identity through any recognized means. As a result, these individuals lack access to basic legal protections and social services, such as education and healthcare; are unable to participate fully as a citizen and voter; and are systematically excluded from the modern economy.

ID2020 is a global public-private partnership that harnesses the collective power of nonprofits, corporations, and governments to promote the adoption and ethical implementation of user-managed, privacy-protecting, and portable digital identity solutions.

By developing and applying rigorous technical standards to certify identity solutions, providing advisory services and implementing pilot programs, and advocating for the ethical implantation of digital ID, ID2020 is strengthening social and economic development globally. Alliance partners are committed to a future in which all of the world’s seven billion people can fully exercise their basic human rights and reap the benefits of economic empowerment and to protecting user privacy and ensuring that data is not commoditized.

www.ID2020.org

About Grameen Foundation

Grameen Foundation is a global nonprofit whose mission is to enable the poor, especially women, to create a world without poverty and hunger. In collaboration with our partners, we harness the power of digital data to create tech-forward tools for self-sufficiency and deliver them through local Community Agent networks. The Grameen Foundation Model is transformational regardless of Internet access, smartphone ownership, or the ability to read.

www.grameenfoundation.org

Grameen Foundation Joins the ID2020 Alliance was originally published in ID2020 on Medium, where people are continuing the conversation by highlighting and responding to this story.


WomenInIdentity

Canadian team represents WiD at IdentityNORTH

Melissa Carvalho, Nicole Landry and Chanda Jackson represented Women in Identity at the 2020 IdentityNORTH annual summit where over 500 people attended a two day conference. While going virtual this… The post Canadian team represents WiD at IdentityNORTH appeared first on Women in Identity.

Melissa Carvalho, Nicole Landry and Chanda Jackson represented Women in Identity at the 2020 IdentityNORTH annual summit where over 500 people attended a two day conference. While going virtual this year, the IdentityNORTH team was able to produce 3x more content than in previous years and offer a professional development certificate at 1/4 the price of their typical in-person events.

Before committing to the event, Melissa, Nicole and Chanda carefully analyzed the content to ensure that the summit reflects the values held by Women in Identity.

They were very impressed with the diversity of speakers – 46% of sessions featured speakers that are women, Indigenous or people of color. Sessions ranged from public and private sector business to health, democracy and inclusion and representation.

The team is pleased with the feedback obtained from other conference attendees. We’ve met many new people and look forward to building our relationships with those championing diversity in identity. We’re currently working with one of the groups, who would like to sponsor WiD, to launch a co-branded event this fall.

The IdentityNORTH 2020 Annual Summit event summary can be found online. It’s a great source of information for those looking to learn more. In the summary, you’ll find that the IdentityNORTH team featured Women in Identity in the following excerpt:

“It’s so important to understand when you build and deliver something to market, it’s not only going to be used for the purpose that you intended for, but it can be used for another purpose,” Chanda Jackson, Canadian Co-Lead of Women in Identity and Sr. Manager, IAM Planning at Royal Bank of Canada (RBC) reminded participants. There’s a whole world of untapped potential and possibilities out there, Jackson noted – it’s time to open the door to more ways of thinking.

Melissa Carvalho, Nicole Landry and Chanda Jackson are Canada Country Ambassadors for WiD. Catch up with them in the Canada forum.

The post Canadian team represents WiD at IdentityNORTH appeared first on Women in Identity.

Friday, 24. July 2020

Oasis Open

Invitation to comment on Exchange Header Envelope (XHE) V1.0 - ends Sept. 21st

Thursday, 23. July 2020

FIDO Alliance

FIDO Enterprise Video

The post FIDO Enterprise Video appeared first on FIDO Alliance.

The post FIDO Enterprise Video appeared first on FIDO Alliance.


Authenticate 2020 Conference, Hosted by FIDO Alliance, to be Virtual Event this November

Mountain View, Calif., July 22, 2020 – The FIDO Alliance has made the decision to transition Authenticate, the FIDO Alliance’s industry conference dedicated to the who, what, why, and how […] The post Authenticate 2020 Conference, Hosted by FIDO Alliance, to be Virtual Event this November appeared first on FIDO Alliance.

Mountain View, Calif., July 22, 2020 – The FIDO Alliance has made the decision to transition Authenticate, the FIDO Alliance’s industry conference dedicated to the who, what, why, and how of modern user authentication, from an in-person event to a virtual-only conference. It will be held this November, as originally scheduled. The Alliance will create a digital conference experience that will inspire attendees to embrace a new way to authenticate and present the necessary tools to move past passwords.

“While it’s disappointing we cannot be together for the very first Authenticate, the safety of our community is our biggest priority,” said Andrew Shikiar, executive director and CMO of the FIDO Alliance. “Due to continuing concerns over COVID-19, and in alignment with the information we’re hearing from local officials, we decided to transition to a digital-only format, and focus on giving attendees a powerful and informative virtual experience.”

As FIDO recasts the conference to a virtual-only format, it will expand it to a multi-day November event spread across all time zones to accommodate global participation, including live Q&A sessions with presenters. The virtual format allows for sponsoring companies to showcase their solutions through virtual exhibit booths and other branding and networking opportunities. 

2020 headlining keynote speakers are as formerly announced: Dr. Whitfield Diffie, the co-inventor of public key cryptography; Joy Chik, corporate vice president of identity at Microsoft; Mark Risher, senior director of product management at Google; and Stina Ehrensvard, CEO and founder of Yubico. A full list of speakers is available on the Authenticate website.

The conference agenda will contain informative content on authentication, with a focus on the FIDO approach, including these topics: 

Case studies from service and technology providers including CVS Health, EMILY’s List, Facebook, Google, IBM, Mass Mutual, Microsoft, MITRE Corporation, NTT DOCOMO, PNC Bank, and Target Sessions on the state of authentication, building an authentication strategy, and how FIDO fits with initiatives like W3C Web Payments, and EMVCo 3DS and SRC Standards and technical implementation presentations focusing on FIDO for identity verification; bringing FIDO Authentication to IoT; OpenID for open banking; standards and the future of payments; FIDO certification; attestation and more Policy discussions around PSD2, GDPR and eIDAS; authentication to enable better privacy for citizens; authentication from a regulator’s perspective and more

Please visit www.authenticatecon.com for the latest information.  

Contact: fidoalliance@aircoverpr.com

The post Authenticate 2020 Conference, Hosted by FIDO Alliance, to be Virtual Event this November appeared first on FIDO Alliance.


WomenInIdentity

Interview with Helen Chua

Esme Wardhaugh interviews Helen Chua, Senior Sales Director with NEC APAC.  What do you do and what is it about your job that gets you out of bed in the… The post Interview with Helen Chua appeared first on Women in Identity.

Esme Wardhaugh interviews Helen Chua, Senior Sales Director with NEC APAC. 

What do you do and what is it about your job that gets you out of bed in the morning? Helen Chua

I am passionate about the use of biometrics to correctly identify and verify a person especially in the area of digital identity. My interest in biometrics dates back 25 years ago,  and has propelled me to be involved in many security-related projects involving governments and nation-wide deployments across multiple countries, particularly at the 9/11 tragedy which saw sudden huge demand and opportunities that humbled me.  It gives me great satisfaction to see how biometrics can improve security by identifying individuals accurately and enhance the verification of a person’s physical identity, whether it is in passport issuance, in national identity systems (physical and digital), border control, law enforcement, or finance. Orchestrating a brighter world using biometrics is why I do what I do.

One of the things I enjoy is thinking of creative ideas and solutions that helps to solve a client’s problem. In 1995, automated border control gates were unheard of and, together with Singapore immigration, we introduced the first automated gates using biometrics to reduce manpower while improving accuracy, consistency and speed. I have also helped to pioneer the seamless onboarding process for various financial institutions using biometrics. These represent just a few of the many firsts that I have been involved in.

Being trained in fingerprint, facial and iris technologies with NEC, I am delighted to be part of a company who are ranked number 1 globally by the US National Institute of Standards and Technology for its speed and accuracy in biometrics technologies.  NEC technologies, especially facial matching, are developed to be able to identify a person regardless of gender or ethnic group, which ties in to my firm belief that all people are created equal and should have equal opportunities to reach their full potential.

How did you get to where you are today?

Growing up, my parents were my role models. Each day their lives exemplified their teaching. They told us that the sky is our limit and they installed values of honesty and integrity in us. Dad is a firm believer that every family is a building block of society. Who we are and what we stand for will either give and add to society or otherwise. I am indebted to the mentors whom I can turn to any time, they helped me see my blind spots and oversights. I am very blessed to have forged many friendships internationally and surrounded by so many who have encouraged, inspired, and spurred me on. I am most grateful for my loving family and the friends in my path. These are the people who accept me for who I am and bring out the best in me.

What is the most important lesson you have learned along the way?

Life’s goals should not be focused on achievements, relationships are just as important, if not more! I learnt much early on in life never to achieve at the expense of others. This has a lot to do with one’s perspective! How to always see the good in others and how together we can do a whole lot more to the betterment of our company and ultimately benefiting our society. Though I must add sometimes  I do find myself in sticky situations and how many times I have had to dig deep into myself, bounce off my confidantes, including my supportive husband, and navigate out of them without hurting anyone nor myself. There are a couple of times I have failed regretfully, yet those are the times that have seen the greatest growth in me as a person.

What’s your pitch to CEOs in the identity space? What do you suggest they START / STOP / CONTINUE doing and why?

Start recognising that all people are created equal and to involve a diversity of minds to create the best products and solutions. The biometric technology that I am involved in, we use diverse groups of people to train the engine such that it’s not biased towards a certain color or people group.  CEOs should deliberately put in place measures to support every vulnerable group to create a workplace environment where all individuals can fully express themselves without fear of discrimination.  Individuality and uniqueness of diverse employees are important as well as a corporate culture where everyone can work and participate to their full potential.

Stop thinking that, by having the best team to create identity products and solutions which recognizes the “elite group” or the “best breed”, they will they find the most profit from it. In fact, they will find the most revenue by having a identity solution which has an inclusive mindset and a diverse group of people creating together. With the diversity, the solution can reach more and expand to more use cases.  They should continue hearing the voices of diverse groups for their research and development and not have an echo chamber of researchers that think the same way so as to produce creative and innovative products.

Continue to reach out to a diverse community of partners to forge strong alliances as no company can work on its own.  The community needs each other to sustain its business and to expand and diversify into different areas.  Business is about networking and reaching out for more, more clients, more use cases, more collaborations, more allies.

Do not have an echo chamber of researchers that think the same way so as to produce creative and innovative products

In one sentence, why does diversity matter to you?

Diversity is the beauty and uniqueness that every individual brings about his/her beauty and strength and together as a group, Diversity is power, and more.

What book/film/piece of art would you recommend to your fellow members? Why?

Hacksaw Ridge is the movie. “Lord, help me get one more” Desmond continued to save one life at a time.  One day at a time, one task at a time, one person at a time. It is believing what the Lord will help us achieve our goal one step at a time.

What advice would you give to the teenage ‘you’?

There is no short cut in life. Every person who is at the top has had to spill their own blood, sweat and tears to get there.  Failure is the mother of success! Never let failure drive you to the ground. Instead, get up and grow from these life lessons. When you overcome, you will be bigger and stronger.

 

Follow Helen on Twitter @HelenChua18 and LinkedIn: linkedin.com/in/helenchua.

 

The post Interview with Helen Chua appeared first on Women in Identity.


Interview with Melissa Carvalho

Esme Wardhaugh interviews Melissa Carvalho, Vice President of Enterprise and Customer Identity and Access Management for Royal Bank of Canada. What do you do and what is it about your… The post Interview with Melissa Carvalho appeared first on Women in Identity.

Esme Wardhaugh interviews Melissa Carvalho, Vice President of Enterprise and Customer Identity and Access Management for Royal Bank of Canada.

What do you do and what is it about your job that gets you out of bed in the morning? Melissa Carvalho

I am the Vice President of Enterprise and Customer Identity and Access Management for Royal Bank of Canada. RBC is ranked as one of the top 25 banks globally and has over 80K employees and ~16 million customers. I am proud to manage the best Identity and Access Management team in the world! My 200+ member team is comprised of some of the most diverse and talented people I have met.  While challenges come our way, I’ve discovered that there is no challenge that this team cannot overcome. It is refreshing to work with individuals who are always looking to over deliver and to offer the best solutions to our customers. More importantly, they have taught me their interests go far beyond their role, with their involvement in community events and non-profit organizations. Their example and their spirit is what motivates me daily. They renew my belief that one person really can make a difference and demonstrate how powerful we are when we team together!

How did you get to where you are today?

I got to where I am today by setting my goals high, making a plan, and – most importantly – being flexible to take on any challenge that life presents me.  My career has been marked with a series of opportunities.  In my last year of university while studying to be a teacher, a tech company offered me a role that started after my graduation. While at the time my desire was to go into teaching, the opportunity was one that I decided to try as I could always go back to teaching. Within four months, I went on my first IAM course and then started traveling across North America to deploy solutions. The rest was history. Each meeting and relationship created more opportunities and opened more doors.  

What is the most important lesson you have learned along the way? 

The most important lesson I’ve learned is that life is short.  It was fairly early in my career when I lost my best friend, my mother. In the months and years after her passing it was as if I was watching my life as though it was a series of short films. Going through that loss taught me to look at my interactions differently, more importantly to speak up for injustices and inequalities I was seeing. I’ve noticed that people rarely remember what I’ve said but rather what I’ve done or not done.  I didn’t want to be a passenger in this journey but rather the driver of my destiny. I’m a firm believer that every individual matters and together we can make a difference.

Every individual matters and together we can make a difference

What’s your pitch to CEOs in the identity space? What do you suggest they START / STOP / CONTINUE doing and why?

START: Working with our clients to develop use cases and solutions that meet real-life needs. If we walk hand-in-hand to develop ‘journeys’, the solutions will be more valuable and we’ll create lasting partnerships.

STOP: Creating and deploying solutions and expecting the clients to want them.

CONTINUE: To advocate and ensure the solutions we create offer diversity.  Continue to ensure we break down biases.

In one sentence, why does diversity matter to you? 

I would like to experience in my lifetime what it feels like to live equally without judgement — seems like a lofty goal but I believe it’s possible.

What book/film/piece of art would you recommend to your fellow members? Why?

Unfortunately, I don’t read or watch many films — my recommendation to fellow members is to volunteer by putting themselves out of their comfort zone.  Working with others in a different situation from your own helps change your perspective on life.  

What advice would you give to the teenage ‘you’? 

Take chances, stop worrying about the small things.  If something you’re worrying about now won’t matter in 5 years, don’t give it more than 5 minutes of thought. Life is very short and can change in an instant.

 

Find Melissa on LinkedIn.

The post Interview with Melissa Carvalho appeared first on Women in Identity.

Wednesday, 22. July 2020

Decentralized Identity Foundation

DIF’s Updated Code of Conduct

Setting a tone for inclusive collaboration An important part of supporting a community where people are coming from all over the world and from a variety of backgrounds is putting in place a code of conduct that provides a baseline understanding about what is ok and what is not. The purpose of DIF’s Code of Conduct is to create an open, healthy and productive culture where members and the communi

Setting a tone for inclusive collaboration

An important part of supporting a community where people are coming from all over the world and from a variety of backgrounds is putting in place a code of conduct that provides a baseline understanding about what is ok and what is not. The purpose of DIF’s Code of Conduct is to create an open, healthy and productive culture where members and the community can build and grow together.

During the DIF Virtual Face-to-Face Meeting in June of 2020, this Code of Conduct was reviewed:

In lieu of an executive summary, we would here like to offer a few highlights:

1.) Community Advocates

One of the innovations in the code of conduct is the creation of a role we call community advocates. Each of these is a community member who takes seriously their power and responsibility as facilitator. We are working to provide formal training to support these advocates and give them a firm foundation on what to listen for and how to speak to conflicts. If you are part of the community and would like to volunteer as a community advocate, please let us know.

In particular, these advocates can diffuse, mitigate, and failing both, escalate conflicts. See in particular the expanded dispute escalation section of the code:

Dispute Escalation and Incident Resolution Mechanisms
We are all here to contribute value and reap the benefits of community collaboration. While it is natural to have disagreements and find situations uncomfortable, DIF believes that resolving any issues should take place within the community via open communication.
DIF has within it a group of members who have some training and skills in supporting healthy conflict resolution that can be volunteer community advocates.
If something does happen, open communication and shared, cross community healing is a must. The community should get better as a whole.
2.) Diversity front-of-mind

Informed by a substantial corpus of experiences throughout the broader identity technology community where perspectives from marginalized groups were actively or unwittingly excluded, we felt our code of conduct needed to be explicit about the most nefarious and effective tool of silencing: scope management. To this end, we put into our code of conduct the following definitive statement:

Diversity is never definitively out-of-scope or foreclosed as irrelevant to more urgent business.
3.) Proactive inclusivity

Here are some more important excerpts from the code of conduct that cover our statement on inclusivity and diversity

Inclusive: We work together to resolve conflict, assume good intentions, and do our best to act in an empathetic fashion. We may all experience some frustration from time to time, but we do not allow frustration to turn into a personal attack. A community where people feel uncomfortable, threatened, or unheard/dismissed (explicitly or implicitly) is not a productive one. We should be respectful when dealing with other community members as well as with people outside our community, contributing to an atmosphere of inclusion. DIF takes seriously the maintenance of substantive inclusion in which any member feels empowered to contribute; if any do not feel the group’s chairs are doing enough to create this atmosphere, they may go elsewhere in DIF for help achieving this change.
Diverse: DIF welcomes and encourages participation by everyone. We are committed to being a community that everyone feels good about joining. Although we may not be able to satisfy everyone, we will always work to treat everyone fairly. No matter how you identify yourself or how others perceive you: we welcome you. Though no list can hope to be comprehensive, we explicitly honour diversity in age, culture, ethnicity, genotype, gender identity or expression, language, national origin, neurotype, phenotype, political beliefs, profession, race, religion, dis/ability, sexual orientation, socioeconomic status, subculture and technical ability. Diversity of perspective, identity and experience should be considered a positive contribution. Diversity and empathetic, pro-actively inclusive ways of stewarding cooperation is an ongoing commitment, not a one-time gesture; DIF’s Steering Committee and Working Group Chairs and Editors concretely support ongoing training or cooperative learning between leaders of working groups, mailing lists, and other venues.
A living, open-source document

You can read the full code of conduct here, or if you would like to suggest edits or open issues, you can do so on github here. As Balázs mentions in the video, the code of conduct is licensed for being “forked” and adapted anywhere it can be helpful, and we look forward to contribution and discussion as it continues to evolve.

DIF’s Updated Code of Conduct was originally published in Decentralized Identity Foundation on Medium, where people are continuing the conversation by highlighting and responding to this story.


Oasis Open

Four PKCS #11 OASIS Standards published


FIDO Alliance

White Paper: CXO Explanation: Why Use FIDO for Passwordless Employee Logins?

Today, secure access to online applications and services has evolved into a framework reliant on devices, public key cryptography and biometrics to replace the shared secrets of aging passwords. Since […] The post White Paper: CXO Explanation: Why Use FIDO for Passwordless Employee Logins? appeared first on FIDO Alliance.

Today, secure access to online applications and services has evolved into a framework reliant on devices, public key cryptography and biometrics to replace the shared secrets of aging passwords. Since 2013, the FIDO Alliance has developed open and scalable advancements to eliminate phishing and other security attacks. To introduce these improvements and to educate employees throughout corporate management and IT security, FIDO Alliance has developed a series of best practices and how-to white papers that match the Alliance’s goals with the responsibilities and titles of technology professionals. This work is dedicated to eliminating passwords and securing the simple act of logging on within all companies. 

This white paper answers the most common questions from CXOs about the value proposition of FIDO Authentication and how the FIDO2 passwordless framework addresses the authentication needs and challenges of companies for the modern workforce. The goal of this document is to guide executive leaders within an organization as to why they should invest in FIDO2 deployment for their employees. 

The post White Paper: CXO Explanation: Why Use FIDO for Passwordless Employee Logins? appeared first on FIDO Alliance.

Monday, 20. July 2020

Digital ID for Canadians

Request for Comment and IPR Review: PCTF Assessment and Infrastructure (Technology & Operations) Draft Recommendations V1.0

Notice of Intent: DIACC is collaborating to develop and publish an Assessment and Infrastructure (Technology & Operations) industry standards as components of the Pan-Canadian Trust…

Notice of Intent: DIACC is collaborating to develop and publish an Assessment and Infrastructure (Technology & Operations) industry standards as components of the Pan-Canadian Trust Framework™ (PCTF) to set a baseline of public and private sector interoperability of identity services and solutions.

To learn more about the Pan-Canadian vision and benefits-for-all value proposition please review the Pan-Canadian Trust Framework Overview.

Document Status: These review documents have been approved as Draft Recommendations V1.0 by the DIACC’s Trust Framework Expert Committee (TFEC) that operates under the DIACC controlling policies.

Summary: 

The intent of the PCTF Assessment component is to establish the certification scheme to verify that a process, service, or product conforms with criteria defined in the PCTF.

The intent of the PCTF Infrastructure (Technology & Operations) component is to identify the operational policies, plans, technology and technology operations requirements to support implementation of the principles of the PCTF Profiles in the context of a Digital Identity Ecosystem.

Invitation: All interested parties are invited to comment.

Period: Opens: July 20, 2020 at 23:59 PST | Closes: August 20, 2020 at 23:59 PST

Document: Assessment Draft Recommendation V1.0

Component Overview  DIACC Comment Submission Spreadsheet 

When reviewing this draft, consider the following and note that responses to these questions are non-binding and serve to improve the PCTF.

Is the description of roles and responsibilities clear at this level? This draft describes a tiered assessment process with varying levels of evidence examination applied depending on risk and usage profile of the service being examined for certification Are the two processes defined enough? If not, what would be the nature of any additional discrete process? What would it apply to? Would its addition change the nature of either of the two processes defined? If the two process versions defined are sufficient, do the differences between them meet the goals of application of a less onerous certification process to some applications for certification? If not, then what would you suggest as an alternative? Keeping in mind the noting of potential adjustment based on the output of the TFEC Working group on LoA, are the criteria for determining which certification process applies acceptable in principle? A draft definition of classification based on service usage is included. Does this meet the needs of this Profile at this level? If not, what alternative would you suggest? Are there concepts or terminology that remain unclear or inconsistently applied? This Overview is meant to define the high level model and process for certification. Development of the significant Programme execution supporting information has been deferred until the model at this level is ratified. Are there any significant omissions from this high level Overview that would preclude you from understanding the model at this level? Do you agree with the process for certification of Services as described? If not, what specific modifications would you suggest? Do you agree with the process for certification of Accredited Assessors as described? If not, what specific modifications would you suggest? The last section of the document identifies a number of required documents to support this certification process. The intent is to capture detailed process-oriented content in these documents after the Certification Assessment Program has been approved in principle. With this in mind, and considering the level of detail appropriate for this document, are there any major elements of the certification program not yet addressed in this draft?

NOTE that elements of examination for certification may be adjusted based on the finalization of the Working group on LoA, please keep this in mind when commenting on this document.

Documents: Infrastructure (Technology & Operations) Draft Recommendations V1.0

Component Overview Conformance Profile DIACC Comment Submission Spreadsheet 

When reviewing this draft, consider the following and note that responses to these questions are non-binding and serve to improve the PCTF.

Several feedback items suggest that additional prescriptive detail be added to this Conformance Profile. Some adjustments were made but additional input is sought to identify areas where further detail should be included. Where specific methods or standards are to be expanded upon, please include suggested methods, tools, or plan/policy items that you feel should be added.  The Conformance Criteria are organized into three categories. Are these appropriate and understandable? If not, please suggest an alternate categorization scheme. Care was taken to try to strike a balance between generic Criteria defined at a high level and being too prescriptive. Do the criteria meet this objective of being prescriptive enough to be useful and generic enough to be applicable to most Digital Identity Ecosystem instances? Note that there are several instances where cross references to related information in other Profiles. Are there other instances where this would be appropriate? Are there significant requirements missing from this draft? If so, please identify the requirements you believe should be included. Care was taken not to identify a specific technology or technology protocol, believing that none applied as a requirement in every instance. Is this correct, or is there a specific technology or protocol that should be included as a PCTF requirement?

NOTE that the PCTF Working Group on LoA is underway with the objective of defining how LoA will be treated across all PCTF Profiles. Treatment of potential variances in Conformance Criteria based on Service LoA were deferred in this version of the Profile. Please reserve your comments in this area to an enhanced draft of these documents when the LoA Working Group has published their results.

Intellectual Property Rights: Comments must be received within the 30-day comment period noted above. All comments are subject to the DIACC contributor agreement; by submitting a comment you agree to be bound by the terms and conditions therein. DIACC Members are also subject to the Intellectual Property Rights Policy. Any notice of an intent not to license under either the Contributor Agreement and/or the Intellectual Property Rights Policy with respect to the review documents or any comments must be made at the Contributor’s and/or Member’s earliest opportunity, and in any event, within the 30-day comment period. IPR claims may be sent to review@diacc.ca. Please include “IPR Claim” as the subject.

