Last Update 10:22 AM May 19, 2022 (UTC)

Organizations | Identosphere Blogcatcher

Brought to you by Identity Woman and Infominer.
Support this collaboration on Patreon!!

Thursday, 19. May 2022

ResofWorld

India’s answer to Twitter already offers self-verification

“Already doing what Elon Musk wants to do is such a high,” co-founder of Koo, Aprameya Radhakrishna, posted on Twitter.
On April 6, four days before billionaire Elon Musk announced his desire to “authenticate all real humans” on Twitter, the multilingual Indian microblogging site Koo introduced a feature that grants...

Wednesday, 18. May 2022

Oasis Open

Invitation to comment on OSLC PROMCODE v1.0 Errata 01

This document lists errata for the OASIS Standard "OSLC PROMCODE v1.0." The post Invitation to comment on OSLC PROMCODE v1.0 Errata 01 appeared first on OASIS Open.

Public review of draft Errata ends June 2nd

OASIS and the OASIS OSLC Lifecycle Integration for Project Management of Contracted Delivery (OSLC PROMCODE) TC are pleased to announce that OSLC PROMCODE v1.0 Errata 01 is now available for public review and comment.

This document lists errata for the OASIS Standard “OSLC PROMCODE Version 1.0.” As described in the document, there are no changes to the published textual documents of the OASIS Standard (Part 1: Specification, Part 2: Vocabulary, and Part 3: Constraints). Changes have been made only to the two machine-readable “turtle” files (promcode-vocab.ttl and promcode-shapes.ttl). The modified “turtle” files are included in this publication.

The documents and related files are available here:

OSLC PROMCODE Version 1.0 Errata 01
Committee Specification Draft 01
13 May 2022

HTML:
https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata01/csd01/promcode-v1.0-errata01-csd01.html (Authoritative)
PDF:
https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata01/csd01/promcode-v1.0-errata01-csd01.pdf

Machine-readable files
Vocabulary terms: https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata01/csd01/promcode-vocab.ttl
Constraints: https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata01/csd01/promcode-shapes.ttl

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata01/csd01/promcode-v1.0-errata01-csd01.zip

How to Provide Feedback

OASIS and the OSLC PROMCODE TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of our technical work.

This 15-day public review starts 19 May 2022 at 00:00 UTC and ends 02 June 2022 at 23:59 UTC.

Additional information about this review and any previous public reviews is published with the specification documents at:
https://docs.oasis-open.org/oslc-promcode/promcode/v1.0/errata01/csd01/promcode-v1.0-errata01-csd01-public-review-metadata.html

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=oslc-promcode).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/oslc-promcode-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the OSLC PROMCODE TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/oslc-promcode/

Additional references

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://www.oasis-open.org/committees/oslc-promcode/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#RF-on-Limited-Mode
RF on Limited Terms Mode

The post Invitation to comment on OSLC PROMCODE v1.0 Errata 01 appeared first on OASIS Open.


Me2B Alliance

Our Input to the California Privacy Protection Agency (CPPA) Pre-Rulemaking Stakeholder Sessions

The California Privacy Protection Agency held three days of pre-ruling stakeholder sessions from 5/4/22-5/6/22. Lisa LeVasseur, ED of the Me2BA, spoke in the session on audits, and Noreen Whysel, Validation Research Dir, spoke in the session on dark patterns. Key points: 1. Me2BA is active in supporting CCPA/CPRA enforcement. 2. We underscored some of our many written comments provided to CPP

California is a major center of new privacy law and regulation, creating opportunities for internet safety advocates to help design policies that will ripple out well beyond the state’s borders. Their Privacy Rights Act (CPRA), passed by ballot proposition in 2020, created the California Privacy Protection Agency (CPPA), which seems to be getting closer to initiating its first formal rulemaking process. We have monitored and involved ourselves in this new agency since its inception, and Lisa LeVasseur (our Executive Director) and Noreen Whysel (Director of Validation Research) shared their expertise on product audits and dark patterns, respectively, in a recent pre-rulemaking CPPA Stakeholder Session (May 5-6)

We have included a summary of the CPPA’s rulemaking process to date at the end of this post.   

Our Input During the Stakeholder Sessions

Our key recommendations included:

Dark Patterns 

Focusing on the harmful outcomes of these interfaces by calling them what they are: “Harmful UI Patterns,” rather than “Dark Patterns.”   Recognizing that Harmful UI Patterns exist along the spectrum of the entire technology relationship, beginning before an account or other user relationship is established until well after it is terminated.  Adopting a framework for identifying Harmful UI Patterns at each stage of a technology relationship. For example, regulation should include or reference additional examples of Harmful UI Patterns and develop a framework for when they are likely to occur.  Advocating for Opt-Out to be the default condition, rather than a choice. A respectful default state is one in which no data is collected unless and until a user explicitly allows for data collection.   Recommendations on clarifying the definitions of “Consent” and “Intentional Interaction.” 

Audits 

Providing clarity on two types of audits: (1) auditing organizations and their practices and (2) auditing the behavior of technology.  Addressing scaling issues and challenges. Auditing is too large a job for a single entity.   Advocating for authorized network of auditing entities to be completely independent and divorced from the industry. There must be transparency in qualifying criteria, selection, and ongoing performance of authorized auditors.  

Click here to read our full statements.  

What’s next? 

Currently, we speculate that the preliminary rulemaking activities have concluded since no additional activities or meetings have been announced. We look forward to receiving notice of the CPPA’s initial draft of regulations soon and submitting our public comments within the 45-day comment period. 

Summary of the CPPA’s Rulemaking Process To Date In June of 2021, the CPPA board started meeting, addressing administrative issues, hiring personnel, and creating subcommittees.  In September of 2021, the CPPA initiated their pre-rulemaking activities soliciting preliminary written comments on their proposed rulemaking.   We provided the CPPA with 14 pages of feedback.  In January of 2022, the CPPA gave notice to the office of administrative law of their intended rulemaking calendar.   The initial timeline for adopting final regulations was set for July 1, 2022 by the CPRA but now the timeline for adopting final regulations has been pushed out to Q3 or Q4.  In February of 2022, Executive Director Ashkan Soltani acknowledged that the new rulemaking timeline puts the CPPA behind schedule, but it will allow the Agency to balance staffing needs and undertake substantial preliminary information gathering to support regulations. Mr. Soltani then expressed the possibility that the CPPA may introduce major regulations.   In March of 2022, the CPPA continued their preliminary information gathering activities by holding informational hearings. Academics and government officials were selected to speak at these Informational Hearings to provide the CPPA board and staff members with background information on various topics potentially relevant to rulemaking.  In May of 2022, the CPPA continued their preliminary information gathering activities by holding Stakeholder Sessions providing the public with the opportunity to speak on their experience and expertise in topics relevant to the upcoming rulemaking.   We signed up to participate in these Stakeholder Sessions and provided our input on Audits and Dark Patterns.  

EdgeSecure

Edge to Participate in Equity in STEM Community Convening in Washington, D.C.

The post Edge to Participate in Equity in STEM Community Convening in Washington, D.C. appeared first on NJEdge Inc.

NEWARK, NJ, May 19, 2022 – Edge’s Dr. Forough Ghahramani, Associate Vice President for Research, Innovation, and Sponsored Programs, will participate as a speaker in the “Engaging More Women in Academic Innovation” presentation session at the Equity in STEM Community Convening. The conference, hosted by WEPAN and its ARC Network initiative, will be held in-person on Tuesday, May 31, 2022 through Friday, June 3, 2022 in Washington, D.C. and celebrates 20 years of the NSF’s ADVANCE program and WEPAN’s 30th anniversary.

The Equity in STEM Community Convening serves as a gathering for researchers, practitioners, and change agents dedicated to creating equitable STEM workplaces. Attendees will have an opportunity to share new research findings and exchange resources; brainstorm strategies and collaborate in novel ways; and demonstrate effective programs and interventions for greater collective impact.

Notes Dr. Ghahramani, “Encouraging greater diversity in STEM education and research initiatives is essential and concrete actions are needed to provide better outreach programs and resources and to create systems that foster greater inclusion in academic innovation. Our presentation will outline the key findings from the quantitative and qualitative data obtained from women involved in academic innovation, based on the article, “Engaging More Women in Academic Innovation: Findings and Recommendations,” recently published in National Academy of Inventors: Technology and Innovation Journal. The presentation will also put forth a set of recommendations based on the survey feedback, follow-up interviews, and the collective experience of Technology Transfer professionals who work daily with academic innovators. The hope is that these recommendations will provide valuable insights into concrete actions that can be taken to ensure systemic changes that foster greater engagement of academic women and other under-represented populations in all stages of the innovation life cycle.”

To learn more about the event, visit https://www.equityinstem.org/convening.

The post Edge to Participate in Equity in STEM Community Convening in Washington, D.C. appeared first on NJEdge Inc.


ResofWorld

After the crash, crypto boosters are still HODLing

Tether and Bitfinex CTO Paolo Ardoino told Rest of World why he still believes in El Salvador’s Volcano Tokens, but not in certain stablecoins.
Last week saw TerraUSD — the third-largest stablecoin, a token nominally pegged 1-to-1 to another currency — lose nearly all of its value, while bitcoin continued to fall, plunging below $27,000...

HIP Platform

Opportunities for Integrating Functional Digital ID into Humanitarian Action

People in need of assistance often have no choice but to use proxy services to access humanitarian services, exposing them and the organizations assisting them to additional data protection and privacy risks, in addition to fraud, further increasing their vulnerability.

Today’s rapid technological development, changing humanitarian needs, and new forms of emergency present new challenges to humanitarian organizations responding to disasters. At the same time 1 billion people globally, some of whom need humanitarian assistance, do not have any form of an identity document (ID). Such vulnerable people around the world without a recognized form of ID are sometimes unable to access certain humanitarian services, such as cash and voucher assistance because they cannot meet know-your-customer (KYC) requirements.

People in need of assistance often have no choice but to use proxy services to access humanitarian services, exposing them and the organizations assisting them to additional data protection and privacy risks, in addition to fraud, further increasing their vulnerability. With the adoption of digital tools, such as internet connectivity and mobile phones, being relatively high around the world compared to a decade ago, new opportunities have arisen to innovate on existing approaches for planning, designing, and implementing humanitarian interventions with dignity and efficiency. However, key questions remain about how we might achieve efficiency in our operations and ensure the dignity of the people we serve. What are the opportunities and limitations learnt from the pilot implementation of digital ID in Kenya as part of the COVID-19 cash assistance response?

The Dignified Identities in Cash Assistance (DIGID) project was initiated by a consortium of humanitarian organizations. In 2021, a pilot project was carried out in Kenya implemented by the Kenya Red Cross Society to enable people without any form of ID to receive cash assistance in the context of the COVID-19 pandemic by means of a digital ID. The operations, from registration to cash collection, were notably more efficient for organizations and people being assisted alike. Also, the digital ID solution was well-received by users, who obtained control over their data and were able to carry them in a digital wallet, which cannot be lost or destroyed like a physical document.  This made for a more dignified process in terms of the number, frequency, and length of interviews needed to enroll in various humanitarian programs. Another benefit was the level of authority gained by participants to decide what data to share with which organization or individual, and for how long.

“Zero-knowledge Proof” is being further tested in the second phase of DIGID, which aims to address the lack of official or recognized identity among displaced persons and host community members to access humanitarian assistance, such as continued health care, in the context of migration.

Consultations with stakeholders – members of affected communities, humanitarian actors, and government officials – were key to achieving a user-centric approach to designing and implementing a digital ID solution for humanitarian response. Stakeholders displayed a range of reactions, including overall acceptance but also concerns over data protection and privacy.  The latter were addressed through engagement and communication with end-users – operators, subscribers, and regulators. The comments collected during the consultations improved the reliability and efficiency of the pilot project for reliability and efficiency.

Upon registration, users retained ownership and control of their data. Some participants did not appear to care much about this feature as long as they could receive their assistance without going through a proxy or waiting for long queues to be identified by both the Kenya Red Cross Society and the financial service providers. KYC requirements were efficiently fulfilled and regulatory compliance was ensured using the functional digital ID. The digital ID was functional in nature to enable the delivery of humanitarian cash assistance while remaining acceptable to be used for humanitarian purposes in Kenya. 

However, since the project targeted people without any form of ID, some tended to confuse the functional digital ID to receive humanitarian assistance with a foundational, government-issued ID. On the other hand, some partners in the project expressed the hope that the integration of digital identification in their programming would enable them to achieve the complete digitization of their systems. Such aspirations underline the importance of precisely communicating the value proposition of digital ID to stakeholders. Each stakeholder had different expectations for what a digital ID would bring them, indicating that there are many opportunities such an ID could offer the humanitarian sector.

The DIGID technology was developed by a private company and ensured adaptability to contexts, scalability, interoperability, and decentralization. The technology functioned in lower-resource settings, where most humanitarian interventions take place, and met the needs of people with limited abilities in reading or using digital tools. The digital ID worked in environments with low connectivity and poor penetration of mobile phone devices, whether smartphones or feature phones. The flexibility and interoperability feature that the digital identity provided made it possible to replicate and adapt the solution to several other user cases, such as in the migration context. From January 2022, a second pilot project (DIGID 2) is testing digital credentials in the migration context for cash and voucher assistance with internally displaced people in Uganda and for continued health care with displaced persons and host community members in Kenya; the findings are expected for July 2022.

The DIGID 1 pilot in Kenya revealed that integrating digital identities in the humanitarian sector offers several opportunities to enhance operational, data protection and privacy, and user dignity. The benefits of digital ID may accrue further as more aid organizations adopt such solutions into their beneficiary management systems by taking advantage of interoperability between aid organizations and technology operators. Meaningful participation of stakeholders and continued advocacy efforts with regulatory bodies and humanitarian organizations are essential to ensuring adaptability to changing humanitarian needs.

The latest report on lessons learnt from Kenya is accessible here.

For more information visit https://hiplatform.org/digid.

A related webinar, Mobile for Identity Management & Inclusive ID4D - Part 3 of 4, is accessible here (from 1:44:00 to 2:12:00)


We Are Open co-op

What is Open Recognition, anyway?

Going beyond credentialing and the formal/informal divide Image CC BY-ND Bryan Mathers Members of WAO have spent over a decade working in an around digital credentials such as Open Badges. We’ve spent even longer in our work with learning communities of all types —both inside and outside of organisations and institutions. Over this time, we’ve become increasingly aware that there is a spectr
Going beyond credentialing and the formal/informal divide Image CC BY-ND Bryan Mathers

Members of WAO have spent over a decade working in an around digital credentials such as Open Badges. We’ve spent even longer in our work with learning communities of all types —both inside and outside of organisations and institutions.

Over this time, we’ve become increasingly aware that there is a spectrum of approaches when it comes to the use of badges. There are badges as credentials and badges for recognition. Badges as credentials includes approaches that are well understood and largely replace or augment existing certification practices. Badges for recognition, however, include approaches that remain somewhat confusing to many people.

As shown in the images in this post, recognition is something much wider and deeper than credentialing. Recognition is the reason why badges that will only ever be seen by the issuer and recipient can make as much sense as those that are proudly and publicly displayed. Recognition is the subtext that gives meaning to credentials.

Image CC BY-ND Bryan Mathers

While recognition may be easy to understand, it’s a concept that can be difficult to define. Recently, we’ve been working with Participate and the Open Skills Network specifically to address what we’ve been collectively calling ‘Open Recognition’. But what exactly is this? Are we all talking about the same thing, or is it an unhelpfully-ambiguous zeugma?

To help with our discussions around Open Recognition in the Keep Badges Weird community and beyond, we’ve come up with this working definition, based on the work of the Open Recognition Alliance and Open Recognition Principles for OSN:

Open Recognition is the awareness and appreciation of talents, skills and aspirations in ways that go beyond credentialing. This includes recognising the rights of individuals, communities, and territories to apply their own labels and definitions. Their frameworks may be emergent and/or implicit.

As with any definition, it’s a work in progress. However, it fits with our mantra of “good enough for now, safe enough to try” so we’ll be using it to help frame our upcoming discussions. One of these is the OSN Showcase on Open Recognition and Open Skills at which WAO member Doug Belshaw will be speaking as part of a panel session.

Please do join us, get involved in the KBW community, and provide feedback on our working definition of Open Recognition!

WAO’s members are 11-year advocates of badges. If we can help you with your badge project, get in touch!

What is Open Recognition, anyway? was originally published in We Are Open Co-op on Medium, where people are continuing the conversation by highlighting and responding to this story.


ResofWorld

15-second shopping: TikTok’s e-commerce ambitions are rising

As TikTok Shop expands across Southeast Asia, will users buy that it’s more than just entertainment?
High school graduates, Harry Potter, superheroes — Fredi Lugina Priadi can clothe a cat to look like almost anything. Fredi became a social media phenomenon in 2020, with his clips...

Digital Identity NZ

Aotearoa’s digital identity journey that leaves no-one behind

DINZ wasted no time in taking advantage of orange settings to bring our members together in both Wellington and Auckland in the past fortnight. A big shout-out to our sponsor hosts - SSS in Wellington and MinterEllisonRudd Watts in Auckland. The post Aotearoa’s digital identity journey that leaves no-one behind appeared first on Digital Identity New Zealand.

Isn’t it terrific to meet people in person again! DINZ wasted no time in taking advantage of orange settings to bring our members together in both Wellington and Auckland in the past fortnight. A big shout-out to our sponsor hosts – SSS in Wellington and MinterEllisonRudd Watts in Auckland. Both events were well attended and operated a similar cadence with the hosts’ welcome, the earliest registered start-up SME briefly commenting on an industry topic dear to them, followed by social mixing over drinks. Our next members’ Connect event will be in Wellington, following the Digital Trust Hui Taumata to reflect on the perspectives and discussions voiced there.  

Orange settings also allowed DINZ to undertake its live Techweek TV ‘fireside’ session physically at AUT, following the Minister’s address last Monday morning. I facilitated a chat with Co-Chairs  PaymentsNZ’s Angela Gill and Datacom’s Ben Dakers about their aspirations for DINZ’s most recent initiative – the Inclusive and Ethical Uses of Digital Identity working group. Didn’t they do well! If you missed it live, it will be available on demand here in due course. 

IEUDI, together with DINZ’s Te Kāhui Te Tiriti O DINZ and Digital Identity Services Trust Framework (DISTF) work groups, detail the scope of DINZ’s mahi this year and into 2023 in pursuit of its mission – to create a digital identity ecosystem that enhances privacy, trust and improves access for all people in New Zealand. You can see more detail on how to contribute to these working groups here on the website

The DISTF WG met last week also, to discuss the Select Committee’s report following the submissions, containing its recommended changes to the Bill prior to its Second Reading. 

There were over 4500 submissions but as the Select Committee commented, misinformation regarding a link to vaccinations, centralised state control of identity and digitisation more generally may have played a significant role in many of those. Misinformation or otherwise, the fact remains that both Government and industry need to do better in taking all people of Aotearoa on this journey. DINZ has begun to address this challenge through its three Working Groups with different but nonetheless related scopes. All three are chartered to advance improved trust and confidence in the development of the digital identity ecosystem and the digital economy more generally.    With your financial support and volunteered time we can progress this important mahi for the betterment of all Aotearoa.

The post Aotearoa’s digital identity journey that leaves no-one behind appeared first on Digital Identity New Zealand.


ResofWorld

The Indian brokerage that wants to disengage users

Brokerages in the West, led by Robinhood, have gamified investments to increase their users. An Indian brokerage has been actively looking at ways to disengage users.
In 2021, 10 million new electronic trading accounts were opened as millions of young Indians started investing in stock markets. To attract these first-time investors, local trading apps such as...

Tuesday, 17. May 2022

The Engine Room

Join our team! We’re looking for a Research and Engagement Assistant

We are looking for a Research and Engagement Assistant to join our team. Our ideal candidate is committed to our mission and is passionate about or interested to learn about the work we do. We are looking for someone who has a demonstrated interest in the use of tech and data within civil society and who enjoys learning about new topics.  The post Join our team! We’re looking for a Research

Technology is changing a lot about how our world works, including the ways in which civil society can hold power to account, build collaborations and mobilise data to push for social justice. At The Engine Room, we work with civil society partners – from big humanitarian organisations to small activist collectives – to build their technical intuition and support them in making better judgments about the role tech and data can play in their work. 

To support this work, we are looking for a Research and Engagement Assistant to join our team.

About the role

The Research and Engagement Assistant will work closely with the Research and Engagement Teams to support The Engine Room’s capacity to successfully implement and complete projects. They will support research processes, contribute to our external communications channels, and coordinate project documentation and teams. 

Our ideal candidate is committed to our mission and is passionate about or interested to learn about the work we do. We are looking for someone who has a demonstrated interest in the use of tech and data within civil society and who enjoys learning about new topics. 

They are a clear and proactive communicator, who has experience with some combination of: writing, research and external communications (like newsletters and social media). We don’t expect them to know how to do everything on day one, but the ideal candidate will be excited to learn different aspects of the role. We’re looking for someone with the ability to balance multiple projects, tasks or responsibilities. They also have an understanding of the tech and society ecosystem and the ability to analyse, synthesise, and identify trends in this sector. 

Read the job description in full to learn more.

Why work with us?

We put a lot of effort into creating a healthy, remote organisation, and we believe that caring about our team’s wellbeing is a political act. Our team members are curious, open and supportive of each other. We are critical optimists about the role technology and data can have in the push for social justice. At The Engine Room, we consider diversity to be a competency. We actively seek new perspectives, experiences and voices in our team and in our work. Our organisation prioritises empathy, respect, flexibility, fun and a healthy work-life balance.  

How to apply

Applications must be received via the Breezy platform (linked below!); submissions received via email will not be considered. In the interest of equity and efficiency, we ask people to look at our  Jobs page as well as our Job Application Process FAQs if they have questions, would like an overview of our recruitment process, or need information on what it is like to work at The Engine Room.

The deadline for applications for this position is Sunday, May 29, 2022, midnight Eastern Time. You can expect to hear from us about the status of your application within 3 weeks after the applications submission deadline. 

Apply here by May 29 The post Join our team! We’re looking for a Research and Engagement Assistant first appeared on The Engine Room.

ResofWorld

Why Africa has the most lucrative opportunity for fintech, DeFi, and Web3

Barbara Iyayi of Unicorn Growth Capital is looking to back fintech startups who can build Africa's Web3 infrastructure
Barbara Iyayi founded Unicorn Growth Capital in 2020 as a women-led VC fund that invests in the future of fintech and bridges traditional finance (TradFi) and decentralized finance (DeFi). The...

MyData

MyData Global adopts an updated logo and visual identity

The MyData movement is stronger than ever. An expanding and connected global membership is changing the game for the personal data economy by promoting the human-centric principles for personal data management and sharing. As MyData Global pushes new boundaries, it is adopting an updated visual identity that reflects its diversity and forward-looking agenda.
The MyData movement is stronger than ever. An expanding and connected global membership is changing the game for the personal data economy by promoting the human-centric principles for personal data management and sharing. As MyData Global pushes new boundaries, it is adopting an updated visual identity that reflects its diversity and forward-looking agenda.

ResofWorld

Why Chinese sellers are quitting Amazon

Amazon once helped China’s exporters reach a huge and lucrative audience. Now, they urgently need to wean themselves off.
You might have seen the headlines over the past year: Chinese sellers are leaving Amazon. Since early 2021, the e-commerce giant says it has banned 3,000 Chinese accounts for using...