Process:

All comments are subject to the DIACC contributor agreement. Submit comments using the provided DIACC Comment Submission Spreadsheet. Reference the draft and corresponding line number for each comment submitted. Email completed DIACC Comment Submission Spreadsheet to review@diacc.ca. Questions may be sent to review@diacc.ca.

Value to Canadians: The PCTF Assessment and Infrastructure (Technology & Operations) components will provide value to all Canadians, businesses, and governments by setting a baseline of auditable criteria to assess business, legal, and technical interoperability. The DIACC’s mandate is to collaboratively develop and deliver resources to help Canadian’s to digitally transact with security, privacy, and convenience. The PCTF is one such resource that represents a collection of industry standards, best practices, and other resources that help to establish interoperability of an ecosystem of identity services and solutions. The DIACC is a not-for-profit coalition of members from the public and private sector who are making a significant and sustained investment in accelerating Canada’s Identity Ecosystem.

Context: The purpose of this Draft Recommendation review is to ensure transparency in the development and diversity of a truly Pan-Canadian, and international, input. In alignment with our Principles for an Identity Ecosystem, processes to respect and enhance privacy are being prioritized through every step of the PCTF development process.

DIACC expects to modify and improve these Draft Recommendations based upon public comments. Comments made during the review will be considered for incorporation into the next drafts and DIACC will prepare a Disposition of Comments to provide transparency with regard to how each comment was handled.  

Thank you for your support and participation in this review period.


Oasis Open

Open Source Communities Embrace New Option for Running Independent Foundations

Thursday, 16. July 2020

Decentralized Identity Foundation

Finding the Bell Curve of Meaning :

Finding the Bell Curve of Meaning A process for supporting the emergence of shared language in broad collaborative communities by Kaliya Young & Margo Johnson Introduction The identity community focused on user-centric ID gathers twice a year at the Internet Identity Workshop (IIW), an event at the crossroads of more than a dozen open standards working groups focused on various a
Finding the Bell Curve of Meaning

A process for supporting the emergence of shared language in broad collaborative communities

by Kaliya Young & Margo Johnson

Introduction

The identity community focused on user-centric ID gathers twice a year at the Internet Identity Workshop (IIW), an event at the crossroads of more than a dozen open standards working groups focused on various aspects of digital identity.

At IIW29 in October of 2019, a session was called to assess the creation of a glossary to support the convergence of meaning around key terms that were being used in relationship to the emerging decentralized identity and self-sovereign identity technologies. The small group convened there was led by Kaliya Young (Identity Woman), Margo Johnson (Transmute Industries), and Drummond Reed (Evernym), and included a variety of perspectives from other contributors like Adrian Gropper (HIE of One) and Juan Caballero (Spherity).

We considered several sources ahead of beginning the process towards glossary creation. We looked at the past history of glossaries in the community, including the Identity Gang Lexicon from 2005, which was created in the very early days of the community that would come together over the following fifteen years (Kaliya and Drummond were active at that time). There was the Sovrin Glossary(2016; 2019; 2019), which in its current form contains 248 terms as a potential source we could draw terms from. We also spoke with Daniel Hardman about his approach to glossary work, where one defines key concepts with a functional description but no name, and then when all the concepts are outlined collectively, names are decided all at once upon firm concepts.

We also drew on the work of Eugene Kim, who focuses on high performance collaboration, one of the key elements for which is the social processes of developing “Shared Understanding” and “Shared Language” are social processes:

Shared Understanding is when two people or groups use different words for the same things or the same words for different things, but because of enough social contact, they can actually understand what is being communicated. Shared Language emerges if you have sufficient contact between groups/people such that their word choice becomes decidedly aligned.

We were mindful of this when we chose the process for this glossary work. And we wanted it to be inclusive, so we listened carefully to the current diversity of language that was already being used throughout the community. The meaning of key words wasn’t ours to fix or define; we aimed to establish a composite of the digital identity vernacular as we encountered it.

Community members urged us to create a glossary, pointing to confusion “in the market” about what key terms meant. Ultimately, we learned that this request represented a variety of impulses, which spawned some confusion about our efforts. It was clear from the beginning that the work should not seek to define terms at the level where they are being used within technical working groups where significant time was being devoted to defining key terms locally within a given technical specification. The energy of the group got behind better understanding how words are used in every day language and conversation in the marketing level documents.

As such, we aimed to invite alignment around key words, to find the “bell curve of meaning,” and to invite convergence towards the middle of this curve as a result of our research process. Our hope was to maximize the ability to inform and engage business audiences interested in adopting/purchasing this technology. This meant we would not be setting out to define hundreds of terms; rather, we chose to focus on a subset of the most widely used terms.

Methodology

First, our group created and circulated a survey throughout the broader digital identity community to identify key terms to focus on. The group chairs designed the survey by brainstorming a starting list of terms (based on working knowledge of the space), and respondents also had the option to add their own. Respondents ranked the provided terms from highest to lowest priority. The chairs reviewed these results and chose three of the top-ranked terms as a starting point for the glossary process.

In the case of this research those terms were “agent”, “wallet”, and “credential.”

One other term — “self sovereign identity” — was actually rated as the most important by this process. However, the group ultimately decided that this hot-button term would be best approached after a more foundational understanding of supporting terms was in place.

Having defined three targets for building clarity and consensus, we then created and shared a second survey asking respondents about their working descriptions for each of the three terms, as well as how those terms relate to each other. We worked from an assumption that understanding the relationships between the terms would help us better understand their meaning. Several additional questions about the company business model were also included to provide context about respondents. This survey was distributed via multiple mailing lists to a broad swath of community groups working in decentralized identity, verifiable credential, blockchain, and data privacy space.

Analysis

After several weeks, the second survey had twenty seven responses from various companies, and our group was able to start with community data analysis efforts. The chairs took some time to consider different analysis options, prioritizing those that were digital, inclusive, participatory, fast, and free. We wanted to minimize any barrier to community members engaging in the process. Finally, we designed a framework in Google Sheets whereby qualitative responses to each question were inductively sorted into emergent groups that we named and modified in real-time, helping us understand common themes as well as areas of divergence. You can picture this as a digital version of hundreds of post-its all over a wall, being moved around by different people until they eventually fall into groups, and those groups are given a big post-it name after an iterative process of redistribution and renaming. This is a creative combination of human-centered design practices such as affinity diagramming, design synthesis, and insight combinations.

Using this analytical framework, the glossary group met weekly for an hour over several months to read through the survey responses together and create groupings. Additional participants rotated in and out throughout the process, offering different perspectives and helping to refine the approach. The approach was messy at times, with responses falling into multiple groups or defying categorization altogether. However we persisted, and noted interesting discussions and reflections that emerged in the process. Once we finished grouping all the responses, we combed through the data once more, cleaning it up a bit, merging groups where there was high overlap and clarifying the final description for each group.

Upon completing the grouping process we counted the number of responses in each group across each term and relationship type to determine which concepts came up the most frequently, potentially indicating the highest level of alignment across respondents. We also looked at the number of groups per term/relationship as an indication of convergence or divergence in responses.

Looking at this qualitative and quantitative information, the group took the final step of writing working descriptions for each of the three key terms. This involved looking at the 2–4 groups for each term with the highest number of related responses and constructing a phrase from their group descriptions. This was a surprisingly smooth process for the review team — in particular for the terms “wallet” and “credential” — where there was a higher level of consensus. One notable challenge we faced was with the term “agent” based on the large number of groups included, and while we were able to construct a more complex phrase, the difficulty arriving at that point became a finding in its own right. Interestingly, while the term agent had the highest level of divergence and outlier definitions, it also had one group — “representative of the subject” — with the highest number of relevant responses in the whole survey at 21. This could be interpreted as meaning that the term agent actually has a high level of convergence around this core representation property, and then individual implementations diverge in other agent features.

Aggregated Descriptions (Agent, Wallet, Credentials)
Credentials: Credentials provide structured standards for accessing identity data
Wallets: Provide storage of keys, credentials, and secrets, often facilitated or controlled by an agent.
Agent:
SIMPLE: Dictionary definition: “a person or thing that takes an active role or produces a specified effect”
NUANCED: An agent is a software representative of a subject (most often a person) that controls access to a wallet and other storage, can live in different locations on a network (cloud vs. local), and can facilitate or perform messaging or interactions with other subjects.

For the relationships between the terms, we found that the simplest way to share the results was to create a diagram showing the relationships (see below) and to list out all of the group titles there. This helped to show the diversity and multi-directional nature of those relationships.

Sharing Results

Our group built a simple, publicly visible presentation to share details of the process, results, and next steps. In this deck, we emphasized descriptive rather than prescriptive results, noting that this was one way of better understanding our shared landscape and taking actions together to build market understanding and product language.

We presented this deck and answered community questions within the same community groups where the original work was spawned,, as well as running a session at the 30th Internet Identity Workshop (full notes here). The feedback was generally positive.

Reflecting on the process, what remains to be seen is how the community will utilize these terms, and whether we will see a further convergence towards shared meaning as a result of this work. We have already seen this work referenced in discussions when shared vocabulary issues are raised, and we know that several publicly traded companies active in the industry are also sharing this internally. We are also preparing to follow up and share the results with respondents to complete the feedback cycle.

Conclusion and Next Steps

From an information-sharing perspective, the group hopes to continue to share this work out into related communities, and encourage further conversations and actions. We particularly want to encourage conversations at a market level, connecting standards to businesses today.

Moving forward, the glossary group hopes to do another round of definitions using the same process. We also want to continue to explore specific impacts of this work to gauge its continued value for the broader community.

We hope that other communities can learn from our experience, and use this process or iterations of it to support the emergence of shared language in their communities. From a research process perspective, we would love to see other groups leverage this methodology, see how it works for them, and offer process and marketing improvements that can benefit everyone. If you do pick up this method and try it, please let us know how it works for you.

If you are interested in joining the community glossary group please sign up here: Fill out the form here.

Finding the Bell Curve of Meaning : was originally published in Decentralized Identity Foundation on Medium, where people are continuing the conversation by highlighting and responding to this story.


Digital ID for Canadians

New Partnership to Advance Digital Identity in Quebec & Across Canada

TORONTO, MONTRÉAL July 16, 2020 – The Digital ID & Authentication Council of Canada (DIACC) and TechnoMontréal, the Technology Cluster of Greater Montréal, are pleased…

TORONTO, MONTRÉAL July 16, 2020 – The Digital ID & Authentication Council of Canada (DIACC) and TechnoMontréal, the Technology Cluster of Greater Montréal, are pleased to announce a new partnership to propel collaboration to accelerate the adoption and development of digital identity.

The two organizations are coming together to identify projects and cross-sector connections to bring together Canada’s foremost leaders in industry and digital identity to increase the development of digital identity, data privacy and security innovation.

“This collaboration will accelerate the development of the digital identity, as well as the expansion of Québec and Canadian knowledge and expertise”

François Borrelli, President & Director of TechnoMontréal

The partnership between the two community-oriented organizations will support innovative Québecois, Canadian, and international organizations to facilitate an exchange of knowledge and expertise.

“We are pleased to be able to play an active role in the development of digital identity by catalyzing the Québec ecosystem and creating local and international partnerships,” said François Borrelli, President & Director of TechnoMontréal.

The initiative will expedite technical innovation and integration of digital identity solutions across sectors. “This collaboration will facilitate the mobilization of ecosystem players, to propel the development of digital identity across Canada and Québec,” added Borrelli.

The joint initiative will focus on strategic projects to advance digital identity, drive innovation, and ensure as many Canadians as possible can realize the benefits of a secure digital identity framework.

Projects will explore key opportunity areas for cross-pollination and technical advancements, including Smart Health and Smart Building Experiences. A Smart Municipality Digital Identity Roadmap with the City of Montréal will also be undertaken in support of TechnoMontréal’s smart city challenges win.

“TechnoMontréal shares our goal to bring together leading Canadian teams and technologies to create more innovative and effective solutions,” noted DIACC President, Joni Brennan. “We are excited to work together to deepen our connections with Québec and collectively build a digital identity ecosystem that offers the world a model to emulate.”

DIACC and TechnoMontréal share common values and are excited to forge new connections and partner on digital solutions across Canada and around the world.

With benefits to be realized at home and abroad, the strategic partnership will enhance the rate of adoption and advance technical solutions for Canadians. “This collaboration will accelerate the development of the digital identity, as well as the expansion of Québec and Canadian knowledge and expertise,” said Borrelli.

About the Digital ID and Authentication Council of Canada (DIACC)

The DIACC is a non-profit coalition of public and private sector leaders committed to developing a Canadian digital identification and authentication framework to enable Canada’s full and secure participation in the global digital economy. The DIACC was created as a result of the federal government’s Task Force for the Payments System Review and members include representatives from both the federal and provincial levels of government as well as private sector leaders.

About TechnoMONTRÉAL (https://technomontreal.com/)

TechnoMontréal, the Technology Cluster of Greater Montréal, unites technology industry players around growth-generating projects led by the industry. Established in 2007, TechnoMontréal is a non-profit organization that plays a major role in Montréal’s economic and social vitality by rallying the private, institutional, and public technology sectors around common goals and coordinated actions. TechnoMontréal’s vision is to enrich the business climate and encourage innovation by building bridges between the various actors in the industry. To this end, TechnoMontréal is implementing an approach that develops technologies through vertical markets, in partnership with the city’s leaders and clients.

Wednesday, 15. July 2020

Decentralized Identity Foundation

Building interoperable ZKP credential systems

Verifiable credentials are a kind of signed, tamper-proof digital document that uses cryptography to strongly authenticate the information shared between participants. There are many design and behavioral considerations when building systems for digital information-sharing which affect the privacy and security guarantees between the parties which will exchange data. These include: Eliminati

Verifiable credentials are a kind of signed, tamper-proof digital document that uses cryptography to strongly authenticate the information shared between participants. There are many design and behavioral considerations when building systems for digital information-sharing which affect the privacy and security guarantees between the parties which will exchange data. These include:

Eliminating traceability vectors from data exchanged between participants. Enabling participants to share only subsets or minimized derivatives of the data a signed credential contains, at the same level of assurance as the whole credential. Ensuring that routine status checks or revocation mechanisms do not leak information about how often, where, or when credentials have been presented.

One way to limit excess information-sharing and preserve privacy throughout the lifecycle of that information’s usage is a set of cryptographic tools known as Zero-Knowledge Proofs (ZKPs). ZKPs allow participants to account for the issues listed above using cryptographic schemes that cut off tracking vectors, enable granular capabilities for minimizing the subset of data disclosed, and ensure that the usage of credentials does not leave data trails that third parties can monitor and leverage to compromise user privacy individually or en masse.

Photo credit: Larry Costales Alignment and Standardization

There are many ZKP schemes that have been developed over the years and that can already be used in decentralized identity systems, but few that have seen widespread adoption in production systems. There is still substantial work to be done to ensure that the identity community is equipped with all the tools required to address a wide array of use cases. This backlog includes the authorship of specifications for modular components and the auditing of published libraries that ensure interoperability among various ZKP solutions.

To that end, the DIF Claims & Credentials Working Group is starting a collaborative initiative to work on a range of ZKP solutions that can address the credential use cases of DIF members, with an eye to building a foundation for ZKP interoperability and cryptographic agility in the wider identity community. This includes:

Work on ZKP cryptographic schemes and primitives Specifications that ensure interoperable presentation and verification for credentials generated using a variety of different schemes The libraries and tooling to generate and validate credentials generated with different schemes Approaches to utilizing ZKPs at scale in low-level DID and VC operations, informed by prior art, such as how ZK-Rollups are utilized to scale token transactions in Ethereum’s Layer 2.

A number of organizations with ZKP experience and skin in the game are coming together to participate in this initiative, which will produce specifications, code, documentation to advance interoperability across the community:

MATTR

MATTR has been actively investing in the development of a performant multi-message digital signature scheme supporting selective disclosure via Zero Knowledge Proofs. Our team has built on and contributed to work originating from the Hyperledger Ursa project, extending it to provide a solution compatible with the W3C Verifiable Credentials data model. In the past month we have open sourced multiple repositories for the decentralized identity community to use and continue to develop, including bare crypto libraries and reference implementations in both Web Assembly and Node.JS.

Microsoft

As a part of its commitment to the privacy and safety of users and customers, Microsoft is planning to integrate ZKP-capable credentials within its decentralized identity offerings. To that end, members of Microsoft’s Decentralized Identity team and Microsoft Research have been working on a SNARK-based ZKP credential scheme that has now been published for open review, and will be providing further details in an upcoming blog post. Microsoft will begin development on an open source implementation of the scheme later this summer, which will be contributed to DIF. Microsoft is excited to work with other DIF members on specifications that will enable different ZKP-capable credential schemes to be seamlessly integrated into products and services, and used interoperably across the ecosystem.

Evernym

Evernym contributed the text specifying zero-knowledge proof capabilities in the Verifiable Credentials Data Model 1.0 recommendation from the W3C. Evernym also implemented Camenisch-Lysyanskaya (CL) signatures in the Hyperledger Ursa project. They continue to participate in developing next-generation zero-knowledge capable signature schemes, such as BBS+ signatures, and to architect the credentials exchange protocols in Hyperledger Aries that can bring these schemes to the greatest number of legacy and future systems.

Trinsic (Formerly Streetcred ID)

Trinsic provides a ZKP-enabled verifiable credential platform based on Hyperledger Indy/Ursa/Aries and CL signatures. We’ve contributed to recent advancements in Hyperledger Ursa to enable BBS+ signatures, which provides a more performant and flexible ZKP implementation. We’ve been working on a reference implementation in .NET, and recently built a cross-platform (web/iOS/Android) universal library for creating and verifying BBS+ signatures for .NET. The project will be contributed to DIF to facilitate co-development with other DIF members.

Invitation

We encourage others to contribute to this effort, whether it be as contributor of new content or just as peer reviewer and commentator on github issues. We need non-technical contributions like documentation and use cases as much as we need technical ones towards code review and hardening of specifications. It is critical that we equip the widest possible community with the tools to preserve privacy and the personal safety of users in the digital realm. With this initiative, we hope to make practical advances towards implementing that cause, and we invite you to join us in doing so.

You can start by following the links above and reading through the codebases and specifications as they stand today. To begin making IPR-protected contributions through the C&C working group and its work items, consider joining the DIF as well.

Building interoperable ZKP credential systems was originally published in Decentralized Identity Foundation on Medium, where people are continuing the conversation by highlighting and responding to this story.


Digital ID for Canadians

Spotlight on iProov

1. What is the mission and vision of iProov? iProov’s mission is to make the internet a safer place for businesses and consumers. We provide…

1. What is the mission and vision of iProov?

iProov’s mission is to make the internet a safer place for businesses and consumers. We provide trusted biometric authentication that is seamless, secure and effortless. Our vision is for all governments and enterprise institutions to be confident that the remote user is real and can be trusted. iProov strongly believes that the user and usability should be the heart of any solution and as such must be accessible to all users irrespective of their abilities, literacy and digital capability.

iProov ensures trust online through Genuine Presence Assurance. Governments, financial institutions and other enterprises are using iProov’s Genuine Presence Assurance technology to ensure that an online user is not only the right person, but that they are a real person and authenticating right now. This unique approach protects against impersonation and criminal attacks, providing the highest levels of security alongside effortless usability.

2. Why is trustworthy digital identity critical for existing and emerging markets?

One of the most significant challenges with digital service is establishing trust. A key element of which is how to bind the digital identity attributes of a person, to the person and assuring only they can assert that identity. As online digital becomes the primary channel to interact with services, customers and citizens are increasingly vulnerable to impersonation attacks from fraudsters compromising their identity. It is crucial to have consented, secure and effortless identity verification and authentication for everyone.

In many economies, parts of the citizen population have no formal identity documentation. Embracing digital identities will enable all members of society to be included, enabling them to unlock access to services previously not possible.

3. How will digital identity transform the Canadian and global economy? How does iProov address challenges associated with this transformation?

Digital identities are the cornerstone of doing businesses in the 21st century, they offer speed and flexibility in remote interactions which creates greater competition, economical efficiency, and greater citizen empowerment and inclusion.

iProov provides governments and enterprises with a very high level of assurance that the person interacting with their service is the legitimate user while protecting against criminal attacks. iProov Genuine Presence Assurance technology ensures trust by validating and authenticating users online to the highest level of certainty i.e. that a user is a real person, the right person, and authenticating right now.

4. What role does Canada have to play as a leader in the space?

DIACC is playing a critically important role in coordinating a national digital identity and framework in a way that is notably lacking in the US and UK. By showing how a liberal democracy can successfully empower citizens with a nationally structured system of digital identity, Canada will exert a very powerful influence on both sides of the Atlantic and help lead the G7 to a better place.

5. Why did iProov join the DIACC?

iProov believes that trust between a provider and its citizens or customers must be achieved alongside two critical objectives:

Accessibility and inclusion – providing services which offer maximum access, irrespective of their abilities, literacy and digital savviness. Sustainable security – ensuring a secure environment, business processes and centralized management controls to flexibly evolve and manage future, unknown risks.

It is this experience and insight that iProov brings to DIACC and can help DIACC in developing digital identity standards.

6. What else should we know about iProov?

The iProov solutions are trusted at national scale levels today with institutions such as:

The UK National Health Service – iProov provides strong authentication to onboard citizens in the UK to the NHS Login mobile app. With iProov, citizens registering for the NHS app are able to authenticate themselves in real-time with the image on their passport or driver’s license, allowing them to book medical appointments, order repeat prescriptions, and gain access to their patient record. The UK Home Office – the EU Settled Status scheme is utilizing iProov to assure the genuine presence of remote users and to verify that the applicant is the rightful holder of the validated ID document. Over 3 million EU citizens have used the service to apply for permanent residency status.

It is this experience and insight that iProov brings to DIACC and can help DIACC in developing digital identity standards.

iProov’s proven, simple and inclusive user experience is critical to the service we offer to our Government and Enterprise customers, and has been a key contributor to our successful engagements with some of the world’s most security-conscious and user-friendly organizations.


Kantara Initiative

Kantara and DINZ To Support New Zealand’s Digital Identity Ecosystem Development

Kantara To Share Its Digital Identity Assurance Program Learnings, Schemes, Specifications, Best Practice Guidelines To Support Digital Identity New Zealand’s Mission    WAKEFIELD, Mass., USA and WELLINGTON, New Zealand – July 15, 2020 — Kantara Initiative announced today that it has agreed a Memorandum of Understanding with Digital Identity New Zealand (DINZ) to support the […]

Kantara To Share Its Digital Identity Assurance Program Learnings, Schemes, Specifications, Best Practice Guidelines To Support Digital Identity New Zealand’s Mission   

WAKEFIELD, Mass., USA and WELLINGTON, New Zealand – July 15, 2020 — Kantara Initiative announced today that it has agreed a Memorandum of Understanding with Digital Identity New Zealand (DINZ) to support the goal of energizing New Zealand’s digital identity ecosystem development, where everyone can prove who they are digitally to organizations in a secure and trusted way.  Kantara will share its digital identity assurance program learnings, schemes, specifications and best practice guidelines with DINZ in support of its mission.

With headquarters in the United States and the European Union, Kantara is the leading global consortium improving trustworthy use of identity and personal data through innovation, standardization and good practice.  Kantara has similar collaboration agreements in Canada and Europe as well as being the only organization providing third party assessment and assurance against the US National Institute of Standards and Technology SP 800-63-3 for identity and authentication.

DINZ is a purpose driven, inclusive, membership funded organization, whose members have a shared passion for the opportunities that digital identity can offer. DINZ supports a sustainable, inclusive and trustworthy digital future for all New Zealanders.

Kantara Executive Director and Native New Zealander Colin Wallis said, “For a decade, Kantara has worked with governments and standards-bodies internationally sharing its assurance program knowledge, schemes, specifications and best practices in the digital identity and privacy space with the goal of building trustworthy networks and ensuring people have agency over their data. We’ve worked hard to align these programs for multi-jurisdictional adoption and believe that Kantara’s global mission and DINZ’s national goals are mutually supportive.  We look forward to working together and sharing knowledge, not only to drive forward ecosystem development in New Zealand but also to support improved global interoperability of digital identity. The effort will work hand in hand with the public sector digital identity initiatives – the Department of Internal Affairs in New Zealand, the Digital Transformation Agency in Australia and the US Postal Service – all of whom support the Kantara Initiative.”

Andrew Weaver, Digital Identity New Zealand’s Executive Director, said, “Collaboration is at the heart of our work here at Digital Identity New Zealand. We are excited to be working with the Kantara Initiative, drawing from the depth of wisdom and experience they have built up over the last ten years.  In return we hope to share some of our digital identity journey here in Aotearoa/New Zealand with the wider Kantara community.  Since our establishment late in 2018 we have been introduced to and explored the concept of ‘Identity as Taonga’, Taonga being a Maori word that describes something precious and treasured, worthy of the highest levels of dignity, care and respect.  We look forward to exploring these ideas with other communities around the world, learning together what it means to build truly inclusive and diverse identity ecosystems”

About Kantara Initiative

The Kantara Initiative is the leading global consortium improving trustworthy use of digital identity and personal data through innovation, standardization and good practice. Kantara provides real-world innovation through its development of specifications, applied R&D and operational conformity assessment programs for the digital identity and personal data ecosystems. More information is available at https://kantarainitiative.org/.

Follow Kantara Initiative on Twitter — @KantaraNews

About DINZ

Digital Identity NZ was formed to help New Zealand’s transformation as a digital nation, where everyone can prove who they are digitally to organisations in a secure and trusted way.

DINZ’s vision is for Aotearoa/New Zealand to be a country where everyone can fully participate in society by confidently expressing their digital identity.  To support that vision, our mission is to foster the establishment of a digital identity ecosystem that enhances privacy, trust and improves access for all people in Aotearoa/New Zealand.  For more information visit https://digitalidentity.nz

 

Tuesday, 14. July 2020

Digital ID for Canadians

Adapting to Distance: How Digital Solutions are Creating a Path Forward for Traditional Industries

The pandemic has changed everything – in small, invisible ways and in big, obvious, and often dramatic shifts. “It is not business as usual. People…

The pandemic has changed everything – in small, invisible ways and in big, obvious, and often dramatic shifts. “It is not business as usual. People are rushing to find solutions, and people who were procrastinating are committed to changing,” explained Patrick Drolet, VP, Operations and Product Strategy, Notarius

Traditional sectors, like the legal sector, banking, education, and government, are particularly impacted by requirements to stay physically distant. As organizations that are heavily reliant on paper documents, witnesses, and face-to-face meetings, working in a new digital and decentralized format can present challenges. 

“What has amazed me is the variety of people who want to go digital,” Marc St-Jacques, VP, Sales and Marketing at Notarius said. “Everything from government to industry, health, [and] universities.”

Making the transition to digital isn’t always straightforward. For many of these secure, highly sensitive industries, a foundation of strong, trusted, and protected digital identity is necessary to continue operating. As individuals and businesses shift their focus and, in some cases, scramble to quickly adapt, a delta is opening up between those who were already moving towards digital transformation – and those who were dragging their feet. 

“It is not business as usual. People are rushing to find solutions, and people who were procrastinating are committed to changing.”

“On the one hand, individuals forced into digital are going now. It also illustrates the disparity between approaches. The shift has made everyone stand out,” St-Jacques explained. Whether it’s because they’re practiced in offering digital solutions or because they’ve been holding off, St-Jacques says it’s easy to see how different businesses operate. 

The Pan-Canadian Trust Framework, can help close the gap between early adopters and laggards, and ensure everyone has a clear path to operating in an increasingly digital-first world. 

For Notarius, there are two product lines that have been in high-demand in the wake of COVID-19. The traditional “old fashioned identity” that is consistently a big part of their business, and renewed interest in the document part. Secure, remote digital signatures and document execution are presenting a lot of opportunities for their clients to move forward. At the onset of the pandemic, they offered 60-day free trials and special offers, helping make the transition even easier for clients.

Witnessing the Shift in Industries

The industries who are showing the most interest are traditional sectors that may have been slow to adopt and adapt to digital technologies. “We are seeing a lot of appetite from the government. It is refreshing to see, as [the sector] has been slow to adopt. The biggest uptake, though, is in the university marketplace, both inside and outside of Quebec. They have moved quickly,” St-Jacques said.

“In many instances, organizations were held back by a department or two,” St-Jacques explained. “Legal departments were often the roadblock.” Those departments, including IT and government sectors, are now transforming rapidly to keep up.

The change is not – and cannot – only happen at the organizational level, though. From provincial to federal governments, the pandemic is accelerating change. “There is a long list of laws that were not ID-friendly. Government used to be so slow. They are moving now, which is super exciting,” Drolet said. 

One example is the notary bar in Quebec, a completely paper-based line of work. Although digital transformation was under consideration for the past four or five years, in the COVID-19 era, it took just three weeks for a temporary law to be passed so notaries can work in a digital format. 

Across the board, attitudes are changing and, in many cases, charting a digital path forward is no longer an option – it’s necessary for survival. The Pan-Canadian Trust Framework ensures businesses from all industries will be able to interact seamlessly with government and other industries, creating more efficiencies and helping all Canadian industries meet a baseline for privacy, security and usability. 

Digital ID Helps Maintain Connections Across Closed Borders

In a highly connected, global environment, these tools offer more options to continue connecting internationally. “Foreign students need their transcripts, they want to do their exams. Transcripts are like the identity of organizations,” St-Jacques explained, connecting the trends in education to other sectors. 

Through Notarius, these identifying documents are connected with a digital signature that it is clear and immediate, appealing to teams around the world. “We’re seeing requests from Europe, Asia, and the US,” St-Jacques shared. 

“For the international part, we are the only one recognized by Adobe. We were the only platform certified with EIDAS, with the highest standards,” Drolet explained.

Looking Ahead as Old Barriers Come Down

While the situation has not been ideal for anyone, the speed with which many have had to respond to this serious outbreak has led to some positive changes. “Usually it would be a structured and siloed process. Now, everyone is scrambling and can take initiative,” Drolet shared. “They see the value and what used to take weeks, now takes 15 minutes. Unfortunately, the pandemic was the driver.” 

So, what does the future look like?

For digital identity, Drolet predicts a surge in interest and adoption. “Who are your competitors in the ID space? The bad guy used to be the pen, now even that guy is going away,” he said.   

For industries, St-Jacques envisions lasting change. “I really don’t see people going back,” St-Jacques predicts. Old concerns about security, processes, and reluctance to change are being dissolved, as the rapid changes set precedent for what’s possible.

No matter what comes to pass, digital identity will be an important lever for success. Join Canada’s digital identity ecosystem to be a part of leading the change.
The Pan-Canadian Trust Framework ensures privacy, security, and accessibility remain features of our economy as all industries face a global push to go digital. Learn more about how DIACC is aligning organizations across industries, sectors, and Canada toward digital transformation.

Monday, 13. July 2020

Oasis Open

Bank of America, Google, and Red Hat Executives Join OASIS Board of Directors

Friday, 10. July 2020

Oasis Open

Repeatable Requests Version 1.0 from OData TC approved as a Committee Specification


OpenID

OpenID Foundation and Open Banking Implementation Entity Continue Collaboration with Conformance and Certification Workshop at OAuth Security Workshop 2020

The OpenID Foundation (OIDF) and the UK Open Banking Implementation Entity (OBIE), continue our collaboration efforts building on the success of our recent workshop focused on Financial-grade API (FAPI) conformance and certification. It was a deep dive into the technical interface of our open, international standard with the OBIE’s functional UK standard. More workshops are […] The post OpenID F

The OpenID Foundation (OIDF) and the UK Open Banking Implementation Entity (OBIE), continue our collaboration efforts building on the success of our recent workshop focused on Financial-grade API (FAPI) conformance and certification. It was a deep dive into the technical interface of our open, international standard with the OBIE’s functional UK standard. More workshops are planned with OBIE and the FDX in the coming weeks.

OIDF and OBIE have been invited to deliver a similar session at the upcoming OAuth Security Workshop 2020 virtual conference July 21-24, 2020. We’ll take a deeper dive into:

the extra security in FAPI-RW 1.0 and FAPI 2.0 the security checks done in the certification suites (is this just the FAPI suite or do the OBIE tests cover some security checks?) the security advantages of the OB directory model vs eIDAS the apparent conflict between security and interoperability, especially in bank environments how the certification programs attempt to ensure both security and interoperability

OIDF and OBIE continue to collaborate to help drive global open banking initiatives with the following goals:

To update participants on the latest developments in both the OIDF Financial-Grade API (FAPI) profile and the OBIE Standard. To demonstrate the respective conformance tools and the benefits of certification including why conformance and certification is critical to ensuring standards are secure and interoperable. To provide participants with help and support in using these tools. To encourage a greater number of certifications. Ultimately to help grow the open banking ecosystem, enhancing security and benefits for participants and end customers.

We hope you’ll join us at OSW 2020.

 

Don Thibeau
OpenID Foundation Executive Director

 

Agenda

 

Topic Presenter(s) Notes Welcome & Introduction Don Thibeau (OIDF)

Chris Michael (OBIE & Session Host)

Intro to OpenID Foundation Intro to Open Banking Implementation Entity Why conformance and certification is critical to ensuring standards are secure and interoperable Introduction to OpenID Connect and Financial-grade API (FAPI) Nat Sakimura (OIDF) OpenID Connect overview Introduction to Financial-grade API (FAPI) Vision for the FAPI profile and conformance tools in a global context Detailed Overview of the FAPI and CIBA Profiles Including Enhanced Security in New Versions Dave Tonge (OIDF & Moneyhub) High level functionality of latest drafts of FAPI and CIBA The extra security in FAPI-RW 1.0 and FAPI 2.0 Future planned updates Introduction to the OBIE Standard Freddi Gyara (OBIE) Summary of Functional APIs and DCR Different approaches to use of OBIE Directory and eIDAS certificate validation Standards, Security & Interoperability Discussion Dave Tonge (OIDF & Moneyhub)

Freddi Gyara (OBIE)

The security advantages of the OB directory model vs eIDAS The apparent conflict between security and interoperability, especially in bank environments How Certification Programs Attempt to Ensure Both Security and Interoperability: Demonstration of the OpenID Conformance Test Suite Joseph Heenan (OIDF & Fintech Labs) Overview of self-certification Examples of security & interoperability checks the suite does on OAuth2 & OpenID Connect Architecture / extensibility / applicability to further protocols Future roadmap Demo of the conformance test suite including App-App tests & RP tests How Certification Programs Attempt to Ensure Both Security and Interoperability: Demonstration of the OBIE Conformance Tool Glyn Jackson (OBIE) & Julian Coombes (OBIE)

 

For AIS, PIS, CBPII and DCR Examples of security & interoperability checks Q&A Session on OIDF & OBIE Specifications & Conformance Tools Nat Sakimura (OIDF)

Chris Michael (OBIE)

Open Audience Discussion on Issues and Suggestions Nat Sakimura and Don Thibeau (OIDF)

Chris Michael (OBIE)

Getting other jurisdictions engaged Global open banking initiatives What can OIDF & OBIE do to help?

 

The post OpenID Foundation and Open Banking Implementation Entity Continue Collaboration with Conformance and Certification Workshop at OAuth Security Workshop 2020 first appeared on OpenID.

Thursday, 09. July 2020

ID2020

ID2020 Welcomes the National Cybersecurity Center to the Alliance

Today, ID2020 announced its newest Alliance partner, the National Cybersecurity Center (NCC). ID2020 was founded in 2016 to ensure that all people have access to better forms of digital ID, bringing together nonprofits, corporations, and governments to promote the adoption and implementation of user-managed, privacy-protecting, portable digital identity solutions. Founded in 2016 by the for
Today, ID2020 announced its newest Alliance partner, the National Cybersecurity Center (NCC).

ID2020 was founded in 2016 to ensure that all people have access to better forms of digital ID, bringing together nonprofits, corporations, and governments to promote the adoption and implementation of user-managed, privacy-protecting, portable digital identity solutions.

Founded in 2016 by the former Governor of Colorado, John Hickenlooper, the National Cybersecurity Center (NCC) is a Colorado Springs-based nonprofit committed to promoting cyber innovation and awareness.

“We are delighted to welcome the National Cybersecurity Center to the ID2020 Alliance,” said ID2020 Executive Director, Dakota Gruener. “Because technology is evolving so quickly, many of the transactions that once took place in person and required traditional forms of ID are today being conducted digitally. Cyber threats, whether criminal or state-state sponsored, underscore the urgency and importance of ID2020 and the NCC’s collective efforts. We look forward to sharing our expertise and learning from their world-class team of cybersecurity experts.”

With a mission to “secure the world”, the NCC has four main initiatives:

● Secure the Vote seeks to increase voter confidence in the U.S. on the accuracy of vote-counting, and to generate greater awareness of possible solutions to critical gaps in the voting infrastructure. Secure the Vote supports jurisdictions’ efforts to offer a secure, auditable mobile voting option for overseas voters through coordinating, and evaluating pilots across the country.

● Secure Smart Cities: Hyper-connectivity amongst smart devices and urbanization drive the need for cities to become more efficient in their operations as they continue to grow, but the concern of security impedes the overall advancement of several cities with “Smart” agendas.

● The NCC’s Cyber Education Program provides cybersecurity leadership, and one of the main pillars is K-12 education. As our nation addresses the critical gap in skilled cybersecurity talent, NCC addresses the importance of cyber education through programs and partnerships that invite students to participate in an ecosystem that encourages them to learn, explore, and build their skills.

○ The NCC’s K-12 initiative, the National Cybersecurity Center Student Alliance (NCCSA) offers opportunities for middle and high school students to improve technical literacy through fun, interactive, and challenging camps, field trips, workshops, and events. NCC encourages STEM education for all students, with special attention towards creating inviting and collaborative opportunities for girls and other underrepresented groups in the cyber ecosystem.

● The Space Information Sharing and Analysis Center (ISAC), a separate nonprofit organization, has the mission to facilitate collaboration across the global space industry to enhance our ability to prepare for and respond to vulnerabilities, incidents, and threats; to disseminate timely and actionable information among member entities; and to serve as the primary communications channel for the sector with respect to this information.

“Digital citizenship is an increasingly critical space as more of our identity is online,” said NCC Director of Business and Government Initiatives, Forrest Senti. “The NCC’s work to secure cyberspace intersects directly with ID2020’s work to protect individuals’ online identity and to ensure that policies created around that protection are fair and equitable and ensure the utmost security for citizens around the world. We look forward to working with ID2020 to pioneer new ways to secure the future of identity.”

The future of digital ID is at an important crossroads. As policymakers in the US and around the world struggle to confront the social and economic consequences of the COVID-19 pandemic, some are considering plans for digital identity-based health credentials to facilitate a return to work, school, and other social activities. The risks to privacy and security are high, as are the rewards of doing it right. ID2020 is working urgently with its partners and other stakeholders to ensure that privacy and data security are built into the technical architecture of these systems and that the appropriate legislative and regulatory are developed to guide their implementation.

ID2020 and the National Cybersecurity Center share a common mission to secure our individual and collective privacy and security. We welcome them to the Alliance and look forward to working collaboratively to advance our shared goals.

About ID2020

ID2020 is a global public-private partnership that harnesses the collective power of nonprofits, corporations, and governments to promote the adoption and ethical implementation of user-managed, privacy-protecting, and portable digital identity solutions. By developing and applying rigorous technical standards to certify identity solutions, providing advisory services and implementing pilot programs, and advocating for the ethical implantation of digital ID, ID2020 is strengthening social and economic development globally. Alliance partners are committed to a future in which all of the world’s seven billion people can fully exercise their basic human rights and reap the benefits of economic empowerment and to protecting user privacy and ensuring that data is not commoditized.

www.ID2020.org

About National Cybersecurity Center

Established in 2016, The National Cybersecurity Center exists to help secure the world using knowledge, connections, and resources to solve global cybersecurity challenges and develop a protected cyber ecosystem. An independent and non-profit think tank based in Colorado Springs, Colorado, the NCC provides cyber innovation and awareness and is a leader in cyber education, workforce development, and informing public policy.

www.cyber-center.org

ID2020 Welcomes the National Cybersecurity Center to the Alliance was originally published in ID2020 on Medium, where people are continuing the conversation by highlighting and responding to this story.

Thursday, 02. July 2020

Decentralized Identity Foundation

DIF is opening up: Join for free

Getting involved, contributing, and following along will be easier than ever The DIF has an active core of startups and dedicated teams at larger corporations known for their swift co-development within the foundation. Over time, this has led to rapid deployment of several useful specifications, reference implementations, and cross-competitor conversations that have solidified a vision of th
Getting involved, contributing, and following along will be easier than ever

The DIF has an active core of startups and dedicated teams at larger corporations known for their swift co-development within the foundation. Over time, this has led to rapid deployment of several useful specifications, reference implementations, and cross-competitor conversations that have solidified a vision of the broadly-interoperable decentralized identity stack. A healthy and diverse market is coming into focus today, due in large part to these efforts.

Limiting participation to dues-paying members proved more of a barrier to entry than expected, however, and it is clear that the paywall to participation limits inclusiveness and community-wide discussion. As both of these are critical components for building a solid and lasting foundation for truly decentralized identity solutions, DIF will be shifting to a more open modus operandi.

Effective 18 June 2020, DIF has opened up participation to all technical working groups for companies under 1000 employees.
Photo by Ahnaf Tahsin Rafi

Going forward, attendance and substantial participation in all DIF-governed working group meetings, including IPR-protected ones, will be free to join as “contributors” for small- and medium-sized interested parties, with these defined as companies with under 1000 employees. Individual/freelance contributors without relevant IPR obligations to their clients will continue to be eligible to participate for free under appropriate legal agreements. Working Groups co-hosted with other organizations will continue to benefit from community-wide free participation regardless of organization type and size.

More information on how to join here.

Small- and medium-sized enterprises are encouraged to join as DIF full members, which have their logos listed on the site and are highlighted in DIF’s external communications. Other benefits to full membership include programming access to forthcoming special interest groups to guide the formation of industry-focused markets and other non-IPR-protected initiatives within the organization. More information on those initiatives is forthcoming.

The Genealogy of the Grand Opening

DIF was founded over 3 years ago to create a neutral space for co-developing and co-designing the key elements and protocols of a decentralized interoperable identity stack made up of interchangeable parts. Over the years, the member companies and individual contributors to the foundation have helped to raise the profile of decentralized identity on a global scale. Its contribution-first philosophy, pre-competitive cooperation ethos, and professionalism around IPR protection and recordkeeping have allowed it to make many substantial, useful, and agile contributions to various commercial and non-commercial stacks.

The shift really began at IIW28, when Oliver Terbu and Rouven Heck convened a session which produced a useful overview of the decentralized identity stack as a more grokkable whole, seemingly visible on the horizon by the end of 2019. A few months later, Daniel Buchner, then Executive Director, co-wrote an article with Sam Curren addressing the false dichotomy between Microsoft’s Identity Hub design principles and the agent-focused architecture of the Aries community. Were there other mirages making practical interoperability seem further away than it really was?

Then, at the second DIF semi-annual meeting of 2019, traditionally an update meeting where for different workstreams to compare notes and coordinate, executive director Rouven Heck gave a keynote presentation before the updates. He invited DIF’s membership to reflect on how DIF related to adjacent decentralized-identity communities and development organizations. Were we siloing research and risking double-work? How could we bring about greater convergence of the stack, by harmonizing with and optimizing for the work already underway elsewhere?

DIF might not have changed much in the previous six months, but the landscape was changing. The Worldwide Web Consortium (W3C) has finalized the core VC specification and was ramping up to finalize the core DID specification in the coming half-year; what came next? The Hyperledger Foundation’s focus, having restructured and set an ambitious roadmap for interoperability after pushing forward the next iteration of the Indy blockchain at the core of many SSI systems, was getting a lot of attention outside the decentralized identity community with its promises of production-grade systems. If DIF continued on its code-driven, “build it first” trajectory, could we end up competing with, more than complementing, these adjacent projects?

With his quick slideshow presentation, Rouven started socializing and recruiting support for a vision of DIF that did as much coordination as co-development. A key feature of this strategy was identifying cross-community development work that would benefit from IPR protection and DIF infrastructure and inviting communities to come together in the repositories.

The first of these joint efforts was the DIDComm working group, identifying ways to accelerate the interoperability of wallet-to-wallet communications beyond the Indy stack, a working group that is still doing important and influential work to this day, including sending the first draft proposal to the IETF from a DIF WG. More recently, the Secure Data Storage working group has followed the same co-hosting approach, bringing a work item from the W3C community and an under-socialized contribution open-sourced by Microsoft Research together as the two model implementation inputs to what could well prove to be a widely-usable decentralized standard across all compliant stacks and most web-based contemporary topologies.

Photo by Robert Bye Conclusion

In 2020, the co-development of the widely-interoperable decentralized identity stack is turning a corner, and now more than ever it feels like we are in a crucial moment for structured and transparent cooperation to pre-empt any enclosure of the Commons. With the widest possible cooperation, we can build unity and grow the market before dividing it up into fiefdoms and brands. DIF is aiming to return to its roots and pitching a bigger tent than ever to make sure we get this right, together.

Stay tuned for more updates about new working groups and new ways to get involved. If you’d like to join as a contributing member, see the signup form here.

DIF is opening up: Join for free was originally published in Decentralized Identity Foundation on Medium, where people are continuing the conversation by highlighting and responding to this story.


OpenID

OpenID Connect Federation Draft Incorporating Feedback from First Interop Event

The OpenID Connect Federation specification has been updated to incorporate feedback from developers participating in the first OpenID Connect Federation interop event, which was held online in June 2020. The primary change is to use either signed request objects (JAR) or pushed authorization requests (PAR) for client authentication of automatic registration requests. The new draft […] The post

The OpenID Connect Federation specification has been updated to incorporate feedback from developers participating in the first OpenID Connect Federation interop event, which was held online in June 2020. The primary change is to use either signed request objects (JAR) or pushed authorization requests (PAR) for client authentication of automatic registration requests.

The new draft is published at:

https://openid.net/specs/openid-connect-federation-1_0-12.html and https://openid.net/specs/openid-connect-federation-1_0.html

The post OpenID Connect Federation Draft Incorporating Feedback from First Interop Event first appeared on OpenID.

Tuesday, 30. June 2020

SSI Meetup

Solving compliance for crypto businesses using Decentralized Identity – Pelle Braendgaard

https://ssimeetup.org/solving-compliance-crypto-businesses-using-decentralized-identity-pelle-braendgaard-webinar-60/ A new global framework for regulating the crypto industry is coming into place this year. One of the most important new rules that businesses interacting with crypto has to implement is what is known as the Travel Rule. The Travel Rule, which is also known as The Wire Transfer rul

https://ssimeetup.org/solving-compliance-crypto-businesses-using-decentralized-identity-pelle-braendgaard-webinar-60/ A new global framework for regulating the crypto industry is coming into place this year. One of the most important new rules that businesses interacting with crypto has to implement is what is known as the Travel Rule. The Travel Rule, which is also known as The Wire Transfer rule, requires a business managing crypto on behalf of their user to transfer KYC’d (Know-Your-Customer) Identity Information to a receiving institution. Pelle Braendgaard, CEO of Notabene, will share his insights and explain how his company is tackling this business challenge for the industry. Complying with this rule provides many challenges for the industry. Several industry groups have already started to invent several new protocols to solve this. Notabene helps financial companies be compliant with new, global anti-money laundering (AML) regulations for crypto transactions coming into effect right now. Pelle believes this is a critical use case for SSI (Self-Sovereign Identity). In this talk, he will go over the rule itself, industry protocols, how he sees SSI can help here, and how they are helping to solve it.

Monday, 29. June 2020

Oasis Open

OASIS Open Joins Open Source Initiative

Thursday, 25. June 2020

Covid Credentials Inititative

Hello World from the COVID-19 Credentials Initiative

The COVID-19 pandemic has, in a few months’ time, taken the lives of almost half a million people worldwide and brought economies into lockdown globally. While many are struggling with the effects of social distancing, financial distress, or fear of contracting the virus, here at the COVID-19 Credentials Initiative (CCI), nearly 300 individuals from 100 organizations have united around a cause wor

The COVID-19 pandemic has, in a few months’ time, taken the lives of almost half a million people worldwide and brought economies into lockdown globally. While many are struggling with the effects of social distancing, financial distress, or fear of contracting the virus, here at the COVID-19 Credentials Initiative (CCI), nearly 300 individuals from 100 organizations have united around a cause worthy of our collective efforts: supporting projects that deploy privacy-preserving Verifiable Credentials (VCs) to mitigate the spread of COVID-19 and strengthen our societies and economies.

We are a global community that shares a vision for the effective use of technology to mitigate the impact of COVID-19. We believe that, when used responsibly, VCs can be great privacy-preserving components of solutions addressing the numerous social and economic challenges caused by this and future pandemics. We are aware that without a holistic perspective from the onset, many COVID-19 technology solutions may introduce unintended results (e.g. surveillance, abuse of personal data, social inequalities). To avoid such outcomes, we have committed ourselves to open collaboration with a diverse range of experts, embracing open standards, and protecting the fundamental privacy and personal data rights of all stakeholders.

If you lead a project implementing VCs in your local communities and are aligned with our values, we want to hear from you. We also wish to share and discuss our work openly, including its technical, medical, legal, ethical, and business implications. We invite your input on these considerations as well as any other important aspects that can help build responsible, human-centric VC solutions to fight COVID-19.

If you are ready to contribute or collaborate, please join us at https://www.covidcreds.com/.


ID2020

ID2020 Announces Certification of ZAKA Group Ltd.