Who will be Pakistan’s first unicorn?

Pakistani startups are having a dazzling run, and the country might get its first billion-dollar venture soon.
The Pakistani tech startup industry witnessed many highs in the last couple of years — record-breaking funding rounds, debuts by marquee global investors, and the emergence of founder “mafias,” among...

We Are Open co-op

Some surprising things I learned during nine months of interning with We Are Open Co-op

CC BY-SA Anne Hilliger We are now two full weeks into May, quite a lot of things have changed around here and I didn’t have time to write about them yet. But sometimes all the things happen at once and as I’ve had covid, I could’t work much. Instead stared at the walls of my room and hoped the symptoms would end soon. I am feeling much better now and have charged my batteries for the new thing
CC BY-SA Anne Hilliger

We are now two full weeks into May, quite a lot of things have changed around here and I didn’t have time to write about them yet. But sometimes all the things happen at once and as I’ve had covid, I could’t work much. Instead stared at the walls of my room and hoped the symptoms would end soon. I am feeling much better now and have charged my batteries for the new things ahead because <drum roll> since the end of April my internship at WAO is officially over! But we’ve all enjoyed working together so much that we just couldn’t stop doing it and I am now a collaborator with We Are Open 🙌

I’ve made the decision to postpone some courses at university as well as my thesis which will give me the opportunity to continue working on projects with WAO, which makes me super happy. There is so much cool stuff happening and it would’ve been very sad to stop just because the internship is over.

And I thought it is always a good idea to recap things before starting new ones, so let’s do this now.

What was it like to be an intern at We Are Open?

I started working with WAO last year in August and since then have been involved in great projects. I’ve learned so much about myself, the way I want to work and the world of working openly. One big lesson was to understand that I can trust my own instincts and that the stuff I do and think about matters. This might sound a bit pathetic but I’ve never been in a working environment where collaborative working has been recognising and inspiring.Usually I’ve worked on my own, showed it to someone and got told that the stuff wasn’t good. Also in university you usually just submit your work, receive a grade and never get any feedback about what was especially good or what needs improvement. How are you supposed to feel self-efficacy if you never get any good feedback? Long story short, working with WAO has changed this a lot and I now feel confident (most of the time) about my work and the things I am creating.

In the first month I was mostly a fly on the wall. Laura and Doug were finishing off one of a number of Catalyst projects that they’d been involved with during the pandemic. I joined them on the last few support calls with some of the charities they were helping. In addition to being a fly on the wall I fell down multiple rabbit holes while onboarding to catch up on all the things that WAO is working on, advocating for and talking about. I listened to episodes of the Tao of WAO podcast, read the WAO Wiki and got familiar with their way of working.

By the end of August I got more and more involved in the current projects and we developed a way of co-working that I thought was great. Each day of the week was kind of dedicated to one of the projects, we met in the morning over zoom to discuss the to-do list, everybody got a task to work on individually and then we reported back after a while. If you are working mostly home alone in front of your computer this is a great way to work together, get a lot of things done in a short time and also stay sane. This was one of the ways that my internship acted as a way for WAO members to reflect on, and improve, their working practices.

Introducing some of the projects I was involved in

A great project but also a challenging one has been the Web Strategy implementation project for Greenpeace International. We tried to wrap our head around strategies to communicate with certain audiences, how to develop resources that help them create stories and communicate with intention. We had a look at the very complex information landscape that is the Greenpeace global network and tried to make sense of it. We organised workshops and community calls for the Greenpeace Comms Team. Sometimes I felt I wasn’t accomplishing anything in this project because I just kept falling into research and didn’t get any “work” done. But in the end we came up with awesome ideas and it worked out pretty well.

One of my favourite projects is the Keep Badges Weird community and working with Participate. I learned what a Community of Practice is, how to create one and what tools and methods you can use to sustain one. I was involved in my first community calls, did some community work like facilitation, posting things inside the community or on social media and learned a lot about Open Badges which members of WAO have been involved with for over a decade. I like to work on things that give me the feeling that the work matters. With Keep Badges Weird I get this feeling because there are so many people involved from all around the world, it is about changing things and it has the vision to create a better future. And it went from joking around with the client to having super meta and philosophical discussion around taxonomies.

CC BY-ND Bryan Mathers

From the beginning of the internship I got hooked on Open Badges and regularly fell into rabbit holes trying to understand all the things around them. I decided that they will be part of my bachelor thesis next year and I am currently writing my first email course about feminist pedagogy that also uses badges to recognise the participants.

Speaking of the course I am currently writing, it reminds me of another project that I enjoyed working on so much and really made me want to put all my energy into it. The “Learn with WAO” platform. The opportunity to redesign and rethink this platform was so much fun, and I learned how to take over responsibility and manage my own projects. I am very thankful that WAO trusted me with this and supported the steps I took because now there is something that I’ve created that I am very proud of!

Open Badges and recognition during the internship

Before I began my internship, Laura and the other members of WAO created an outline for the whole internship programme, including Badges that I could earn and milestones that I can achieve every month.

CC BY-ND Laura Hilliger

In the end we didn’t stick completely to that plan but it was still a great way to keep a common theme and figure out what my next steps will be. We also realised that not all of the Badges in that document were necessary for me and we combined them or thought of new ones that serve my portfolio for university and also maybe future employment or other places where I want to reference certain skills. Laura reflected on this and wrote a wonderful blogpost about the benefits of co-creating badges.

In the image below you can see an overview of the Badges I earned but you can also visit my Badgr Collection if you are interested in the reading the criteria and descriptions of them.

Big thank you to all the WAO members

As I said before but will say again and again: I am very happy that I can continue working with We Are Open because I feel so comfortable working with them. We found a great flow of working together and it is great we all had the capacities to keep doing it.

I am thankful for this great mentorship I received from every single member and hope it will go on because I am certainly not done learning. I enjoyed the very different conversations I had with them and every single one has influenced me in their own way. I am looking forward to all the things that we will work on together AND also looking forward to maybe meeting some of the members in real life soon at the Badge Summit in Colorado!

Some surprising things I learned during nine months of interning with We Are Open Co-op was originally published in We Are Open Co-op on Medium, where people are continuing the conversation by highlighting and responding to this story.

Monday, 16. May 2022

EdgeSecure

Edge Welcomes Dr. Mark Meara as Vice President of Technical Operations and Chief Information Officer

The post Edge Welcomes Dr. Mark Meara as Vice President of Technical Operations and Chief Information Officer appeared first on NJEdge Inc.

NEWARK, NJ, May 16, 2022 –Edge, the region’s nonprofit research and education network and technology partner, is pleased to announce the addition of Mark Meara, Ed.D., to their organization as the new Vice President of Technical Operations and Chief Information Officer. Dr. Meara joins Edge with over 15 years of experience as the CIO at Rowan College at Burlington County and a professional career that spans four decades.

“With a diverse career in IT consulting and leadership in higher education, I feel the opportunity with Edge is a perfect fit,” explained Meara. “I’m able to bring a unique combination of consulting and higher education experience to the role and aid in Edge’s mission to inspire personal, professional, organizational, and social growth and development with technology transformation in the digital era.”

When pursuing his doctorate degree in education at Wilmington University, Dr. Meara’s dissertation focused on critical success factors for business process management in New Jersey Community Colleges and he has been able to apply this knowledge and experience throughout his career. “I believe the transformation needed within the higher education industry involves learning, growing, and transforming into being more efficient and effective business operations,” shared Meara. ”Edge is the ideal preferred partner for education institutions and other member institutions because it enables organizations to be small at their core and large at their network; creating a greater presence and operation while keeping costs low.”

“Even prior to the pandemic, the landscape in higher education was starting to change significantly,” said Meara. “Those in the role of CIO need to drive transformation starting with the institution’s business process improvements and modernization, and into the strategy and innovation of the entire organization. You must be the change agent for not only your own institution, but for the entire education sector.”

As the education sector continues to evolve, institutions will need to find the technology capabilities necessary to support the rapidly changing landscape of higher education. “Edge is dedicated to the education community and helping member institutions stay viable and successful during these evolving times,” says Samuel Conn, Ph.D., President & Chief Executive Officer, Edge. “There is so much potential and change on the horizon and this is certainly going to be an exciting time. We are thrilled to have Mark join our leadership team to help member organizations achieve digital transformation initiatives and develop successful information technology strategies in an ever-changing world.”

“In my new role at Edge, I’m looking forward to embracing these changes and leveraging my experience to be a value partner to all Edge members and helping them succeed in their digital transformation,” says Meara. “I’m eager to step back into a consultative role and help tackle a diverse set of challenges, goals, and requirements, and help us all move into this digitally-driven era together.”

The post Edge Welcomes Dr. Mark Meara as Vice President of Technical Operations and Chief Information Officer appeared first on NJEdge Inc.


Nyheder fra WAYF

Kom til WAYF-erfamøde om NemLog-in og MitID!

Torsdag den 23. juni 2022 kl. 10-12 og evt. fortsat fra kl. 13 holder WAYF sit 14. erfamøde, på Zoom. Fokus vil være på overgangen til det nye NemLog-in og MitID. Link til møderum offentliggøres her på sitet forud for mødet. Language Danish Read more about Kom til WAYF-erfamøde om NemLog-in og MitID!

Torsdag den 23. juni 2022 kl. 10-12 og evt. fortsat fra kl. 13 holder WAYF sit 14. erfamøde, på Zoom. Fokus vil være på overgangen til det nye NemLog-in og MitID. Link til møderum offentliggøres her på sitet forud for mødet.

Language Danish Read more about Kom til WAYF-erfamøde om NemLog-in og MitID!

ResofWorld

In China, fleeting “cyber protests” leave behind fragile memories

“Our anger rose like a massive wave. Then it just disappeared into the ocean.”
From her bed in Shanghai, Paloma joined an online protest against the strict Covid-19 lockdowns in her city by sharing a video on the dominant messaging app WeChat. The video,...

Ola e-scooters have buyers hurting — physically and emotionally

Delays, dangerous scooters, and bad customer service are pushing former fans to light scooters on fire and protest against the much-vaunted company.
Until March, Raj, a Bengaluru-based tech worker, was a superfan of Ola, the SoftBank-backed mobility startup that manufactures e-scooters targeted at millennials. Now, he vows never to lay hands on...

Saturday, 14. May 2022

Me2B Alliance

We Applaud the Confirmation of New FTC Commissioner, Alvaro Bedoya

The Me2B Alliance is thrilled to see a Privacy Expert and Advocate assume the role of FTC Commissioner. Bedoya is well known for his work in facial recognition technology and privacy as a civil right, openly criticizing government agencies and big tech on their use of consumer data.

The Me2B Alliance is thrilled to see a Privacy Expert and Advocate assume the role of FTC Commissioner. Bedoya is well known for his work in facial recognition technology and privacy as a civil right, openly criticizing government agencies and big tech on their use of consumer data.  

Bedoya’s research has shined a light on digital surveillance and its impact on people of color, immigrants, and the working class. He founded the Center on Privacy & Technology at Georgetown Law to focus on the importance of consumer privacy rights. 

Bedoya also served as chief counsel to the Senate Judiciary Subcommittee on Privacy, Technology and the Law, where he focused on privacy issues dealing with biometrics and geolocation. 

Bedoya was nominated to serve as the FTC Commissioner in September of 2021. His confirmation process was stalled by Republican opposition since Bedoya would give Democrats the majority in the FTC. On May 11, 2022, the Senate finally voted on Bedoya’s confirmation, and it resulted in a 50-50 vote. Vice President Harris broke the tie vote in favor of confirming Bedoya for FTC Commissioner (51-50). 

Bedoya will replace Rohit Chopra and serve as the third democratic commissioner on the Federal Trade Commission (FTC). 

Me2BA is eager to see what privacy and tech issues the FTC will focus on in the future, and we look forward to being of service to the FTC in any way can. We will be on the lookout and keep you posted. 

Friday, 13. May 2022

Centre Consortium

Lessons Learned from Terra

 

 


Commercio

Confidustria Veneto hosted Commercio.Network S.p.A during the workshop: Artificial Intelligence and Blockchain

May 11/2022 When we talk about blockchain and artificial intelligence, we are dealing with two technological topics that are still on the edge, which are widely discussed but about which the exact limits have not yet been determined.However, these are two so-called ‘disruptive’ technologies, which are likely to have a significant influence on economic and social systems globally and will […] L'a
May 11/2022

When we talk about blockchain and artificial intelligence, we are dealing with two technological topics that are still on the edge, which are widely discussed but about which the exact limits have not yet been determined.However, these are two so-called ‘disruptive’ technologies, which are likely to have a significant influence on economic and social systems globally and will be so important that they will impact business models in general.The levels of knowledge and application of these technologies by those working in manufacturing and service enterprises is still low, and not only among female employees.The goal of the Workshop is to divulge the two technologies while presenting application experiences aimed at both companies and freelancers.

 

If you are interested in the topic join the free webinar available anytime: bit.ly/blockchainlinkedin

L'articolo Confidustria Veneto hosted Commercio.Network S.p.A during the workshop: Artificial Intelligence and Blockchain sembra essere il primo su commercio.network.


MyData

What does it take to develop human-centric solutions for the built environment?

Our cities’ built environment is becoming more data-driven and digital. Analysing people’s digital footprints can provide valuable insights for building better cities and improving public and private services used daily. Is this potential recognised and exploited in the currently deployed solutions, and what does it take to create a sustainable service or product that can […]
Our cities’ built environment is becoming more data-driven and digital. Analysing people’s digital footprints can provide valuable insights for building better cities and improving public and private services used daily. Is this potential recognised and exploited in the currently deployed solutions, and what does it take to create a sustainable service or product that can […]

Thursday, 12. May 2022

Oasis Open

Invitation to comment on Secure QR Code Authentication v1.0

This document describes the use of QR Codes and a mobile phone as a replacement for a username and password in user login authentication. The post Invitation to comment on Secure QR Code Authentication v1.0 appeared first on OASIS Open.

First public review for this draft specification ends June 10th

OASIS and the OASIS Electronic Secure Authentication (ESAT) TC are pleased to announce that Secure QR Code Authentication Version 1.0 is now available for public review and comment. This is the first public review for this draft specification.

Specification Overview

This document describes the use of QR Codes and a mobile phone as a replacement for a username and password in user login authentication. An alternative to passwords that includes QR Codes is described, and typical use cases are described. This document also provides an overview and context for using QR Codes for security purposes.

In addition, this document specifies a “Secure QR Code Authentication Protocol” (SQRAP) and assesses the related security threats and risks.

The documents and related files are available here:

Secure QR Code Authentication Version 1.0
Committee Specification Draft 01
25 April 2022

Editable source (Authoritative):
https://docs.oasis-open.org/esat/sqrap/v1.0/csd01/sqrap-v1.0-csd01.docx
HTML:
https://docs.oasis-open.org/esat/sqrap/v1.0/csd01/sqrap-v1.0-csd01.html
PDF:
https://docs.oasis-open.org/esat/sqrap/v1.0/csd01/sqrap-v1.0-csd01.pdf

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/esat/sqrap/v1.0/csd01/sqrap-v1.0-csd01.zip

A public review metadata record documenting this and any previous public reviews is available at:
https://docs.oasis-open.org/esat/sqrap/v1.0/csd01/sqrap-v1.0-csd01-public-review-metadata.html

How to Provide Feedback

OASIS and the OASIS Electronic Secure Authentication (ESAT) TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

The public review starts 12 May 2022 at 00:00 UTC and ends 10 June 2022 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=esat).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:

https://lists.oasis-open.org/archives/esat-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the esat TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/esat/

Additional references

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://www.oasis-open.org/committees/esat/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#RF-on-Limited-Mode
RF on Limited Terms Mode

The post Invitation to comment on Secure QR Code Authentication v1.0 appeared first on OASIS Open.


ResofWorld

Japan once led global tech innovation. How did it fall so behind?

For decades, the country's tech triumphs have disguised its seized-up digital systems.
When I first moved to Japan in the late 1990s, Japan’s technological achievements were envied. In 2001, at a book launch in New York, I recorded a video of fellow...

OpenID

OpenID Foundation Publishes “OpenID for Verifiable Credentials” Whitepaper

The OpenID Foundation is pleased to share its new whitepaper, “OpenID for Verifiable Credentials”. The goal of this whitepaper is to inform and educate the readers about the work on the OpenID for Verifiable Credentials (OpenID4VC) specifications family. It addresses use-cases referred to as Self-Sovereign Identity, Decentralized Identity, or User-Centric Identity. The work is being […] The post

The OpenID Foundation is pleased to share its new whitepaper, “OpenID for Verifiable Credentials”. The goal of this whitepaper is to inform and educate the readers about the work on the OpenID for Verifiable Credentials (OpenID4VC) specifications family. It addresses use-cases referred to as Self-Sovereign Identity, Decentralized Identity, or User-Centric Identity.

The work is being conducted in the OpenID Foundation, in liaison with the Decentralized Identity Foundation (DIF) and with working groups in International Organization for Standardization (ISO), namely ISO/IEC JTC 1/SC 17 Cards and security devices for personal identification. This has enabled working towards aligning ISO-compliant mobile driving licences with W3C verifiable credentials data model, which has been one area of particular interest for the ecosystem.

The whitepaper targets private and public sector decision-makers, architects and implementers interested in the concepts, use-cases and architecture where the End-User directly receives credentials from the Issuer and directly presents them to the Verifier using verifiable credentials. It is important to note that verifiable credentials are not only limited to credentials expressed using W3C Verifiable Credentials Data Model, but also identity credentials expressed using other data models.

We wish to thank all the contributors that reviewed and provided feedback, notably the contributors to the OpenID for Verifiable Credentials, which is part of the OpenID Connect Working Group.

The whitepaper can be downloaded here. As this paper is an “Editors Draft, we encourage you to share it and welcome feedback directed to director@oidf.org so that the lead editors can evolve the paper based on community feedback.

To learn more about the OpenID Connect Working Group and the OpenID for Verifiable Credentials, including how to get involved and contribute, please visit: https://openid.net/wg/connect/.

The post OpenID Foundation Publishes “OpenID for Verifiable Credentials” Whitepaper first appeared on OpenID.

Elastos Foundation

ELA Buyback Program To Support DPoS 2.0 Monthly Update – April

...

Blockchain Commons

Announcing the Silicon Salon

What if semiconductor manufacturers made chips especially intended for crypto-wallets? That’s the topic of Blockchain Commons’ first Silicon Salon, which will feature two different chip manufacturers who are expanding into the crypto industry. The first is CrossBar, a leader in Resistive RAM (ReRAM) technology, which can implement high-performance physical unclonable functions (PUFs). Together, ReR

What if semiconductor manufacturers made chips especially intended for crypto-wallets? That’s the topic of Blockchain Commons’ first Silicon Salon, which will feature two different chip manufacturers who are expanding into the crypto industry. The first is CrossBar, a leader in Resistive RAM (ReRAM) technology, which can implement high-performance physical unclonable functions (PUFs). Together, ReRAM memory and PUF solutions enable a new class of secure computing and storage with physical countermeasures — and CrossBar is interested in bringing that to digital-asset management. The second is Tropic Square, whose tropic01 secure element offers a fully transparent and auditable chip as a basis for better hardware security. They use transparency as a driver for innovation.

Because Blockchain Commons is dedicated to bringing together a community of developers and manufacturers to jointly develop specifications that will empower the entire industry, we’ve seized upon our work with these two companies to produce our first salon since the pandemic: a virtual Silicon Salon, where semiconductor manufacturers, crypto-wallet makers, and other interested parties can come together to talk about the next generation of semiconductors, which for the first time ever will be specialized for our cryptographic needs.

The Silicon Salon is scheduled for June 1st, running three hours beginning at 9am PT (noon ET, 6pm CET). Signups for the Salon are now available on Eventbrite, with tickets limited to the first 40 participants.

The first hour of the Salon will feature presentations from silicon manufacturers, crypto-wallet makers, and experts in the field about how semiconductor design can support cryptographic functionality. Companies CrossBar, Tropic Square, and Proxy and experts Bryan Bishop and Christopher Allen are all scheduled to talk.

The other two hours of the Salon will feature facilitated discussion of topics intended to determine the needs of the hardware-wallet community. Specific topics may include: the importance of MCU and secure enclave integration; the importance of secure and persistent storage; the need for physical countermeasures; the advantages of hardware and software cryptography; the use of open licenses for hardware; and discussions of how new semiconductor designs intended for cryptography can improve security and efficiency. We don’t have all the answers: one of the most important goals of the salon is to find out the needs and thoughts of the community!

We hope you’ll join us to learn a bit about what’s already going on and to share your ideas, requirements, and expertise!

We are limiting the number of attendees to allow for Q&A from the community, thus we are charging US$25 to hold a space at this unique virtual event. So sign up soon! If you are already a Patron or a monthly sponsor on Github of Blockchain Commons, please check your email: we will be sending you a free invite code automatically. If you don’t receive it, contact us directly.

Wednesday, 11. May 2022

Me2B Alliance

What the Heck is a Data Broker? John Oliver Breaks it Down

We hear about data brokers, but who are they and why should I care? They’re pervasive, collect thousands of data points about us on an ongoing basis, and aren’t properly governed. John Oliver breaks it down beautifully in his recent piece.

We frequently get asked questions about data brokers. We believe a meaningful discussion about them requires detail and nuance, in order to accurately explain the power and control these types of organizations can have over the public, especially for higher-risk communities.  

It’s complicated

Data brokers create real privacy threats by systematically assembling thousands of data points for each and every man, woman, and child on the planet—or at least ones that use digital technology. There are hundreds of data brokers globally, most of whom you’ve never heard of. All of them need far greater scrutiny. However, we cannot let the scale of the problem distract from reforming these companies through new laws, better enforcement of existing laws, and/or changes made by large ad tech companies at the “top of the user data supply chain.” 

We also don’t want to make data brokers out to be boogeymen. But the truth about the risks of data brokers is oftentimes scary, despite simultaneously being quite technical and unexciting to the untrained eye. To understand the harmful effects of data brokers, one must focus on their buying and selling of IP address/network data, which is exposed to websites and apps, and all the vendors who collect data within them.  

John Oliver Explains the Harms

Any discussion about data brokers almost immediately veers into technical concepts and complex hidden partnership data flows and metadata fields that are hard to visualize if you don’t have a technical background.  Fortunately, HBO’s John Oliver recently dedicated over 25 minutes of his show to a segment on data brokers. It’s a must-watch (and share!) piece of television for everyone who wants their friends and family to better understand data brokers and the risks they create for the public.  

You can watch the 25 minute clip on YouTube (plus an ironic reminder that, YouTube is owned by Google, the owner of the largest global advertising network), here https://www.youtube.com/watch?v=wqn3gR1WTcA

We Continue to Dive Deeply into Data Brokers 

Over the coming months, we plan to dig deeper into data brokers and the ways that user data is shared in unexpected and risky ways. If you’ve got any specific questions you are hoping to have answered, please reach out to us at contact@me2ba.org 

Learn More

If you’re looking to do some of your own research into data brokers, the California Data Broker Registry (https://oag.ca.gov/data-brokers ), and the Vermont Data Broker registry (https://bizfilings.vermont.gov/online/DatabrokerInquire/ ), include the names of registered data brokers and their website, along with additional details about how they operate. If you find anything interesting, we’d love to have you drop us a line with details! 


ResofWorld

RoW100: Global Tech’s Changemakers

Rest of World identified 100 people outside Silicon Valley and the West whose efforts directly impact countries where the majority of the world’s population lives.
While the tech world’s attention is often drawn to Silicon Valley, where the last generation’s unicorns still dominate the discussion, the most exciting innovation and disruption in tech is happening...

Why founders are the lifeblood of global tech ecosystems

The founders on Rest of World’s inaugural list of global tech’s changemakers share common traits of resilience, grit and adaptability in the face of political and economic uncertainties.
It’s been exhilarating to have spent the last few months with my colleagues across several different time zones poring over details about the nominees for RoW100, our our inaugural list...

EdgeSecure

TeCHS: Accelerating Public Sector Technology Outcomes & Procurement

The post TeCHS: Accelerating Public Sector Technology Outcomes & Procurement appeared first on NJEdge Inc.

Tuesday, 10. May 2022

Centre Consortium

Centre's Response to FinCEN RFI

 

 


EdgeSecure

TeCHS: Accelerating Public Sector Technology Outcomes & Procurement

The post TeCHS: Accelerating Public Sector Technology Outcomes & Procurement appeared first on NJEdge Inc.

Webinar
Technology’s role in the success of public sector organizations has never been more essential. To help our community keep pace with technological change and more readily access solutions that will drive organizational success, we created EdgeMarket and the TeCHS contract to provide safe, simple, smart options for accelerated technology procurement.

Join this session to learn more about:

The EdgeMarket & TeCHS mission to provide access to a broad array of 1000s of technology vendors, products, solutions, and services The TeCHS partnership with SHI, which provides deep expertise and a consultative approach to achieve your goals through technology How Rutgers University is using the TeCHS contract to streamline and unify technology procurement across the institution, featuring guest speaker Sue Ryan, Strategic Sourcing Manager, Information Technology Services How other public sector organizations are already using TeCHS to accelerate the procurement of the right technology solutions at the right time Complete the Form Below to Access Webinar Recording [contact-form-7]

The post TeCHS: Accelerating Public Sector Technology Outcomes & Procurement appeared first on NJEdge Inc.


Oasis Open

GS1, Intel, MonetaGo, and Pinary Join OriginBX Sponsors to Define Product Data Standards for Global Tax, Trade and ESG Compliance

10 May 2022 — OASIS Open, the international open source and standards consortium, announced today that GS1, Intel, MonetaGo, and Pinary are the newest sponsors of OriginBX, an international movement to advance open source detail product component level data standards for facilitating digital tax, trade, and ESG attestations. Launched in June 2021, the OriginBX community […] The post GS1, Intel,

10 May 2022 — OASIS Open, the international open source and standards consortium, announced today that GS1, Intel, MonetaGo, and Pinary are the newest sponsors of OriginBX, an international movement to advance open source detail product component level data standards for facilitating digital tax, trade, and ESG attestations.

Launched in June 2021, the OriginBX community has a shared vision to reduce the inefficiency and cost incurred by manufacturers needing to comply with a growing list of complex tax, trade and ESG disclosure requirements.  Such claims range from forced labor and conflict minerals, to country of origin and preferential trade programs.  Among other costs of compliance benefits to producers and supply chain partners, the OriginBX standards aim to increase the utilization of free trade agreements to boost GDP of developing countries.  The new sponsors join Accenture, Amazon, CompTIA, IBM, the International Chamber of Commerce, Inveniam, KYG.Trade, Origin Experts Group, Skuchain, Thomson Reuters, and UPS in providing strategic vision, governance, technical guidance, and financial support for OriginBX’s work.

“We’re pleased that GS1, Intel, MonetaGo, and Pinary have joined the OriginBX community, alongside a growing list of leaders supporting this international alliance,” said Todd R. Smith of KYG.Trade, co-chair of the OriginBX Project Governing Board (PGB). “The more private enterprises and global policy setting organizations join OriginBX, the more collaboration and momentum there will be towards adopting digital ‘component-level’ product attribute standards.”

“It is inspirational to see OASIS enlisting the global community to create open source interoperable standards  for international product tax, trade and ESG compliance. It is a worthwhile initiative for which I am grateful to be appointed co-chair,” said Oswald Kuyler of MonetaGo, co-chair of the OriginBX PGB. “At MonetaGo, we advocate standards-based enablement for trade solutions – our Secure Financing system for trade finance deduplication exemplifies the power of standards to achieve scale and interoperability worldwide.”


Support for OriginBX

GS1

“GS1 is a neutral and not-for-profit standards organization developing open and interoperable global data standards. The objectives of GS1 and OASIS are well aligned, and we are proud to be involved as a project governing board member of OriginBX. We look forward to working with the participants of OriginBX on improving the ecosystem for identification, attestation and data sharing that will support cross-border trade facilitation going into the future.”

– Robert Beideman, Chief Product Officer, GS1

Intel  

“Reducing the digital divide between countries remains a top priority, previously thought beyond our reach. The standardization of trade data in digital global tax and trade attestations (“GTTAs”) innovations provides the backbone to strategies related to private/public data centrism within a trade context for an innovative, connected, and data-centric world. Partnering with OriginBX members, a like-minded coalition of tax and trade compliance experts and visionaries, is an honor as we collectively work to advance the potential of digital GTTA and blockchain technologies to achieve each trading partner’s economic and competitive goals.”

–Michelle Stout, Senior Director, Intel


About OriginBX

OriginBX supports trade specific digital product data open standards, SDKs, and APIs. In particular, by reducing complexity and the cost of complying with global tax, trade and ESG regulations. We work closely with global non-profit initiatives and alliances to promote the WTO trade facilitation agreement and the UN’s sustainable development goals. OriginBX is governed and supported as an OASIS Open Project.

www.originbx-oasis.org


Media inquiries:
communications@oasis-open.org

The post GS1, Intel, MonetaGo, and Pinary Join OriginBX Sponsors to Define Product Data Standards for Global Tax, Trade and ESG Compliance appeared first on OASIS Open.


We Are Open co-op

Towards a maturity model for online, networked communities (v0.1)

Adapting and applying existing work to combine the best elements of each WAO is doing some really interesting work with Participate at the moment. As you can read in our previous posts about the emerging Keep Badges Weird community, we’re doing some emergent community building and catalysing the community towards sustainability. As part of that work, we thinking about the maturity not only
Adapting and applying existing work to combine the best elements of each

WAO is doing some really interesting work with Participate at the moment. As you can read in our previous posts about the emerging Keep Badges Weird community, we’re doing some emergent community building and catalysing the community towards sustainability.

As part of that work, we thinking about the maturity not only of the KBW community, but of online, networked communities in general. We have over a decade of experience in this area, and are thankful for the work and inspiration of collaborators past and present. In addition, we are grateful for Emily Webber’s Community of Practice Maturity Model, and the book Get Together by Bailey Richardson, Kevin Huynh & Kai Elmer Sotto.

CC BY-NC We Are Open Co-op

The above image consists of the phases identified in the book Get Together combined with Emily Webber’s graph of ‘Energy and visibility’ (Y axis) vs ‘Phases’ (X axis). We like the three-part approach focused as it meshes with our experience and provides a nice visual metaphor for the type of activities involved (‘sparking the flame’, ‘stoking the fire’, and ‘passing the torch’).

We’re currently in the second phase with the KBW community, and so thinking carefully about how to engage community members without overwhelming them. As a result, we’ve gone into more detail as represented in the graphic below. The text for this is also reproduced at the bottom of this post for those who might have difficult reading it.

CC BY-NC We Are Open Co-op

The three sub-categories under each heading (e.g. ‘Pinpoint your people’) are taken from the Get Together book, while the bullet points are a combination of Emily Webber’s work and our own. In particular, the results of some community canvas work we’ve done previously.

We noticed that many Community of Practice models assume much more of an existing shared context than we’re often used to in Open Source communities. For example, some models imply that community members all work for the same organisation. Our starting point is that while online, networked Communities of Practice form around shared interests, it is unlikely that they all work in the same organisation, or even sector.

WAO has labelled this as version 0.1 of our thinking on the subject. The maturity model itself is likely to be more mature than some of our completely original thinking on the subject, because of the expertise upon which we’re drawing. We actively encourage feedback, in the comments section below, by joining the KBW community, or by emailing us: communities@weareopen.coop

If you’re looking for help wany phase of Communities of Practice for online networked communities, please get in touch! We’ll probably be able to help and, if we can’t, we’ll probably know someone who can :)

The following is the text from the WAO Communities of Practice Maturity Model v0.1 (as seen in the second image above):

Sparking the flame

Getting together

Pinpoint your people Members have a safe space to meet and communicate There is an idea of who the community is for Easy onboarding makes it simple to get started Do something together There are regular invitations to participate in the community Members can get involved in different activities within the community There are ways of working openly that allow new members to get involved / catch up Get people talking Community members meet regularly using agreed channels and tools There are backchannels and watercoolers for varied conversations Members are connecting with people they haven’t had the chance to before Stoking the flame

Sticking together

Attract new folks

New members feel welcomed into the community Core members are motivating others to take part in the community Members regularly share knowledge and experiences external to the community

Cultivate your identity

Members of the community have agreed on guidelines for how to interact with one another (e.g. a Code of Conduct) The needs of community members have been identified The community’s mission is clear and agreed upon

Pay attention to who keeps showing up

Members adopt common approaches, enabling them to do their work more effectively Members talk about the community to other people in their wider network The community is meeting members’ needs based on explicit feedback Passing the torch

Growing together

Create more leaders Moderation responsibilities are shared among a larger group of core members The community has a momentum that is not reliant on one or two people The community has goals that members collaborate on as a whole or in smaller working groups Supercharge your leaders Leadership responsibilities and decision-making are distributed throughout the community Members explicitly influence community direction and activities There are open-door activities with people outside of the community (e.g. show and tells, cross-community meetups) Celebrate together Milestones relating to the community and its members are celebrated People outside the community advocate for it The community regularly creates outputs used by the wider network

🔥 Towards a maturity model for online, networked communities (v0.1) was originally published in We Are Open Co-op on Medium, where people are continuing the conversation by highlighting and responding to this story.

Monday, 09. May 2022

Oasis Open

Invitation to comment on Virtual I/O Device (VIRTIO) Version 1.2

VIRTIO specifies a straightforward, efficient, standard and extensible mechanism for virtual devices. The post Invitation to comment on Virtual I/O Device (VIRTIO) Version 1.2 appeared first on OASIS Open.

First review for Version 1.2 - ends June 8th

OASIS and the OASIS Virtual I/O Device (VIRTIO) TC are pleased to announce that Virtual I/O Device (VIRTIO) Version 1.2 is now available for public review and comment.

Specification Overview

VIRTIO v1.2 is the largest ever release of the ‘virtio’ specification, with 9 new device types as well as significant new functionality in existing devices, and addressing comments by more than 45 individuals from more than 15 organizations. This specification is fully compatible with the previous version, VIRTIO v1.1.

This document describes the specifications of the ‘virtio’ family of devices. These devices are found in virtual environments, yet by design they look like physical devices to the guest within the virtual machine – and this document treats them as such. This similarity allows the guest to use standard drivers and discovery mechanisms. The purpose of virtio and this specification is that virtual environments and guests should have a straightforward, efficient, standard and extensible mechanism for virtual devices, rather than boutique per-environment or per-OS mechanisms.

The documents and related files are available here:

Virtual I/O Device (VIRTIO) Version 1.2
Committee Specification Draft 01
09 May 2022

Editable source (Authoritative):
https://docs.oasis-open.org/virtio/virtio/v1.2/csd01/tex/
HTML:
https://docs.oasis-open.org/virtio/virtio/v1.2/csd01/virtio-v1.2-csd01.html
PDF:
https://docs.oasis-open.org/virtio/virtio/v1.2/csd01/virtio-v1.2-csd01.pdf
Example driver listing:
https://docs.oasis-open.org/virtio/virtio/v1.2/csd01/listings/
PDF file marked to indicate changes from Version 1.1 Committee Specification 01:
https://docs.oasis-open.org/virtio/virtio/v1.2/csd01/virtio-v1.2-csd01-diff-from-v1.1-cs01.pdf

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/virtio/virtio/v1.2/csd01/virtio-v1.2-csd01.zip

A public review metadata record documenting this and any previous public reviews is available at:
https://docs.oasis-open.org/virtio/virtio/v1.2/csd01/virtio-v1.2-csd01-public-review-metadata.html

How to Provide Feedback

OASIS and the OASIS Virtual I/O Device (VIRTIO) TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

The public review starts 10 May 2022 at 00:00 UTC and ends 08 June 2022 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=virtio).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:

https://lists.oasis-open.org/archives/virtio-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the VIRTIO TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/virtio/

Additional references

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://github.com/oasis-tcs/virtio-admin/blob/master/IPR.md
https://www.oasis-open.org/policies-guidelines/ipr/#Non-Assertion-Mode
Non-Assertion Mode

The post Invitation to comment on Virtual I/O Device (VIRTIO) Version 1.2 appeared first on OASIS Open.


Energy Web

Climate-safe crypto: Energy Web and RMI unveil decarbonization approach for electricity-intensive…

Climate-safe crypto: Energy Web and RMI unveil decarbonization approach for electricity-intensive industries Approach quantifies material emissions impact of renewable energy purchases by any buyer; initial focus is certification for bitcoin miners. Zug, Switzerland, and Boulder CO, USA, 9 May 2022 — Energy Web, a non-profit building operating systems for energy grids, and RMI, an independe
Climate-safe crypto: Energy Web and RMI unveil decarbonization approach for electricity-intensive industries

Approach quantifies material emissions impact of renewable energy purchases by any buyer; initial focus is certification for bitcoin miners.

Zug, Switzerland, and Boulder CO, USA, 9 May 2022 — Energy Web, a non-profit building operating systems for energy grids, and RMI, an independent, US-based non-profit organization focused on accelerating the energy transition, have released a draft approach to evaluating the material impact of market-based renewable energy purchases. The approach is applicable to any sector and is currently being trialed with bitcoin miners as the foundation for an eventual certification program that will credential renewably-powered mining and hosting operations.

The newly-developed quantitative approach will evaluate the material impact of renewable energy purchases made by companies to mitigate emissions from electricity consumption. The approach aims to provide the information needed to create a more impactful market for energy attribute certificates, including RECs and Guarantees of Origin. Energy Web plans to use the approach as the foundation for a certification initiative enabling investors, regulators, and customers to assess the “green” credentials of bitcoin miners.

With the announcement, RMI and Energy Web have launched a broad stakeholder engagement consultation, with the goal of refining and improving the draft approach following public comment and feedback. Interested stakeholders, including bitcoin and other cryptocurrency miners, data center operators, and corporate actors who purchase RECs, are invited to provide input on the draft criteria during a 30-day comment window. Comments can be submitted, starting today until June 10th, via the form found here.

“Environmental, social, and governance factors are top of mind for senior decision makers and corporate boards in every industry, including crypto,” said Jesse Morris, CEO of Energy Web. “While this approach is fit for use across any number of industries, bitcoin in particular stands to benefit. Numerous bitcoin miners advised our initial work shaping this approach, and the resulting certification initiative will support them and others in their desire to demonstrate sustainability credentials through a credible independent process. By pairing the draft criteria with our decentralized technology solution for certifying renewable energy-powered mining, we can help accelerate decarbonization of bitcoin and other cryptocurrencies in line with the goals of the Crypto Climate Accord, an initiative inspired by the Paris Climate Agreement.”

The draft approach uses a novel quantitative method to measure the net emissions impact of renewable energy procurement by companies. Today, many market participants use products like renewable energy certificates to reduce their carbon emissions. However, determining the real-world impact of RECs is extremely challenging for many sectors, including cryptocurrency. Energy Web’s certification initiative aims to solve this problem by assessing both the emissions that mining operations create and the emissions their REC purchases mitigate. This enables companies and the public to understand the true emissions impact of their operations, and paves the way for investors and others to engage exclusively with actors that are actively contributing to a cleaner grid.

The draft approach calculates the carbon intensity of the energy used for mining by taking into account the grid location of mining operations and the material impact of any renewable energy purchased. The eventual certification initiative will use this approach, once finalized, to assign each participating miner a score; miners whose scores meet a predetermined threshold will receive a verifiable credential synthesizing the key outcomes of their evaluation. By assigning a score to each miner or hosting facility, rather than assigning a value to individual assets, such as a bitcoin, the fungibility of the assets is maintained.

Commenting on the initiative, Josh Henretig, Managing Director of the Climate Intelligence Program at RMI, said: “The approach we have developed has the potential to transform carbon disclosure and sustainability reporting in any sector that uses market-based mechanisms to procure renewable energy. As governments and regulators around the world seek to tackle false sustainability claims, this issue is set to remain top of mind for global decision makers. Picking up where REC markets fall short, this solution engenders greater transparency and verifiability of impact than anything that has come before.”

Following the consultation period, the finalized approach will inform the development of certification criteria that will be used to issue verifiable credentials to eligible miners and hosting companies. The process of accreditation, data verification, and issuance of verifiable credentials for cryptocurrency will be conducted using an implementation of Energy Web’s open-source Green Proofs solution. This technology helps miners securely share data needed to apply for certification, including corporate identity, grid location, mining capacity based on forecasted mining activity, and the amount of renewable energy they have procured.

Energy Web is currently working to apply the certification criteria to an initial group of leading bitcoin miners, and is exploring different ways of using the accreditation to accelerate the decarbonization of bitcoin.

In addition to submitting comments and feedback, interested parties can review the draft approach and download a preliminary tool for scoring their own energy procurement practices here, and register here for a live workshop with RMI and Energy Web on May 13 on the approach and the stakeholder feedback process.

For more information, please visit the initiative’s website here.

About Energy Web
Energy Web is a global, member-driven non-profit accelerating the low-carbon, customer-centric energy transition by unleashing the potential of open-source, digital technologies. Our Energy Web Decentralized Operating System (EW-DOS) enables any energy asset, owned by any customer, to participate in any energy market. The Energy Web Chain — the world’s first enterprise-grade, public blockchain tailored to the energy sector — anchors the EW-DOS tech stack. The Energy Web ecosystem comprises leading utilities, grid operators, renewable energy developers, corporate energy buyers, IoT / telecom leaders, and others.

More information on Energy Web can be found at www.energyweb.org, or follow us on Twitter @EnergyWebx

About RMI
RMI is an independent nonprofit founded in 1982 that transforms global energy systems through market-driven solutions to align with a 1.5°C future and secure a clean, prosperous, zero-carbon future for all. RMI works in the world’s most critical geographies and engage businesses, policymakers, communities, and NGOs to identify and scale energy system interventions that will cut greenhouse gas emissions at least 50 percent by 2030. RMI has offices in Basalt and Boulder, Colorado; New York City; Oakland, California; Washington, D.C.; and Beijing.

More information on RMI can be found at www.rmi.org, or follow us on Twitter @RockyMtnInst.

Media contact
Energy Web
Gavin Cahill
Sillion
Gavin.cahill@sillion.co.uk
+44 20 3858 7800

RMI
Daina Rudusa
RMI
drudusa@rmi.org

Climate-safe crypto: Energy Web and RMI unveil decarbonization approach for electricity-intensive… was originally published in Energy Web Insights on Medium, where people are continuing the conversation by highlighting and responding to this story.


Lissi

Trust in the digital space

Preview image of a person scanning a QR-code with a smartphone. This article describes why and how the Lissi Wallet Beta, available for iOS and Android, uses certificates to authenticate organisations. This article is also available in German. The problem Imagine you go to an event and just before the entrance you see a QR code with the heading “Check-in here” along with the organiser’s logo
Preview image of a person scanning a QR-code with a smartphone.

This article describes why and how the Lissi Wallet Beta, available for iOS and Android, uses certificates to authenticate organisations. This article is also available in German.

The problem

Imagine you go to an event and just before the entrance you see a QR code with the heading “Check-in here” along with the organiser’s logo. As you scan the QR code with your Wallet, you are asked for your payment information, among other things. But should you present this information?

When we communicate with third parties over the internet, it is not always clear whether the other party is really who they say they are. This problem also exists with established communication channels such as websites and emails, among others. Phishing refers to the fraudulent tapping of data to gain access to bank accounts or similarly sensitive accounts or information. A permanent communication channel that allows users to identify the communication partner to enable a trustworthy exchange of information is essential to protect users from phishing.

Context is important

We often base our trust in an interaction on the context in which we are communicating. For example, we trust a link in an internal employee portal more than a link in a promotional email. The principle is the same when a contact wants to connect with users and the connection request is displayed in the wallet. Depending on the context in which the connection request is initiated, a different level of trust can be assigned. The context helps us to establish trust but is not sufficient on its own. Often the context is missing or attackers specifically try to exploit it.

Authentication of organisations

Wallet users must be able to check the authenticity of organisations they connect to. However, the organisation must first be identified and verified. Once the organisation has the required certificates it can be validated in the user’s wallet.

Highly simplified process description of how organisations can be authenticated.

Hence, before the wallet can verify the organisation, a trusted party must certify the organisation. Certification authorities are organisations that are entrusted with signing digital certificates. They verify the identity and legitimacy of the organisation and the person requesting a certificate. If the check is successful, a signed certificate is issued. This certificate can then be verified by the user’s application such as a browser or wallet to authenticate the organisation.

Trust on different levels Illustration showing that identification is independent of the communication channel.

An encrypted communication channel between individuals and organisations allows sensitive information to be exchanged without third parties being able to read it. However, this is not sufficient, as the identity of the other party must be verified beforehand. To ensure that the contact is really a public authority, for example, we use certificates to verify their identity. Consequently, there are two levels of trust. On the lower level, there is a cryptographically secured communication channel. This is supplemented by certificates issued by different certificate authorities or trust domains.

Certificates and trust domains

The basis for trustworthiness is that the certification authority implements organisational and technical measures at an appropriate security level and establishes rules for all participants in the trust domain. The specific requirements for the certificates depend on the use case and the legal framework in which a transaction takes place. Thus, the certificates used can differ depending on the level of trust required for each use case.

Regulated certificate authorities act as issuers of certificates that certify the legitimacy of the domain holder and the security properties of the certificate. The signatures of the certificate authorities essentially serve to confirm the legitimacy of the certificate holder’s identity and to create trust in online data transmissions. Generic requirements for certificate authorities acting as a certification authority with the security level “high” are described by the Federal Office for Information Security of Germany in the Technical Guideline TR-03145–1.

Certificate verification in the Lissi Wallet

We would now like to transfer the approach of certificate verification, which we have known so far from web browsers, to the world of SSI wallets and have integrated a corresponding verification concept into our Lissi Wallet (Beta). The Lissi Wallet (Beta) checks the certificates sent by the contact or agent. If an extended validation certificate is sent, the Lissi Wallet checks that the name of the contact/agent matches the name in the certificate. Only if there is a valid extended validation certificate and the name of the contact/agent matches the name in the certificate, the contact is displayed as verified.

Display of trusted contacts for users in Lissi Wallet Display of unverified and verified contacts/organisations in Lissi Wallet

When a new contact request is made, users are asked whether they want to connect to the contact. In addition to the display of whether a contact could be verified, a recommendation for action is also given to the user. Further information on the contact’s certificate can also be displayed.

Display contact requests, new verifications and data requests from a verifiable organisation in Lissi Wallet.

When users receive a connection request (fig. 1), a new proof (fig. 2) or a information request (fig. 3) in the Lissi Wallet, it is displayed whether the contact is verified.

The function is currently only available in the Beta version of Lissi Wallet for Android and iOS. Before the function is made available to the main version, we would like to check whether the concept of organisation certificates can also be applied to SSI wallets. As with any beta version, bugs might occur. We welcome your feedback and constructive criticism or suggestions for improvement.