The global movement in support of “good ID” advanced another step today as ID2020 announced ZAKA as its third “certified” digital ID solution. Most of us take the ability to prove our identity for granted. But for one in seven people globally, the lack of a widely recognized form of ID means being unable to access basic legal protections and social services and being unable to participate fully a

The global movement in support of “good ID” advanced another step today as ID2020 announced ZAKA as its third “certified” digital ID solution.

Most of us take the ability to prove our identity for granted. But for one in seven people globally, the lack of a widely recognized form of ID means being unable to access basic legal protections and social services and being unable to participate fully as citizens and voters. Worldwide, more than one billion people are systematically excluded from the modern economy because they lack any form of formal ID.

In 2019, ID2020 announced plans to launch the first certification mark for digital ID at the World Economic Forum in Davos, Switzerland. The Certification recognizes solutions that adhere to ID2020’s stringent standards for user-management, privacy-protection, portability, and interoperability and offers technology companies a roadmap for the development of ethical, inclusive digital ID.

To be eligible for certification, applicants must adhere to 41 functional, outcomes-based Technical Requirements. To date, 29 technology providers from every corner of the globe have submitted applications and worked with our staff and advisory committees to complete the process. In March, ID2020 announced its first two certified solutions, Kiva Protocol and Gravity. Today, ZAKA joins this esteemed community of technology providers.

The COVID-19 pandemic has thrust digital ID technology into the headlines as countries around the world consider plans for digital health credentials and technology-assisted contact tracing. There has never been more urgency to “get the technology right”.

“Digital ID can be a powerful force multiplier for global social and economic development, but it can also be used to exclude people or even persecute vulnerable populations like refugees, children, and the homeless,” said ID2020 Executive Director, Dakota Gruener. “As governments and businesses rush to adopt digital ID solutions, the ID2020 Certification is proving a valuable tool for those who are developing user-centric, privacy-protecting solutions to meet the needs of all people.”

The Certification also provides a third-part seal of approval so that those implementing and using these technologies know that they were developed according to the highest ethical and technical standards and with full consideration of both the benefits and risks.

This market-based approach is already shifting the technical landscape and several multinational technology providers have adapted their technical approaches to comply with ID2020’s Technical Requirements.

About ZAKA

Based in the UK, ZAKA is committed to the idea that any person, with any phone, should be able to access any service, at any time. Like ID2020, ZAKA shares the perspective that, in an increasingly connected world, digital trust is an essential enabler of thriving economies.

ZAKA’s mobile app and software development kit (available in Android, iOS and USSD) helps individuals to build a set of verifiable digital credentials that are private, secure and portable, allowing them to connect with services such as mobile health, financial services, and education. And for service providers, ZAKA’s web dashboard allows them to configure their digital trust requirements and roll-out the solution to remotely verify and onboard customers. This allows services to concentrate on developing and distributing high-quality services, rather than be held back by high distribution and customer acquisition costs. ZAKA has also developed proprietary voice biometric technology which can be deployed together with, or separately from, it’s Apps.

In recent months, ZAKA has also extended its solution to support the response to, and recovery from, COVID-19. Their NewNorm™️ service is now being used by universities, employers, and event organizers to support a safe return to the “new normal”.

“We are delighted to receive the ID2020 Certification,” said ZAKA CEO and Co-Founder Nick Mason. “We expect a great return on our investment of time and resources in this process and look forward to using the ID2020 certification to set ZAKA apart from our competition. The rigorous evaluation of our company by ID2020 should give prospective partners confidence that our solution is meeting global standards and advancing the vital mission of bringing “good ID” to all.”

ZAKA is already implementing their its technology in Turkey, Rwanda, and the United States.

In partnership with the United Nations Development Program and led by the Turkish Ministry of Foreign Affairs, ZAKA is helping refugees obtain verifiable digital ID credentials that are portable and owned by them. Refugees can use these credentials to connect with services in a dedicated marketplace for services that support their self-sufficiency. Through the app, refugees can also receive promotional information from their chosen services about beneficial opportunities.

In Rwanda, ZAKA is working in partnership with the utility regulator, Airtel, and other private and public partners to implement a solution that leverages voice biometrics for remote customer verification. This can be used by banks, telcos, and healthcare providers to serve rural customers, whether they own a smartphone or feature phone.

Here in the United States, ZAKA’s COVID-19 status tracking solution, NewNorm™️, is helping employees and customers be safe in the “new normal”. This is being used by two New York University departments that have returned students, staff, and faculty to on-site instruction.

About ID2020

Based in San Francisco, ID2020 harnesses the collective power of nonprofits, corporations, and governments to promote the adoption and implementation of responsibly implemented, user-managed, privacy-protected, and portable digital identity solutions.

Through its advocacy, project funding, technical support, and now by certifying best-in-class identity solutions, ID2020 is helping build the infrastructure needed to strengthen social and economic development and ensure that all of the world’s seven billion people can fully exercise their basic human rights and reap the benefits of economic empowerment.

ID2020 Announces Certification of ZAKA Group Ltd. was originally published in ID2020 on Medium, where people are continuing the conversation by highlighting and responding to this story.

Wednesday, 24. June 2020

Decentralized Identity Foundation

DIF Virtual Face-to-Face, 6/16/2020

DIF F2F Virtual community meeting — Follow up, 6/16/2020 Highlights, videos, and links To the 100+ attendees who came, thank you for joining us at the DIF F2F Virtual Community meeting last week. For everyone else reading this, thank you as well, and we hope that if you find something interesting below, you’ll feel welcome to our future events, working groups, and conversations. Highlights,
DIF F2F Virtual community meeting — Follow up, 6/16/2020 Highlights, videos, and links

To the 100+ attendees who came, thank you for joining us at the DIF F2F Virtual Community meeting last week. For everyone else reading this, thank you as well, and we hope that if you find something interesting below, you’ll feel welcome to our future events, working groups, and conversations.

Highlights, videos and links from the DIF Virtual Face-to-Face, 6/16/2020

🎉 During the 5+ hours, we spent together over zoom, we discussed ethics, technology, community, and collaboration. We heard from current DIF members, newcomers to the decentralized identity space, and DIF-curious veterans curious what our working groups have been up to. Particularly well-attended were the community-wide interoperability session and the solid three hours of working group introductions and updated, chock full of wide-ranging Q&A and even a few announcements about projects soon to be open-sourced!

📝 This update condenses the essential takeaways and announcements from each session of the meeting, as well as listing links shared in chat and links to video recordings of the entire session. Before jumping in, let us announce two on-ramps to future discussions:

here is a sign up form for our open call for cross-community interoperability coordination, taking place June 26th at 12 ET, and
here is another sign-up form for the hourlong sync meetings, also open to the public, that we hold every other Wednesday at 11 ET.
☕Welcome remarks

We started off bright and early at 8 am for the Pacific time zones of California, Vancouver and Washington with a little icebreaker exercise: everyone willing to do so marked themselves on a public google map while many newcomers introduced themselves over Zoom and chat. After that, executive director Rouven Heck gave some opening remarks and there was a brief housekeeping Q&A session.

Map of F2F community

From chat:

DHS S&T SVIP Call — CFP W3C CCG work item to standardize on HTTP APIs (this extends the API standardization for the DHS SVIP plugfest; see also did:actor and did:web) About the controversial comments around ION project (Coindesk hit piece) A project introduction from Adrian in healthcare use-cases, privacy issues, and ethics 📓Code of Conduct

approved version: on github

Between #IIW29 and #IIW30, a DIF ad hoc committee worked weekly to define and iterate a new Code of Conduct for DIF working groups, mailing lists, GitHub repos, and events. In this brief update, we presented the completed and approved draft document. We also outlined a new DIF initiative taking shape to offer workshops for people interested in cultivating responsive and empathetic convening skills and conflict resolution skills application to contexts like ours. Creating an open, healthy, and productive culture where members and the community can build and grow together is an important part of any organization, and we are putting money and time behind our commitment to making that the case here at DIF.

Please submit pull requests on github or leave marginal comments in the approved draft Google doc, as this is a living document which will be iterated again before the next face-to-face meeting.

☂️Interoperability WG — Cross Community effort

This session proposed pivoting the existing DIF Interoperability Project to a more coordinating and project-managing paradigm. Previously, the project primary work has been building and adopting testing infrastructure, but while that work is important and much of it will still be done in other DIF WGs, the new interoperability working group charter is scoped to only for identifying roadblocks to and gaps in a widely-interoperable decentralized identity stack. Once identified, these needs will be analyzed consultatively to avoid redundant work and route them to the best (and most collaborative) working context, in or outside of DIF.

The meetings of this group will be a fully open, non-IPR protected meeting so all parties with skin in the game are warmly welcomed to attend, to listen in, or to watch the recording afterward. A (draft) charter can be seen here for scope: Interop WG and the inaugural Community kick-off meeting will take place on June 26th at 9 am PST / 12 pm ET / 6 pm CET. Sign up here (you will receive a calendar invite with dial-in details). Or join the mailing list here.

From chat:

Precedents and inputs: Aries Connect-a-thon ; DHS SVIP Plug-fest Kaliya’s precedent further back of community coordination: OSIS Anil and Pamela discussed test suite maintenance — this is now on the agenda for the interop WG Friday Darrell: Until the community sees the deep value in test suites — and what it means (no vendors pointing fingers; ability to avoid the worst of vendor lock-in; etc.) it will be hard. OGC is a great working example of how interop suites built an industry while breaking down the barriers that were driving (insane) costs. Adrian’s question about Service Endpoints and privacy: “Neither DID or VCs or wallets need to do anything standard with the service endpoints.” — Adrian’s point and his use-case are now on the agenda for the interop WG Haardik’s question about wallet portability segued nicely into Orie’s W3C work item DanielB’s feedback on ^: DID Contexts was one portion of the data that I was hoping to have in a wallet portability standard I’ve been sketching out 🔎DID & Protocol layer Groups:

💡ID & Discovery WG, 🌱Sidetree WG & others

Highlights: ID & Discovery talked about Universal Resolver CI/CD project and in-kind donation from IBM (of Dan and Kapil’s time and cloud credits) to host and productionize the Universal Resolver along with Philip and Bernhard from DanubeTech. Markus also updated everyone on the three key recovery schemes recently open-sourced by Microsoft Research, Veridium, and ConsenSys. DID:Peer is being open-sourced and well-known DIDs are being deployed to production by MSFT. Updates were given on the various members of the Sidetree family, with the editor of the Sidetree spec Orie Steele of Transmute inviting GitHub issues (including documentation issues) to push the specifications closer to v1.

From chat:

DanielB: Note: MSFT will be implementing Well-Known DID Configuration for customers to connect DIDs to domains within 100 days from today Ajay — https://github.com/trustbloc Overview of KERI by Sam Andreas volunteered to help Sidetree WG with “Anchor contract” logistics to make it more ready for Eth mainnet (ref impl only works on Ropsten testnet, based on v0 spec; v1 spec needs to be finished before refactoring it ) Dan — WEF Future of Security and Travel task force has been working on interesting stuff worth looking into here → KTDI.org 🛠️App-layer & Functional Groups:

🔓 DID Auth, 📦 Secure Data Storage, 📚 Glossary & others

Oliver Terbu introduced two great demonstrations from member projects that had been reviewed, iterated, specified, and documented by the DID Auth WG in the last six months. Validated-ID showcased it’s Self-Issued OpenID Provider (SIOP) protocol for using a DID to sign in to an OpenID website. The authorization libraries complement other projects presented above and below to bootstrap OIDC architecture for DIDs, as well as ongoing open-source work bridging the European Commission’s ESSIF project to traditional eIDAS PKI via OpenID. New members Radical Ledger also showcased another lightweight SIOP-compliant authentication system intended for deployment in e-commerce settings. Kyle den Hartog, co-chair of the group, also briefly presented on the “key ID issue” (what to do about a parameter named ‘kid’), an ongoing multi-layer complication requiring extensive coordination between DIDAuth, DIDComm, and various WGs elsewhere.

Dmitri Zangulin introduced the Secure Data Storage WG, jointly operated with the W3C, which conveniently allows the same group to consolidate two existing specifications and reference implementations and then move that consolidated specification to a W3C recommendation without having to recharter or move to a new venue. As the group is still in early days of that consolidation, member Daniel Buchner presented the PWA/app-storage use case that could lay valuable foundations for data portability across applications and platforms.

Lastly, Kaliya Young presented the results of the Glossary Project she co-chaired with Drummond Reed and Margo Johnson, which in many ways informed the interoperability project’s methodology and foci for identifying architectural discrepancies encoded in divergent terminology. The report is in final revisions and will be released soon along with executive summary and reflections.

From chat:

Upcoming OIDC meetup on SIOP on June 25th — register Iain Henderson: Yes, the MyData operators work would be one great start point for SDS: 🎫Credential-layer Groups:

🛡️ Claims & Credentials, 📻 DID Comm & others

Wayne Chang introduced and gave updates on the main work items of the Credentials and Claims WG, starting from the least technical one, the Credential Taxonomy. This ongoing effort seeks to gather and analyze real-world credentials data dictionaries so as to create guidance for newcomers to the space on harmonization, semantic discovery and interoperability. Out of this evolved the Credential Presentation work item, which was a kind of minimalist or lightweight specification for a widely-interoperable credential exchange, done in parallel to DIDComm, for an overlapping but different set of cross-platform wallet-to-wallet use cases. Wayne also mentioned three work items happening primarily outside of DIF for now that C&C is watching closely with an eye to aligning or contributing were appropriate:

Mattr Global’s BBS+/ZKP-LD prototypes to make upcoming Ursa cryptography universally accessible via JSON-LD Mattr Global’s client-bound assertions, a proposal for aligning emerging OIDC standards with the SSI world’s credential exchange requirements Transmute’s Universal Wallet 2020 project, an attempt at specifying a minimal protocol for wallets that might simplify the addition of VC storage and wallet-to-wallet communications to cryptocurrency wallets, the addition of cryptocurrency to SSI wallets, and most promising of all, the linking (or “correlation,” for now!) of the two kinds of functions of such a joint wallet.

Sam Curren introduced the DIDComm working group, which works on the wallet-to-wallet communication protocol at the core of the Hyperledger Aries project in a somewhat narrower, focused-scope way while staying in dialogue with the larger Aries vision of DIDComm. Sam gave updates on two recent milestones of which DIF is particularly proud: the group reached a v1 specification of the JWM envelope and submitted it to IETF so it could be approved while other parts of the specification continued in parallel. Also, the group moved to ECDH-1PU signature suites for greater acceptance and alignment with contemporary IETF recommendations. Sam also reported on some [deeply technical] topics that have been the focus of most DIDComm discussion and progress since the last semi-annual DIF meeting: repudiable-by-default signature design, a core set of four transport modalities (including qR codes), key type support, and most recently, rotation-on-first-use capabilities and “upgrading” of ephemeral keys.

From chat:

C&C WG notion page DIDComm meeting agendasrepo Dmitri: Digital Bazaar is working on another QR code communication project Gabe: You can always use Workday’s cred-exch stuff :) Repo & Reference implementation of BBS+ JSONLD; also a Reference implementation of just the signature suite Closing Circle

The meeting ended with a heartfelt thanks from the organizers, steering committee members, and Executive Director Rouven Heck. The main call to action was simple: please stay involved, and bring others.

Sign up for DIF bi-weekly F2F style one-hour meetings:

https://bit.ly/DIF-bi-weekly-signup

Sign up for Interoperability WG Kickoff meeting (26th June, 12 ET)

https://bit.ly/DIF-interop-kickoff

Here is the master presentation we used during the meeting: Link

Thank you for joining us and being interested in the work the decentralized identity community is doing. If you are interested in contributing in any capacity, visit identity.foundation or reach out to membership@identity.foundation .

Written by: by_caballero in collaboration with Balázs Némethi

DIF Virtual Face-to-Face, 6/16/2020 was originally published in Decentralized Identity Foundation on Medium, where people are continuing the conversation by highlighting and responding to this story.

Tuesday, 23. June 2020

OpenID

OpenID Foundation Announces FAPI-RW App2app Certification Launched

Global interoperability, a common cause among many national and industry groups, seems especially urgent these days, especially in matters of security. Interop requires open standards, a “best idea wins” debate among experts and patience, lots of patience. The Financial-Grade API Working Group has a singular focus on developing its security profile as a complementary component […] The post OpenI

Global interoperability, a common cause among many national and industry groups, seems especially urgent these days, especially in matters of security. Interop requires open standards, a “best idea wins” debate among experts and patience, lots of patience. The Financial-Grade API Working Group has a singular focus on developing its security profile as a complementary component to the functional specifications in open banking “standards.” Patience is paying off as adoption momentum builds as demonstrated by HSBC’s recent certification of conformance to the FAPI Standard.

The OpenID Foundation (OIDF) is pleased to announce the expansion of the FAPI-RW certification program to cover app2app implementations. The App2app pattern for enhances the all-important user experience for OpenID Connect on mobile devices when the user has a native app from the OpenID Provider installed. The importance of the app2app experience for end users is emphasized by a recent opinion from the European Bank Authority, where they make it clear that under the “Payment Services Directive 2” (PSD2), most European banks are required to support the app to app pattern.

The Foundation announced the addition of FAPI certifications to the Certification Program in late 2018 with the first certifications posted in early 2019. Since launch, a wide variety of implementations have been certified. Many, like HSBC, are following the lead of the UK Open Banking Implementation Entity, with more currently testing and in the pipeline:

The app2app certification tests are run in the standard browser on the mobile OS, and need to be repeated for each supported platform (typically Web, Android, and iOS). This means that for many banks, vendors and other organizations looking to fully certify to FAPI-RW, they would run the tests 3 times:

1. Test standard web authentication/authorization experience
2. Test Android app experience
3. Test iOS app experience

The tests have been run against a number of app implementations. The OIDF Certification Program team continues to help organizations during testing discover interoperability and security issues present in their mobile implementations.

To encourage implementers to “test the tests”, app2app certifications will be in pilot mode and free of charge to members until July 31, 2020. This offer is for any implementation that has achieved FAPI-RW certification already as well as those that achieve a standard FAPI-RW certification prior to July 31st.

For those unfamiliar with app2app, please reference this OIDF blog post for more information. And for those interested in taking a deeper dive into app2app, Joseph Heenan from the OpenID Certification Program team will be presenting on app2app at:

Auth Security Workshop 22nd July 2020 Identiverse 4th August 2020

The post OpenID Foundation Announces FAPI-RW App2app Certification Launched first appeared on OpenID.


MyData

Personal note from our outgoing Deputy General Manager, Viivi Lähteenoja

I write this message with a heart filled with joy, gratitude, and not a little sadness. I’ve had the privilege of working with MyData for the past few years and now the time has come for me to say goodbye to the organisation I’ve had the privilege to develop and to develop alongside. From 1... Read More
I write this message with a heart filled with joy, gratitude, and not a little sadness. I’ve had the privilege of working with MyData for the past few years and now the time has come for me to say goodbye to the organisation I’ve had the privilege to develop and to develop alongside. From 1... Read More

Monday, 22. June 2020

Oasis Open

Invitation to comment on Collaboration Protocol Profile and Agreement Version 3.0 - ends July 22

Wednesday, 17. June 2020

Oasis Open

New Version of REST-based Open Data Protocol (OData) Approved as OASIS Standard

Tuesday, 16. June 2020

Oasis Open

4 #PKCS #11 Candidate OASIS Standards approved

Monday, 08. June 2020

SSI Meetup

The Pan-Canadian Trust Framework (PCTF) for SSI

https://ssimeetup.org/pan-canadian-trust-framework-pctf-ssi-tim-bouma-webinar-59/ We are very proud to release a special webinar to introduce the next chapter of the “Self-Sovereign Identity Book” from two of the most eminent authorities on digital identity in government: Tim Bouma and Dave Roberts, senior public servants with the Government of Canada and major contributors to the Pan-Canadian Tr

https://ssimeetup.org/pan-canadian-trust-framework-pctf-ssi-tim-bouma-webinar-59/ We are very proud to release a special webinar to introduce the next chapter of the “Self-Sovereign Identity Book” from two of the most eminent authorities on digital identity in government: Tim Bouma and Dave Roberts, senior public servants with the Government of Canada and major contributors to the Pan-Canadian Trust Framework (PCTF). In this chapter, Tim and Dave explain the PCTF model and how it maps to the SSI model and the Trust over IP (ToIP) stack. This webinar describes how a world leader in digital identity (which Canada has been for two decades) sees the opportunity in the new decentralized identity model represented by SSI (Self-Sovereign Identity).

Wednesday, 03. June 2020

Oasis Open

OASIS Approves SARIF as Interoperability Standard for Detecting Software Defects and Vulnerabilities

Tuesday, 02. June 2020

MyData

Guest Blog Post – The MyData Commons Prototype

  For many years, we have discussed ‘the individual as the point of integration for data about them’, and that statement is hard-wired into the MyData Principles. But what that means in practice has been less than clear. With COVID-19 as an inspiration/ driver, we have had to dig into that in more detail; this... Read More
  For many years, we have discussed ‘the individual as the point of integration for data about them’, and that statement is hard-wired into the MyData Principles. But what that means in practice has been less than clear. With COVID-19 as an inspiration/ driver, we have had to dig into that in more detail; this... Read More

COVID-19 affects MyData Global – we need your support now more than ever

Dear friend and supporter of MyData Global, These times of the COVID-19 pandemic are difficult for all people and organisations around the world. We are sad, though not totally surprised, that MyData and MyData Global is not an exception. Our world, too, has been affected tremendously. Due to the pandemic, we have had to postpone... Read More
Dear friend and supporter of MyData Global, These times of the COVID-19 pandemic are difficult for all people and organisations around the world. We are sad, though not totally surprised, that MyData and MyData Global is not an exception. Our world, too, has been affected tremendously. Due to the pandemic, we have had to postpone... Read More

Monday, 01. June 2020

Oasis Open

Call for Consent for 4 PKCS #11 specifications as OASIS Standards

Thursday, 28. May 2020

SSI Meetup

Key Event Receipt Infrastructure (KERI): A secure identifier overlay for the internet

https://ssimeetup.org/key-event-receipt-infrastructure-keri-secure-identifier-overlay-internet-sam-smith-webinar-58/ Samuel M. Smith will present KERI that stands for Key Event Receipt Infrastructure. Its a ledger-less approach to identity that enables a universal decentralized key management infrastructure (DKMI). KERI is the basis for a new proposed universal DID method DID:uni. Because KERI id

https://ssimeetup.org/key-event-receipt-infrastructure-keri-secure-identifier-overlay-internet-sam-smith-webinar-58/ Samuel M. Smith will present KERI that stands for Key Event Receipt Infrastructure. Its a ledger-less approach to identity that enables a universal decentralized key management infrastructure (DKMI). KERI is the basis for a new proposed universal DID method DID:uni. Because KERI identifiers are portable they are truly self-sovereign. The primary root-of-trust in KERI is a self-certifying identifier that is cryptographically bound to a set of key-pairs. These have fully generalized derivation mechanisms including content addressability with support for both rotatable and non-rotatable key-pairs. Its secondary root-of-trust are end-verifiable key event receipt logs. End verifiability means that KERI is not dependent on any intervening infrastructure. This fixes the primary security weakness of internet identity system security overlays thereby making KERI a candidate for a universal trust spanning layer for the internet to replace DNS-CA. KERI is an open-source project within the Decentralized Identity Foundation. Samuel M. Smith Ph.D. works at the intersection of AI, blockchain, and decentralized computing systems as both an entrepreneur and strategic consultant. He has written and continues to write seminal white papers on decentralized identity, reputation AI, distributed computing, and tokenomics. He provides strategic technical and business model guidance to startups in these fields and is active in shaping the underlying standards and driving their adoption. Samuel received a Ph.D. in Electrical and Computer Engineering from Brigham Young University in 1991. He spent 10 years at Florida Atlantic University, reaching full professor status before retiring to become an entrepreneur. He has over 100 refereed publications in the areas of machine learning, autonomous vehicle systems, automated reasoning, and decentralized systems. He was principal investigator on numerous federally funded research projects. Dr. Smith is an active participant in open standards development and is a serial entrepreneur.

Wednesday, 27. May 2020

Decentralized Identity Foundation

DIF ID WG: Starting work on cryptographic secret recovery

DIF I&D WG: Starting work on cryptographic secret recovery One of the most important challenges that remain in decentralized identity architecture is the key management. The whole point of a Decentralized Public Key Infrastructure (which is the underlying paradigm that has led to the development of Decentralized Identifiers and many other related technologies) is that individuals, organi
DIF I&D WG: Starting work on cryptographic secret recovery

One of the most important challenges that remain in decentralized identity architecture is the key management. The whole point of a Decentralized Public Key Infrastructure (which is the underlying paradigm that has led to the development of Decentralized Identifiers and many other related technologies) is that individuals, organizations, and things create and manage their own cryptographic keys without reliance on a central authority or intermediary. But as we know, with great power comes great responsibility — in this case, while we have the power to wield private keys that control DIDs, we can also lose everything connected to those DIDs if we can’t retain and secure them. By definition, in a decentralized identity system, there is no centralized service to provide an “I forgot my password” button.