The trade-off between self-sovereignty or maximum security Illustration of the spectrum of self-determination and security in an ID ecosystem.

Would we rather have a high level of security or self-sovereignty? Unfortunately, the two aspects are at different ends of the spectrum. If we only allow pre-verified and approved parties to retrieve identity data, as currently envisaged by the eIDAS regulation, this severely restricts usage. Allowing users to share their data on their own responsibility offers more flexibility and freedom, but also potential for attack.

About Lissi:
Lissi provides convenient applications for companies and organisations to receive, organise and share trusted data from end users while respecting privacy and data sovereignty. This includes the Lissi Wallet as well as our applications for organisations. You can find more information on our Website.


Vertrauen im digitalen Raum

Vorschaubild von einer Person, welche ein QR-Code mit einem Smartphone einscannt. Dieser Artikel beschreibt, warum und wie die für iOS und Android verfügbare Lissi Wallet Beta Zertifikate zur Authentifizierung von Organisationen verwendet. Dieser Artikel ist auch auf English verfügbar. Das Problem Stellen Sie sich vor, Sie gehen auf eine Veranstaltung und sehen kurz vor dem Eingang ein QR-Code mi
Vorschaubild von einer Person, welche ein QR-Code mit einem Smartphone einscannt.

Dieser Artikel beschreibt, warum und wie die für iOS und Android verfügbare Lissi Wallet Beta Zertifikate zur Authentifizierung von Organisationen verwendet. Dieser Artikel ist auch auf English verfügbar.

Das Problem

Stellen Sie sich vor, Sie gehen auf eine Veranstaltung und sehen kurz vor dem Eingang ein QR-Code mit der Überschrift „Hier einchecken“ zusammen mit dem Logo des Veranstalters. Als Sie den QR-Code mit Ihrer Wallet einscannen werden Sie unter anderem nach Ihren Zahlungsinformationen gefragt. Aber sollten Sie diese wirklich präsentieren?

Wenn wir mit Dritten über das Internet kommunizieren, ist es nicht immer klar, ob die andere Partei wirklich die ist, für die sie sich ausgibt. Dieses Problem besteht unter anderem auch bei etablierten Kommunikationskanälen wie Webseiten und Emails. Phishing bezeichnet das betrügerische Abgreifen von Daten, um Zugang zu Bankkonten oder Informationen zu erhalten. Daher ist ein dauerhafter Kommunikationskanal, welcher es Nutzenden ermöglicht den Kommunikationspartner eindeutig zu identifizieren besonders wichtig. Einmal angelegt ermöglicht der Kommunikationskanal einen vertrauensvollen Informationsaustausch und ist essentiell um Nutzende vor Phishing zu schützen.

Der Kontext ist wichtig

Wir basieren unser Vertrauen in eine Interaktion häufig in abhängig davon, in welchem Kontext mit uns kommuniziert wird. So vertrauen wir z.B. einem Link in einem internen Mitarbeiterportal mehr als einem Link in einer Werbemail. Das Prinzip ist das gleiche, wenn Nutzende eines Wallets sich mit einem neuen Kontakt verbinden und die Verbindungsanfrage im Wallet angezeigt wird. Abhängig davon, in welchem Kontext die Verbindungsanfrage initiiert wird lässt sich ein unterschiedliches Maß an Vertrauen zuweisen. Der Kontext hilft uns Vertrauen zu etablieren, ist allein jedoch nicht ausreichend. Häufig fehlt der Kontext oder Angreifer versuchen gezielt diesen Umstand auszunutzen.

Authentifizierung von Organisationen

Wallet Nutzer müssen die Möglichkeit haben Organisationen, mit welchen sie sich verbinden auf deren Authentizität zu überprüfen. Allerdings muss die Organisation zunächst identifiziert und überprüft werden. Sobald die Organisation über die erforderlichen Zertifikate verfügt, kann diese im Wallet validiert werden.

Stark vereinfachte Prozessbeschreibung wie Organisationen authentifiziert werden können.

Bevor eine Wallet die Organisation überprüfen kann, muss eine vertrauenswürdige Partei die Organisation zertifizieren. Zertifizierungsstellen sind Organisationen, welche die Unterzeichnung digitaler Zertifikate anvertraut werden. Sie prüfen die Identität und Legitimität des Unternehmens und der Person, die ein Zertifikat beantragt hat. Bei erfolgreicher Prüfung wird ein signiertes Zertifikat ausgestellt. Dieses Zertifikat kann dann von der Anwendung der Nutzenden wie z.B. einem Browser oder einer Wallet überprüft werden.

Vertrauen auf verschiedenen Ebenen Illustration, welche veranschaulicht, dass die Identifizierung unabhängig von dem Kommunikationskanal ist.

Ein verschlüsselter Kommunikationskanal zwischen natürlichen Personen und Organisationen ermöglicht es sensible Informationen auszutauschen, ohne dass Dritte diese mitlesen können. Dies ist jedoch nicht ausreichend, da die Identität der anderen Partei vorher überprüft werden muss. Um sicher zu stellen, dass es sich bei dem Kontakt z.B. wirklich um eine öffentliche Behörde handelt, nutzen wir Zertifikate um deren Identität zu verifizieren. Folglich, ergeben sich zwei Ebenen des Vertrauens. Auf der unteren Ebene besteht ein kryptographisch abgesicherter Kommunikationskanal. Dieser wird ergänzt durch Zertifikate, welche von verschiedenen Zertifikatsstellen bzw. Vertrauensdomänen ausgestellt werden.

Zertifikate und Vertrauensdomänen

Die Basis für Vertrauenswürdigkeit ist, dass die Zertifizierungsstelle auf einem angemessenen Sicherheitsniveau organisatorische und technische Maßnahmen implementieren und Regeln für alle Teilnehmer der Vertrauensdomäne aufstellt. Die speziellen Anforderungen an die Zertifikate sind abhängig vom Anwendungsfall und dem juristischen Rechtsrahmen, in welchem eine Transaktion stattfindet. Somit können sich die verwendeten Zertifikate abhängig vom notwendigen Vertrauensniveau je nach Anwendungsfall stark unterscheiden.

Regulierte Zertifikatsstellen agieren als Aussteller von Zertifikaten, welche die Legitimität des Inhabers der Domäne und die Sicherheitseigenschaften des Zertifikates bescheinigen. Die Signaturen der Zertifikatsstellen, dienen im Wesentlichen dazu, die Legitimität der Identität des Zertifikatsinhabers zu bestätigen und Vertrauen in Online-Datenübertragungen zu schaffen. Generische Anforderungen für Zertifikatsstellen, die als Zertifizierungsstelle mit der Sicherheitsstufe “hoch” fungieren sind vom Bundesamt für Sicherheit in der Informationstechnik (BSI) in der Technischen Richtlinie TR-03145–1 beschrieben.

Überprüfung der Zertifikate im Lissi Wallet

Den Ansatz der Zertifikatsüberprüfung, die wir bisher aus den Webbrowser kennen, möchten wir nunmehr in die Welt der SSI-Wallets übertragen und haben ein entsprechendes Überprüfungskonzept in unsere Lissi Wallet (Beta) integriert. Die Lissi Wallet (Beta) überprüft die vom Kontakt bzw. Agent gesendeten Zertifikate. Falls ein Extended Validation Zertifikat übermittelt wird, überprüft die Wallet, dass der Name des Kontakts/Agenten mit dem Namen im Zertifikat übereinstimmt. Nur wenn ein gültiges Extended Validation Zertifikat vorliegt und der Name des Kontakts/Agenten mit dessen im Zertifikat übereinstimmt, wird der Kontakt als verifiziert eingestuft und angezeigt.

Anzeige für Nutzende im Lissi Wallet Darstellung von nicht verifizierten und verifizierten Kontakten / Organisationen im Lissi Wallet.

Bei einer neuen Kontaktanfrage werden Nutzende gefragt, ob sie die Verbindung mit dem Kontakt eingehen möchten. Neben der angezeigten Information, ob ein Kontakt verifiziert werden konnte, wird auch eine Handlungsempfehlung an Nutzenden gegeben. Es können auch weitere Informationen zu dem Zertifikat des Kontakts angezeigt werden.

Darstellung Kontaktanfragen, neuen Nachweisen und Datenabfragen von einer verifizierbaren Organisation im Lissi Wallet.

Wenn Nutzende eine Verbindungsanfrage (Abb. 1), einen neuen Nachweis (Abb. 2) oder eine Datenabfrage (Abb. 3) im Lissi Wallet erhalten, wird angezeigt, ob der Kontakt verifiziert ist.

Die Funktion ist aktuell ausschließlich in der Beta version der Lissi Wallet für Android und iOS verfügbar. Bevor die Funktion in die Hauptversion überführt wird, möchten wir überprüfen, ob das Konzept der Organisations-Zertifikate auch für SSI-Wallets angewendet werden kann. Wie bei jeder Beta Version sind Fehler nicht ausgeschlossen. Wir freuen uns über Euer Feedback und konstruktive Kritik bzw. Verbesserungsvorschläge.

Die Abwägung zwischen Selbstbestimmung oder maximaler Sicherheit Darstellung des Spektrums von Selbstbestimmung und Sicherheit in einen ID-Ökosystem.

Möchten wir lieber ein hohes Maß an Sicherheit oder Selbstbestimmung? Leider liegen die beiden Aspekte an verschieden Enden des Spektrums. Wenn wir nur vorher verifizierten und zugelassenen Parteien erlauben Identitätsdaten abzufragen, wie von der eIDAS Regulierung aktuell vorgesehen, dann schränkt dies die Nutzung stark ein. Erlauben wir Nutzenden ihre Daten in Eigenverantwortung zu teilen bietet dies mehr Flexibilität und Freiheit, aber auch Angriffspotenziale.

Über Lissi:

Lissi bietet einfache Anwendungen für Organisationen, um vertrauenswürdige Interaktionen und Kommunikation mit Nutzenden zu ermöglichen. Dazu gehört das Lissi Wallet sowie unsere Anwendungen für Organisationen.

Saturday, 07. May 2022

Me2B Alliance

Three Turns of the Wheel – Building a Safety Spec for the Digital World

Three Turns of the Wheel – Building a Safety Spec for the Digital World

Friday, 06. May 2022

Elastos Foundation

Elastos Bi-Weekly Update – 06 May 2022

...

Me2B Alliance

Three Turns of the Wheel – Building a Safety Spec for the Digital World

Version 1.0 of the Me2B Safe Specification for Mobile Apps and Websites is now available. It was three years in the making, and this is how we got here.
The History of the Me2B Safe Spec for Respectful Technology

 

Building a Safe Spec – Turn 1: The Behavior of Technology

When the Me2B Alliance first began work on a specification in 2019, it was called a “Code of Practice” for Respectful Tech. It was intended for makers of technology, businesses (or “B-s” as we call them). Our specification working group was correspondingly called the Good CoPs WG. We commenced work on developing use cases and the code of practice, but it wasn’t long before we realized a couple of things:  

We were more interested in testing the behavior of technology and not the processes by which it is developed, and  we needed a much more fine-grained instrument—or set of tests,    

Focusing strictly on the behavior of technology was an important reorientation for the specification working group and for the Me2B Alliance.  

Our premise has always been that people are in intimate “Me2B” [aka individuals to businesses] relationships with digital products and services. In many ways, these products/services are autonomous ambassadors or agents of the organizations that built them. Therefore, these products and services should treat us “like a good friend, or at the very least a polite stranger.” Thus, our safety criteria needed to focus strictly on the behavior of the product/service. We needed to turn away from a code of practice for businesses, and toward objectively measuring the behavior of technology.   

Building a Safe Spec – Turn 2: Creating Context 

As we turned our sights on specifying the behavior of technology, we quickly encountered the importance of the contextual nature of the test cases we were composing. As we attempted to characterize passing and failing behavior, we often found ourselves saying, “It depends.” We needed adequate context to reflect the reality that acceptable/passing behavior changes over the arc of the lifecycle of the Me2B Relationship. Just as acceptable behavior organically evolves in our personal relationships, it evolves in our relationships with digital products and services. 

We needed adequate context to reflect the reality that acceptable/passing behavior changes over the arc of the lifecycle of the Me2B Relationship. 

Around this time, our Me2B Relationship lifecycle model and Me2B commitments came into full clarity.  

 

Building a Safe Spec – Turn 3: The Aha Moment – Safety not Privacy

In our third and most recent turn, we rearchitected the entire spec around key Me2B Relationship transactions we refer to as Me2B Commitments. These commitments are points in the user experience where we are asked things like if we accept cookies, if we’ll share our location, or if we’d like to create an account. After developing tests for each of the typical commitments encountered in most digital technology, we observed common themes in our identified tests.  

We distilled the themes present in all commitments, resulting in our first formal recommendation, “10 Attributes for Safe and Respectful Me2B Commitments”. Most of our Specification now consists of tests evaluating the safety and respectfulness of each Me2B commitment found in the user experience of the website or mobile app. It was also during this third turn of the wheel when we also became acutely aware that we were building a safety standard.  

Since our founding, we have never been satisfied with “privacy” as the sole scope of concern. Abuse of privacy is not the only abuse humans experience when using connected technology. As our Digital Harms Dictionary illustrates, we experience myriad other harms such as coercion, manipulation, algorithmic bias (racism, sexism, ageism, etc.). We suggest that privacy is just one category of harm, one aspect of human safety. And it is too narrow a focus of concern; our scope is safety in the digital world. 

When we look back through history, the commercial launch of every innovative technology is followed by the development of safety standards and practices. For example, seatbelts, airbags, windshield wipers, and headlights were all developed after the first commercial automobiles were in use. This pattern makes sense, as widespread adoption and practical use of new technology are required to fully comprehend the scope and nature of all the potential harms and risks. 

However, safety standards for the internet are notably lagging —likely because the harms are not as immediately obvious as those of physical products such as cars. The long delay and elusive connections between cause and effect hamper the visibility and recognition of these harms. Also, ideas of “safety” on the internet quickly turn to questions of ethics, complicating the task due to the absence of a universal ethic.. 

 At the Me2B Alliance, we hold the view that connected technology is not just “tools we wield”, it is a collection of intimate and interactive relationships that we maintain—as alive and immediate as the relationships we maintain with the people and institutions in our lives. 

At the Me2B Alliance, we hold the view that connected technology is not just “tools we wield”, it is a collection of intimate and interactive relationships that we maintain—as alive and immediate as the relationships we maintain with the people and institutions in our lives. Using this foundational perspective of the interactive Me2B Relationship, we can look to interpersonal/social norms to provide a universal ethic: technology should treat us safely and with respect. We can hold technology to the same standards we hold people (mostly).  

 

Rules of Engagement for the Digital World 

As social animals, we humans have social norms developed over millennia; collective, co-created agreements (“Social Contracts”) on how we agree to treat each other in community. The Me2BA has our own interpretation of a global social contract between Me-s and B-s called the Me2B Rules of Engagement.   

Organizations like the UN have the Universal Declaration of Human Rights describing universal, inherent rights for all humans. But the internet sadly was not architected to support all these rights. The creators of the internet were world-building but didn’t fully realize they were world-building, building a new medium in which to live in community. The important thing is that we are here now, and we must, for the benefit of the health of humankind and our planet, come to a clear-eyed, inclusive, and collective view on the full spectrum of harms and potential risks that are inherent in our myriad and ever-increasing digital Me2B Relationships.  

 

A Baseline Safety Spec 

And that’s where our current offering, the Me2B Safe Spec for Respectful Technology for for Websites and Mobile Apps comes in.  This spec is the first of several and provides a minimal viable product for baseline safe behavior of mobile apps and websites. This open spec is a living document and will continue to be updated by the Respectful Tech Spec Working Group to address ever more of the harms identified in the Digital Harms Dictionary. We will also be working to provide specs for all connected platforms, including routers, smart TVs, smart homes, wearables, etc. 

 

In Conclusion & Thanks  

Our primary thesis is that safer, more respectful technology isn’t just better for people (users of technology), it’s also better for the makers of technology, resulting in stronger, more meaningful Me2B Relationships. Because that is what they are, relationships. The days of treating customers as endless sources of extractive, exploitable (monetizable) data are quickly drawing to a close as the world wakes up to the harms and price of “free” services.  

Our safety yardstick is unwaveringly on the side of keeping Me-s safe, but it is for naught if makers of technology do not embrace and value more meaningful Me2B relationships, through safe and respectful products.  

We know there is much more work to do, more harms and platforms for which tests must be developed. We look forward to hearing from all makers of technology and welcome your comments as you apply this standard to your mobile apps and websites. Please tell us where you think we’ve got it wrong. The behavioral bar may feel uncomfortably high. And in some cases, perhaps it is too high—but we welcome the feedback and are willing to conduct validation testing to ensure that our passing behavior criteria accurately reflect the needs of everyday people.  

This baseline spec is the fruit of several years and countless volunteer hours working to establish the through-line from ethical principles to objectively measurable behavior. I would like to express heartfelt thanks to the Respectful Tech Spec Working Group (nee Good CoPs WG), and all the people who have generously contributed their time and wisdom so that we now have a solid foundation for what safety is in the digital world.  

P.S. We’re fast at work at adding in GDPR and CPRA mapping against our test suite and will be launching version 1.1 as quickly as we can.  

Me2B Safe Spec for Websites and Mobile Apps v1.0  

MyData

Welcome to the MyData 2022 Conference on June 21-22, 2022

THE WORLD’S LEADING CONFERENCE ON PERSONAL DATA IS BACK.
THE WORLD’S LEADING CONFERENCE ON PERSONAL DATA IS BACK.

Thursday, 05. May 2022

Nyheder fra WAYF

Akureyri Universitet ny brugerorganisation i WAYF

Islandske Akureyri Universitet (UNAK) er i dag indtrådt i WAYF som brugerorganisation. Hermed har ansatte og studerende ved UNAK nu adgang til at identificere sig som sådanne over for en lang række webtjenester i både WAYF og eduGAIN. Language Danish Read more about Akureyri Universitet ny brugerorganisation i WAYF

Islandske Akureyri Universitet (UNAK) er i dag indtrådt i WAYF som brugerorganisation. Hermed har ansatte og studerende ved UNAK nu adgang til at identificere sig som sådanne over for en lang række webtjenester i både WAYF og eduGAIN.

Language Danish Read more about Akureyri Universitet ny brugerorganisation i WAYF

Energy Web

Update | Energy Web and ENGIE Energy Access leverage crypto to expand solar energy access in…

ENGIE Energy Access has successfully launched the Crowdfund for Solar platform on the Energy Web Chain to expand solar energy access in Sub-Saharan Africa Zug, Switzerland — 5 May 2022 — This week, ENGIE Energy Access launched the Crowdfund for Solar platform on the Energy Web Chain, a new staking platform that allows Energy Web Token holders to support the installation of solar energy infrastruc
ENGIE Energy Access has successfully launched the Crowdfund for Solar platform on the Energy Web Chain to expand solar energy access in Sub-Saharan Africa

Zug, Switzerland — 5 May 2022 — This week, ENGIE Energy Access launched the Crowdfund for Solar platform on the Energy Web Chain, a new staking platform that allows Energy Web Token holders to support the installation of solar energy infrastructure for communities in Sub-Saharan Africa needing affordable and clean energy access.

We are extremely proud of our community for participating in the Crowdfund for Solar platform. The platform was 100% filled within 7 hours! Staked $EWT will be providing energy access in countries with low electrification rates like Rwanda, Uganda, and Zambia, which is one of the world’s first DeFi solution that ties real-world impact and DeFi cash flows!

After the pool was filled up in record time, an awesome community member pointed us to a discrepancy between the total SLT minted and EWT staked in the Crowdfund for Solar platform. Since the contract was already full and staking was no longer possible, we decided to pause the contract until further notice to investigate the root cause of the unexpected issue, which was not witnessed in any of the tests before and that has not been spotted in the official smart contract audit and review. We found a minor issue that only affects the last transaction in a very specific scenario. The best and most efficient way to counter this is to keep the contract paused, especially as the pool has already been filled and staking is no longer possible. Then, as planned, participants can withdraw their funds and rewards after May 17th, 2023 (Release rewards date). This provides sufficient time to fund new solar installations and focus especially on women-led households and small and medium enterprises in countries like Rwanda, Uganda, and Zambia.

However, as communicated by Engie Energy Access, participants still have the chance to withdraw their original contributions without rewards in EWT until 15:00 PM CET on May 17th, 2022. Whoever decides to opt-out, should send their SLTs held in their wallet (imported from the smart contract 0x8df330b8966ebE69Be996653e50252c6D44a527a) to the Crowdfund for Solar wallet:0xff0E9ddB12F1082833B13E144b60df6cf04aE116. They will receive corresponding EWTs within 1 working day. For any issues with the withdrawals, please contact meerim.ruslanova@energyweb.org before 15:00 PM CET on May 17th, 2022.

We would like to thank our community once again for the unprecedented support and contributions towards accelerating affordable clean energy in Sub-Saharan Africa with the help of DeFi.

Special and wholehearted thanks to the community member for spotting the issue early on! We were able to act swiftly thanks to the diligence of this community member!

What’s next!
We will shortly make a decision on which countries exactly will receive the funds for solar installations. We will publish quarterly reports depicting the progress on our website under “Progress Reporting”. Upon the evaluation of the current campaign, we will also explore further ways of scaling this solution.

About Energy Web
Energy Web is a global, member-driven non-profit accelerating the low-carbon, customer-centric energy transition by unleashing the potential of open-source, digital technologies. Our Energy Web Decentralized Operating System (EW-DOS) enables any energy asset, owned by any customer, to participate in any energy market. The Energy Web Chain — the world’s first enterprise-grade, public blockchain tailored to the energy sector — anchors the EW-DOS tech stack. The Energy Web ecosystem comprises leading utilities, grid operators, renewable energy developers, corporate energy buyers, IoT / telecom leaders, and others.

About ENGIE Energy Access
ENGIE Energy Access is the leading Pay-As-You-Go (PAYGo) and mini-grids solutions provider in Africa. The company develops innovative, off-grid solar solutions for homes, public services, and businesses, enabling customers and distribution partners access to clean, affordable energy. The PAYGo solar home systems are financed through affordable installments from $0.19 per day, and the mini-grids foster economic development by enabling electrical productive use and triggering business opportunities for entrepreneurs in rural communities. With over 1,700 employees, operations in nine countries across Africa (Benin, Côte d’Ivoire, Kenya, Mozambique, Nigeria, Rwanda, Tanzania, Uganda, and Zambia), almost 1.5 million customers, and more than 7 million lives impacted so far, ENGIE Energy Access aims to remain the leading clean energy company, serving millions of customers across Africa by 2025.

Update | Energy Web and ENGIE Energy Access leverage crypto to expand solar energy access in… was originally published in Energy Web Insights on Medium, where people are continuing the conversation by highlighting and responding to this story.


Good ID

World Password Day Had a Good Run. Now We’re Celebrating A Future with Less Passwords

Andrew Shikiar, executive director and CMO, FIDO Alliance World Password Day was created in 2013 to help people better secure their accounts by providing tips for better password hygiene: don’t […] The post World Password Day Had a Good Run. Now We’re Celebrating A Future with Less Passwords appeared first on FIDO Alliance.