Photo by Richard Payette

That is the starting condition. It is certainly possible to build safeguards and recovery mechanisms into a decentralized identity system. Such mechanisms can be as simple as creating a backup of a wallet that holds cryptographic keys or writing down a seed number on a piece of paper. Many key recovery techniques that are popular in the cryptocurrency community can also be applied to decentralized identity. Some of the better-known approaches are mnemonic seed phrases or Shamir’s Secret Sharing algorithm.

Despite the existence of approaches to make key recovery simpler and better, there is still much need for innovation. This is the reason why the DIF Identifiers & Discovery Working Group is excited to announce an open call for contributions and development of new secret recovery schemes, and implementations. To kick off work in this area, Microsoft, a member of the DIF I&D WG, will be contributing a scheme called ‘Fuzzy Vault,’ which incorporates many desirable, human-friendly features into a single recovery scheme. Daniel Buchner of Microsoft will be posting soon to detail their contribution to the ‘Fuzzy Vault’ scheme to this DIF I&D WG initiative. The whitepaper for the ‘Fuzzy Vault’ scheme will be published in this DIF repository: https://github.com/decentralized-identity/fuzzy-vault. The code implementation and any specifications required for ‘Fuzzy Vault’ will be developed within the DIF I&D WG.

Another approach DIF participants have worked on is a mnemonic scheme encoded as a 3D experience, called Seed Quest. This scheme uses geo-temporal-spatial inputs, which are more human-friendly than traditional word inputs. The scheme provides 128 bits of entropy for seed recovery with a mnemonic sequence that requires minimal rehearsal: https://github.com/reputage/seedQuest. DIF members have recently discussed ways to combine these schemes to maximize UX and recoverability.

These two efforts are just the beginning of DIF’s work in the area of secret retention and recovery. We encourage everyone to contribute their ideas, code, and insights to this vital work. For more information about participating in this new initiative, and the DIF I&D WG in general, view its Meeting Page, read the group’s Charter, and join DIF!

DIF ID WG: Starting work on cryptographic secret recovery was originally published in Decentralized Identity Foundation on Medium, where people are continuing the conversation by highlighting and responding to this story.

Thursday, 21. May 2020

Oasis Open

Call for Participation: Security Algorithms and Methods (SAM) TC

Wednesday, 20. May 2020

SSI Meetup

Identity-centric interoperability with the Ceramic Protocol

https://ssimeetup.org/identity-centric-interoperability-ceramic-protocol-joel-thorstensson-webinar-57/ Ceramic is a new permissionless protocol for creating and accessing unstoppable documents that serve as the foundation for a connected, interoperable web without silos. Joel Thorstensson is the founder and CTO of 3Box and the primary author of the ceramic protocol as well as several Ethereum sta

https://ssimeetup.org/identity-centric-interoperability-ceramic-protocol-joel-thorstensson-webinar-57/ Ceramic is a new permissionless protocol for creating and accessing unstoppable documents that serve as the foundation for a connected, interoperable web without silos. Joel Thorstensson is the founder and CTO of 3Box and the primary author of the ceramic protocol as well as several Ethereum standards for identity and will provide a conceptual and technical intro to Ceramic. At the root of many of the internet’s problems is that apps and services today are built primarily in silos. This includes identity registries and credentials, user data and access permissions, infrastructure, and services. It not only puts control over data and identities in the wrong hands, but it’s a fundamentally outdated and inefficient model for building digital products. Ceramic unlocks information interoperability between all platforms and services across the web, allowing participants to create and resolve documents for any type of information without any centralized service. Ceramic uses DIDs (Decentralized Identifiers), IPLD (InterPlanetary Linked Data), signed messages, and blockchain anchoring to create a trusted and shared graph of verifiable documents. While flexible, these documents are especially well-suited for self-sovereign identity systems, user-centric data ecosystems, and open web services.

Oasis Open

#OData JSON Format, OData Common Schema Definition Language (CSDL) JSON Representation, and OData Common Schema Definition Language (CSDL) XML Representation OASIS Standards now published

Tuesday, 19. May 2020

OpenID

Second Implementer’s Draft of OpenID Connect for Identity Assurance Specification Approved

The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft: OpenID Connect for Identity Assurance 1.0 An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the second Implementer’s Draft of this specification. This specification is a product of the […]

The OpenID Foundation membership has approved the following specification as an OpenID Implementer’s Draft:

OpenID Connect for Identity Assurance 1.0

An Implementer’s Draft is a stable version of a specification providing intellectual property protections to implementers of the specification. This is the second Implementer’s Draft of this specification. This specification is a product of the eKYC and Identity Assurance Working group.

The Implementer’s Draft is available at:

https://openid.net/specs/openid-connect-4-identity-assurance-1_0-ID2.html

The voting results were:

Approve – 54 votes Object – 3 votes Abstain – 4 votes

Total votes: 61 (out of 237 members = 26% > 20% quorum requirement)

— Michael B. Jones – OpenID Foundation Board Secretary

The post Second Implementer’s Draft of OpenID Connect for Identity Assurance Specification Approved first appeared on OpenID.


eSSIF-Lab

Q&A session on Infrastructure-oriented Open Call

eSSIF-Lab is organising a Q&A session about its Infrastructure-orientd open call to help potential applicants craft an effective proposal and to help them solve their doubts and questions about the application proccess.

When:

On Thursday, 28th of May at 11:00 am (CEST), we will be answering all your questions about the application process, the programme, framework and the value of the eSSIF-Lab’s Infrastructure – oriented Open Call in this live chat session that will take place in NGI Online Community.

Where? 

The Q&A session is online, free and open to all interested people.

REGISTER NOW!

 

The Infrastructure-Oriented Open Call, which was launched on 1st of March, targets the development and testing of open source Self-Sovereign Identity components for eSSIF-Lab Framework which fall within the SSI concept (i.e. technologies which allow individuals to control their electronic identities and guard their privacy).

The next deadline to apply for the Open Call is on 29th of June 2020 and selected projects will get funding up to 155,000 €.

 

Join the Q&A session and find out all you need!

Monday, 18. May 2020

Oasis Open

#KMIP Test Cases v2.1 and KMIP Usage Guide v2.1 Committee Notes published by KMIP TC


KMIP Specification v2.1 and KMIP Profiles v2.1 from #KMIP TC approved as Committee Specifications

Tuesday, 12. May 2020

Oasis Open

#OData JSON Format, OData Common Schema Definition Language (CSDL) JSON Representation, and OData Common Schema Definition Language (CSDL) XML Representation, all version 4.01, approved as OASIS Standards


SSI Meetup

The SSI Ecosystem in South Korea

https://ssimeetup.org/ssi-ecosystem-south-korea-jaehoon-shim-webinar-56/ Jaehoon Shim, a blockchain researcher at LG CNS and the founder of SSIMeetup Korea, will introduce the Self-Sovereign Identity (SSI) ecosystem of South Korea. South Korea became a hotbed of Self Sovereign Identity in the last couple of years. The number of government-funded projects, including the mobile credential for gover

https://ssimeetup.org/ssi-ecosystem-south-korea-jaehoon-shim-webinar-56/ Jaehoon Shim, a blockchain researcher at LG CNS and the founder of SSIMeetup Korea, will introduce the Self-Sovereign Identity (SSI) ecosystem of South Korea. South Korea became a hotbed of Self Sovereign Identity in the last couple of years. The number of government-funded projects, including the mobile credential for government officials, requires using DIDs (Decentralized Identifiers). Also, hundreds of enterprises joined public/private consortia on decentralized identity to empower the digital transformation of the South Korean society. Jaehoon will explain in detail the current ecosystem and discuss opportunities for the future.

Thursday, 07. May 2020

Oasis Open

Invitation to comment on Message Annotations for Response Routing Version 1.0 - ends June 6th


SSI Meetup

Introducing the SSI eIDAS Legal Report – Ignacio Alamillo

https://ssimeetup.org/introducing-ssi-eidas-legal-report-ignacio-alamillo-webinar-55/ The European Commission developed the SSI (Self-Sovereign Identity) eIDAS bridge, an ISA2 funded initiative, to promote eIDAS as a trust framework for the SSI ecosystem. It assists a VC (Verifiable Credential) issuer in the signing process, and helps the verifier to automate the identification of the organizatio

https://ssimeetup.org/introducing-ssi-eidas-legal-report-ignacio-alamillo-webinar-55/ The European Commission developed the SSI (Self-Sovereign Identity) eIDAS bridge, an ISA2 funded initiative, to promote eIDAS as a trust framework for the SSI ecosystem. It assists a VC (Verifiable Credential) issuer in the signing process, and helps the verifier to automate the identification of the organization behind the issuer’s DID (Decentralized Identifier). Simply by “crossing” the eIDAS Bridge, a Verifiable Credential can be proven trustworthy in the EU. Ignacio Alamillo will present at this SSI Meetup webinar the insights gained from this report. In the context of the eIDAS bridge project, we performed an analysis on how eIDAS can legally support digital identity and trustworthy DLT-based transactions in the Digital Single Market, and this is reflected in the SSI eIDAS legal report, available at this link. The objective of this report is to evaluate the potential legal issues that are important to an SSI solution and make some recommendations to be used as policy input for the eIDAS 2020 review. The report outlines short-term objectives, where changes in the Regulation would not be necessary, but also mid to long-term scenarios requiring major changes in the Regulation to comply with the SSI design principles. The different scenarios described in the report are aligned with the proposed architectural and procedural considerations designed in the SSI eIDAS Bridge project and the European Self Sovereign Identity Framework.

Tuesday, 05. May 2020

SSI Meetup

Learn about the Trust Over IP (ToIP) stack

https://ssimeetup.org/trust-over-ip-toip-stack-webinar-54/ At SSI Meetup you’ve been hearing about the Trust over IP (ToIP) stack (originally called the “SSI stack”) since last September 2019. In this webinar, three pioneers of this new architecture for Internet-scaled digital trust infrastructure will share exciting news about where ToIP is going. We can’t reveal the details yet—it is under emba

https://ssimeetup.org/trust-over-ip-toip-stack-webinar-54/ At SSI Meetup you’ve been hearing about the Trust over IP (ToIP) stack (originally called the “SSI stack”) since last September 2019. In this webinar, three pioneers of this new architecture for Internet-scaled digital trust infrastructure will share exciting news about where ToIP is going. We can’t reveal the details yet—it is under embargo until next Tuesday—but let’s just say you don’t want to miss it.

Trust over IP

Cross-Industry Coalition Advances Digital Trust Standards

Governments, nonprofits and private sectors across finance, health care, enterprise software and more team up with Linux Foundation to enhance universal security and privacy protocols for consumers and businesses in... The post Cross-Industry Coalition Advances Digital Trust Standards appeared first on Trust Over IP.
Governments, nonprofits and private sectors across finance, health care, enterprise software and more team up with Linux Foundation to enhance universal security and privacy protocols for consumers and businesses in the digital era

The ToIP Foundation is being developed with global, pan-industry support from leading organizations with sector-specific expertise. Founding Steering members include Accenture, BrightHive, Cloudocracy, Continuum Loop, CULedger, Dhiway, esatus, Evernym, Finicity, Futurewei Technologies, IBM Security, IdRamp, Lumedic, Mastercard, MITRE, the Province of British Columbia and SICPA. Contributing members include DIDx, GLEIF, The Human Colossus Foundation, iRespond, kiva.org, Marist College, Northern Block, R3, Secours.io, TNO and University of Arkansas.

Businesses today are struggling to protect and manage digital assets and data, especially in an increasingly complex enterprise environment that includes the Internet of Things (IoT), Edge Computing, Artificial Intelligence and much more. This is compounding the already low consumer confidence in the use of personal data and is slowing innovation on opportunities like digital identity and the adoption of new services that can support humanity.

Without a global standard for how to ensure digital trust, these trends are bound to continue. The ToIP Foundation will use digital identity models that leverage interoperable digital wallets and credentials and the new W3C Verifiable Credentials standard to address these challenges and enable consumers, businesses and governments to better manage risk, improve digital trust and protect all forms of identity online.

“The ToIP Foundation has the promise to provide the digital trust layer that was missing in the original design of the Internet and to trigger a new era of human possibility,” said Jim Zemlin, executive director at the Linux Foundation. “The combination of open standards and protocols, pan-industry collaboration and our neutral governance structure will support this new category of digital identity and verifiable data exchange.”

The Linux Foundation’s open governance model enables the ToIP Foundation to advance a combination of technology and governance standards for digital trust in a neutral forum that supports pan-industry collaboration. An open governance model that can be integrated into the development of the standards for digital trust is essential where the business, legal and social guidelines for technology adoption impacts human trust and behavior.

The ToIP Foundation will initially host four Working Groups. The Technical Stack Working Group and the Governance Stack Working Group will focus on building out and hardening the Technical and Governance halves of the ToIP stack, respectively. The Utility Foundry Working Group and the Ecosystem Foundry Working Group will serve as communities of practice for projects that wish to collaborate on the development of ToIP utility networks or entire ToIP digital trust ecosystems.

The ToIP Foundation will host an all-digital launch event on May 7, 2020 at 9AM PDT that will feature a panel discussion, interoperability demonstration and live Q&A. Register now for the live event. A second event will be hosted for the APAC region.

For more information about the ToIP Foundation, please visit www.trustoverip.org

Steering Member Comments

Accenture

“The internet and digital technologies are a critical part of the way we engage with each other and with organizations. Accenture has a deep commitment to developing solutions to build trust, protect privacy and put control of an individual’s data squarely in their hands. The Trust over IP (ToIP) Foundation is bringing together a powerful mix of experts and doing it at the exact right time given the urgent need to encourage greater adoption and increase trust in data privacy and ownership,” said Christine Leong, managing director, global lead for Decentralized Identity & Biometrics at Accenture.

BrightHive

“Now, perhaps more than ever, networks of public and private sector organizations know the value that can be created by collaborating with one another around their combined data to create novel insights and better align their work. But they also want to collaborate in the most responsible way possible. The work of the Trust over IP Foundation will radically strengthen the infrastructure of responsible data sharing by establishing a global standard for digital trust—ensuring that the very way that data is exchanged and verified creates a much-needed layer of security, privacy and trust. BrightHive is excited by the promise of this standard, and proud to partner with the other members to help see it realized,” said Matt Gee, CEO, BrightHive.

Cloudocracy

“Trust is the foundational element of all relationships between government, organizations, and each of us as individuals. Trust at Internet-scale, serves our greater global community and is best accomplished by communities of trust ecosystems. The Trust Over IP Foundation is the next stage of enabling this journey globally. The paradigm-shifting model of decentralized, person-centric identity is likely one of the most important breakthroughs in data privacy, cyber security and unlocking business value in many years. Cloudocracy seeks to facilitate coalitions of government, supply-chains and individuals to embark on journeys to establish value-based trust ecosystems towards achieving highly secure and empowered private ecosystems and the public-private ‘Internet of Value.’ The global shift will go beyond enabling government and organizations to reduce costs, complexity and add value but will also help steer to a better compass heading in protecting individual data privacy, health and biometric information, while also reducing risks and economic impacts of cyber security data breaches,” said Will Groah, executive director, Cloudocracy.

Continuum Loop

“The leaders we work with know that trust on the Internet isn’t working. They want to start building deep trust with their customers and partners. Our clients are investing, as are we, in the Trust Over IP Foundation. We all want to make sure we are involved in building the digital trust layer that the Internet needs. The technology works – now it is about building business cases and governance,” said Darrell O’Donnell, president and CEO, Continuum Loop.

CULedger

“The credit union movement is based on the idea that trusted interactions between people connected by a common bond are the best interactions.  A self-sovereign, secure, trusted identity, like MemberPass, is essential in the world ahead, and CULedger is paving the way for credit unions and financial cooperatives worldwide to pioneer this important effort and bring this frictionless digital experience to more than 270 million credit union members.  The work developed out of the Trust over IP Foundation will be the cornerstone to facilitate these trusted interactions in the new digital age.  We are excited about the opportunity to be working with other leading organizations in support of this effort,” said John Ainsworth, president/CEO, CULedger.

Dhiway

“Dhiway is happy to join the Trust over IP (ToIP) Foundation as one of the founding members. Our strategic initiatives are designed to bring a higher degree of assurance to the exchange of data between peers, over the Internet and other digital networks. Our participation is aligned with our vision to make the world more transparent and trusted, using digital frameworks that can be universally referenced, understood and consumed.  We intend to contribute our knowledge and expertise to support the ToIP foundation in its mission to build an interoperable architecture for Internet-scale digital trust –  empowering a growing ecosystem of companies and communities to exercise control over their digital assets. It’s encouraging to see the open collaboration that has led to the formation of this Foundation, and we are humbled and thrilled to be a part of this pioneering effort,” said Satish Mohan, Founder & CTO, Dhiway.

esatus

“On our mission of enforcing information security, strong trust relationships are essential. We need them to be equally strong in the real world and online. The Trust over IP Foundation facilitates easy composition, ramp-up and maintenance of digital trust components. Conveying real-world trust online is ultimately possible at flexibility and scale. esatus enterprise solutions employ digital trust components already, making next-gen security and privacy available to its customers today. Being a founding member of the Trust over IP Foundation is a natural fit,” said Dr. André Kudra, CIO at esatus AG. 

Evernym

“Evernym believes the only way to truly solve the avalanche of trust problems on the Internet is with an open standard and open governance model that is as universal as the TCP/IP stack that created the Internet itself. We have helped build the architecture of the ToIP stack layer by layer for the past three years, including the W3C Verifiable Credentials and Decentralized Identifiers standards that are at the heart of this new model, because we believe it will unlock a new explosion of value for every person, business, community and government using digital communications. We are thrilled to help stand up the ToIP Foundation at the Linux Foundation and hope that it attracts every company and contributor who wants to build a strong and lasting trust layer for the Internet,” said Drummond Reed, chief trust officer at Evernym and co-editor of the W3C Decentralized Identifier (DID) specification.

Finicity

“The Internet has fueled incredible innovation over that past few decades. And yet it has been significantly handicapped due to a general lack of trust. As we solve the trust dilemma, we will see a rapid acceleration of innovations that will change the way we do business, connect with others and consume information and entertainment,” said Nick Thomas, president & chief scientist and innovation officer, Finicity. “Finicity looks forward to advancing digital trust standards through its participation in the Trust over IP (ToIP) Foundation.”

IBM

“In today’s digital economy, businesses and consumers need a way to be certain that data being exchanged has been sent by the rightful owner and that it will be accepted as truth by the intended recipient. Many privacy focused innovations are now being developed to solve this challenge, but there is no ‘recipe book’ for the exchange of trusted data across multiple vendor solutions,” said Dan Gisolfi, CTO, Decentralized Identity, IBM Security. “The new Trust over IP Foundation marks an evolutionary step which goes beyond standards, specs and code, with the goal of creating a community-driven playbook for establishing ‘ecosystems of trust.’ IBM believes that the next wave of innovation in identity access management will be for credential issuers and verifiers to partake in these ecosystems, where trusted relationships are built upon cryptographic proofs.”

IdRamp

“Formation of The ToIP Foundation will transform and improve how digital services operate. Traditional centralized identity systems are hinged to vast security vulnerabilities that are not sustainable in a growing digital economy. Centralized services for things like mufti-factor authentication or social login encumber user flow and unnecessarily expose sensitive information to third parties. Decentralized systems resolve these problems but struggle with interoperability and standards to accelerate mass adoption. The Trust Over IP Foundation will help formalize and simplify adoption of Trust as a basic digital utility for everyone. The TOIP stack provides the foundation for a new generation of digital identity services. These services will provide high security frictionless interaction that put the user in control of their personal data. Organizations will establish personal connections with employees and user communities that are immune to the vulnerabilities of centralized systems. Individuals will be able to connect with one another without exposing personal information to the mediators that regulate digital interactions today. This will help businesses move beyond complex identity security investments that erode the bottom line and slow innovation. Verifiable digital trust in a decentralized data economy will open a world of possibilities for all individuals and businesses. As a founding member of the ToIP foundation, IdRamp is committed to helping businesses build a new decentralized digital economy that will evolve organically from traditional centralized systems,” said Mike Vesey, CEO, IdRamp.

Lumedic

“As the first representative of the health care industry on the Steering Committee, Lumedic sees tremendous potential for the Trust over IP Foundation to contribute to health care interoperability,” said Chris Ingrao, chief operating officer of Lumedic. “In confronting the challenges raised by the COVID-19 pandemic, we’ve seen that modern technologies can make a powerful difference when paired with strong governance models. The TOIP stack ensures that the way we exchange trusted health care information meets industry needs at a global scale.”

Mastercard

“We are building a bridge to a world where a person’s identity can be verified immediately, safely and securely for use in the digital world – where now, more than ever, identity is essential for delivery of digital health, education and government services. This cannot be accomplished in isolation. We are collaborating and innovating with governments, technology companies, financial institutions and industry sectors to make this a reality. Our participation within the Trust over IP Foundation builds atop the groundwork we currently have in place to ensure industry standards to guarantee we all transact and interact in a secure, convenient and trusted manner,” said Charles Walton, senior vice president, Digital Identity, Mastercard.

MITRE

“Advances in digital technologies and the Internet have brought great convenience to our lives.  But they also present risk – the inability to verify with confidence the identity of those you are connected with leaves us vulnerable to cyberattacks, identity theft, human trafficking, and financial fraud,” said Jim Cook, vice president of Strategic Engagement and Partnerships at MITRE. “As a not-for-profit company working in the public interest with a mission to solve problems for a safer world, we at MITRE are committed to creating a digital world in which people can interact safely and with confidence.  We applaud the Linux Foundation initiative to launch the Trust over IP Foundation, and we are honored to be a founding member.  We believe real innovation is made possible through open partnership, collaboration and cooperation, and we look forward to contributing to a safer internet through the Trust over IP Stack project.”

The Province of British Columbia

“The Province of British Columbia sees our collective potential to enable global-scale digital trust. The Trust over IP Foundation will be a significant leap forward in establishing a standards-based way for individuals and businesses around the world to interact and transact in safe and secure ways over the Internet,” said Dave Nikolejsin, Deputy Minister of Energy, Mines and Petroleum Resources and Chair of the Board of Digital Identity and Authentication Council of Canada. “From our perspective, this work augments our foundational regulatory role in the economy. In the natural resources sector, we see the potential to empower companies to have a new digitally trusted means to demonstrate due diligence on environmental and social impacts of projects as they work with Indigenous peoples and government. The Province of British Columbia is a founding member of the Trust over IP Foundation to help promote this new era of trusted digital services that everyone can rely on.”

SICPA

“For over 90 years, SICPA has partnered with governments, companies and organizations worldwide, to enable trust in banknotes, identities, products and brands. Our customers’ physical and digital lives are increasingly entwined, at work and at home, and our mission is to help shape trusted digital interactions by collaborating in enabling initiatives like the Trust over IP Foundation.  Building trust at a distance and at scale is a global challenge that will form the keystone in delivering the ultimate promise of an interconnected world: to respect the rights, privacy and security of everyone online and offline,” said Kalin Nicolov, Head of Digital Currency, SICPA.

 

Contributing Member Comments

DIDx

“The Internet lacks a digital trust layer that is not centrally controlled and managed. It is more important than ever to take control of our digital identities and data. The ToIP stack provides full control of digital identities and enables secure, privacy-preserving trust channels with verifiable data exchange. The digital trust layer of the internet. DIDx (a South African based startup) is excited to contribute and build interoperable trust ecosystems across Africa using the ToIP stack and are pleased to join the establishment of the ToIP Foundation together with the Linux Foundation,” said Lohan Spies, CEO DIDx.

GLEIF

“Trust is paramount within today’s digital world and we shouldn’t be afraid to challenge existing online processes for the greater good. The Trust over IP Foundation provides a neutral environment for these important conversations and will facilitate industry collaboration to create a global standard which businesses and consumers can trust. This aligns closely with GLEIF’s work to date as a not-for-profit organization which enables smarter, less costly and more reliable decisions about who to do business with. Our Global LEI System solves the problem of trust for legal entities worldwide, and we look forward to applying our expertise alongside many leading organizations within the foundation,” said Stephan Wolf, CEO, Global Legal Entity Identifier Foundation (GLEIF).

kiva.org

“As internet connectivity and digital services reach the world’s most vulnerable populations, it is paramount that we implement standardized, interoperable systems,” said Matthew Davie, chief strategy officer at Kiva. “The Trust over IP Foundation provides a framework to bring trust to this emerging segment of the digital economy and does so in a way that is consumer-centric and privacy-centric by design.”

The Human Colossus Foundation

“The synergistic domains of trusted identity and immutable semantics are required for organizations to integrate into a new decentralized data economy. The Human Colossus Foundation mission to implement decentralized semantics is aligned with the Trust over IP Foundation. We are proud to contribute to the collaborative projects and initiatives being launched,” said Paul Knowles, Head of the Advisory Board at The Human Colossus Foundation.

iRespond

“Trust is the foundation of every ecosystem, and governance is critical to build trust.  The creation of the ToIP foundation is a critical step toward both trust and governance, built on inclusion, transparency and open standards. We expect ToIP to be part of the essential glue that binds decentralized networks and identity.  The disadvantaged beneficiaries we serve will likely gain from this critical step to address challenges of guardianship and disruption of traditional barriers to establishing identity,” said Scott Reid, CEO, iRespond.