Andrew Shikiar, executive director and CMO, FIDO Alliance

World Password Day was created in 2013 to help people better secure their accounts by providing tips for better password hygiene: don’t reuse passwords; use a complex, random string of letters, numbers and characters; use a password manager. At the time of its inception the intentions of this day were positive and necessary as we didn’t have more secure consumer-friendly alternatives readily available. 

Technology and best practices have changed over the years and many now use World Password Day to encourage users to level-up their account security by enabling multi-factor authentication. This is certainly a best practice for password-based logins, but falls short of addressing the evolving threat landscape which has commercialized the ability for hackers to bypass legacy forms of MFA. 

What we ultimately need is widespread availability of passwordless sign-in technology that is more convenient and more secure – and we have that today with FIDO Authentication, which is already supported in over 90% of web browsers and virtually every modern handset and computing device. 

In March of this year the FIDO Alliance shared its vision to make FIDO Authentication even more widely available and consumer-ready through the advent of multi-device FIDO credentials (referred to by some as “passkeys”). 

Today, as an evolution of this announcement, FIDO Alliance is excited to share that Apple, Google and Microsoft are aligned with this vision and will be implementing multi-device FIDO credentials in their respective platforms. Read the press release for more details.

From a user experience standpoint, this will be very similar to how one interacts with a password manager today to help them securely enroll and sign into websites – only it will be far more secure as the process will issue a FIDO keypair instead of a password. 

From a service provider perspective, the availability of multi-device FIDO credentials will join the ongoing and growing utilization of security keys to allow for a full range of options for deploying modern, phishing-resistant authentication.

In addition to facilitating a better user experience, the broad support of this standards-based approach will enable service providers to offer FIDO credentials without needing passwords as an alternative sign-in or account recovery method. This is a critical step in helping the industry at large break its dependence on the passwords and other knowledge-based credentials which to this day are the cause of over 80% of data breaches.

I am often asked when the industry will be able to get rid of passwords – to which I respond that the path towards passwordless is a journey and not a sprint. That being said, the first step on the password-less journey is to use less passwords – which is embodied by the commitment made today by the world’s largest platform providers.  While “Less Passwords Day” doesn’t roll off the tongue as well as “World Password Day,” it certainly is a day worth celebrating!

The post World Password Day Had a Good Run. Now We’re Celebrating A Future with Less Passwords appeared first on FIDO Alliance.

Tuesday, 03. May 2022

Identity Review

What is Luna Coin?

Betting on the future of Luna Coin, the second largest DeFi protocol
Betting on the future of Luna Coin, the second largest DeFi protocol

Centre Consortium

Welcome to Centre, Rebecca Cohen

 

 


SelfKey Foundation

$KEY Gets Listed on Biconomy

SelfKey’s native token $KEY gets listed on the Canadian exchange Biconomy. The post $KEY Gets Listed on Biconomy appeared first on SelfKey.

SelfKey’s native token $KEY gets listed on the Canadian exchange Biconomy.

The post $KEY Gets Listed on Biconomy appeared first on SelfKey.


GS1

Yolanda Diaz

Yolanda Diaz Domain Manager/PIM/DAM/DIS glenda.fitzpatrick Tue, 05/03/2022 - 12:23 Member excellence Yolanda Diaz
Yolanda Diaz Domain Manager/PIM/DAM/DIS glenda.fitzpatrick Tue, 05/03/2022 - 12:23 Member excellence Yolanda Diaz

SelfKey Foundation

SelfKey BitCourier Review

SelfKey gets reviewed by the renowned U.K based crypto media website Bitcourier. The post SelfKey BitCourier Review appeared first on SelfKey.

SelfKey gets reviewed by the renowned U.K based crypto media website Bitcourier.

The post SelfKey BitCourier Review appeared first on SelfKey.

Monday, 02. May 2022

GS1

Maintenance release 3.1.20

Maintenance release 3.1.20 daniela.duarte… Mon, 05/02/2022 - 18:03 Maintenance release 3.1.20
Maintenance release 3.1.20 daniela.duarte… Mon, 05/02/2022 - 18:03 Maintenance release 3.1.20

GS1 GDSN accepted the recommendation by the Operations and Technology Advisory Group (OTAG) to implement the 3.1.20 standard into the network on August 2022.

Key Milestones:

See GS1 GDSN Release Schedule

As content for this release is developed it will be posted to this webpage followed by an announcement to the community to ensure visibility.

Data Pools should contact the GS1 GDSN Data Pool Helpdesk to understand the plan for the update. Trading Partners should work with their Data Pools on understanding the release and any impacts to business processes.

Business Message Standards including Message Schemas Updated For Maintenance Release 3.1.20

Trade Item Modules Library 3.1.20 (Apr 2022)

GS1 GDSN Code List Document (May 2022) 

Delta for release 3.1.20 (Apr 2022)

Delta ECL for release 3.1.20 (Apr 2022) 

Validation Rules (Dec 2021)

Delta for Validation Rules 3.1.19 (Dec 2021)

BMS Shared Common Library (Dec 2021)

Approved Fast Track Attributes (Dec 2021)

BMS Documents Carried Over From Previous Release

BMS Catalogue Item Synchronisation

BMS Basic Party Synchronisation

BMS Price Synchronisation 

BMS Trade Item Authorisation

 

Schemas

Catalogue Item Synchronisation Schema including modules 3.1.20 (Apr 2022)

Changed Schemas for 3.1.20 (Apr 2022)

Party Synchronisation Schema

Price Synchronisation Schema

Trade Item Authorisation Schema

Release Guidance

Packaging Label Guide (Apr 2022)

GS1 GDSN Attributes with BMS ID and xPath (Coming soon) 

Deployed LCLs (Apr 2022)

GPC to Context Mapping 3.1.19 (Dec 2021)

Delta GPC to Context Mapping 3.1.19 (Dec 2021)

GS1 GDSN Unit of Measure per Category (Apr 2022)

Migration Document (Dec 2021)

Approved WRs for release

Unchanged for 3.1.20

GS1 GDSN Module by context (May 2021)

Flex Extension for Price commentary (Dec 2018)

Any questions?

We can help you get started using GS1 standards.

Contact your local office


MJ Wylie

MJ Wylie Global Data Synchronization and Strategy Deployment Supply Chain Visibility glenda.fitzpatrick Mon, 05/02/2022 - 15:23 Member excellence MJ Wylie
MJ Wylie Global Data Synchronization and Strategy Deployment Supply Chain Visibility glenda.fitzpatrick Mon, 05/02/2022 - 15:23 Member excellence MJ Wylie

Ryan Vann

Ryan Vann Sr. Director, Data Governance Supply Chain glenda.fitzpatrick Mon, 05/02/2022 - 15:22 Member excellence The Coca-Cola Company Ryan Vann
Ryan Vann Sr. Director, Data Governance Supply Chain glenda.fitzpatrick Mon, 05/02/2022 - 15:22 Member excellence

The Coca-Cola Company

Ryan Vann

Stephane Cuilla

Stephane Cuilla Platform Data IT Manager glenda.fitzpatrick Mon, 05/02/2022 - 15:16 Member excellence Carrefour Stephane Cuilla
Stephane Cuilla Platform Data IT Manager glenda.fitzpatrick Mon, 05/02/2022 - 15:16 Member excellence

Carrefour

Stephane Cuilla

Saturday, 30. April 2022

Me2B Alliance

Me2B Safe Specification v1.0

As a first step to ensure consumer safety in all connected products, the Me2B Alliance has developed an open safety standard for mobile apps and websites.  

The Me2B Safe Spec for Respectful Technology is a set of tests designed to guide and enable technology-makers to build safe, respectful digital products. Over the past three years, the Me2B Alliance has spearheaded the development of the open specification within a Working Group of expert technologists, engineers, social scientists, and researchers.  

The current version focuses on mobile apps and websites and encompasses only a portion of the harms outlined in the complete Me2B Digital Harms Dictionary. As the safe specification evolves subsequent versions will grow to include more of the harms identified in the Me2B Digital Harms Dictionary.

Below you will find links to all the downloadable files comprising the Me2B Safe Spec for Respectful Technology v1.0.

Introduction: Me2B Safe Spec for Respectful Technology 1.0 (pdf): This introduction provides an overview of the spec and explains how to use it.

Safe Specification Documents

Data Controller Questionnaire (pdf) Core requirements (pdf) App Raw Data worksheet (pdf) Website Raw Data worksheet (pdf) Policies (Privacy Policy and Terms of Service) Raw Data worksheet (pdf)

Download All (zip)

Friday, 29. April 2022

Oasis Open

Invitation to comment on Energy Interoperation Common Transactive Services (CTS) v1.0

CTS permits energy consumers and producers to interact through energy markets by simplifying actor interaction with any market. The post Invitation to comment on Energy Interoperation Common Transactive Services (CTS) v1.0 appeared first on OASIS Open.

Second public review - ends June 1st

OASIS and the OASIS Energy Interoperation TC are pleased to announce that Energy Interoperation Common Transactive Services (CTS) v1.0 is now available for public review and comment. This is the second public review of this draft specification.

Common Transactive Services (CTS) permits energy consumers and producers to interact through energy markets by simplifying actor interaction with any market. CTS is a streamlined and simplified profile of the OASIS Energy Interoperation (EI) specification, which describes an information and communication model to coordinate the exchange of energy between any two Parties that consume or supply energy, such as energy suppliers and customers, markets and service providers.

The documents and related files are available here:

Energy Interoperation Common Transactive Services (CTS) Version 1.0
Committee Specification Draft 02
28 April 2022

PDF (Authoritative):
https://docs.oasis-open.org/energyinterop/ei-cts/v1.0/csd02/ei-cts-v1.0-csd02.pdf
Editable source:
https://docs.oasis-open.org/energyinterop/ei-cts/v1.0/csd02/ei-cts-v1.0-csd02.docx
HTML:
https://docs.oasis-open.org/energyinterop/ei-cts/v1.0/csd02/ei-cts-v1.0-csd02.html
PDF marked with changes since previous publication:
https://docs.oasis-open.org/energyinterop/ei-cts/v1.0/csd02/ei-cts-v1.0-csd02-DIFF.pdf
Comment resolution log for previous public review:
https://docs.oasis-open.org/energyinterop/ei-cts/v1.0/csd01/ei-cts-v1.0-csd01-comment-resolution-log.pdf

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/energyinterop/ei-cts/v1.0/csd02/ei-cts-v1.0-csd02.zip

A public review metadata record documenting this and any previous public reviews is available at:
https://docs.oasis-open.org/energyinterop/ei-cts/v1.0/csd02/ei-cts-v1.0-csd02-public-review-metadata.html

How to Provide Feedback

OASIS and the Energy Interoperation TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of our technical work.

The public review starts 30 April 2022 at 00:00 UTC and ends 01 June 2022 at 23:59 UTC.

The TC requests that comments should cite the line numbers from the PDF formatted version for clarity.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=energyinterop).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/energyinterop-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the Energy Interoperation TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/energyinterop/

Additional references

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://www.oasis-open.org/committees/energyinterop/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#RF-on-Limited-Mode
RF on Limited Terms Mode

The post Invitation to comment on Energy Interoperation Common Transactive Services (CTS) v1.0 appeared first on OASIS Open.


Energy Web

Energy Web Community Staking Pool Snapshots explained

Zug, Switzerland — 29 April 2022 — The Energy Web Token powered, proof-of-stake based Energy Web Consortia Relay Chain (EW-CRC) is designed to greatly enhance the cybersecurity of every Energy Web solution and identity connected to it. But this is only possible if the Energy Web community has access to a robust, secure staking mechanism on EW-CRC. This is the primary reason an initial staking pool

Zug, Switzerland — 29 April 2022 — The Energy Web Token powered, proof-of-stake based Energy Web Consortia Relay Chain (EW-CRC) is designed to greatly enhance the cybersecurity of every Energy Web solution and identity connected to it. But this is only possible if the Energy Web community has access to a robust, secure staking mechanism on EW-CRC. This is the primary reason an initial staking pool was launched in December 2021: to demonstrate how using decentralized identifiers and verifiable credentials can support staking on a public blockchain.

In March 2022, a second staking pool was launched to test another important concept: figuring out a way to measure average EWT staked over time by individual users. To do so, we use “snapshots” — random checks of Energy Web Token (EWT) balances staked by each user. Snapshots enable our community to understand exactly how consistent the economic security provided by EWT staking is. Testing this concept could not be more important: the upcoming EW-CRC will use a proof-of-stake system to secure dozens of enterprise-grade solutions from around the world and protect the integrity of every digital identity connected to them. Using snapshots to incentivize consistent, long-term staking is a powerful way to increase the security of the EW-CRC; the second staking pool is the proving ground for the concept. A stable electricity grid needs committed stakeholders.

The token economic model behind EWT snapshots is simple. For future EWT staking pools and block rewards distributed by the EW-CRC protocol, reward amounts will primarily be a function of two factors: how many tokens have been staked, and for how long. This means more tokens, staked consistently for longer periods of time, equals greater rewards. Incenting consistent staking will maximize the economic security of the EW-CRC and by extension every solution and identity connected to it.

The remainder of this post describes how snapshots will influence EWT stakers in the second pool, in new staking pools on the Energy Web Chain, and when staking on the EW-CRC. Specifically, this post describes how snapshots will be used to calculate 1) additional variable awards for the second pool stakers and 2) an EWT staking multiplier for CRC staking

Additional Variable Awards

EWT staked in the second pool currently earns a fixed annual percentage yield (APY). In the future, on EW-CRC, rewards for Validators and Patrons who stake EWT will be variable. This is because the flow of awards is a result of real-world adoption of Energy Web solutions, not an inflationary token model (for more information, please see our high-level description of the design of the EW-CRC). Snapshots on the second staking pool will enable us to test variable APY rewards in anticipation of the EW-CRC.

The second staking pool is currently ~70% full. This means that not all EWT inside the staking pool contract will be distributed. The remaining unallocated EWT awards dating back to the launch of the second pool will be redistributed to second pool stakers using a variable APY. As described above, the objective is to reward and incentivize identities that have consistently staked EWT for longer periods of time. The amount of variable APY awards per staked EWT account will be determined by the average stake of an account as measured by the snapshots. The more tokens held by an account consistently throughout the duration of the second staking pool, the more variable APY will be awarded. The six snapshots to be taken throughout the life of the second staking pool are the trusted, verifiable measurements for how many and how consistently EWT are staked.

The variable APY is impossible to predict, but at a high level, the design incentivizes users to maintain fully staked EWT wallets throughout the duration of the staking pool. An example is useful to demonstrate what variable APY could be. Let’s assume in this example there will be 200,000 EWT available for redistribution via variable APY in the second staking pool and there are 2,500 wallets staking.

If only 10% of wallets have a single snapshot and 90% have no snapshots at all and stake on average 1 EWT, they will earn an APY of 106,666% (800 EWT profit on a 1 EWT stake over 9 months) If all wallets have the same number of snapshots and maximum average stake (3,000 EWT), they will each earn an APY of 3.56% In this example, depending on the behavior of the users, individual additional variable APY would be somewhere between 3.56% and 106,666%

Please note that variable APY is on top of the fixed APY of 10.36% paid out in the second staking pool. Also, note this is an example calculation, so the numbers will differ. Experimenting with the mechanism with a guaranteed staking APY and an additional variable APY will give us great insights into how we can deploy effective token-economics to increase the security of a decentralized Energy System based on real cash flows.

EWT Staking Multiplier

The second incentive for the Energy Web community is to stake more EWT consistently and for longer periods of time, snapshots are also planned to be used to calculate an EWT staking multiplier. This multiplier can then be applied to future staking pools on the Energy Web Chain and on EW-CRC.

The EWT staking multiplier works very similarly to the variable APY calculation above: we want to reward those that have staked for longer periods of time. When we bootstrap, the new CRC stakers will benefit from having as many snapshots as possible. The reward logic is this: if a user locks up EWT for a maximum term (for example, 3 years on EW-CRC) and has the maximum number (6) of snapshots from the second staking pool, they receive the highest EWT staking multiplier. A lower lockup period or a lower number of snapshots will result in a lower multiplier.

After the lockup ends, there will be restrictions on withdrawing the reward (cooldown period) to prevent all users from withdrawing rewards at once.

We encourage everyone to follow official Energy Web communications channels for more updates on staking and ways to participate in the launch of the EW-CRC.

About Energy Web
Energy Web is a global, member-driven non-profit accelerating the low-carbon, customer-centric energy transition by unleashing the potential of open-source, digital technologies. Our Energy Web Decentralized Operating System (EW-DOS) enables any energy asset, owned by any customer, to participate in any energy market. The Energy Web Chain — the world’s first enterprise-grade, public blockchain tailored to the energy sector — anchors the EW-DOS tech stack. The Energy Web ecosystem comprises leading utilities, grid operators, renewable energy developers, corporate energy buyers, IoT / telecom leaders, and others.

Twitter | Discord | LinkedIn| Telegram | Website |

Energy Web Community Staking Pool Snapshots explained was originally published in Energy Web Insights on Medium, where people are continuing the conversation by highlighting and responding to this story.


GS1

Equadis

Equadis glenda.fitzpatrick Fri, 04/29/2022 - 16:24 Global Sync Global Sync Global Item Ghislain Esquerre CEO Equadis Email: g.esquerre@equadis.com Technical Contact Joelle Al Bardawil GDSN Technical Lead Email: j.albardawil@equadis.com Bot
Equadis glenda.fitzpatrick Fri, 04/29/2022 - 16:24 Global Sync

Global Sync

Global Item

Ghislain Esquerre
CEO Equadis

Email: g.esquerre@equadis.com

Technical Contact

Joelle Al Bardawil
GDSN Technical Lead

Email: j.albardawil@equadis.com

Both

Avenue Cardinal Mermillod

46

1227 Carouge GE Switzerland

N/A

GS1 Slovakia - Synfony

GS1 Slovakia - Synfony glenda.fitzpatrick Fri, 04/29/2022 - 15:53 Synfony (powered by Gs1 Denmark Global Item Contacts: Iveta Hreusová VAS Specialist T: +421 41 5651 185 E:  synfony@gs1sk.org   Ladislav Janco Senior Consultant janco@gs1sk.org Both
GS1 Slovakia - Synfony glenda.fitzpatrick Fri, 04/29/2022 - 15:53

Synfony (powered by Gs1 Denmark

Global Item

Contacts:

Iveta Hreusová

VAS Specialist

T: +421 41 5651 185

E:  synfony@gs1sk.org

 

Ladislav Janco

Senior Consultant

janco@gs1sk.org

Both

GS1 Slovakia

Nanterská 23

010 08  Žilina

https://www.synfony.sk N/A

N/A


GS1 Estonia

GS1 Estonia glenda.fitzpatrick Fri, 04/29/2022 - 15:06 DataSync GS1 Estonia - DataSync (powered by GS1 Denmark) Global Item Business Hille Harjak CEO GS1 Estonia Email: hille@gs1.ee Phone: +372 660 5535 Both Roosikrantis 13-
GS1 Estonia glenda.fitzpatrick Fri, 04/29/2022 - 15:06 DataSync

GS1 Estonia - DataSync (powered by GS1 Denmark)

Global Item

Business

Hille Harjak
CEO GS1 Estonia

Email: hille@gs1.ee

Phone: +372 660 5535

Both

Roosikrantis 13-20

Tallinn, 10119

Estonia

https://www.gs1.ee No

OpenID

2022 OpenID Foundation Kim Cameron Award Recipients Announced

The OpenID Foundation is pleased to announce the first cohort of awardees for inaugural launch of the Kim Cameron Award Program. We first must thank the many well-qualified applicants who presented compelling interest in user-centric identity.  The Foundation anticipates future opportunities for similar awards. The Foundation also thanks our partners; the organizers of the European Ident

The OpenID Foundation is pleased to announce the first cohort of awardees for inaugural launch of the Kim Cameron Award Program. We first must thank the many well-qualified applicants who presented compelling interest in user-centric identity.  The Foundation anticipates future opportunities for similar awards.

The Foundation also thanks our partners; the organizers of the European Identity and Cloud ConferenceIdentiverse and the welcome the addition of the Chrysalis Conference for future awards. Awardees will be given full access to these important industry events and will be introduced to the identity domain experts and industry opinion leaders at the conference while being welcomed by our colleagues in other industry organizations.

The 2022 Kim Cameron Award recipients:

Alen Horvat Michal Kepkowski Frederico Schardong Rachelle Sellung

 This first cohort of awardees will help shape a program intended to maximize the value of the award for recipients and complement similar efforts in other organizations to ensure its inclusivity, diversity and international access.

The OpenID Foundation hopes to scale and extend the program in partnership with others. In order to do so, we welcome your suggestions and encourage financial contributions from members through directed funding. For more information or to provide feedback, please contact director@oidf.org and don@oidf.org.

The post 2022 OpenID Foundation Kim Cameron Award Recipients Announced first appeared on OpenID.

The Engine Room

How to think about tech when you don’t have time to think about tech

In 2021, our team worked on a research project to explore how social justice communities and data and digital rights (DDR) communities could collaborate more effectively. As we interviewed over 50 people organising for social justice in four regions, something we have seen on a daily basis in our support work was confirmed: making tech […] The post How to think about tech when you don’t have time

In 2021, our team worked on a research project to explore how social justice communities and data and digital rights (DDR) communities could collaborate more effectively. As we interviewed over 50 people organising for social justice in four regions, something we have seen on a daily basis in our support work was confirmed: making tech and data issues a priority isn’t simple for social justice organisations

And this isn’t because these organisations aren’t interested in thinking about these topics. The majority of people we spoke to are fully aware of the challenges brought by digital technologies and the harms related to data collection. However, they find it difficult to take on the extra work of rethinking their use of tech and data, since most are overworked and tending to pressing needs from the communities they serve. 

Ultimately, rethinking an organisation’s use of tech and data does take quite a bit of time (and resources!). But, there are low(ish) hanging fruits that you can start tackling, and in this post I want to share some ideas to inspire you to start reflecting on these themes. 

Note: In this piece, I use the terms “tech and data” and “digital technologies” to mean the platforms, devices, tools, data and websites that you might use to carry out or enhance your work.

Tech and data should strengthen your core work instead of creating an extra burden 

This may sound counter-intuitive when you think about investing less in technology, but if you want to think about tech and data in a sustainable way, the very first thing we recommend to our partners is that instead of focusing all of your energy on “innovative tech projects”, try to think more about how tech and data could be an integral part of your existing work and infrastructure. 

Here are a few questions that can spark this conversation: 

What are your most pressing current needs? How can your advocacy strategies, internal processes, communications, or community organising might improve if you adopted a particular tech tool? Is a tech tool the only way to make that improvement, or are there low-tech ways to achieve the same improvement? What kind of digital platforms do you already use for your work as a team? How did you make those tech choices in the past? What kind of data do you collect as an organisation and why? Are there ways you want to change the way you collect and store data? (See some suggestions below!)  Who on your team is interested in tech and data issues and could get the others excited as well? And who on your team is the best placed to keep an eye on the ways in which tech and data, emerging technologies, and the broader tech industry affects your communities and mission?  

Again, these are big topics for sure, but we have found that organisations of many sizes, resource levels and capacities find it fruitful to start with these lines of questioning! If you need support figuring out how to do this, get in touch with us.

Aligning your political values with your use tech and data is an ongoing process

We believe that decisions regarding technology can have political implications for your work. For example, using tech that doesn’t prioritise accessibility might result in excluding some of the people or communities that you’re working with, or using tools that don’t have strong pro-privacy design might put activists at risk. 

Rethinking your tech and data practices to better fit your values (and your goals) is an iterative process that takes time. It won’t be an individual, one-time activity. As you go on this journey, you’ll review internal processes, go back to the same questions a few times, and figure out how to rearrange your use of tech and data so that they fit you better. 

One way you can start this process is by having a conversation with your team about your organisation’s core values that you’d like to see reflected in your technical choices. What would you prioritise if you had a chance to rethink your entire tech and data infrastructure? Would you focus on safety and privacy? Open source solutions? Platforms developed by traditionally oppressed groups? Non-surveillance capitalist options? If you have a clear sense of what you want to prioritise in your tech choices as a team, it will ultimately become easier (and more strategic!) to make decisions about your digital infrastructure in the future. 

For more ideas on what it means to align your values with your tech decisions, check out this interview we did with one of our partners and this blog post on making technical choices with an explicit focus on justice and anti-oppression.

Reflecting on your data management 

Adopting responsible data practices is one of the processes that organisations can start that can generate most positive results in their work. Responsible data is a concept that refers to our collective duty to prioritise and respond to the ethical, legal, social and privacy-related challenges that come from using data in advocacy and social change work. 

You can start reflecting on your data practises with the following questions:

What data is essential for your organisation to do your job well? Are you collecting it? If yes, are you collecting just what you need or more than necessary?  What are the potential unintended consequences of the data you’re collecting and using? What are possible mitigation strategies? For example, if you collect and store data about human rights violations, what could happen if this data got lost? What data management practices could prevent this from happening? Or, if you work closely with activists in sensitive contexts, what could happen if this data (such as meeting notes, recordings, or spreadsheets, to name a few) ends up in the wrong hands? What data is missing in your context that would be crucial to your work and the people you’re working with? And can you generate some of that data yourself? For example, if data about certain rights abuses would be crucial to your work, but aren’t otherwise documented or archived (such as data on war crimes or corruption in your country), how can you generate that data in a responsible and sustainable manner, without jeopardising the safety and dignity of your target groups? 

While shifting your data management practices might take sustained investment, some of the lower hanging fruits of responsible data handling don’t require too much time. Make sure to check our tips on how to start your responsible data journey and our resource Becoming RAD!, for guidance on how to create a responsible process for retaining, archiving and deleting data.

Learning about the ways tech and data impact the issues you work on

In the past few years, digital technologies have helped and harmed us more than ever before. We have witnessed the ways that digital technologies are increasingly used to reinforce injustices. For those fighting for social justice, investing time and resources on understanding how tech and data impact the issues you’re working on is likely to help you better serve the communities you work with.

Here are some of our team’s go-to resources:

Digital Rights Weekly Newsletter by Team Community;  Digital rights news roundup by Derechos Digitales; AccessNow’s newsletter; The Checklist by Meedan; The Download by MIT Tech Review; AI: Decoded by POLITICO; CIGI’s newsletter; And you can also sign up to our very own newsletter here. Make building tech and data literacy a team-wide priority

It is likely that in your organisation there are already people who are interested in these topics and maybe already working on it, which is great. One thing we try to advise our partners is to slowly build tech and data literacy across their entire team, instead of appointing certain people to “take care of the tech issues”. Digital technologies evolve quickly, as do the debates and conversations about the potential benefits and harms of using these technologies. Being the only person carrying the responsibility to keep up with such a fast-paced environment can seem daunting. So, if you’re in a leadership position and your organisation has resources for professional development and/or trainings, consider directing at least part of them towards building tech intuition across your team as a whole. 

Create spaces for learning with colleagues and building on each other’s knowledge

One small way you can kick off the process of reflecting about your tech and data practices is by creating spaces for informal discussions and/or exchange of information about these topics. It can be as light-weight as a Slack or Mattermost channel (or an email thread, or whatever works for you). Other than contributing to building internal tech and data literacy and intuition, this space can be helpful for:

Talking about the tech and data practices the team thinks could be re-designed or tweaked to better suit your organisational goals and values; Sharing relevant resources, things people are learning and practises they’ve seen elsewhere and think could work well for your organisation too;  Keeping tabs of links and resources that your team could potentially learn from. Connect with other organisations, you don’t have to go through this alone!

We encourage you to find other organisations or groups in your sector and/or your region who are also working on their tech and data practices and create a dialogue with them. For example, in our research on intersectional collaborations between social justice groups and data and digital rights groups, we talked to an organisation in Mexico who is convening a group of fellow organisations in their sector, who meet periodically to exchange knowledge about the tech and data issues they are facing. 

At The Engine Room, we act as stewards for the Responsible Data Community: a community of people working on sectors such as social justice and international development, developing practical ways to deal with the unintended consequences of using data in social change work and sharing approaches between leading thinkers and doers from different sectors. You can learn more about (and join!) the community here. We also convene the Organisational Security Community, a resource created by and for security practitioners from all backgrounds to share useful resources and document innovative approaches to long-term security work.

Get support from our team to navigate this process! 

We provide pro-bono support to organisations or individuals with resource constraints–e.g. in terms of funding or internal capacity–and with challenges that we can tackle together. Organisations with stable funding are welcome to partner with us through our research or consulting work. We work with a wide array of organisations, usually within Latin America and Africa, and our partners vary in terms of technical backgrounds–some want specific, technical advice, while others are less familiar with digital strategies and data or technology processes but eager to learn. 

This year, with support from Sigrid Rausing Trust, we’re deepening our offer of support to activists, collectives and movements – particularly those who serve marginalised communities – that are facing challenges incorporating technologies in their work.

Schedule a call with us

Lastly, here are a few resources to get you inspired: This piece by 1Password on how to manage your IT security without stressing out.  If you’re ready to think about how to manage data responsibly, take a look at Becoming RAD!, a guide to support organisations taking the first steps towards having a responsible and streamlined process for retaining, archiving and deleting data. We also invite you to read this blog post on starting your responsible data journey and to visit the Responsible Data platform, MERL Tech’s website and the IM Portal.  If your team is debating which tech tools to select or wondering whether you should build something, check Alidade, our guide for tool selection, and this blog post with considerations about building tools.  If you want to do some reading on working remotely:  Building trust while working remotely Tech tips for working from home when everyone else is too Making the most of a remote & diverse team

Image by Ivan Oštrić via Unsplash.

The post How to think about tech when you don’t have time to think about tech first appeared on The Engine Room.

Thursday, 28. April 2022

EdgeSecure

Dr. Forough Ghahramani to Share Her Research at BioNJ’s Twelfth Annual BioPartnering Conference

The post Dr. Forough Ghahramani to Share Her Research at BioNJ’s Twelfth Annual BioPartnering Conference appeared first on NJEdge Inc.

NEWARK, NJ, April 28, 2022 – Edge’s Dr. Forough Ghahramani, Associate Vice President for Research, Innovation, and Sponsored Programs, will participate in panel discussion at the BioNJ’s Twelfth Annual BioPartnering Conference along with esteemed research peers. 

The May 10, 2022 virtual panel, Addressing the Patent Imbalance: Women & Patents, will include Elodie Carpentier, Ph.D., Economic Researcher, World Intellectual Property Organization, Valencia Martin-Wallace, JD, Deputy Commissioner for Patents, United States Patent &Trademark Office, Judith A. Sheft, MBA, Executive Director, New Jersey Commission of Science Innovation & Technology (NJCSIT) and will be moderated by Terri Shieh-Newton, Ph.D., Patent Strategy/Member, Mintz.

Notes Dr. Ghahramani, “Data are dismal, but improving, on the numbers of patents coming from mostly female biomedical research teams — just 16.2%.” She continues, “Along with my well respected and well regarded peers on this subject matter, we will discuss and share success strategies to improve these statistics.”

Presenting companies at BioNJ’s BioPartnering Conference will range from early start-ups to later stage companies and everything in between. The conference is designed to foster productive partnerships, create fruitful opportunities, grow the ecosystem and bolster medical innovation. 

Approximately 500 life science attendees are anticipated to attend including executives, investors, institution exhibitors and business development professionals. Attendees will represent nine countries, 20 states plus the District of Columbia, 36 Company Presentations, 32 Start Up Pitch Presentations, and 12 Institutions represented.

Visit https://bionj.org/event/2022-bionj-biopartnering-conference to learn more about the event.

The post Dr. Forough Ghahramani to Share Her Research at BioNJ’s Twelfth Annual BioPartnering Conference appeared first on NJEdge Inc.


Ceramic Network

Key Revocation in Self-Certifying Protocols

In Web3 protocols cryptographic keys are used for encryption and signature verification. Typically a key is split into a public and a private key and because private keys are hard to keep secure, it is considered good practice to change keys over time. This is commonly referred to as key

In Web3 protocols cryptographic keys are used for encryption and signature verification. Typically a key is split into a public and a private key and because private keys are hard to keep secure, it is considered good practice to change keys over time. This is commonly referred to as key rotation or revocation. Building protocols for doing so securely can be a challenge. In this article you will learn about the nuances of key revocation and how we approach the problem with Ceramic.

Double Spending and Key Rotation

The challenge of safely performing key rotations in Web3 data protocols has similar characteristics as the classical double spending problem. Blockchains solve this problem for financial application using a strong consistency model. Can we loosen these constraints for non-financial applications while maintaining the safety of key rotations?

Double-spending is a potential flaw in a digital cash scheme in which the same single digital token can be spent more than once.

A quite similar problem also arises when you simply want to perform a key rotation. A critical aspect of any protocol that involves cryptographic key material is how to manage the lifecycle of these keys. For HTTPS, which is used to secure the web today, centralized certificate authorities verify if a given key is valid or not.

In Web3, by definition, self-certifying protocols can’t rely on third party centralized authorities since authority comes from the user directly. This presents new challenges when designing the lifecycle of a cryptographic key. How can you know if a key has been revoked and should no longer be considered valid without trusting a third party authority?

In order to understand this more deeply, let’s start with some basic definitions:

Key revocation - a function in the lifecycle of a cryptographic key; the point in time where proofs generated from the key are no longer considered valid.

Key rotation - Changing the key, i.e., replacing it by a new key. Typically this means that the old key would be considered revoked when the new key becomes active.

Based on this we can see that there are two main things we need to consider in the lifecycle of a cryptographic key. When proofs generated by a given key (e.g. a signature) starts being valid and when they stop being valid. Let’s suppose Alice wants to generate a cryptographic identifier that is not tied to a specific cryptographic key. Instead she wants to be able to update the key which is associated with her identifier over time, i.e. she wants to be able to perform key rotations. A simple scheme for this would be to sign the new key with the old key and dispose of the old key. However, this could present a problem if the old key is not properly disposed of. Consider the following diagram:

We know by definition Public key (pk) A is authoritative. Alice rotates from pk A to pk B by signing pk B using key A. Now, if Carol is able to steal key A at some point after the rotation happened, she could establish a rotation to pk C. An outside observer Bob who learns of both pk B and pk C has no way of knowing which key to trust. This is because there is no information about when the rotations happened.

As you can see this is very similar to the double-spending problem: pk A should only be allowed to be spent (i.e. rotated) once. Blockchains solve this problem by introducing a hash linked ledger where all events in the system are notarized in one universal ordering, which is economically infeasible to reverse. This is critical for financial applications. However, it means that all nodes in the network need to process all events in order to uphold invariants on account balances. The Ethereum community has discovered that this problem can be somewhat circumvented by leveraging data availability sampling and rollups, but these systems are still ultimately bottlenecked by the need of logical centralization. If our goal is merely self-certified authority of data and not the security of financial transactions, could we loosen the constraints a bit to get around this bottleneck?

Blockchains as timestamp machines

Because blockchains deal with financial transactions they have to favor strong consistency since rollback of transactions would be detrimental to the system. However, many large scale distributed system today rely on eventual consistency in order to provide timely updates and processing of events. Consider our key rotation example from above. Our main goal is to establish that the key rotation that happened at the earliest point in time should be the valid rotation. If we rely on eventual consistency we could imagine Bob first seeing the rotation to pk C which happened at time N+2, and only later learning about the rotation to pk B which happened at time N+1.

This means that as long as Alice is able to prove that her key rotation happened before Carol’s key rotation, Bob will eventually learn about this (e.g. through some p2p gossip, network architecture is out of scope for this article). An interesting consideration here is that Alice herself could create two key rotations. The first one she keeps secret and the second one she makes public. At some later point in time she could reveal the secret rotation, invalidating all signatures created by the latter key. In a financial type application this would be very problematic since it would enable double spends. However, from the perspective of a self-certifying data protocol Alice would only be revoking her own data that was signed by the second key. In many cases this would only damage herself. For example, if she has built up a strong reputation over time and revokes this data her reputation would be lost. Note that care should be taken if there is a system that produces on-chain decisions based on Alice’s data. Protocols that do this might want to introduce data availability checks at the point of decision and potential cryptoeconomic penalties for cheating.

So how can we timestamp these events without putting them through the expensive logical centralization of a blockchain? First let’s consider why this logical centralization is expensive. In order to solve the double spend problem, a blockchain fulfills two properties to prevent double spends: data ordering and “proof of non-publication”. The latter is very expensive since it requires all nodes to agree on all data (e.g. transactions) included throughout the history of the blockchain. In an eventual consistent system we only need ordering, which is less expensive. It is fairly straight forward to timestamp data leveraging a blockchain without putting all of the data on-chain: (1) gather events (e.g. pieces of data, transactions) off-chain, (2) use these events to build a merkle tree (or any sort of vector commitment), and (3) make a transaction on-chain which includes the root of the tree. If Bob is now presented with an event and a merkle witness of on-chain inclusion he can trustlessly verify the timestamp of this event as long as he is at least running a light client of the given blockchain.

Key revocation in Ceramic

In Ceramic the timestamp proofs described above are called anchors, i.e. an anchor is a merkle witness that proves that a certain event existed at time N. Shown in the diagram below is a simplified example of a data structure on Ceramic where Alice produces data and rotates her key. Here, N+X refers to the wall clock time as observed in the block on which the anchor transaction was included (block number could also be used). If Bob first observes event A, B, E, and F, he would consider all of these valid. When he eventually learns of event C and D he would dismiss event E and F.

These anchors are also useful if a key has temporary authorization to write to some data structure. For example, when granting temporary write access to a session key, its authorization should automatically be revoked at some point in the future. By using an anchor we can prove that a particular event produced by a session key happened before this session keys authorization was expired. A concrete example of this is CACAO which is an example of an Object Capability. CACAO can be used to grant a specific public key temporary access to some specified resources, which is useful if we want to build a granular access control system. Consider the example below, where a CACAO is issued from Alice (the controller) to Bob:

The CACAO has an expiry date equal to N+2. Any outside observer can easily verify that the signature for Event B was produced before time N+2 because the timestamp from the anchor proves this. However, after time N+2 has passed it would be impossible for Bob to produce an anchor of Event C earlier then time N+2. The CACAO has thus been effectively revoked.

This article outlined how the strict ordering of blockchains can be paired with a more flexible approach to data availability, enabling eventually consistent protocols that are self-certifying. Ceramic utilizes this approach to create an ecosystem of composable data.

Thanks to everyone who provided feedback on this post: Christian Lundkvist, Brooklyn Zelenka, Carson Farmer, Irakli Gozalishvili, Oliver Terbu, Robert Drost, Adin Schmahmann, and Mircea Nistor.


We Are Open co-op

Why working openly on ambitious projects breeds excitement

LocalGov Drupal, community, and open source In our experience, you can be as ambitious or as open as you want with a project, but if you don’t have both then it’s harder to get people excited about it. The two work well together to gain traction and make a real-world difference. After all, if a project isn’t ambitious but is open, then people who do find out about might not care enough to b
LocalGov Drupal, community, and open source

In our experience, you can be as ambitious or as open as you want with a project, but if you don’t have both then it’s harder to get people excited about it. The two work well together to gain traction and make a real-world difference.

After all, if a project isn’t ambitious but is open, then people who do find out about might not care enough to be interested. Conversely, if a project is ambitious but not open, then people tend to get suspicious. The sweet spot is being both open and ambitious, with bonus points for finding ways to help people get involved easily!

WAO is thinking about this at the moment as we’re kicking off a new LocalGov Drupal project next month working with Aaron Hirtenstein who we’ve collaborated before in his time at Agile Collective. It’s an interesting initiative that’s right up our street, being at the confluence of openness, community, and tech.

LocalGov Drupal is a publicly owned asset that delivers a better digital experience for citizens, improves service outcomes, and saves money.

LocalGov Drupal seems to have both the ambition (shared codebases!) and openness (collaboration!) to really change the game when it comes to local digital services in the UK. There are currently 26 UK councils who have signed the Local Digital Declaration and are collaborating to develop a shared pool of code, resources, research and expertise.

There are many reasons to use Open Source Software, with a reduced total cost of ownership being just one of them. The main reason we’re excited, though, is that we’re helping in ensuring that there’s a really active community around it. To do that, we’ll be using techniques including running sessions on developing an appropriate Architecture of Participation as well as running a pre-mortem and stakeholder mapping activities, among others!

In addition, those who have already laid the groundwork have ensured that decisions are made using sociocratic processes, and that it’s set up to be inclusive and sustainable. This is very much in alignment with the Spirit of WAO!

If you’re reading this and work for a council interested in getting involved, then go directly to the LocalGov Drupal site to find out more! And if you live in the UK, why not get in touch with your local council and put it on their radar? Below are the those that have already signed up:

WAO is a collective of independent thinkers and makers helping charities, ethical companies, government departments and educational institutions with sensemaking and digital transformation.

Can we help you with your project or new initiative? Get in touch!

Why working openly on ambitious projects breeds excitement was originally published in We Are Open Co-op on Medium, where people are continuing the conversation by highlighting and responding to this story.


GS1

HSE National Immunisation Office wins IT Project of the Year for TrackVax

HSE National Immunisation Office wins IT Project of the Year for TrackVax diamondbybold Thu, 04/28/2022 - 09:41 HSE National Immunisation Office wins IT Project of the Year for TrackVax 27 April 2022 Health inno
HSE National Immunisation Office wins IT Project of the Year for TrackVax diamondbybold Thu, 04/28/2022 - 09:41 HSE National Immunisation Office wins IT Project of the Year for TrackVax 27 April 2022 Health innovation and technology led the way at the CIO & IT Leaders Awards on the 24th March 2022.

The HSE National Immunisation Office took home ‘IT Project of the Year’ for the implementation of ScanVax and TrackVax, supporting the safe and effective rollout of the Covid-19 vaccine in Ireland.


Left to right: Joseph McManus HSE, Fionnuala King, HSE, Denis O’Brien GS1 Ireland, Amy Colgan HSE, Martin Wickham HSE, Wayne Leitch iQuest, Siobhain Duggan GS1 Ireland, Kerry Ryder HSE, John Swords HSE (GS1 Ireland Board Member), Mariangela Toma HSE, Mike Byrne GS1 Ireland, Amanda Creane GS1 Ireland, Muriel Pate HSE.

 

Congratulations to the HSE National Immunisation Office, the TrackVax Governance Team, and the TrackVax Project Team and all involved in the project! GS1 Ireland are privileged to have been involved in this important collaboration, to adopt a standards-based approach for the identification and tracking of vaccines right through to the point of vaccination.
The importance of these achievements are also recognised by GS1 Global Office.

“Congratulations to Ireland’s HSE National Immunisation Office on winning the ‘IT project of the year award’ at the CIO & IT Leaders Awards 2022. TrackVax is one of the best use cases for barcode scanning that I have ever seen; it is deservedly recognised as an award-winning implementation of barcode scanning in healthcare. The NIO’s collaboration with GS1 Ireland on TrackVax is a world-class example of GS1 standards in action enabling the fast, efficient, and safe tracking of vaccine stock from HSE National Cold Chain Service to Pharmacists and right through to the client in all of Ireland’s vaccination centres”.
Miguel A. Lopera, President and Chief Executive Officer of GS1


Impact of ScanVax and TrackVax 
Following an intensive design phase with the HSE project team, two software applications were developed - ScanVax for receipt of the vaccine and TrackVax to track the vaccine to the point of vaccination. Both solutions are provided by GS1 Ireland. There is 100% uptake of the software and users now describe it as essential to their service

“GS1 Ireland was honoured to work with the HSE to adopt a standard-based approach for the identification and tracking of vaccines to the point of vaccination. The successful delivery of the national COVID-19 vaccination programme is recognised as a model that can be applied to many other areas of care delivery. Stakeholders, including clinical practitioners, are increasingly seeing the benefits provided by the unique identification and tracking of medical products and healthcare locations using barcodes and traceability standards.”.
Mike Byrne, CEO GS1 Ireland and Member GS1 Global Management Board
 

The utilisation of TrackVax within CVCs has enabled the administration of over 4,500,000 doses in a speedy, reliable, standardised and accurate manner. Local CVCs are able to manage their stock more effectively through the utilisation of accurate data, with up to 5,000 doses administered a day with a rolling expiry time and up to 30 vaccinators to keep stocked, this was a significant efficiency and safety mechanism.

“At our peak we were vaccinating 8 clients per minute, we couldn’t have done that without TrackVax.”
Joan Peppard, Pharmacy Vaccination lead Dublin Mid-Leinster, HSE.

“From a medication safety perspective, the use of Trackvax across our vaccination centres really helps to standardise our workflow, ensuring vaccines are labelled clearly with all relevant details, which is so important when delivering a programme on such a big scale.”
Muriel Pate, Medication Safety Specialist Pharmacist, HSE Quality and Patient Safety Directorate


Read more

Read more on the NIO website here: https://www.hse.ie/eng/health/immunisation/news/nioaward2022.html

The CIO and IT Leaders Awards is an excellent platform to recognise the people and organisations who took the opportunity to radically transform their businesses to become digital leaders in their sectors.  
Read about all the CIO & IT Leaders Awards 2022 here: https://cioawards.ie/winners/
 

Learn more about how Traceability standards are enabling a safer, more efficient rollout of the COVID-19 vaccine across Ireland:
Case Study: https://www.gs1ie.org/healthcare/resources/case-studies/traceability-standards-enabling-a-safer-more-efficient-rollout-of-the-covid-19-vaccine-across-ireland.html

 

Wednesday, 27. April 2022

EdgeSecure

Dr. Forough Ghahramani to Present at Connecticut Education Network’s 9th Annual Member Conference

The post Dr. Forough Ghahramani to Present at Connecticut Education Network’s 9th Annual Member Conference appeared first on NJEdge Inc.

NEWARK, NJ, April 28, 2022 – Edge’s Dr. Forough Ghahramani, Associate Vice President for Research, Innovation, and Sponsored Programs, will discuss available resources for research at under-resourced academic institutions during a session at Connecticut Education Network’s (CEN) 9th Annual Member Conference. 

Taking place May 5, 2022 at the Connecticut Convention Center, Dr. Ghahramani’s presentation titled Broadening the Reach for Access to Advanced Cyberinfrastructure Resources, will highlight the fact that many smaller, mid-sized and under-resourced campuses, including MSIs, HSIs, HBCUs and EPSCoR institutions, have compelling science research and education activities along with an awareness of the benefits associated with better access to cyberinfrastructure (CI) resources. Notes Dr. Ghahramani, “These schools can benefit greatly from resources and expertise to augment their in-house efforts.”

Dr. Ghahramani further explains, “As a member of the Ecosystem for Research Networking (ERN) Broadening the Reach (BTR) working group, I’ve been deeply involved to address these issues by focusing on learning directly from the under-resourced academic institutions in the region on how best to support them for research collaboration and advanced computing requirements. I look forward to sharing some of these insights at the CEN Conference.” 