Marist College

“Marist College has long been on the cutting edge of technology innovation. We are excited to be a founding member of this effort to address digital trust and decentralized identity management at a time when internet transactions are a vital part of higher education and our growing digital economy,” said Michael Caputo, MS, vice president for Information Technology/CIO, Marist College.

Northern Block

“Northern Block is committed to empowering the mass adoption of digital verifiable credentials, which we believe won’t be possible without robust and common standards. The launch of the ToIP Foundation is the beginning of a new chapter for any organization who has been working diligently to enhance trust in life’s experiences. We look forward to supporting increasing participation in trusted ecosystems and burgeoning innovation in consumer experiences through digital trust,” said Mathieu Glaude, CEO at Northern Block.

R3

“R3 remains committed to supporting the development of secure, trusted and privacy preserving digital identity ecosystems and our participation in the Trust over IP Foundation is a reflection of that commitment. Our customers across industries including banking, insurance health care and telecommunications all agree that identity cannot be solved in isolation. With the industry coming together under the Trust Over IP Foundation we can work on the standards that will enable interoperability and unlock new opportunities for all. Our Corda platform is designed to enable private transactions, and by incorporating the work of the ToIP Foundation, we can develop solutions uniquely suitable for self-sovereignty in the digital world,” said Abbas Ali, Head of Digital Identity at R3.

Secours.io

“Our past inability to deal with privacy has cost human lives, because it limits innovation that can save lives. Trust over IP gives government the verification and governance it needs, and the public gets the trust it needs now allowing innovation to save lives,” said Sgt. J. Stirling Ret., Ontario Provincial Police, Provincial SAR Coordinator.

TNO

“TNO has deep involvement in the standardization and ecosystems of self-sovereign identity, including W3C, DIF, Hyperledger, Sovrin, RWoT and IIW. Our national and international partners and customers are looking for full-stack Trust-over-IP solutions. The ToIP approach is unique, as it includes the complexities of the top ‘business’ parts of the Trust-over-IP stack, as well as the governance of all layers. We believe that ToIP provides an excellent ground to contribute and further develop this knowledge base and apply it to many projects in ‘admintech’ and other industry sectors where trust in the provenance of data is essential,” said Dr. Oskar van Deventer, senior scientist Self-Sovereign Identity, TNO.

University of Arkansas

“The Internet was built in the 1970s and 1980s to allow machine-to-machine transfer of information, but it was missing the trust layer that identifies the people, organizations, or objects running those machines. The Trust over IP (ToIP) Foundation is building the technical and governance standards to provide that missing layer, which will enable trusted, secure, peer-to-peer transfers of value.  Voices from industry, governments and academia are needed to realize the vision. As an academic partner, the Blockchain Center of Excellence at the University of Arkansas is pleased to join this effort to develop open standards for a trust layer over the Internet,” said Mary Lacity, Walton Professor and Director of the Blockchain Center of Excellence at the University of Arkansas.

About the Linux Foundation

Founded in 2000, the Linux Foundation is supported by more than 1,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, and more.  The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

###

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

 

Media Contacts
Beth Handoll
ReTHINKitMedia
beth@rethinkitmedia.com
+1 415 535 8658

The post Cross-Industry Coalition Advances Digital Trust Standards appeared first on Trust Over IP.

Friday, 01. May 2020

Kantara Initiative

Slandala approved by Kantara Initiative as assessor for digital identity frameworks’ NIST compliance

IT consultancy The Slandala Company has been approved by the Kantara Initiative as a Kantara accredited assessor, meaning it can perform assessments of digital identity frameworks for compliance to National Institute of Science and Technology (NIST) guidelines for identity.

IT consultancy The Slandala Company has been approved by the Kantara Initiative as a Kantara accredited assessor, meaning it can perform assessments of digital identity frameworks for compliance to National Institute of Science and Technology (NIST) guidelines for identity.

Wednesday, 29. April 2020

Kantara Initiative

NEWS Slandala Achieves Kantara Digital Identity Accreditation as Assessor

Kantara Initiative, the industry organisation focused on 3rd party assessed digital identity assurance frameworks, has announced that The Slandala Company, a Washington, DC-based IT consultancy, was approved to perform Kantara Assessments worldwide as a Kantara accredited assessor.

Kantara Initiative, the industry organisation focused on 3rd party assessed digital identity assurance frameworks, has announced that The Slandala Company, a Washington, DC-based IT consultancy, was approved to perform Kantara Assessments worldwide as a Kantara accredited assessor.


MyData

Press release: MyData takes an important step towards open personal data ecosystems

MyData Global 29 April 2020 Helsinki, Finland Press release: MyData takes an important step towards open personal data ecosystems Today, MyData Global nonprofit, published its paper Understanding MyData Operators as a foundation for a roadmap towards a human-centric personal data infrastructure. In a collaborative effort of 34 experts and supported by 48 personal data operators... Read More
MyData Global 29 April 2020 Helsinki, Finland Press release: MyData takes an important step towards open personal data ecosystems Today, MyData Global nonprofit, published its paper Understanding MyData Operators as a foundation for a roadmap towards a human-centric personal data infrastructure. In a collaborative effort of 34 experts and supported by 48 personal data operators... Read More

OpenID

Collaboration at the Core: The OpenID Foundation and the UK Open Banking Implementation Entity Host Conformance and Certification Workshop

The OpenID Foundation (OIDF) and our development partner, the UK Open Banking Implementation Entity (OBIE), recently hosted a workshop focused on Financial-grade API (FAPI) conformance and certification. It was a deep dive into the technical interface of our open, global standard with the OBIE’s functional UK standard. Our success metrics: over 125 active participants, a […] The post Collaborati

The OpenID Foundation (OIDF) and our development partner, the UK Open Banking Implementation Entity (OBIE), recently hosted a workshop focused on Financial-grade API (FAPI) conformance and certification. It was a deep dive into the technical interface of our open, global standard with the OBIE’s functional UK standard.

Our success metrics: over 125 active participants, a high level of engagement, little audience drop-off and high quality of feedback throughout the workshop. Participants were primarily standard-based developers from ASPSPs, TPPs and vendors (TSPs) supporting the UK OBIE Standard as well as technology experts from a range of international venues.

The workshop updated participants on the latest developments in both the OIDF FAPI profile and the OBIE Standard:

Demonstrated the respective conformance tools and the benefits of certification Provided participants with help and support in using these tools Encouraged a greater number of certifications Ultimately to help grow the open banking ecosystem, enhancing security and benefits for participants and end customers

OpenID Foundation Chairman, Nat Sakimura, presented a detailed overview of the Foundation history and its contribution to the global identity community. Nat also presented the current status of the FAPI profile and concluded with a call to action for participants to consider joining the Foundation and getting involved in the important work in the FAPI working group as well as other working groups including eKYC-IDA and MODRNA.

Chairman Sakimura then handed off to Daniel Fett with OIDF member yes.com, an active contributor to the FAPI and informal liaison to the HEART working group. Daniel’s presentation on FAPI 2.0 highlighted the profile’s security / defense-in-depth, on-the-wire protocol interoperability, and features for complex and concurrent consents. Daniel concluded with an update on CIBA and future planned updates.

Joseph Hennan, a leader on the OIDF Certification team, presented an update on FAPI conformance testing and certification. Joseph followed his presentation by providing a demo of the OIDF conformance test suite with a focus on FAPI conformance and certification. Joseph demo included the updated RP tests while addressing questions about app-app tests.

Chris Michael, CTO of OBIE, lead discussions with Freddi Gyara providing a comprehensive overview of the OBIE Read/Write API that was followed by Julian Coombs and Glyn Jackson providing a demonstration of the OBIE conformance tool.

Together with Chris Michael, we called on participants to action to join the Foundation, get involved in working groups and ensuring their implementations of FAPI are conforming and certified.

The workshop can be viewed in its entirety here. Content from this workshop as well as other similar workshops being planned with other OIDF liaison partners will continue to contribute to the ongoing development of the Foundation’s FAPI microsite focused on global open banking initiatives and providing resources for fintech developers implementing the FAPI profile. Launched in December 2019, the microsite was an investment by the Foundation to provide global open banking developers a one-stop-shop of educational resources free of charge to anyone at any time for how OAuth, OpenID and FAPI specifications work together.

Please be on the lookout for more OpenID Foundation workshops in partnership with liaison partners, like the Financial Data Exchange to be shared on the OIDF website in the coming weeks.

 

Don Thibeau
OpenID Foundation Executive Director

The post Collaboration at the Core: The OpenID Foundation and the UK Open Banking Implementation Entity Host Conformance and Certification Workshop first appeared on OpenID.

Tuesday, 28. April 2020

Kantara Initiative

Slandala Becomes Accredited Kantara Initiative Assessor

The Slandala Company has officially become an accredited Kantara Initiative assessor. The Kantara Initiative offers independent technology assessments to companies that need to comply with the strict identity guidelines established by the National Institute of Standards and Technology (NIST).

The Slandala Company has officially become an accredited Kantara Initiative assessor. The Kantara Initiative offers independent technology assessments to companies that need to comply with the strict identity guidelines established by the National Institute of Standards and Technology (NIST).


ID2020

ID2020 Announces Kim Gagné As New Board Chair

ID2020 Announces Kim Gagné as New Board Chair The ID2020 Alliance announced today that Kim Gagné has been elected to serve a four-year term as chair of its board of directors. Based in London, Mr. Gagné is a Senior Counselor with the advisory and advocacy communications consultancy APCO Worldwide. He also serves as Executive Director of the European Cloud Alliance, a business coalition focu
ID2020 Announces Kim Gagné as New Board Chair The ID2020 Alliance announced today that Kim Gagné has been elected to serve a four-year term as chair of its board of directors.

Based in London, Mr. Gagné is a Senior Counselor with the advisory and advocacy communications consultancy APCO Worldwide. He also serves as Executive Director of the European Cloud Alliance, a business coalition focused on policy issues related to cloud computing.

With his election, Gagné replaced The Honorable Gary Conille, former Prime Minister of Haiti, who currently serves as the United Nations Resident Coordinator in Burundi.

“Kim understands that technology, when ethically applied, can be transformative. It can enhance access to vital public services, enable people to exercise their rights as citizens and voters, and participate in the modern economy,” said ID2020 Executive Director, Dakota Gruener. “During these uncertain times, we look forward to Kim’s thoughtful leadership as we navigate our response to the COVID-19 pandemic and determine our strategic direction for the future.”

Mr. Gagné brings extensive experience in communications, government relations, diplomacy, and law to his new role with ID2020.

Prior to joining APCO in 2016, Gagné was a member of the Microsoft Corporate, External and Legal Affairs group and held a variety of senior policy and management positions throughout Europe, the Middle East, Africa, and Asia. From 1995–2004, he also served as a Foreign Service Officer with the U.S. Department of State, with postings in Haiti, Saudi Arabia and the U.S. Mission to the European Union. Before entering government service, Mr. Gagné was a partner at a Washington, D.C. law firm where he specialized in white collar criminal defense and complex civil litigation.

“Digital identity has the potential to transform the lives of more than one billion people around the world, providing access to critical political, social, and economic opportunities. I am excited to join the ID2020 Alliance as the organization champions the development of ethical, privacy-protecting digital identity solutions,” said Gagné. “I am especially keen to support the organization as it establishes new collaborations with governments, technology companies, and civil society organizations to facilitate the return of individuals to the workplace and public life in the wake of the global pandemic.”

Mr. Gagné holds a B.A. and a J.D. from Duke University and a M.A. from Middlebury College.

ID2020 Announces Kim Gagné As New Board Chair was originally published in ID2020 on Medium, where people are continuing the conversation by highlighting and responding to this story.


Kantara Initiative

Slandala Achieves Kantara Digital Identity Accreditation As Assessor

Slandala Qualified To Perform Independent, External NIST-related Compliance Audits WAKEFIELD, Mass., USA – April 28, 2020 — Kantara Initiative, the only industry organization focused on 3rd party assessed digital identity assurance frameworks, announced today that The Slandala Company, a Washington, DC-based IT consultancy, was approved to perform Kantara Assessments worldwide as a Kantara accredit

Slandala Qualified To Perform Independent, External NIST-related Compliance Audits

WAKEFIELD, Mass., USA – April 28, 2020 — Kantara Initiative, the only industry organization focused on 3rd party assessed digital identity assurance frameworks, announced today that The Slandala Company, a Washington, DC-based IT consultancy, was approved to perform Kantara Assessments worldwide as a Kantara accredited assessor.

Kantara is the only organization that provides third party assessment against the primary National Institute of Standards and Technology guidelines for identity.  US Government agencies are required to follow NIST guidelines.  An independent, external assessment is the best method to demonstrate NIST compliance, particularly for procurement.

“Slandala’s primary efforts have been US Government identity, credential and access management; typically with the assessment, compliance and operations of identity management systems,” said James Jung, owner, The Slandala Company.  “Kantara assessor accreditation is important to us because clients are considering Kantara approval to earn the Trust Mark.  They want to use the Kantara Trust Framework to extend their services to a wider variety of applications and users.”

As an accredited assessor, Slandala is one of a few companies capable of performing the critical role of assessing a company’s digital service or solution against a rigorous Class of Approval to earn a Trust Mark.  The Trust Mark is evidence of conformance to a set of accepted industry standards.  Kantara’s Trust Framework currently has three Classes of Approval.

Kantara was  authorized as a US Government Trust Framework Provider in 2011 and works with governments and standards bodies internationally to align its Trust Mark program for multi-jurisdictional adoption.

About Kantara Assessors Accreditation

A Kantara accredited assessor is an entity that has demonstrated to the Kantara Assurance Review Board that it meets the required knowledge and skill qualifications set by Kantara’s Identity Assurance Framework (IAF) with its Accredited Assessor and Approved Service Provider Services.  For more information or to apply, please visit Assessor Accreditation.

About Kantara Assessors Accreditation

The Kantara Initiative is the leading global consortium improving trustworthy use of identity and personal data through innovation, standardization and good practice. Kantara provides real-world innovation through its development of specifications, applied R&D and conformity assessment programs for the digital identity and personal data ecosystems. More information is available at https://kantarainitiative.org/.

Follow Kantara Initiative on Twitter — @KantaraNews

Monday, 27. April 2020

Oasis Open

Call for Consent for 3 OData specifications as OASIS Standards

Friday, 24. April 2020

Oasis Open

Invitation to comment on Repeatable Requests Version 1.0 - ends May 24th


OData Version 4.01 approved as an OASIS Standard

Tuesday, 21. April 2020

Oasis Open

LegalRuleML Core Specification v1.0 from the OASIS LegalRuleML TC approved as Committee Specification 02


OASIS Enhances Commitment to Open Source and Standards by Appointing Guy Martin as Executive Director


ID2020

Immunity Certificates: If We Must Have Them, We Must Do It Right

In a white paper, published today by the Harvard University Edmond J. Safra Center for Ethics, ID2020 Executive Director Dakota Gruener urged policy makers, technology providers, and civil society organizations to collaborate to ensure that digital health credentials or “immunity certificates”, if implemented, are intentionally designed to protect privacy and civil liberties. Over the past couple

In a white paper, published today by the Harvard University Edmond J. Safra Center for Ethics, ID2020 Executive Director Dakota Gruener urged policy makers, technology providers, and civil society organizations to collaborate to ensure that digital health credentials or “immunity certificates”, if implemented, are intentionally designed to protect privacy and civil liberties.

Over the past couple weeks, public health officials and policy makers have begun making the case for digital health credentials or “immunity certificates”. If implemented in conjunction with large-scale testing (for the COVID-19 virus and antibodies), immunity certificates could facilitate an incremental and orderly return to economic and social activities. While this presents a compelling opportunity, and one which may be worth considering, such a system cannot be allowed to compromise personal privacy rights, promote exclusion, or exacerbate existing social inequities.

“We all share an obligation to protect public health. But doing so should not mean giving up our right to privacy,” noted Gruener. “Proven technologies, grounded in a respect for equity and human rights, can be redeployed to help protect society from a resurgence of the disease and put control of personal health information in the hands of the individual. But this approach must be pursued cautiously, with a full acknowledgement of the risks, and detailed plans to mitigate them.”

Immunity certificates would enable workplaces, schools, medical facilities, airlines, and other public or private venues to identify those who have tested positive for the antibody (OR who have recently tested negative for the virus) through a verified credential issued by a medical provider (or certified testing center) and carried on a mobile phone. Because the credential is stored on the phone, rather than in a centralized database, it is vastly more secure and would enable the user to share it when, and with whom, they choose.

At this point, testing continues to lag far behind what would be needed to properly implement immunity certificates. But, with sufficient public investment and political will, the necessary level of testing could be achieved in the weeks and months ahead. Scaling access to serological testing will also help firm up our understanding of the virus, including the presence and duration of immunity and the potential for re-infection. At this time, these remain open questions.

The white paper is intended to further the public discourse about immunity certificates and ensure that such systems are developed consistent with the principles outlined in the ID2020 Manifesto for digital ID (developed in 2018 in partnership with the UN High Commissioner for Refugees). The Technical Requirements that underlie the ID2020 Certification also provide a valuable roadmap to assist technology providers and governments in the development of ethical, inclusive digital identity solutions, including digital health credentials.

Widespread social distancing orders have proven an effective strategy for containing the spread of the virus. But these strategies are not without significant economic, social, and psychological consequences. The time is now to begin planning for the next phase of the COVID-19 response and recovery. “If we need to do immunity certificates”, said Gruener, “let’s make sure we do them right.”

Immunity Certificates: If We Must Have Them, We Must Do It Right was originally published in ID2020 on Medium, where people are continuing the conversation by highlighting and responding to this story.

Friday, 17. April 2020

ID2020

Advanced Technologies, Cultural Diversity and Operational Constraints: the Need for Pilots

Authentication Process. Photo: Everest Hilman Palaon of TNP2K (Indonesia) along with Cornelius Saunders and Devina Srivastava of ID2020, present evidence around the importance of pilots to effectively launching large-scale programs. Palaon, Saunders and Srivastava use their experience with the LPG Subsidy Digital ID Pilot in Indonesia led by TNP2K, ID2020 and Everest, as a case study, to disc
Authentication Process. Photo: Everest Hilman Palaon of TNP2K (Indonesia) along with Cornelius Saunders and Devina Srivastava of ID2020, present evidence around the importance of pilots to effectively launching large-scale programs.

Palaon, Saunders and Srivastava use their experience with the LPG Subsidy Digital ID Pilot in Indonesia led by TNP2K, ID2020 and Everest, as a case study, to discuss some technological, cultural and operational insights gained through carefully monitored and evaluated pilots.

View the article here.

LPG Gas Subsidy Beneficiary. Photo: Everest

Advanced Technologies, Cultural Diversity and Operational Constraints: the Need for Pilots was originally published in ID2020 on Medium, where people are continuing the conversation by highlighting and responding to this story.

Thursday, 16. April 2020

eSSIF-Lab

Know more about eSSIF-Lab Framework!

Are you applying to any of the eSSIF-Lab’s Open Calls? Would you like to know more about the eSSIF-Lab Framework you will be contributing to build? Tune in to our 3rd webinar on the eSSIF-Lab’s vision and SSI Framework.

When:

On Tuesday, 21st of April 11:30 pm CEST, we will be answering all your questions about the project, functional architecture for its SSI Framework and programme and values e of the eSSIF-Lab’s Open Calls, live on air.

Where? 

The webinar is free and open to all interested people.

REGISTER NOW!

More info on the Open Calls:

Infrastructure-Oriented Open Call

This call targets open source technical enhancements and extensions for eSSIF-Lab Framework which fall within the SSI concept (i.e. technologies which allow individuals to control their electronic identities and guard their privacy).

Deadline: 29th of June 2020 at 13:00 (CEST)
Funding: up to 155,000 €

First Business-oriented Open Call

Solutions proposed for this open call should be business solutions that make it easy for organizations to deploy and/or use SSI and must fall within the SSI concept (i.e., technologies which allow individuals to control their electronic identities and guard their privacy).

Deadline: 30th of April 2020 at 13:00 (CEST)
Funding: up to 106,000 € (for those best in class).

 

Join the webinar and find out all you need!

Thursday, 09. April 2020

Oasis Open

Call for Consent for #OData Version 4.01 as an OASIS Standard

Wednesday, 08. April 2020

Oasis Open

Static Analysis Results Interchange Format (#SARIF) Version 2.1.0 OASIS Standard published

Monday, 06. April 2020

Schema

COVID-19 schema for CDC hospital reporting

The COVID-19 pandemic requires various medical and government authorities to aggregate data about available resources from a wide range of medical facilities. Clearly standard schemas for this structured data can be very useful. The Centers for Disease Control (CDC) in the U.S. defined a set of data fields to facilitate exchange of this data. We are introducing a Schema.org represe
The COVID-19 pandemic requires various medical and government authorities to aggregate data about available resources from a wide range of medical facilities. Clearly standard schemas for this structured data can be very useful.

The Centers for Disease Control (CDC) in the U.S. defined a set of data fields to facilitate exchange of this data. We are introducing a Schema.org representation of these data fields. 

The purpose of this schema definition is to provide a standards-based representation that can be used to encode and exchange records that correspond to the CDC format, with usage within the U.S. primarily in mind. While the existence of this schema may provide additional implementation options for those working with US hospital reporting data about COVID-19, please refer to the CDC and other appropriate bodies for authoritative guidance on the latest reporting workflows and data formats.

Depending upon context, any of the formats and standards that work with Schema.org may be applicable for encoding this data, including the Microdata, RDFa and JSON-LD data formats, as well as related technologies such as W3C SPARQL for data query. JSON-LD is in most cases likely to be the most appropriate format. There is no assumption that data encoded using this schema should necessarily be published on the public Web, nor that it would be used by search engines.

We will continue to improve this vocabulary in the light of feedback, and welcome suggestions for improvements and additions particularly from US healthcare organizations who are using it. This CDC-based vocabulary follows other recent changes we have made to Schema.org. For details of recent changes see our release notes and our previous post announcing the SpecialAnnouncement markup, which is now supported at both Bing (blog, docs) and Google (blog, docs). As the global response to COVID-19 evolves we will do our best to improve schema.org's vocabularies to represent the changes that Coronavirus is bringing to society, and to assist those using structured data to help with the response.



MyData

An approach for fighting COVID-19 and beyond: MyData

  [Join us on MyData vs COVID-19 calls every Wednesday 15:00-16:00 CEST. For details, join mydata.org/slack #coronadata channel.] The whole world is looking for ways to curb and combat COVID-19: vaccines are being developed, medications are being tested and personal data-based applications to track and isolate the suspected cases are being built. The digital solutions introduced... Read
  [Join us on MyData vs COVID-19 calls every Wednesday 15:00-16:00 CEST. For details, join mydata.org/slack #coronadata channel.] The whole world is looking for ways to curb and combat COVID-19: vaccines are being developed, medications are being tested and personal data-based applications to track and isolate the suspected cases are being built. The digital solutions introduced... Read More

Friday, 03. April 2020

eSSIF-Lab

Join the eSSIF-Lab’s webinar on its current Open Calls!

Have questions about our Open Calls? Want tips for crafting an effective proposal? Tune in to our webinar on the eSSIF-Lab’s current Open Calls.

When:
On Tuesday, 7th of April 12:00 pm CEST, we will be answering all your questions about the application process, the programme and the value of the eSSIF-Lab’s Open Calls, live on air.

Where? 

The webinar is free and open to all interested people.

REGISTER NOW!

More info on the Open Calls:

Infrastructure-Oriented Open Call

This call targets open source technical enhancements and extensions for eSSIF-Lab Framework which fall within the SSI concept (i.e. technologies which allow individuals to control their electronic identities and guard their privacy).

Deadline: 30th of June 2021 at 13:00 (CEST)
Funding: up to 155,000 €

First Business-oriented Open Call

Solutions proposed for this open call should be business solutions that make it easy for organizations to deploy and/or use SSI and must fall within the SSI concept (i.e., technologies which allow individuals to control their electronic identities and guard their privacy).

Deadline: 30th of April 2020 at 13:00 (CEST)
Funding: up to 106,000 € (for those best in class).

 

Join the webinar and find out all you need!

Wednesday, 01. April 2020

Oasis Open

60-day Public Review for four PKCS #11 Candidate OASIS Standards - ends May 31st

Tuesday, 31. March 2020

SSI Meetup

eSSIF-Lab: creating & funding an interoperable SSI infrastructure in Europe

https://ssimeetup.org/essif-lab-creating-funding-interoperable-ssi-infrastructure-europe-webinar-52/ Attend this webinar to learn about the eSSIF-Lab (EU H2020) project with Oskar van Deventer and Rieks Joosten from TNO in the Netherlands. WHY: the eSSIF-Lab vision, objectives, and intended benefits; WHAT: its (initial) functional architecture/components; HOW: ways in which you may contribute (a

https://ssimeetup.org/essif-lab-creating-funding-interoperable-ssi-infrastructure-europe-webinar-52/ Attend this webinar to learn about the eSSIF-Lab (EU H2020) project with Oskar van Deventer and Rieks Joosten from TNO in the Netherlands. WHY: the eSSIF-Lab vision, objectives, and intended benefits; WHAT: its (initial) functional architecture/components; HOW: ways in which you may contribute (and possibly get funded for that). eSSIF-Lab is an EU H2020 project whose purpose is to fundamentally improve real-life transactions via the Internet, by focusing on next-generation mental models for such next generation transactions, and using SSI technologies and implementations to realize them. Today, conducting an online business transaction consist of an individual that fills in an online form, which is subsequently processed (data is validated, and a commitment decision is made). Filling in and validating forms can be quite tedious, frustrating, time consuming and costly. Digitally inexperienced people are known to give up on requesting (social) benefits they are entitled to, enlarging the digital divide. But even people with an academic background and years of IT experience find this difficult. In the SSI-enabled world as eSSIF-Lab sees it, an SSI IT infrastructure can help to find, provide and validate the needed data electronically. This makes filling and processing forms much easier (people no longer have to understand forms, upload pdfs, etc.), much faster (people no longer have to go places to get paperwork) much cheaper (saving tens of billions of euro’s – or even more – on verification/validation costs and IT-links). The current wealth of SSI-related products, technologies and standards is insufficient for realizing this vision, because it generally lacks interoperability and scalability, and does not address the process- and business levels. eSSIF-Lab calls for a scalable and interoperable technological infrastructure that is very easy to use by and integrate with (the IT, the processes and the business/policies of) arbitrary organizations and individuals to request, obtain, store and issue data objects whose meaning (semantics), origin (provenance) and integrity can be proved (verified) – which is basically what SSI is all about. The main task of the eSSIF-Lab consortium is to coordinate between and fund projects of SME’s/startups (from EU/EEA countries) that contribute to the realization of this vision, in terms of technology and/or associated business propositions, and that will work together so as to benefit from each other’s contributions.

Monday, 30. March 2020

Oasis Open

Static Analysis Results Interchange Format (SARIF) V2.1.0 is approved as an OASIS Standard

Friday, 27. March 2020

Kantara Initiative

Spotlight on Kuma – Accredited Assessor

 1. In which sector(s) and country(ies) do you operate? Kuma engages customers across the globe in markets including banking, mobile network operators, Health IT providers and government organizations just to state a few examples.  Our Privacy business heavily focuses on advisory services and assessment, we offer hands on Cyber Security expertise and our Digital […]

1. In which sector(s) and country(ies) do you operate?

Kuma engages customers across the globe in markets including banking, mobile network operators, Health IT providers and government organizations just to state a few examples.  Our Privacy business heavily focuses on advisory services and assessment, we offer hands on Cyber Security expertise and our Digital Identity line focuses on advisory services, market development and go-to-market strategies.

 

2. What is your current market focus and what needs and areas of concern does your service/product address?

There are 3 areas currently showing great interest from our customers including (1) our proven ability to help large organizations stand up “virtual Chief Privacy Officers” and Privacy Offices as they bring privacy engineering and best practices into their executive management structure.  (2)  Assessments are on the rise including Kantara, security and privacy related topics.  Finally, (3) we are enjoying a growing interest in the ability to support the introduction of next generation identity solution to market by players across segments.

3. In what ways does your service/product push beyond the state-of- the- art?

In many ways, the market is still reaching to achieve the promise of high assurance identity online.  Our leadership team have unmatched experience with the policies, early market solutions and have heard the voice of the market firsthand specific to the challenges to be overcome.  Our ability to blend security, privacy and identity into one comprehensive offering has been well received within the industry. We are a highly networked, respected, motivated and high-performing team that is primed to ensure you can achieve your goals as they relate to Privacy, Security and Digital Identity.

4. Where do you see the market trending in the mid/long term and how do you see your product/service playing into it?

The market continues offering identity services from 3 main areas including banking institutions, Mobile Network Operators and finally Government Agencies.   Kuma leaders have enjoyed long-term engagements, positions of leadership and in some cases led the development of specific solutions that will lead the market.  It is for these reasons that our team is uniquely positioned to advise and prepare any organization for long-term success.  Getting identity right is about asking the correct questions, evaluating the visionary value of the options and making sure there is more than 1 path to success.  Kuma has the firsthand experience to position any organization for success.

5. Why were you motivated to join Kantara Initiative and how do you see it helping your organization specifically, and the digital economy as a whole?

We were motivated to join very early for one for one simple reason…  “We believe whole heartedly in the framework and believe in a future in which identity federation is a reality.”  The Kuma partners have been hands on leaders working with NIST, the White House NSTIC policy, a variety of NIST Grant investments, Identity Ecosystem Steering Group and other efforts that demonstrate that perspective.  We came together as a team to drive these principles in the market.

6. What other significant aspects about your organization (service/product) should our global community know about?

Kuma transfers the experience and credibility described above into client value with little interference.  We believe in streamlined engagements that lack the unnecessary burden and overheads that typically  dilute client value in traditional engagements.  When your organization engages with Kuma, you can look forward to working with strong/capable team members that have been empowered to lead.  We are a team like no other as we assemble the right people, subject matter expertise, focus on doing the right thing and ultimately developing relationships that endure.

For more information on Kuma, visit https://kuma.pro/


SSI Meetup

How to avoid another identity nightmare with SSI? Christopher Allen

https://ssimeetup.org/how-avoid-another-identity-tragedy-with-ssi-christopher-allen-webinar-53/ Join the Dutch Self-Sovereign Identity community in a #Foremembrance for those who died by attempting to bomb the civil archives captured by the Nazis & those defending the vulnerable today. Christopher Allen will share with us the importance of this event for the self-sovereign identity community

https://ssimeetup.org/how-avoid-another-identity-tragedy-with-ssi-christopher-allen-webinar-53/ Join the Dutch Self-Sovereign Identity community in a #Foremembrance for those who died by attempting to bomb the civil archives captured by the Nazis & those defending the vulnerable today. Christopher Allen will share with us the importance of this event for the self-sovereign identity community to build the future of identity on sunset Amsterdam time March 27th. We will also analyze the impact and risk of COVID-19 for privacy and identity systems. March 27th is a Friday this year. Sunset in Amsterdam is at 19:06 CET, 2:06 pm EDT, 11:06 am PDT & is 1:06 am March 28 in Taipei & Hong Kong.

Thursday, 26. March 2020

MyData

MyData vs COVID-19

  [Join us on the regular MyData vs COVID-19 calls. For details, see the mydata.org/slack #coronadata channel.] It’s beyond question that we need data to combat the pandemic. Every one of us has three lives: a public, a private, and a secret life. Before COVID-19, there were things we shared publicly, things we shared privately,... Read More
  [Join us on the regular MyData vs COVID-19 calls. For details, see the mydata.org/slack #coronadata channel.] It’s beyond question that we need data to combat the pandemic. Every one of us has three lives: a public, a private, and a secret life. Before COVID-19, there were things we shared publicly, things we shared privately,... Read More

Tuesday, 24. March 2020

Oasis Open

STIX Version 2.1 from CTI TC approved as a Committee Specification

Monday, 23. March 2020

eSSIF-Lab

eSSIF-Lab online webinar hosted by SSI Meetup

SSI Meetup will host eSSIF-Lab on 31st March 2020 at 13:00 (CEST) for their online webinar nº 52 “eSSIF-Lab: creating & funding an interoperable SSI infrastructure in Europe”

 

Our colleagues Oskar van Deventer and Rieks Joosten (from TNO in the Netherlands) will take the chance to explain:

WHY: the eSSIF-Lab vision, objectives, and intended benefits; WHAT: its (initial) functional architecture/components; HOW: ways in which you may contribute (and possibly get funded for that).

Two eSSIF-Lab open calls are now admitting applications so,

don’t miss the chance! 

REGISTER NOW!

In eSSIF-Lab, we want to strengthen internet trustworthiness with electronic identities by supporting the further development, integration and adoption of SSI technologies.

 

To this purpose, we are building the eSSIF-Lab SSI Framework jointly with SSI ecosystem by using a cascade funding approach: the framework will be built upon extensions that will be selected through the Infrastructure-oriented open call and it will be dedicated to the development of generic  services that use SSI (to be selected by the 1st Business-oriented Open Call) and SSI-based applications (to be selected by the 2nd Business-oriented Open Call). From these, both Infrastructure-oriented call and First Business-oriented Call are alive now.

 

Learn more about us or join the conversation at eSSIF-Lab space at NGI Community!


MyData

The extraordinary community meeting for extraordinary times had +100 participants!

Covid-19 has affected us all. The world has been shaken and similarly to all other events, our long-awaited MyData Spring Community Meeting in Amsterdam couldn’t be organised as planned. We took a decision to move it online and despite the fact that it was put together on a tight schedule, it gathered together more than... Read More
Covid-19 has affected us all. The world has been shaken and similarly to all other events, our long-awaited MyData Spring Community Meeting in Amsterdam couldn’t be organised as planned. We took a decision to move it online and despite the fact that it was put together on a tight schedule, it gathered together more than... Read More

eSSIF-Lab

eSSIF-Lab Open Calls already alive!

First Business-oriented call and Infrastructure-oriented call of eSSIF-Lab are already accepting applications.

In eSSIF-Lab, we want to strengthen internet trustworthiness with electronic identities by supporting the further development, integration and adoption of SSI technologies.

To this purpose, we are building the eSSIF-Lab SSI Framework jointly with SSI ecosystem by using a cascade funding approach: the framework will be built upon extensions that will be selected through the Infrastructure-oriented open call and it will be dedicated to the development of generic  services that use SSI (to be selected by the 1st Business-oriented Open Call) and SSI-based applications (to be selected by the 2nd Business-oriented Open Call).

 

Do you think you can contribute? Read on, two eSSIF-Lab calls are now alive!

eSSIF-Lab will select and support 62 projects through its open calls. Two of them are now accepting applications.

1. Infrastructure-Oriented Open Call:

This call targets open source technical enhancements and extensions for eSSIF-Lab Framework which fall within the SSI concept (i.e. technologies which allow individuals to control their electronic identities and guard their privacy).

Open source SSI components developed as a result of this open call will be applied by other participants in eSSIF-Lab. Hence, applicants shall be willing and able to work in an agile way with lots of communication and interaction with other participants in the eSSIF-Lab ecosystem, together developing the eSSIF-Lab Framework and testing the interoperability of delivered components.

Who can apply?

This call targets innovators in the SSI domain (such as outstanding academic research groups, hi-tech startups, SMEs, etc.), legally established/resident in a Member State of the EU or in a H2020 associated country.

Deadline: 30th of June 2021, at 13:00 CEST. (Cut-off for evaluation on 30/10/20).

Funding: up to 155,000 € per project.

APPLY NOW! 2. First Business-oriented Open Call

Solutions proposed for this open call should be business solutions that make it easy for organizations to deploy and/or use SSI and must fall within the SSI concept (i.e., technologies which allow individuals to control their electronic identities and guard their privacy).

Generic commercial competitive SSI components and services developed as a result of this open call will be applied at a later stage in areas such as HealthTech, e-Government, Education or by proposals in the generic track of Open Disruptive Innovation.

Who can apply?

The call is open to single start-ups or SMEs, legally established in a Member State of the EU or in a H2020 associated country.

Deadline: 30th of April 2020 at 13:00 (CEST)

Funding: up to 106,000 € per project (for those best in class)

APPLY NOW!

Friday, 20. March 2020

SSI Meetup

Self-Sovereign Identity: Ideology and Architecture with Christopher Allen

https://ssimeetup.org/self-sovereign-identity-why-we-here-christopher-allen-webinar-51/ Internet cryptography and Self-sovereign identity (SSI) pioneer Christopher Allen talks about essential insights and reflections around historical, technological and ethical aspects of Self-Sovereign Identity at the 51st SSIMeetup.org webinar in collaboration with Rebooting the Web of Trust (RWOT) and Alianza

https://ssimeetup.org/self-sovereign-identity-why-we-here-christopher-allen-webinar-51/ Internet cryptography and Self-sovereign identity (SSI) pioneer Christopher Allen talks about essential insights and reflections around historical, technological and ethical aspects of Self-Sovereign Identity at the 51st SSIMeetup.org webinar in collaboration with Rebooting the Web of Trust (RWOT) and Alianza Blockchain Iberoamérica as part of the events that took place at RWOT in Buenos Aires (Argentina). Christopher is an entrepreneur and technologist who specializes in collaboration, security, and trust. As a pioneer in internet cryptography, he’s initiated cross-industry collaborations and co-created industry standards that influence the entire internet. Christopher’s focus on internet trust began as the founder of Consensus Development where he co-authored the IETF TLS internet-draft that is now at the heart of all secure commerce on the World Wide Web. Christopher is co-chair of the W3C Credentials CG working on standards for decentralized identity. Christopher has also been a digital civil liberties and human-rights privacy advisor, was part of the team that led the first UN summit on Digital Identity & Human Rights, and was the producer of a half-dozen iPhone and iPad games, and of Infinite PDF, a non-linear media app.

Wednesday, 18. March 2020

Kantara Initiative

ForgeRock Secure Sharing: The Framework

My previous blog outlined how a sharing solution involves trusting people, resources, applications and services, and the access information communicated between a producer and consumer. Let’s turn our attention now to the specific architectures, standards, and technologies that are used to implement an advanced secure sharing solution. The Kantara Initiative, Inc. developed the User-Managed Ac

My previous blog outlined how a sharing solution involves trusting people, resources, applications and services, and the access information communicated between a producer and consumer. Let’s turn our attention now to the specific architectures, standards, and technologies that are used to implement an advanced secure sharing solution.

The Kantara Initiative, Inc. developed the User-Managed Access (UMA) 2.0 specification, which describes an open standard for person-to-person resource sharing. UMA 2.0 is an extension of the OAuth 2.0 access delegation open standard specification. This is the framework for ForgeRock Secure Sharing.

Tuesday, 17. March 2020

Schema

Schema for Coronavirus special announcements, Covid-19 Testing Facilities and more

The COVID-19 pandemic is causing a large number of “Special Announcements” pertaining to changes in schedules and other aspects of everyday life. This includes not just closure of facilities and rescheduling of events but also new availability of medical facilities such as testing centers. We have today published Schema.org 7.0, which includes fast-tracked new vocabulary to assist the global resp
The COVID-19 pandemic is causing a large number of “Special Announcements” pertaining to changes in schedules and other aspects of everyday life. This includes not just closure of facilities and rescheduling of events but also new availability of medical facilities such as testing centers.

We have today published Schema.org 7.0, which includes fast-tracked new vocabulary to assist the global response to the Coronavirus outbreak.

It includes a "SpecialAnnouncement" type that provides for simple date-stamped textual updates, as well as markup to associate the announcement with a situation (such as the Coronavirus pandemic), and to indicate URLs for various kinds of update such a school closures, public transport closures, quarantine guidelines, travel bans, and information about getting tested.  

Many new testing facilities are being rapidly established worldwide, to test for COVID-19. Schema.org now has a CovidTestingFacility type to represent these, regardless of whether they are part of long-established medical facilities or temporary adaptations to the emergency.

We are also making improvements to other areas of Schema.org to help with the worldwide migration to working online and working from home, for example by helping event organizers indicate when an event has moved from having a physical location to being conducted online, and whether the event's "eventAttendanceMode" is online, offlline or mixed. 

We will continue to improve this vocabulary in the light of feedback (github; doc), and welcome suggestions for improvements and additions particularly from organizations who are publishing such updates. 

Dan Brickley, R.V.Guha, Google.
Tom Marsh, Microsoft.

Friday, 13. March 2020

Oasis Open

Call for Consent for Static Analysis Results Interchange Format (#SARIF) V2.1.0 as OASIS Standard

Tuesday, 10. March 2020

SSI Meetup

Decentralized Digital Identity in the Spanish and Portuguese speaking world

https://ssimeetup.org/decentralized-digital-identity-spanish-portuguese-speaking-world-alex-preukschat-webinar-50/ SSI Meetup coordinating node Alex Preukschat presents in this webinar the 2020 SSI report for Iberoamerica with the main highlights and insights gained for this edition. Self-Sovereign Identity (SSI) is booming, and we expect it to be one of the main unifying technologies of the bloc

https://ssimeetup.org/decentralized-digital-identity-spanish-portuguese-speaking-world-alex-preukschat-webinar-50/ SSI Meetup coordinating node Alex Preukschat presents in this webinar the 2020 SSI report for Iberoamerica with the main highlights and insights gained for this edition. Self-Sovereign Identity (SSI) is booming, and we expect it to be one of the main unifying technologies of the blockchain and decentralized world. Unlike our first report for Iberoamerica, we have chosen, for this edition, to prepare a shorter executive document that reflects the main trends in the region. In this study, we focus on Ibero-American initiatives that are either done in the name of SSI or have elements strongly resembling SSI, rather than simple authentication experiments that are further away from the principles of SSI.

Tuesday, 03. March 2020

SSI Meetup

eIDAS regulation: anchoring trust in Self-Sovereign Identity systems

https://ssimeetup.org/eidas-regulation-anchoring-trust-self-sovereign-identity-systems-ignacio-alamillo-webinar-49/ Ignacio Alamillo is a lawyer, PhD in eIDAS Regulation, CISA, CISM, and EU Commission legal expert for EBSI eSSIF and the EBSI eIDAS Bridge initiatives. Ignacio will introduce SSI solutions, using the Alastria ID reference model as an illustrative example, taking into account the nee

https://ssimeetup.org/eidas-regulation-anchoring-trust-self-sovereign-identity-systems-ignacio-alamillo-webinar-49/ Ignacio Alamillo is a lawyer, PhD in eIDAS Regulation, CISA, CISM, and EU Commission legal expert for EBSI eSSIF and the EBSI eIDAS Bridge initiatives. Ignacio will introduce SSI solutions, using the Alastria ID reference model as an illustrative example, taking into account the need for trust management frameworks, and trust anchors. Secondly, he will introduce the eIDAS Regulation, currently the major electronic identification regulation in the European Union, supporting a pan-European identity federation system, and the legal framework for the so-called trust services. The EU has developed some key proposals arising from the legal assessment of the EBSI ESSIF use case, oriented to extend the eIDAS Regulation to SSI solutions used with public sector bodies relationships and procedures. This results were publicly presented in the 2nd ESSIF Stakeholders Meeting that took place in Brussels mid-January 2020. The objective of the ESSIF legal assessment is to evaluate the potential legal issues that are horizontal to an SSI solution, including: DIDs: What is the legal nature and ownership of DIDs (asset vs a special kind of pseudonym), how should be DIDs managed in case of minors and incapable persons, if DID may be subject to seizure, when DIDs may be deactivated, what is the legal regime of keys and wallets, etc. VCs: What are the duties and responsibilities of VCs issuers, holders and verifiers. How to model the contractual/non-contractual relations between issuers & verifiers, and set up liability models. We should pay special attention to the legal aspects of the VC lifecycle (issuance, suspension and revocation causes, etc). Alignment of the SSI solution with the eIDAS Regulation: aligning VCs with eIDAS eID rules, but also linking VCs to eSeals or eSignatures. Trust framework: legal input regarding LoAs, governance aspects, conformity, etc. The use cases include: Using eIDAS identification means (and qualified certificates?) to issue verifiable credentials. Using qualified certificates to support verifiable claims (EBSI eIDAS bridge) and legal evidences with full legal value. Using SSI VCs as an eIDAS identification means. Using blockchain plus SSI as an electronic registered delivery service. All content represent just the opinion of Ignacio Alamillo, and do not represent any official position from the EU Commission nor any of its officers

Friday, 28. February 2020

Oasis Open

TOSCA Simple Profile in YAML v1.3 OASIS Standard published


eSSIF-Lab

EU Project eSSIF-Lab, aimed at faster and safer electronic transactions via the internet as well as in real life, open for start-ups and SMEs

In November TNO, FundingBox, BLUMORPHO and GRNET started a new EU-Horizon 2020 research project ‘NGI eSSIF-Lab’. The project will offer open calls for start-ups, SMEs and other innovators to further develop, integrate and adopt self-sovereign identity technologies for Europe. The first open calls are expected to begin in March 2020. What makes eSSIF-Lab different from other initiatives is that it focuses on scalable SSI-solutions that are mutually interoperable and not limited to solving a problem in just a specific domain.

 

Are you interested?

Please fill in our contact form to receive updates when an open call is published

STAY UP TO DATE Self-sovereign identity

Self-sovereign identity (SSI) promises to empower European citizens with new means to manage privacy, to eliminate logins, and to enjoy much faster and safer electronic transactions via the internet as well as in real life. SSI promises not only to empower European organisations to speed up, secure and automate transactions with customers, suppliers and partners, resulting in annual savings of tens of billions of euros on administrative costs in Europe but also to drive a new business ecosystem with thousands of new jobs, new job categories and new business opportunities for existing and new European companies.

eSSIF-Lab project

The eSSIF-Lab project will provide business and technical support to integrate SSI technology with market propositions, and will accelerate SSI-related businesses and social applications. The outreach though the open calls and the prominent position in the emerging SSI community will enable the eSSIF-Lab consortium to advance the broad uptake of SSI as a next generation, open and trusted digital identity solution.

The project will award 62 subgrants in two types of open call: one infrastructure-oriented open call targeting technical enhancements and extensions of the SSI framework and two business-oriented open calls targeting SSI business and social innovations and applications. The infrastructure-oriented open call (open to any type of innovator) and the first business-oriented open call (limited to start-ups and SMEs) are expected to open in March 2020. 

TNO’s lead SSI scientist Rieks Joosten is excited: “While so-called SSI ‘solutions’ are popping up all over the world, the vast majority has a local scope: they solve a problem in a specific domain, are not scalable and scarcely interoperate with each other. Addressing these issues is a top priority for the eSSIF-Lab project. We invite the SSI community in Europe to come forward and apply for the open calls.”

The project receives funding from the European Commission under the Horizon 2020 research and innovation programme, of which €5.6 m is available for subgrants. The eSSIF-Lab project will run for three years.

Consortium

The eSSIF-Lab consortium is a lean consortium comprised of a combination of one RTO, one funding management organisation, one business accelerator and one organisation that offers advanced e-infrastructures and innovative services. The partners have distinct but complementary profiles, spanning the whole range of activities and areas covered within the project.

TNO (Netherlands) is the project coordinator and brings in its extensive SSI technical expertise and understanding of innovation processes to the startup/SME/innovator community targeted by the open calls. TNO has a unique position as an RTO, with a strong connections to both fundamental research, industry, SMEs and societal stakeholders. TNO has an extensive track record in H2020 project coordination.

FundingBox (Poland) manages the open calls. FundingBox is the European leader in managing Financial Support to Third Parties, having distributed up to €62 m by participating in 14 projects, including FSTP, since 2014. It has a community with over 18,000 subscribers where makers, entrepreneurs and innovators meet, interact and collaborate to build growth connections and win equity-free funding to catalyse their growth.

BLUMORPHO (France) is a business accelerator that has 20+ years of experience in building and developing successful ecosystems around innovations. It will provide business support to the start-ups that participate in the open call projects to accelerate their SSI-related business. BLUMORPHO has a large European and worldwide network, and brings in its expertise from training and developing ideas with high potential to fully-fledged business plans.

GRNET (Greece) is responsible for the ongoing deployment infrastructure in the project. GRNET is the national network, cloud computing and IT eInfrastructure and services provider. It supports hundreds of thousands of users in the key areas of Research, Education, Health and Culture.

Contact

TNO: Oskar van Deventer, scientific coordinator, oskar.vandeventer@tno.nl
GRNET: Georgios Tsoukalas, gtsouk@grnet.gr
FundingBox: David Seoane, david.seoane@fundingbox.com
BLUMORPHO: Régis Hamelin, hamelin@blumorpho.com

Meer informatie: essif-lab.eu

This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 871932.


SSI Meetup

Explaining SSI to C-suite executives, and anyone else for that matter

https://ssimeetup.org/explaining-ssi-c-suite-executives-anyone-else-john-phillips-webinar-48/ John Phillips from 460degrees in Australia has been exploring with his team for more than two years for a way to describe Self-Sovereign Identity (SSI) that was easy to understand. We think he has found a good method to make SSI easy to understand for any C-suite executive and business people that goes b

https://ssimeetup.org/explaining-ssi-c-suite-executives-anyone-else-john-phillips-webinar-48/ John Phillips from 460degrees in Australia has been exploring with his team for more than two years for a way to describe Self-Sovereign Identity (SSI) that was easy to understand. We think he has found a good method to make SSI easy to understand for any C-suite executive and business people that goes beyond the technology. John published a video in late 2019 that we found deeply insightful and we have invited him to share this with the SSI Meetup audience. This demo has been going down amazingly well with audiences from c-suite technology execs to design students. This approach quite literally animates the discussion. People add other objects into the mix, move things around, ask relevant, insightful, questions. John will share the learnings he is gaining from University research, as well as the results of work in supporting capstone projects for higher education students, and how this has led us to a storytelling model to explain SSI.