CEN’s Member Conference will be hosted in-person with over 500 attendees and industry leaders participating in training, collaboration, education, and networking. 

Visit https://web.cvent.com/event/d84cf038-8339-4fe2-83e9-ed984dd5a1f9/summary to learn more about the event or the ERN website to learn more about its workshops, including BTR, at https://www.ernrp.org/workshops/.

The post Dr. Forough Ghahramani to Present at Connecticut Education Network’s 9th Annual Member Conference appeared first on NJEdge Inc.


Energy Web

How Energy Web and ENGIE Energy Access leverage crypto to expand solar energy access in…

How Energy Web and ENGIE Energy Access leverage crypto to expand solar energy access in Sub-Saharan Africa New crowdfunding platform will provide low-cost finance for clean energy projects in Africa — and Energy Web Token holders can take part Zug, Switzerland — 27 April 2022 — This month, Energy Web will launch Crowdfund for Solar alongside ENGIE Energy Access, a new staking platform that
How Energy Web and ENGIE Energy Access leverage crypto to expand solar energy access in Sub-Saharan Africa

New crowdfunding platform will provide low-cost finance for clean energy projects in Africa — and Energy Web Token holders can take part

Zug, Switzerland — 27 April 2022 — This month, Energy Web will launch Crowdfund for Solar alongside ENGIE Energy Access, a new staking platform that will allow Energy Web Token (EWT) holders to support the installation of solar energy infrastructure for energy-deficient communities in Sub-Saharan Africa.

Get involved
The link to the staking platform is live here! Find the tutorial on how to stake your Energy Web Tokens through the Crowdfund4Solar platform.

The energy challenge in Africa
Africa has an abundant solar resource — yet many regions of the continent, particularly remote and rural areas, lack adequate electrification. Around 621 million people in Africa, or two-thirds of the population, currently have no access to electricity.

While solar energy naturally forms a part of the solution here, given its nature as a distributed energy resource that can operate independently of a centralised power grid, there is a barrier to uptake in balancing the need for affordability with creating the most high-quality, durable and long-lasting solar solutions.

This partnership has the potential to open up access to clean energy to many more communities in Africa because it increases the affordability of top-quality solar devices. Through the decrease in financing costs that this crowdfunding will create, ENGIE Energy Access can increase the number of lives it impacts — supporting communities to sustainably move from dangerous and dirty energy sources such as kerosene to clean, reliable energy.

How is Energy Web helping?
We’re working with ENGIE Energy Access to launch Crowdfund for Solar, a new platform that will provide low-cost finance for the deployment of solar home systems (SHS) to communities across Africa. ENGIE Energy Access is the leading provider of solar and mini-grid solutions in Africa, and has already delivered renewable energy to 7 million people across 9 countries to date. It is also one of the founding members of the Energy Web Foundation, making ENGIE one of Energy Web’s longest-running partners.

Crowdfund for Solar, which Energy Web is building in partnership with ENGIE Energy Access and operating using Energy Web’s open-source technology stack, will allow participants to stake EWT in exchange for a fixed return. The crowdfunding will be launched on May 4th, 2022 for a two-week pilot period, with an investment target of USD $100,000. This target has been set to show proof-of-concept and will be scaled up if successful.

Investing the money raised from EWT stakers, ENGIE Energy Access will deploy its high-quality and expandable SHS to those in need of energy in countries across Sub-Saharan Africa. The initial stake funds the solar installation, which is then paid back under a lease-to-own model, paid for in affordable installments at a lower daily installment rate than would otherwise be possible.

Energy: an essential need
For energy-deficient households, schools, and small businesses in Africa, having access to accessible, low-cost energy solutions is transformative. It brings families out of the dark and into the light, with clean power to read and work in the evening and enjoy modern conveniences such as radios, TVs, and fans. It increases economic prosperity by providing productive use of appliances to start businesses. Solar energy is the clean and viable alternative to oil lamps and candles that damage health, pose a fire hazard, and are expensive to use in the long run.

ENGIE Energy Access will utilize the Crowdfund for Solar investment to deploy SHS in countries like Rwanda and Zambia, which exhibit particularly low electrification rates (at around 40%). In addition to working with the energy-deficient communities, Crowdfund for Solar will aim to prioritize women among the recipients, with the target of at least 30% of the loans going to women-led households. Once the pilot period finishes, a full report will be published on the outcome of the financing, with verification provided for the demographic target for the loans.

Get involved
The link to the staking platform is live here! Find the tutorial on how to stake your Energy Web Tokens through the Crowdfund4Solar platform.

By staking EWT, you will receive Solar Loan Tokens (SLTs) in exchange, a proof token that can be exchanged or transferred separately. In one year’s time, stakers will have the opportunity to exchange their SLT back for a 10% return on their investment, with the knowledge that they made a positive contribution to expanding access to clean energy.

This new platform is an exciting way to harness the power of decentralized finance to create a crucial impact in the world. Following this pilot period, Crowdfund for Solar has the potential to scale up and support ENGIE Energy Access in its vital mission to provide clean power to millions of more people throughout Africa.

So let’s get ready to stake EWT and contribute to equitable energy access!

You can read more about ENGIE Energy Access’ mission here.

About Energy Web
Energy Web is a global, member-driven non-profit accelerating the low-carbon, customer-centric energy transition by unleashing the potential of open-source, digital technologies. Our Energy Web Decentralized Operating System (EW-DOS) enables any energy asset, owned by any customer, to participate in any energy market. The Energy Web Chain — the world’s first enterprise-grade, public blockchain tailored to the energy sector — anchors the EW-DOS tech stack. The Energy Web ecosystem comprises leading utilities, grid operators, renewable energy developers, corporate energy buyers, IoT / telecom leaders, and others.

About ENGIE Energy Access
ENGIE Energy Access is the leading Pay-As-You-Go (PAYGo) and mini-grids solutions provider in Africa. The company develops innovative, off-grid solar solutions for homes, public services, and businesses, enabling customers and distribution partners access to clean, affordable energy. The PAYGo solar home systems are financed through affordable installments from $0.19 per day, and the mini-grids foster economic development by enabling electrical productive use and triggering business opportunities for entrepreneurs in rural communities. With over 1,700 employees, operations in nine countries across Africa (Benin, Côte d’Ivoire, Kenya, Mozambique, Nigeria, Rwanda, Tanzania, Uganda, and Zambia), almost 1.5 million customers, and more than 7 million lives impacted so far, ENGIE Energy Access aims to remain the leading clean energy company, serving millions of customers across Africa by 2025.

How Energy Web and ENGIE Energy Access leverage crypto to expand solar energy access in… was originally published in Energy Web Insights on Medium, where people are continuing the conversation by highlighting and responding to this story.

Tuesday, 26. April 2022

CU Ledger

Bonifii and Entersekt Announce New Context-Aware Authentication Solution for Credit Unions

Bonifii and Entersekt Announce New Context-Aware Authentication Solution for Credit Unions Provides context-aware biometric authentication technology to boost security and deliver seamless UX Denver, CO and Atlanta, GA [April 21, 2022] – Bonifii and Entersekt today announced a new partnership bringing context-aware authentication technology to credit unions through MemberPass Express, powered by E

Bonifii and Entersekt Announce New Context-Aware Authentication Solution for Credit Unions

Provides context-aware biometric authentication technology to boost security and deliver seamless UX

Denver, CO and Atlanta, GA [April 21, 2022] – Bonifii and Entersekt today announced a new partnership bringing context-aware authentication technology to credit unions through MemberPass Express, powered by Entersekt. MemberPass is the first KYC-compliant member-controlled digital identity issued by credit union cooperatives. With the addition of Entersekt’s technology, members will be protected by best-of-breed authentication technology. The solution provides members with a superior user experience, enabling them to authenticate themselves on any channel in less than 10 seconds.

With MemberPass Express, credit union members will be able to seamlessly authenticate their identity using biometrics when doing an e-commerce transaction, visiting a branch, contacting a call center, or logging in to online or mobile banking – all with a consistent user experience. A pilot project with two initial credit unions is already in progress.

“We are very excited to work with Bonifii to bring Entersekt’s expertise in context-aware passwordless authentication to credit unions. The joint new solution leverages artificial intelligence to protect members from fraud by analyzing the context (such as identity, behavior, location, device, and channel) of each user journey in real time. This informs the most appropriate member authentication method that will be used, and means that members will now benefit from industry-leading authentication, while enjoying a fast and smooth user experience,” says Schalk Nolte, CEO at Entersekt.

Entersekt’s solutions have long been characterized by a strong, secure platform that becomes a springboard for innovative user journeys. The company has a strong track record with over ten years’ experience in financial services: its technology is used by numerous banks, payment processors, insurance companies and other financial institutions worldwide, securing over 1 billion events every month.

“Leveraging Entersekt’s vast expertise in this space, MemberPass Express provides credit unions with a revolutionary solution for authenticating members’ identities. It will bring members peace of mind when transacting, and offer them a very quick and seamless user experience,” says John Ainsworth, president and CEO of Bonifii.

““We are committed to creating a world-class experience while protecting the nation’s credit union members from becoming victims of fraudulent activity, and we believe we’ve done just that in MemberPass Express. The partnership between Bonifii and Entersekt is a game changer in streamlining the member authentication experience,” adds Barbra Lowman, president of CUNA Strategic Services.

About Bonifii

MemberPass is provided by Bonifii®

Denver-based Bonifii is the financial industry’s first verifiable exchange network designed to enable trusted digital transactions using open standards and best-of-breed security technologies. Bonifii empowers credit unions to change the way they interact with their members by enabling a seamless user experience in every financial transaction through a secure, private, trusted, and transparent resolution of the entities’ identity. To learn more about Bonifii, visit www.bonifii.com, email us at sales@memberpass.com, or follow the company on the Bonifii blog, LinkedIn, or Twitter.

About Entersekt

Entersekt is a leading provider of strong device identity and customer authentication software. Financial institutions and other large enterprises in countries across the globe rely on its multi-patented technology to communicate with their clients securely, protect them from fraud, and serve them convenient new experiences irrespective of the channel or device in use. They have repeatedly credited the Entersekt Secure Platform with helping to drive adoption, deepen engagement, and open opportunities for growth, all while meeting their compliance obligations with confidence. For more information, visit entersekt.com.

 

Media contacts:

Bonifii:                             Entersekt:

Jennifer Land                   Lelanie de Roubaix

jland@bonifii.com          lelanie@entersekt.com

The post Bonifii and Entersekt Announce New Context-Aware Authentication Solution for Credit Unions appeared first on Bonifii.


Bonifii Selects Mastercard as Preferred Open Banking Provider

Bonifii Selects Mastercard as Preferred Open Banking Provider Credit unions to access consumer-permissioned data for faster, more accurate underwriting DENVER, April 25, 2022 – Bonifii today announced that is has selected Mastercard, through its wholly owned subsidiary Finicity, as the preferred open banking provider for its MemberPass® credit unions to access consumer-permissioned bank data, to [

Bonifii Selects Mastercard as Preferred Open Banking Provider

Credit unions to access consumer-permissioned data for faster, more accurate underwriting

DENVER, April 25, 2022 – Bonifii today announced that is has selected Mastercard, through its wholly owned subsidiary Finicity, as the preferred open banking provider for its MemberPass® credit unions to access consumer-permissioned bank data, to inform underwriting for different loan types across mortgage, auto, personal and small business.   

MemberPass, powered by Bonifii, is a digital ID that uses distributed ledger technology and FIDO privacy principles, currently issued by credit unions. FIDO technical specifications state that a FIDO device must not have a global identifier visible across websites, which helps to prevent unwanted and unexpected re-identification of a FIDO user. With the help of Mastercard, Bonifii members can add consumer-permissioned data in addition to the MemberPass digital identity solution to help individuals access capital securely.

“MemberPass is the gold standard in the digital identity market, and as Bonifii’s preferred open banking provider, Mastercard will enable credit unions to step into the digital frontier through the use of consumer-permissioned data,” said Bonifii’s CEO John Ainsworth. “This will complement the current credit rating system by leveraging verification of income and assets for auto, personal and mortgage lending.”

Mastercard’s open banking platform can deliver verification of income, asset, and employment reports directly to credit unions during the underwriting process, all built with consumer-permissioned data from the borrower. This technology enables credit unions to offer a digital-first method through which their borrowers can instantly provide the required information that the credit union needs to make a lending decision and replaces manual processes historically associated with the underwriting process for both the borrower and the lender.

“Mastercard’s open banking technology provides a growth opportunity for credit unions to expand account opening, lending and loan servicing”, said Andy Sheehan, EVP, U.S. Open Banking at Mastercard. “Mastercard’s ability to immediately verify account information, via open banking technology and consumer-permissioned data, will be imperative for competitive financial institutions, and digitizing account verification to enhance and better inform underwriting methods will play a critical role in the future of loan processing.”

 

Mastercard’s open banking technology also reduces the potential for fraud and other time-consuming inaccuracies that credit union underwriters face daily. Together, Bonifii and Mastercard will allow for a more safe, secure and private opportunity for consumers to permission their data to verify identity and account ownership during the lending process.

About Bonifii

Denver-based Bonifii is the financial industry’s first verifiable exchange network designed to enable trusted digital transactions using open standards and best-of-breed and security technologies. Its mission is to provide a premier digital network of peer-to-peer financial exchange for financial cooperatives. The network brings a high degree of assurance to the exchange of value between peers over the Internet and other digital networks and streamlines processes affected by expensive, inefficient, proprietary and siloed systems. For more information, visit Bonifii.com.

About Mastercard (NYSE: MA)

Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all. www.mastercard.com

The post Bonifii Selects Mastercard as Preferred Open Banking Provider appeared first on Bonifii.


Kantara Initiative

Member Spotlight – IDENTOS

1.     What value do you think membership of Kantara brings? Kantara continues to be the best place in the industry to find other expertsand engage in meaningful conversations. We share the vision that standardization of identity and authorization solutions result in direct benefits to people and organizations. 2.     How have you used your Kantara membership to your advan

1.     What value do you think membership of Kantara brings? Kantara continues to be the best place in the industry to find other expertsand engage in meaningful conversations. We share the vision that standardization of identity and authorization solutions result in direct benefits to people and organizations. 2.     How have you used your Kantara membership to your advantage? We’ve continued to use the Kantara network to gain and share knowledge.The groups are filled with experts with a huge range of experience, all brought together around the appropriate use of identity and technology.The UMA Working Group has been…

The post Member Spotlight – IDENTOS appeared first on Kantara Initiative.


Oasis Open

Invitation to comment on OSLC Architecture Management Version 3.0 before call for consent as OASIS Standard – ends June 24

OSLC Specifications collectively define a core set of services and vocabularies for lifecycle management. Architecture Management provides a means of defining the things whose lifecycles are being managed. The post Invitation to comment on OSLC Architecture Management Version 3.0 before call for consent as OASIS Standard – ends June 24 appeared first on OASIS Open.

OSLC Specifications collectively define a core set of services and vocabularies for lifecycle management. Architecture Management provides a means of defining the things whose lifecycles are being managed. General information about this public review can be found in https://docs.oasis-open-projects.org/oslc-op/am/v3.0/ps01/am-v3.0-ps01-public-review-metadata.html.

OASIS and the OSLC Open Project [1] are pleased to announce that OSLC Architecture Management Version 3.0 is now available for public review and comment.

The OSLC Specifications collectively define a core set of services and domain vocabularies for lifecycle management including requirement, change and quality management.

OSLC Architecture Management defines a RESTful web services interface for the management of architectural resources and relationships between those and related resources such as product change requests, activities, tasks, requirements or test cases. To support these scenarios, the specification defines a set of HTTP-based RESTful interfaces in terms of HTTP methods: GET, POST, PUT and DELETE, as well as HTTP response codes, content type handling and resource formats.

The specification is part of a broader set of OSLC specifications that are part of the OSLC-OP project. In particular, OSLC-Core (https://docs.oasis-open-projects.org/oslc-op/core/v3.0/oslc-core.html) provides the core services upon which the Architecture Management specification is built.

The OP has received 3 Statements of Use from IBM, KTH Royal Institute of Technology, and SodiusWillert [3].

The candidate specification and related files are available here:

OSLC Architecture Management Version 3.0
Project Specification 01
30 September 2021

OSLC Architecture Management Version 3.0. Part 1: Specification

https://docs.oasis-open-projects.org/oslc-op/am/v3.0/ps01/architecture-management-spec.html (Authoritative)
https://docs.oasis-open-projects.org/oslc-op/am/v3.0/ps01/architecture-management-spec.pdf

OSLC Architecture Management Version 3.0. Part 2: Vocabulary

https://docs.oasis-open-projects.org/oslc-op/am/v3.0/ps01/architecture-management-vocab.html (Authoritative)
https://docs.oasis-open-projects.org/oslc-op/am/v3.0/ps01/architecture-management-vocab.pdf

OSLC Architecture Management Version 3.0. Part 3: Constraints

https://docs.oasis-open-projects.org/oslc-op/am/v3.0/ps01/architecture-management-shapes.html (Authoritative)
https://docs.oasis-open-projects.org/oslc-op/am/v3.0/ps01/architecture-management-shapes.pdf

OSLC Architecture Management Vocabulary definitions file:

https://docs.oasis-open-projects.org/oslc-op/am/v3.0/ps01/architecture-management-vocab.ttl

OSLC Architecture Management Resource Shape Constraints definitions file:

https://docs.oasis-open-projects.org/oslc-op/am/v3.0/ps01/architecture-management-shapes.ttl

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:

https://docs.oasis-open-projects.org/oslc-op/am/v3.0/ps01/am-v3.0-ps01.zip

Public Review Period

The 60-day public review starts 26 April 2022 at 00:00 UTC and ends 24 June 2022 at 23:59 UTC.

This is an open invitation to comment. OASIS solicits feedback from potential users, developers and others, whether OASIS members or not, for the sake of improving the interoperability and quality of its technical work.

Comments may be submitted to the OP by any person via the project mailing list at oslc-op@lists.oasis-open-projects.org. To subscribe, send an empty email to oslc-op+subscribe@lists.oasis-open-projects.org and reply to the confirmation email.

Please append the hashtag #publicreview to the end of the subject line of your message.

All emails to the OP are publicly archived and can be viewed at: https://lists.oasis-open-projects.org/g/oslc-op/topics.

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the OP members. In connection with this public review of “OSLC Architecture Management Version 3.0,” we call your attention to the OASIS IPR Policy [4] applicable especially [5] to the applicable open source license. All members of the OP should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this OP’s work.

Additional information

[1] OASIS Open Services for Lifecycle Collaboration (OSLC) OP
https://open-services.net/about/

[2] Approval ballot:
https://lists.oasis-open-projects.org/g/oslc-op-pgb/message/234

[3] Statements of Use:

IBM
https://lists.oasis-open-projects.org/g/oslc-op/message/768 KTH
https://lists.oasis-open-projects.org/g/oslc-op/message/756 SodiusWillert
https://lists.oasis-open-projects.org/g/oslc-op/message/771

[4] http://www.oasis-open.org/policies-guidelines/ipr

[5] https://github.com/oslc-op/oasis-open-project/blob/master/LICENSE.md

The post Invitation to comment on OSLC Architecture Management Version 3.0 before call for consent as OASIS Standard – ends June 24 appeared first on OASIS Open.


Digital ID for Canadians

Agri-Food Product Identity Verification & Governance – DIACC Special Interest Group Insights

This report was created by the Identity Verification and Food Traceability DIACC Special Interest Group and was a collaborative effort between the University of Guelph, DIACC,…

This report was created by the Identity Verification and Food Traceability DIACC Special Interest Group and was a collaborative effort between the University of Guelph, DIACC, and other subject matter experts. This report discusses what the identity verification related requirements for the creation and management of agri-food products (or items) unique identifiers to enable provenance tracking, ensure traceability, facilitate agri-food data integration, enhance governance, protect privacy and confidentiality, inform policies, and improve communications. 

Download the report here.

Agri-Food-Product-Identity-Verification-and-Governance-DIACC-Special-Interest-Group-Insights


Lissi

Lissi Demonstration im Forum Digitale Technologien

Lissi Demonstrator im Forum Digitale Technologien Das Forum digitale Technologien beinhaltet nun die Lissi Demo. Über das Forum Digitale Technologien Das Forum Digitale Technologien ist Vernetzungsplattform und Ausstellungsfläche für ausgewählte Forschungsprojekte und Innovationen im Bereich digitaler Technologien aus Deutschland. Das Forum bietet herausragenden Forschungsprojekten eine Plat
Lissi Demonstrator im Forum Digitale Technologien Das Forum digitale Technologien beinhaltet nun die Lissi Demo. Über das Forum Digitale Technologien

Das Forum Digitale Technologien ist Vernetzungsplattform und Ausstellungsfläche für ausgewählte Forschungsprojekte und Innovationen im Bereich digitaler Technologien aus Deutschland. Das Forum bietet herausragenden Forschungsprojekten eine Plattform für mehr Sichtbarkeit und fördert den Austausch und den Wissenstransfer auf nationaler und internationaler Ebene.

Die Veranstaltungen und Demonstratoren des Forums fokussieren sich auf die technischen Schnittstellen und gesellschaftlichen Spannungsfelder aktueller Technologietrends: Internet of Things, Big Data, Künstliche Intelligenz und Sicherheit und Vertrauen im Digitalen Raum.

Der Showroom des Forums bietet eine Ausstellungsfläche für Projekte aus den Technologieprogrammen des Bundesministeriums für Wirtschaft und Klimaschutz sowie weiterer Förderprogramme des Bundes.

Mehr Informationen über das Forum digitale Technologien gibt es auf der Website.

Lissi Demo im Showroom des Forums Marc Reznicek vom Fraunhofer Heinrich-Hertz-Institut (links) und Adrian Doerk, Main Incubator GmbH (rechts.)

Die Lissi Demo ist Teil des Themenbereichs “Vertrauen im Digitalen Raum”. Sie veranschaulicht mehrere Anwendungsfälle aus Sicht der Nutzenden und gibt einen praxisnahen Einblick in die Interaktionen. Sie können die Demo hier selber ausprobieren: https://lissi.id/demo

Übersicht der verschiedenen Anwendungsfälle und Nachweise der Lissi Demo.

Die Demonstration veranschaulicht, wie Anwendungsfälle und Nachweise aus dem hoheitlichen und privatwirtschaftlichen Bereich miteinander kombiniert werden können.

Im ersten Anwendungsfall der Lissi Demo erhalten Nutzende einen Online-Pass.

Das Lissi Team der main incubator GmbH ist Konsortialleiter des IDunion Konsortiums. IDunion ist eines der vier Projekte im Schaufenster Digitale Identitäten, welches vom Bundesministerium für Wirtschaft und Klima gefördert wird. Die vier geförderten Schaufensterprojekte werden von der Begleitforschung unterstützt.

Ziel von IDunion ist es, ein Ökosystem für vertrauensvolle digitale Identitäten zu schaffen, welches mit europäischen Werten betrieben wird und weltweit nutzbar ist. Dabei werden digitale Identitäten für natürlich Personen, juristische Personen, sowie Dinge (IoT) berücksichtigt.

Über Lissi:
Lissi bietet einfache Anwendungen für Organisationen, um vertrauenswürdige Interaktionen mit Nutzenden zu ermöglichen. Dazu gehört das Lissi Wallet sowie unsere Anwendungen für Organisationen.

Friday, 22. April 2022

Elastos Foundation

Elastos Bi-Weekly Update – 22 April 2022

...