Thursday, 27. February 2020

SSI Meetup

Using SSI for enterprise identity and access management

https://ssimeetup.org/using-ssi-enterprise-identity-access-management-sebastian-weidenbach-christopher-hempel-webinar-47/ Sebastian Weidenbach and Christopher Hempel from esatus AG will explain in this presentation why Self-Sovereign Identity (SSI) has great advantages to facilitate enterprise identity and access management. It will also go into detail about how a connection between existing iden

https://ssimeetup.org/using-ssi-enterprise-identity-access-management-sebastian-weidenbach-christopher-hempel-webinar-47/ Sebastian Weidenbach and Christopher Hempel from esatus AG will explain in this presentation why Self-Sovereign Identity (SSI) has great advantages to facilitate enterprise identity and access management. It will also go into detail about how a connection between existing identity and access management solutions and distributed identity ledgers can be implemented. SSI enables users to create proofs over facts about themselves using a distributed ledger. In an enterprise context, this also means that an employee can send a proof to, for instance, a compatible file server containing data exclusively meant for the human resources department. If this proof is valid and contains the fact that the prover is a member of the human resources department, access can be granted automatically. The need for individual approval by a superior, common reason for the tiresome and expensive delay, is removed. Switching enterprises’ IAM systems to SSI technology cannot realistically be done in one fell swoop, though, as migrating thousands of accounts and their privileges to a new system is an intimidating task. There are ways to connect SSI technology to existing IAM solutions, though, which are starting to enter the market using gateway components to connect the old and new worlds of identity.

Oasis Open

#TOSCA Simple Profile in YAML Version 1.3 is approved as an OASIS Standard

Tuesday, 25. February 2020

Oasis Open

Invitation to comment on STIX v2.1 from the CTI TC - ends March 11th


Open Cybersecurity Alliance Unveils First Open Source Language to Connect Security Tools

Wednesday, 22. January 2020

Schema

Schema.org 6.0

Schema.org version 6.0 has been released. See the release notes for full details.  As always, the release notes have full details and links (including previous releases e.g. 5.0 and 4.0). We are now aiming to release updated schemas on an approximately monthly basis (with longer gaps around vacation periods). Typically, new terms are first added to our "Pending" area to give t
Schema.org version 6.0 has been released. See the release notes for full details.  As always, the release notes have full details and links (including previous releases e.g. 5.0 and 4.0).

We are now aiming to release updated schemas on an approximately monthly basis (with longer gaps around vacation periods). Typically, new terms are first added to our "Pending" area to give time for the definitions to benefit from implementation experience before they are added to the "core" of Schema.org. As always, many thanks to everyone who has contributed to this release of Schema.org.

--
Dan Brickley, for Schema.org.

Sunday, 23. February 2020

Oasis Open

Interoperability Between Leading Key Management Vendors Demonstrates Continued Strength of OASIS KMIP Standard at RSA 2020

Wednesday, 19. February 2020

Oasis Open

XACML v3.0 Time Extensions Version 1.0 from XACML TC approved as a Committee Specification

Friday, 14. February 2020

Oasis Open

U.S. Leaders Help Define International Standards for Sharing Economy

Wednesday, 12. February 2020

Oasis Open

Call for Consent for TOSCA Simple Profile in YAML Version 1.3 as OASIS Standard


Invitation to comment on KMIP Specification v2.1 and KMIP Profiles v2.1 - ends March 13th

Friday, 07. February 2020

Oasis Open

60-day Public Review for four #OData Candidate OASIS Standards - ends April 7th 2020

Tuesday, 04. February 2020

SSI Meetup

Decentralized Identifier (DIDs) fundamentals deep dive

https://ssimeetup.org/decentralized-identifiers-dids-fundamentals-identitybook-info-drummond-reed-markus-sabadello-webinar-46/ Decentralized identifiers (abbreviated as “DIDs”), are the cryptographic counterpart to verifiable credentials (VCs) that together are the “twin pillars” of SSI architecture. In this special IdentityBook.info webinar Markus Sabadello, Founder and CEO of Danube Tech, and D

https://ssimeetup.org/decentralized-identifiers-dids-fundamentals-identitybook-info-drummond-reed-markus-sabadello-webinar-46/ Decentralized identifiers (abbreviated as “DIDs”), are the cryptographic counterpart to verifiable credentials (VCs) that together are the “twin pillars” of SSI architecture. In this special IdentityBook.info webinar Markus Sabadello, Founder and CEO of Danube Tech, and Drummond Reed, Chief Trust Officer at Evernym, co-authors of the DID chapter of the “Self-Sovereign Identity: Decentralized Digital Identity and Verifiable Credentials” book published by Manning will explain all the fundamentals of DIDs. Based on the did chapter of the book, you will learn how DIDs evolved from the work started with VCs, how they are related to URLs and URNs, why a new type of cryptographically-verifiable identifier is needed for SSI, and how DIDs are being standardized at World Wide Web Consortium (W3C). Your guides will be two of the editors of the W3C Decentralized Identifier 1.0 specification: Markus Sabadello and Drummond Reed.

The 2nd Official W3C DID Working Group Meeting (The Netherlands)

https://ssimeetup.org/did-report-2-2nd-official-w3c-did-working-group-meeting-netherlands-drummond-reed-markus-sabadello-webinar-45/ The DID Report 2 about the Second Meeting of the W3C DID Working Group with Drummond Reed and Markus Sabadello from Danube Tech, co-authors of the W3C DID specification. DID spec co-author Drummond Reed and Markus Sabadello will report back from Amsterdam (The Neth

https://ssimeetup.org/did-report-2-2nd-official-w3c-did-working-group-meeting-netherlands-drummond-reed-markus-sabadello-webinar-45/ The DID Report 2 about the Second Meeting of the W3C DID Working Group with Drummond Reed and Markus Sabadello from Danube Tech, co-authors of the W3C DID specification. DID spec co-author Drummond Reed and Markus Sabadello will report back from Amsterdam (The Netherlands) for the second official meeting of the W3C DID Working Group taking place from January 29-31, 2020 to share highlights of the meeting and the roadmap for taking DIDs to a full Web standard. This session will be followed one hour later by a full DID education session based on the DID chapter published with Manning by IdentityBook.info authors Drummond Reed, Markus Sabadello and Alex Preukschat. If you want to learn all the basics about DIDs please also join this session here: Webinar 46

Friday, 31. January 2020

Oasis Open

Invitation to comment on Universal Business Language v2.3 from the UBL TC - ends February 15th

Thursday, 30. January 2020

SSI Meetup

Why Self-Sovereign Identity is important - CIO brief - Steve Magennis

https://ssimeetup.org/self-sovereign-identity-explained-cios-steve-manning-webinar-44/ Identity on the internet has been missing since the beginning. For all the amazing ways in which the internet has come to enhance our daily business, social, and personal lives, it was originally designed to simply connect digital endpoints. Networking protocols were built so that computers could identify one a

https://ssimeetup.org/self-sovereign-identity-explained-cios-steve-manning-webinar-44/ Identity on the internet has been missing since the beginning. For all the amazing ways in which the internet has come to enhance our daily business, social, and personal lives, it was originally designed to simply connect digital endpoints. Networking protocols were built so that computers could identify one another, prove themselves, and safely establish a flow of bits between them. What those bits represent was never a primary concern of the architecture. Despite this limitation, for nearly 3 decades we have been creatively injecting the human narrative into the digital conversation between computers; all the while struggling with the lack of certainty about who the human is who is initiating the process. Self-Sovereign Identity (SSI) and Verifiable Credentials (VCs) have emerged as a way to address the question: “Who is really behind the other end of my digital interaction?” Together, the pair of technologies are able to do this at scale while enhancing personal privacy, increasing trust between parties, and promoting practical models of anonymity in a world where all too often our identity becomes a commercial commodity. This presentation is for people who are thinking about how identity and trust relate to their employees, customers, partners, and competitors, and the bespoke way in which we are forced to deal with the issue. Those looking for a better understanding of the benefits afforded by SSI and VCs as well as the technical and governance underpinnings required to support solutions should attend. Steve Magennis is a former Senior Director with Avanade and has worked closely with Accenture and Microsoft over the years to develop transformational initiatives for many Fortune 100 enterprise clients. Decentralized design is a key focus of his as it enables creating entirely new classes of solutions that can be applied to persistent, entrenched business and social problems.

Wednesday, 29. January 2020

Oasis Open

TAXII Version 2.1 from CTI TC approved as a Committee Specification

Thursday, 23. January 2020

Oasis Open

Service Metadata Publishing (SMP) v2.0 from BDXR TC approved as a Committee Specification


#UBL TC publishes Guidance regarding the use of the OASIS UBL logo v1.0

Monday, 20. January 2020

Identity Commons

What You Don’t Know About Dissertation Writing Help Could Be Costing to More Than You Think

Dissertation Writing Help – What Is It? The primary homework help One Thing to Do for Dissertation Writing Help If you’re worried about the prices of our services don’t worry, we provide the best services at the lowest prices. There are a lot of reasons why you must prefer our services. Our site isn’t only … Continue reading "What You Don’t Know About Dissertation Writing Help Could Be Costing to
Dissertation Writing Help – What Is It? The primary homework help One Thing to Do for Dissertation Writing Help If you’re worried about the prices of our services don’t worry, we provide the best services at the lowest prices. There are a lot of reasons why you must prefer our services. Our site isn’t only …

Continue reading "What You Don’t Know About Dissertation Writing Help Could Be Costing to More Than You Think"


Automobile Reference Writes – The Use of a Particular Source to Supply an Overview of a Major Event

While the”A” refers to automatic, the”R” refers to mention. Auto reference composing is the usage of a source to provide an overview of a significant event that may be of interest. There are two types of auto reference services – the plural and the singular. The singular refers to the single source of this data … Continue reading "Automobile Reference Writes – The Use of a Particular Source to Sup
While the”A” refers to automatic, the”R” refers to mention. Auto reference composing is the usage of a source to provide an overview of a significant event that may be of interest. There are two types of auto reference services – the plural and the singular. The singular refers to the single source of this data …

Continue reading "Automobile Reference Writes – The Use of a Particular Source to Supply an Overview of a Major Event"

Friday, 17. January 2020

Oasis Open

Four PKCS #11 specifications from PKCS11 TC approved as Committee Specifications


Identity Commons

Key Pieces of Essay Writers Online

Essay Writers Online Fundamentals Explained Top research paper Essay Writers Online Choices Speak to us and request a revision if you would like the writer to alter the style, do some corrections, or add more details. Moreover, during the procedure, you’re the manager of your purchase, and you may always speak to your writer to … Continue reading "Key Pieces of Essay Writers Online"
Essay Writers Online Fundamentals Explained Top research paper Essay Writers Online Choices Speak to us and request a revision if you would like the writer to alter the style, do some corrections, or add more details. Moreover, during the procedure, you’re the manager of your purchase, and you may always speak to your writer to …

Continue reading "Key Pieces of Essay Writers Online"

Tuesday, 14. January 2020

Identity Commons

The Number One Article on Buy Essay

As an academician you’ve must write or maybe the 4 kinds of essays at an identical period in faculty. If you’ve got a wordcount planning an article is much more easy. You in the correct area if you’d like to purchase essay cheap then! ghostwriter There are various kinds of essays. You can rest assured … Continue reading "The Number One Article on Buy Essay"
As an academician you’ve must write or maybe the 4 kinds of essays at an identical period in faculty. If you’ve got a wordcount planning an article is much more easy. You in the correct area if you’d like to purchase essay cheap then! ghostwriter There are various kinds of essays. You can rest assured …

Continue reading "The Number One Article on Buy Essay"

Friday, 10. January 2020

Oasis Open

Open Document Format for Office Applications (OpenDocument) v1.3 from the OpenDocument TC approved as a Committee Specification

Saturday, 21. December 2019

Oasis Open

60-day Public Review for Static Analysis Results Interchange Format (SARIF) v2.1.0 COS01 - ends 18 February 2020

Wednesday, 18. December 2019

Oasis Open

Digital Signature Service Core Protocols, Elements, and Bindings v2.0 and Digital Signature Service Metadata v1.0 from the DSS-X TC approved as Committee Specifications

Tuesday, 17. December 2019

SSI Meetup

The Hyperledger Indy Public Blockchain Node

https://ssimeetup.org/hyperledger-indy-public-blockchain-node-alexander-shcherbakov-webinar-43/ Alexander Shcherbakov is a software engineer at DSR working on the team at Evernym. He has a Ph.D. in Mathematics and is one of the maintainers of Hyperledger Indy and Hyperledger Plenum. In this presentation, he will explain the value of a decentralized ledger in an SSI ecosystem and examine Hyperledg

https://ssimeetup.org/hyperledger-indy-public-blockchain-node-alexander-shcherbakov-webinar-43/ Alexander Shcherbakov is a software engineer at DSR working on the team at Evernym. He has a Ph.D. in Mathematics and is one of the maintainers of Hyperledger Indy and Hyperledger Plenum. In this presentation, he will explain the value of a decentralized ledger in an SSI ecosystem and examine Hyperledger Indy, which is the distributed ledger that has been powering the Sovrin Network for more than two years. Our identities have to be trusted to be useful. When we meet strangers, we decide how much we trust them by what they tell us, and whether a trusted third party will vouch for them. In traditional identity systems, the trusted third party knows everything about everyone in the ecosystem. In Self-Sovereign Identity systems, we rely on a decentralized ledger to privately validate that the identity claims do in fact come from a trusted issuer. Indy’s blockchain implementation is Plenum, which is a general purpose, public-permissioned, BFT distributed ledger. The presentation takes a technical look at the architecture, cryptography, transactions, data structures, and storage of the ledger including auditability, request processing, catch-up procedure, and support for custom plugins and custom transactions.

Friday, 13. December 2019

Oasis Open

Invitation to comment on #TOSCA Simple Profile in YAML v1.3 - ends February 11th

Thursday, 12. December 2019

Oasis Open

Open Command and Control (OpenC2) Language Specification v1.0 from OpenC2 TC approved as a Committee Specification

Wednesday, 11. December 2019

Oasis Open

#UBL Payment Means Information v1.0 published by UBL TC

Monday, 09. December 2019

Oasis Open

Invitation to comment on #STIX V2.1 and #TAXII V2.1 from the CTI TC - ends December 24th

Friday, 06. December 2019

Oasis Open

Four OData specifications approved as Committee Specifications

Wednesday, 04. December 2019

Oasis Open

Invitation to comment on XACML v3.0 Time Extensions V1.0 - ends Jan. 3rd

Wednesday, 27. November 2019

Oasis Open

Invitation to comment on Open Document Format for Office Applications (OpenDocument) v1.3 - ends Dec. 12th

Thursday, 21. November 2019

SSI Meetup

Peer DIDs: a secure and scalable method for DIDs that’s entirely off-ledger – Daniel Hardman

https://ssimeetup.org/peer-dids-secure-scalable-method-dids-off-ledger-daniel-hardman-webinar-42/ Daniel Hardman, Chief Architect, Evernym / Secretary, Technical Governance Board – Sovrin Foundation will show how Peer DIDs will allow off-chain transactions for the self-sovereign identity (SSI) world. Most documentation about decentralized identifiers (DIDs) describes them as identifiers that are

https://ssimeetup.org/peer-dids-secure-scalable-method-dids-off-ledger-daniel-hardman-webinar-42/ Daniel Hardman, Chief Architect, Evernym / Secretary, Technical Governance Board – Sovrin Foundation will show how Peer DIDs will allow off-chain transactions for the self-sovereign identity (SSI) world. Most documentation about decentralized identifiers (DIDs) describes them as identifiers that are rooted in a public source of truth like a blockchain, a database, a distributed filesystem, or similar. This publicness lets arbitrary parties resolve the DIDs to an endpoint and keys. It is an important feature for many use cases. However, the vast majority of relationships between people, organizations, and things have simpler requirements. When Alice(Corp|Device) and Bob want to interact, there are exactly and only 2 parties in the world who should care: Alice and Bob. Instead of arbitrary parties needing to resolve their DIDs, only Alice and Bob do. Peer DIDs are perfect in these cases. In many ways, peer DIDs are to public, blockchain-based DIDs what Ethereum Plasma or state channels are to on-chain smart contracts— or what Bitcoin’s Lightning Network is to on-chain cryptopayments. They move interactions off-chain, but offer options to connect back to a chain-based ecosystem as needed. Peer DIDs create the conditions for people, organizations, and things to have full control of their end of the digital relationships they sustain.

Streetcred: Improving the Developer Experience in SSI – Michael Boyd

https://ssimeetup.org/streetcred-improving-developer-experience-ssi-michael-boyd-webinar-41/ Michael is the Cofounder and Chief Product Officer of Streetcred ID. Coming from multiple startup ventures as technical lead, Michael was the first software engineer at Sovrin Foundation, where he was a strong advocate for privacy and security in decentralized identity systems. He was an original contribu

https://ssimeetup.org/streetcred-improving-developer-experience-ssi-michael-boyd-webinar-41/ Michael is the Cofounder and Chief Product Officer of Streetcred ID. Coming from multiple startup ventures as technical lead, Michael was the first software engineer at Sovrin Foundation, where he was a strong advocate for privacy and security in decentralized identity systems. He was an original contributor to the initial Hyperledger Indy Agent code, which later became Hyperledger Aries Project. He is passionate about creating a pleasant experience for developers who want to implement self-sovereign identity with Streetcred. In this talk, Michael will discuss the evolution of the developer experience in the SSI community, including the easiest ways to get started building credential issuers, verifiers, and identity wallets. He’ll introduce a framework for how to best approach user experience problems in decentralized identity, touching on hard topics like key management, schema discovery, and building a web of trust.

Wednesday, 20. November 2019

World Identity Network

Empowering Orphans with Access to Their Identity

Addressing the fundamental problem of accessing a proof of identity is critical in combatting the abuse of vulnerable children around the world. The post Empowering Orphans with Access to Their Identity appeared first on World Identity Network.

These conditions are endemic to orphanages across the globe, and are primarily made possible by the fact that these children typically lack a basic human right: documented proof of their existence, whether through a birth certificate or other identification. Without the necessary documents to prove their identity, these children are trapped forever, unable to reunite with their families. Addressing this fundamental problem in accessing a proof of identity is critical in combatting the abuse of vulnerable children around the world.

How does WIN Foundation and its partners help children in need? Watch this video to see how you can get involved:

An estimated eight million children today reside in orphanages – yet more than 80% of these children have at least one living parent. Separated and unable to reconnect with their families, these kids are doomed to a brutal life, constantly uprooted and taken advantage of. In addition to the plague of trafficking, sexual abuse, and slavery these orphans face, they are also 500 times more likely to take their own lives. Several governments have passed deinstitutionalization laws against orphanages, but they continue to flourish as children are increasingly displaced by crises like the civil war in Syria, or the Indian government’s removal of ethnic minorities from its national ID registry. The resulting rise of statelessness means there is no longer a sense of belonging for children who are displaced, and “children in cages” at the border become children victimized in orphanages.

Working with local authorities, organizations like Hope and Homes for Children have managed to close many abusive orphanages worldwide. But millions of children are still waiting to be reunited with a loving family. Many of them risk being taken out of the country by human traffickers, often ending up in modern slavery or the human organ trade. The WIN Foundation is proud to partner with Hope and Homes for Children, becoming part of a successful drive to save orphans in Moldova from an inhumane fate.

Hope and Homes for Children helps families around the world find their place and lifts them to success

WIN Foundation works with a local satellite of Hope and Homes for Children, CCF Moldova, to get children out of the orphanage system. We help provide them with personal ID papers, trace their family lineage, and reunite them with family members. We purchase comfortable homes for the families and cover costs for their most basic needs. Furthermore, with our support, the government of Moldova passed a law requiring every minor to possess a proof of personal ID, if they intend to leave the country. Using blockchain on top of existing systems will flag and record every unlawful attempt to exit, helping to ensure that no child is taken out of the country using fake ID documents produced by human traffickers.

We are proud of our work with Hope and Homes for Children, and believe this systematic approach allows individuals to take control of their own fate. Recently, acclaimed author J.K. Rowling spoke at the One Young World Summit about the dangers of “orphanage tourism,” insisting that our collective focus should instead be on the circumstances that drive these children to such terrible institutions. In Rowling’s fantastical writings, magic empowers individuals and works to bring justice and happiness to the downtrodden. We believe our work with Hope and Homes for Childen resembles magic in this regard; everyone deserves access to proof of their identity, and blockchain technology offers limitless possibilities to do it correctly – finally holding access to their own identity, vulnerable children in orphanages can realize their full potential for success. We should harness the capabilities of blockchain to elevate humanity à la Wingardium Leviosa.

The post Empowering Orphans with Access to Their Identity appeared first on World Identity Network.

Wednesday, 13. November 2019

Oasis Open

Call for Participation: OASIS Lexicographic Infrastructure Data Model and API (LEXIDMA) TC

Friday, 08. November 2019

Kantara Initiative EU

Spotlight on Seadot

1. In which sector(s) and country(ies) do you operate? We are based in Sweden and operate primarily in Northern Europe. 2. What is your current market focus and what needs and areas of concern does your service/product address? We focus on delivering Cyber Security advisory and audit services to organizations with regulatory compliance challenges. We […]

1. In which sector(s) and country(ies) do you operate?

We are based in Sweden and operate primarily in Northern Europe.

2. What is your current market focus and what needs and areas of concern does your service/product address?

We focus on delivering Cyber Security advisory and audit services to organizations with regulatory compliance challenges. We advise our customers on how they can address cyber security risks in an effective and compliant way.

3. In what ways does your service/product push beyond the state-of- the- art?

We have extensive experience in handling cyber risks. With our experience from many different sectors and many regulations and standards in the area, we can support our clients so that they in turn get an effective cyber risk and compliance operations.

4. Where do you see the market trending in the mid/long term and how do you see your product/service playing into it?

We see a rather fast movement to a more regulated world within cyber risk and cyber security. With the rapid development of IoT & OT, smart cities, AI and many other developments within the cyber world regulators are stepping up. Business will have to work more with cybersecurity and compliance to keep up with regulations and deliver services to their customers.

5. Why were you motivated to join Kantara Initiative and how do you see it helping your organization specifically, and the digital economy as a whole?

We see Kantara Initiative as a good platform for Seadot to cooperate with other organizations in our domain to ensure cybersecurity for the digital economy – specifically within identity, assurance and trust.

6. What other significant aspects about your organization (service/product) should our global community know about?

Seadot is the only Kantara Accredited Assessor based in Europe.
For more information on Seadot, visit https://seadot.se/

Thursday, 07. November 2019

Oasis Open

#KMIP Specification v2.0 and KMIP Profiles v2.0 OASIS Standard are published

Tuesday, 05. November 2019

Oasis Open

#KMIP Test Cases v2.0 and KMIP Usage Guide v2.0 published by KMIP TC

Friday, 01. November 2019

Oasis Open

#KMIP Specification v2.0 and KMIP Profiles v2.0 approved as OASIS Standards

Wednesday, 30. October 2019

Oasis Open

Two new OASIS Standards published: #SAML V2.0 Metadata Interoperability Profile V1.0 and SAML V2.0 Metadata Extensions for Login and Discovery User Interface V1.0

Friday, 25. October 2019

Oasis Open

Invitation to comment on Repeatable Requests Version 1.0 - ends Nov. 27th


#SAML V2.0 Metadata Interoperability Profile V1.0, SAML V2.0 Metadata Extensions for Login and Discovery User Interface V1.0 become OASIS Standards

Wednesday, 23. October 2019

Oasis Open

Call for Participation: Threat Actor Context (TAC) TC

Monday, 21. October 2019

Oasis Open

Customer Data Platform v1.0 from CXS TC approved as a Committee Specification

Friday, 18. October 2019

Oasis Open

"What's New in OData v4.01" published by the OData TC


Invitation to comment on four OData specification drafts - ends November 4th

Thursday, 17. October 2019

Oasis Open

Call for Consent for #KMIP Specification v2.0 and KMIP Profiles v2.0 as OASIS Standards

Thursday, 10. October 2019

Oasis Open

Call for Consent for #SAML V2.0 Metadata Interoperability Profile V1.0 and SAML V2.0 Metadata Extensions for Login and Discovery User Interface V1.0 as OASIS Standards

Tuesday, 08. October 2019

Oasis Open

Call for Participation: Open Cybersecurity Alliance


Cybersecurity Leaders Launch Initiative for Interoperable Security Technologies to Thwart Attacks

Saturday, 05. October 2019

Oasis Open

Invitation to comment on two Digital Signature Service specifications - ends October 21

Thursday, 03. October 2019

Oasis Open

TOSCA Simple Profile in YAML v1.3 from TOSCA TC approved as a Committee Specification