Energy Web

Securing the Energy Transition with the Energy Web Consortia Relay Chain

Zug, Switzerland, 22 April 2022 — Over the past several months our team has conducted a detailed design exercise to finalize the architecture of the upcoming Energy Web Consortia Relay Chain in close partnership with Parity technologies. As we move closer to bringing the network to life, our team is excited to share an update with the broader Energy Web community about this crucial evolution of En

Zug, Switzerland, 22 April 2022 — Over the past several months our team has conducted a detailed design exercise to finalize the architecture of the upcoming Energy Web Consortia Relay Chain in close partnership with Parity technologies. As we move closer to bringing the network to life, our team is excited to share an update with the broader Energy Web community about this crucial evolution of Energy Web technology.

At the highest level, our vision is for the Energy Web Consortia Relay Chain to become a decentralized global network that secures and validates a) hundreds of millions of identities representing people, organizations, and devices from across the globe and b) application-specific blockchains powering enterprise-grade software solutions.

This post describes the current design of the Energy Web Consortia Relay Chain, how it works, its similarities to the Polkadot Relay Chain, and the token economic model behind the new blockchain.

Energy Web Solutions, Explained

The Energy Web Consortia Relay Chain, or EW-CRC for short, is focused on bringing to market three specific solutions that Energy Web, in partnership with energy companies around the world, has developed since our founding in 2017. These solutions represent areas where decentralized technology — in Energy Web’s case a mix of public blockchains, decentralized identifiers, Energy Web Tokens, and decentralized software architectures — can create significant business value for enterprises. We believe the decentralized multi-tenant environments required for these solutions are only possible with public blockchain technologies, and we see more and more enterprises ready to embrace them.

The three solutions are: Switchboard, our enterprise-focused self-sovereign identity, and access management solution built on the W3C administered decentralized identifier standard. Examples of existing real-world implementations include Stedin’s identity and access management solution, CAISO flex alert, and our work with Vodafone, Kigen, and KORE wireless. Decentralized data exchange hubs enable different combinations of energy companies, prosumers, and individual devices (e.g., electric vehicles, batteries) to exchange and process granular data in a secure, trustworthy, and decentralized way. Implementation examples include Project EDGE, Project Symphony, and all e-mobility related work in Western Europe with Elia Group. Green proof platforms, our solution focused on enabling next-generation traceability for low, zero, or negative carbon supply chains. Our primary work in this area is focused on renewably mined cryptocurrency, 24/7 renewable energy matching, and sustainable aviation fuel.

In our new architecture, each of these solutions — and the digital identities associated with them — are secured via the EW-CRC. The high-level architecture diagram below paints a picture.

Security layer: securing application-specific blockchains and digital identities

Similar to the Polkadot Relay chain, the EW-CRC will be a decentralized, proof-of-stake blockchain. EW-CRC validators are organizations and/or individuals who have staked a large number of Energy Web Tokens — the existing native utility token of the Energy Web Chain. Energy Web Token staking will also determine governance on EW-CRC.

Just like Polkadot, Validators on EW-CRC secure the state of every blockchain connected to it. These blockchains, called parachains in the Polkadot ecosystem, each have their own governance and token economic configurations. For EW-CRC, we won’t have parachains. Instead, we will have solutions, many of which will be powered by their own application-specific blockchains behind the scenes. These solutions will make it possible for individual enterprises or consortias to govern their own applications and, if they choose, deploy additional tokens on application-specific blockchains embedded within the solutions.

Importantly, validators on EW-CRC secure more than the blockchains underneath. EW-CRC validators will also be performing a crucial identity resolution service. This service ensures that the process of issuing verifiable credentials to or from any digital identity connected to the Energy Web stack is secure and can be trusted. Given the importance of identity, decentralized identifiers, and verifiable credentials in our work at Energy Web, securing these identities and the surrounding attributes is perhaps the single most important function of a public blockchain. This is the primary service delivered by validators on EW-CRC.

This architecture extends the shared security benefit of the Polkadot Relay Chain beyond blockchain by applying it to the identities underlying each solution in the Energy Web ecosystem. By doing so, we produce a major cybersecurity benefit — especially when combined with proof-of-stake and smart token economic design.

Solution layer: transitioning business processes onto the blockchain

Within each solution, the Energy Web team is configuring application-specific blockchains to perform useful work relevant to the business application of our global community of energy companies. Over the coming months, we will provide additional detail on how and why we embed crucial business functions within a decentralized blockchain protocol. This innovation — decentralizing a business function and making it possible for multiple market participants to verify that a specific piece of work is being accurately performed — is the bleeding edge of blockchain innovation in an enterprise setting; it is one of the key differentiators of Energy Web solutions from traditional centralized and siloed software architectures, and we look forward to sharing more detail on this topic with the community soon.

We intend to bring three initial solutions to market under the EW-CRC test network. They include a production version of the Open Charge Network via a decentralized data exchange hub, our work in Australia on Project EDGE, and a green proof platform called, “Green Blocks” focused on helping cryptocurrency miners become 100% renewable. Additional detail on each of these solutions will be released later this year.

Enterprise user layer: combining as-a-service payments with good token economics

Energy Web solutions unlock business value for market participants in a variety of different ways. And since open-source decentralized software requires a number of services in order to run in a production environment, businesses need a simple way to pay for these services, similarly to any (centralized) software offered “as-a- service”.

We aim to make it easy and simple for enterprises to pay and access any solution connected to the EW-CRC. Furthermore, we intend to do so using a novel token model that combines an easy enterprise experience with good token economics.

The new model uses two tokens. One is a new stable coin-like native utility token called the Energy Web Consortia Relay Chain token (CRT); the other is the existing Energy Web Token — the staking and governance token of EW-CRC.

Here’s how it works: enterprise users pay in fiat (government-issued currencies like USD, EUR, CHF, etc.) to access solutions. Our aim is to mimic how enterprises pay for access to traditional software-as-a-service solutions today. Fiat revenues from enterprises will be converted to the native token of the EW-CRC, CRT, a stable coin-like token pegged to a fiat currency.

CRT payments from enterprises are then automatically distributed in two ways. First, a percentage is paid directly to EW-CRC validators for the services they provide. Second, the remainder is used to further enhance the integrity and economic security of the EW-CRC by automatically acquiring and staking Energy Web Tokens — the staking and security token of the EW-CRC — against EW-CRC validators.

In addition to being simple to administer and explain, this model has the effect of further securing enterprise solutions with each as-a-service payment made, unlocking even more business value along the way. With such a design, more solutions with more economic activity taking place on them translates directly to an increase in security for all solutions connected to EW-CRC.

Over the coming weeks and months, our team will continue to provide updates to the Energy Web community about EW-CRC, ways to get involved with the launch of the test Consortia Relay Chain, application-specific blockchains, and eventually the production network.

About Energy Web
Energy Web is a global, member-driven non-profit accelerating the low-carbon, customer-centric energy transition by unleashing the potential of open-source, digital technologies. Our Energy Web Decentralized Operating System (EW-DOS) enables any energy asset, owned by any customer, to participate in any energy market. The Energy Web Chain — the world’s first enterprise-grade, public blockchain tailored to the energy sector — anchors the EW-DOS tech stack. The Energy Web ecosystem comprises leading utilities, grid operators, renewable energy developers, corporate energy buyers, IoT / telecom leaders, and others.

Securing the Energy Transition with the Energy Web Consortia Relay Chain was originally published in Energy Web Insights on Medium, where people are continuing the conversation by highlighting and responding to this story.


EdgeSecure

Transforming Communications Platforms to Support Office and Remote Workers

The post Transforming Communications Platforms to Support Office and Remote Workers appeared first on NJEdge Inc.

Wednesday, 20. April 2022

eSSIF-Lab

Meet the eSSIF-Lab ecosystem: “Completing the Framework” Programme participants

The extraordinary (and last) open call aimed at completing and reinforcing the eSSIF-Lab SSI Framework was directed at SMEs, non-for-profits and research organisations. After a tough competition among overall excellent proposals, eSSIF-LAB selected the 4 most promising proposals out of 42 submitted applications. 161 applications were started all together, from 22 different countries.  

 Are you curious to know what SSI Solutions will be joining the final “Completing the Framework” Programme?

Meet them here:

PCDS-DP

Product Circularity Data Sheets Digital Passport – https://compell.io

ESSIF 4 Logistics

SSI based authorization for cross- border government and business representatives in logistics – https://sis.lt

Symfoni AS

Infrastructure to facilitate payments for verifiable credentials

– https://www.symfoni.dev/

Datarella GmbH

Go Aries – Enabling CL-Support on Aries Framework Go

– https://datarella.com

 

The selected project teams are taking part in a 7-month support programme and will receive up to 53K€ funding in 2 tranches: 13K€ after successful completion of the first, and an additional 40K€ after the completion of the second phase.  

 If you would like to learn more about these or other participants, summaries of all the SSI Solutions under development will be published in the projects section of the eSSIF-LAB website soon.

To stay updated with the results and follow-ups, join the NGI Community


Digital Identity NZ

Towards a more ‘Identiful’ Digital Strategy for Aotearoa

Welcome back from the holiday break. I hope that you and your whanau were able to relax, re-energise and share good times.  Last week saw the release of the Summary of Public Engagement of the Digital Strategy for Aotearoa discussion document. The original document itself was released in Q4 2021 to invite kōrero and submissions, despite the challenges … Continue reading "Toward

Welcome back from the holiday break. I hope that you and your whanau were able to relax, re-energise and share good times.  Last week saw the release of the Summary of Public Engagement of the Digital Strategy for Aotearoa discussion document. The original document itself was released in Q4 2021 to invite kōrero and submissions, despite the challenges that COVID-19 presented for public engagement of this nature.

Kudos to Digital Identity NZ (DINZ) members DIA and MBIE forming part of the cross agency team managing the process, and DINZ members BNZInternetNZMicrosoftMinistry of EducationPaymentsNZ as well as others who supported submissions. Naturally we are grateful to our national coordinator NZTech, and fellow associations AIForum and FinTechNZ for their submissions. The fact that these organisations were able to make a submission at all, bears testament to their dedication, since there were multiple calls for submissions in force simultaneously. One large private sector member with a broad scope of interest and operations remarked to me that it was dealing with six submissions in the last quarter of 2021, and I was aware that several other members in Financial Services were working on four.

Development of the Strategy itself is an essential baseline from which we can measure our progress over time towards those well considered goals. Of course, in order to deliver on the strategy and build a trusted digital economy more generally, digital identity is a critical dependency. And yet, digital identity was mentioned less than a handful of times, symptomatic of both the challenge and the opportunity for DINZ members to raise the level of understanding in society of the critical role that digital identity plays.

The draft Digital Strategy calls out the need for additional mahi on several fronts and I’m privileged to say that DINZ members are embarking on courageous and challenging work to answer that call.

April 2022 heralds the opening of DINZ’s Inclusive and Ethical Uses of Digital Identity working group (IEUDI) – a broadly scoped initiative focussed on developing a code of conduct that designers and developers of digital services can use to help ensure they meet the needs of a wide spectrum of society in Aotearoa. DINZ expects to also engage non profit organisations and subject matter experts with deep familiarity on these challenges. Please apply to join now!         

In closing let me add that, after a Covid-impacted 2021, DINZ’s annual Consumer Research that tracks consumer attitudes to digital identity over time, is seeking sponsors in order for it to commence in 2022. Being the only research of its kind in Aotearoa, your organisation can demonstrate leadership to the significant public and private sector audience relying on this report for as little as $1,000. Contact us for details.

Ngā mihi nui,

Colin and the DINZ Executive Council

To receive our full newsletter including additional industry updates and information, subscribe now

The post Towards a more ‘Identiful’ Digital Strategy for Aotearoa appeared first on Digital Identity New Zealand.

Tuesday, 19. April 2022

SelfKey Foundation

Facebook’s Data Breaches – A Timeline

Over the past few years, there have been countless stories of Facebook exposing user data. Here’s a look at all of the data breaches the social media company has experienced. The post Facebook’s Data Breaches – A Timeline appeared first on SelfKey.

Over the past few years, there have been countless stories of Facebook exposing user data. Here’s a look at all of the data breaches the social media company has experienced.

The post Facebook’s Data Breaches – A Timeline appeared first on SelfKey.

Friday, 15. April 2022

EdgeSecure

Transforming Communications Platforms to Support Office and Remote Workers

The post Transforming Communications Platforms to Support Office and Remote Workers appeared first on NJEdge Inc.

Webinar

Future-focused institutions are deploying resilient, secure voice, data, and network as a utility service as a way to move away from outdated-telephony systems and providers. Hosted communications let them scale and change feature sets on demand and roll out new applications without capital investment on equipment and management. That’s the business agility, scalability, and cost-effectiveness you need to innovate and grow.

Edge partner CBTS offers communications services across the board that can integrate with any applications that you already have in place today like Cisco, Microsoft, and Polycom. By integrating with the existing applications that your employees are already familiar with, this ensures the adoption of the technologies.

Complete the Form Below to Access Webinar Recording [contact-form-7]

The post Transforming Communications Platforms to Support Office and Remote Workers appeared first on NJEdge Inc.


South Jersey Technology & Business Acceleration Day for PreK-12 Schools

The post South Jersey Technology & Business Acceleration Day for PreK-12 Schools appeared first on NJEdge Inc.

Wednesday, June 22, 2022
9 am – 3 pm EDT

SRI & ETTC – All Rooms
10W Jimmie Leeds Rd.
Galloway, NJ 08205

Edge is partnering with the Southern Regional Institute and Educational Technology Training Center (SRI & ETTC), which provides professional development opportunities for preK-12 educators, technology coordinators, school administrators, and other professionals who offer support services to schools, to host the first South Jersey Technology & Business Acceleration Day. Join Edge and industry experts along with your peers to learn more about how you can leverage cybersecurity, the cloud, evolving virtualization technologies, and more to accelerate positive IT and business outcomes for your district.

The event will feature two tracks; one focused on best practices in IT and emerging technology, and one focused on business processes and technology strategy and planning.

District technology leaders and administrators are encouraged to attend.

Join us to learn about:

Cybersecurity strategy, ransomware defense, and how your security plan impacts your district’s cybersecurity insurance Cloud considerations for K-12 districts—how, when, and why you should think about a move to the cloud Modern networking best practices and their effect on security, student & teacher experience, and esports performance Strategies for executive technology planning and decision making, with an emphasis on IT outcomes and budget-conscious planning Esports in K-12, considering student engagement, experience design, and network connectivity Register Today

The post South Jersey Technology & Business Acceleration Day for PreK-12 Schools appeared first on NJEdge Inc.

Thursday, 14. April 2022

Oasis Open

Invitation to comment on Common Security Advisory Framework v2.0

The CSAF language supports creation, update, and interoperable exchange of security advisories. The post Invitation to comment on Common Security Advisory Framework v2.0 appeared first on OASIS Open.

Second public review of draft specification ends April 29th

OASIS and the OASIS Common Security Advisory Framework (CSAF) TC are pleased to announce that Common Security Advisory Framework Version 2.0 is now available for public review and comment. This 15-day review is the second public review for this draft specification.

The Common Security Advisory Framework (CSAF) Version 2.0 is the definitive reference for the CSAF language which supports creation, update, and interoperable exchange of security advisories as structured information on products, vulnerabilities and the status of impact and remediation among interested parties.

The OASIS CSAF Technical Committee is chartered to make a major revision to the widely-adopted Common Vulnerability Reporting Framework (CVRF) specification, originally developed by the Industry Consortium for Advancement of Security on the Internet (ICASI). ICASI has contributed CVRF to the TC. The revision is being developed under the name Common Security Advisory Framework (CSAF). TC deliverables are designed to standardize existing practice in structured machine-readable vulnerability-related advisories and further refine those standards over time.

The documents and related files are available here:

Common Security Advisory Framework Version 2.0
Committee Specification Draft 02
30 March 2022

Editable source (Authoritative):
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/csaf-v2.0-csd02.md

HTML:
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/csaf-v2.0-csd02.html

PDF:
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/csaf-v2.0-csd02.pdf

PDF marked with changes since previous publication:
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/csaf-v2.0-csd02-DIFF.pdf

JSON schemas:
Aggregator JSON schema:
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/schemas/aggregator_json_schema.json
CSAF JSON schema:
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/schemas/csaf_json_schema.json
Provider JSON schema:
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/schemas/provider_json_schema.json

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/csaf-v2.0-csd02.zip

A public review announcement metadata record [3] is published along with the specification files.

How to Provide Feedback

OASIS and the CSAF TC value your feedback. We solicit input from developers, users and others, whether OASIS members or not, for the sake of improving the interoperability and quality of our technical work.

The public review starts 15 April 2022 at 00:00 UTC and ends 29 April 2022 at 23:59 UTC.

Comments may be submitted to the TC by any person through the use of the OASIS TC Comment Facility which can be used by following the instructions on the TC’s “Send A Comment” page (https://www.oasis-open.org/committees/comments/index.php?wg_abbrev=csaf).

Comments submitted by TC non-members for this work and for other work of this TC are publicly archived and can be viewed at:
https://lists.oasis-open.org/archives/csaf-comment/

All comments submitted to OASIS are subject to the OASIS Feedback License, which ensures that the feedback you provide carries the same obligations at least as the obligations of the TC members. In connection with this public review, we call your attention to the OASIS IPR Policy [1] applicable especially [2] to the work of this technical committee. All members of the TC should be familiar with this document, which may create obligations regarding the disclosure and availability of a member’s patent, copyright, trademark and license rights that read on an approved OASIS specification.

OASIS invites any persons who know of any such claims to disclose these if they may be essential to the implementation of the above specification, so that notice of them may be posted to the notice page for this TC’s work.

Additional information about the specification and the CSAF TC can be found at the TC’s public home page:
https://www.oasis-open.org/committees/csaf/

Additional references

[1] https://www.oasis-open.org/policies-guidelines/ipr/

[2] https://www.oasis-open.org/committees/csaf/ipr.php
https://www.oasis-open.org/policies-guidelines/ipr/#Non-Assertion-Mode

[3] Public review announcement metadata:
https://docs.oasis-open.org/csaf/csaf/v2.0/csd02/csaf-v2.0-csd02-public-review-metadata.html

The post Invitation to comment on Common Security Advisory Framework v2.0 appeared first on OASIS Open.


Me2B Alliance

FBI releases 2021 Cybercrime Report highlighting magnitude of Business Email Compromise (BEC) risks, reinforcing the importance of Me2BA’s research on the threats posed by Dangling Domains

Dangling domains dangerously threaten more and more people each day, including students and parents at K-12 schools. The fraudulent scam activity using these dangling domains is on the rise, according the to the FBI, and our research is taking a stand to help.

Last week, the FBI released their annual Cybercrime report, highlighting the top risks and threats impacting people and organizations across the U.S. The full PDF report from the FBI can be read here.

As many expected, the most significant financial scam on the internet comes from a threat known as “Business Email Compromise” (BEC) . Last year BEC losses from businesses were over $2.4 billion dollars, with nearly 20,000 unique complaints sent to the FBI about these types of attacks.  

The FBI described BEC risks and the context for some of these attacks in their report, writing:  

“BEC/EAC is a sophisticated scam targeting both businesses and individuals performing transfers of funds. The scam is frequently carried out when a subject compromises legitimate business email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.  

As fraudsters have become more sophisticated and preventative measures have been put in place, the BEC/EAC scheme has continually evolved in kind. The scheme has evolved from simple hacking or spoofing of business and personal email accounts and a request to send wire payments to fraudulent bank accounts.  

These schemes historically involved compromised vendor emails, requests for W-2 information, targeting of the real estate sector, and fraudulent requests for large amounts of gift cards.” 

As businesses continue to encourage and increase remote meetings due to the COVID pandemic, the report pointed out that they are at even greater risk of more novel BEC attack strategies:  

“Now, fraudsters are using virtual meeting platforms to hack emails and spoof business leaders’ credentials to initiate the fraudulent wire transfers. These fraudulent wire transfers are often immediately transferred to cryptocurrency wallets and quickly dispersed, making recovery efforts more difficult. The COVID-19 pandemic and the restrictions on in-person meetings led to increases in telework or virtual communication practices. These work and communication practices continued into 2021, and the IC3 has observed an emergence of newer BEC/EAC schemes that exploit this reliance on virtual meetings to instruct victims to send fraudulent wire transfers.  

They do so by compromising an employer or financial director’s email, such as a CEO or CFO, which would then be used to request employees to participate in virtual meeting platforms. In those meetings, the fraudster would insert a still picture of the CEO with no audio, or a ‘deep fake’ audio through which fraudsters, acting as business executives, would then claim their audio/video was not working properly. The fraudsters would then use the virtual meeting platforms to directly instruct employees to initiate wire transfers or use the executives’ compromised email to provide wiring instructions.” 

Dangling Domains: An often overlooked threat exposing companies to BEC risks   

At the Me2B Alliance, we know that the threats from Business Email Compromises are complex and require an “all hands on deck” approach in order to keep people safe.  

Our team has focused on the particular data supply chain risk resulting in Business Email Compromises wherein a business or organization forgets to renew one of their internet domains (resulting in a “dangling domain”). Scammers then swoop in and renew the domain in order to conduct scams or exploits against users. Our team has not yet documented any specific BEC attacks yet, in our nascent efforts of identifying and reporting “dangling domains”.   

“Organizations that forget to renew ALL their registered domains are vulnerable to serious attacks.  We believe more work needs to be done by the private and public sectors to address these vulnerabilities. We hope our ongoing efforts to highlight dangling domain risks help policymakers and the public better understand the implications”.  – Lisa LeVasseur, Executive Director, Me2B Alliance 

Last October, we uncovered a popular SDK called “Asking Point” which has been installed in over 150 iOS/Apple mobile apps. The SDK parent company had gone out of business and yet their domain embedded into these apps was for sale for just over $3,500. This left the window wide open for someone to purchase this domain and pose as the parent company – leaving users vulnerable to BEC scams.  In an effort to close this “loophole”, our team reached out to Apple alerting them of the threat and ultimately resulting in them acquiring the domain to keep it from landing in the hands of scammers or criminals.  

In December, our team released Spotlight Report #4, a deeper look at data supply in K12 school utility apps. During the course of our research, we discovered three school-related dangling domains (used by three separate public schools). All three domains have ongoing Business Email Compromise risks, leaving students and parents vulnerable to attack. We shared our findings with the FTC, but as yet have seen no indication that any government agency has warned these three schools districts domains or domains similar to them: 

Dangling domains leave school systems and students vulnerable to scams  Santa Monica-Malibu USD Android App from Blackboard Inc.:  The Santa Monica-Malibu high school’s android app had the dangling domain “Malibuhigh.org”. This domain currently hosts a fake legal website, posing risks from Business Email Compromise schemes or other phishing exploits.  Maryland’s largest school district’s Android App, also from Blackboard Inc.: Magruder High School in Maryland had already lost their sports domain by the time we figured it out, with Magruderathletics (WARNING).org being compromised and still hosting malicious redirects to this very day. After the Me2B Alliance alerted Blackboard Inc., they were able to quickly remove removed this domain from their active mobile app, reducing some of the risks. This is also an active domain, and Business Email Compromise risks for emails that originate from this domain (i.e. “@Magxxxxathletics.org”) remains a real threat.  Quinlan, Texas School District : Quinlan, TX school district had a domain that went up for sale for $30 that was integrated into their Android app. The domain was purchased before anyone could take action. After the Me2B Alliance alerted Blackboard Inc., the dangling domain link was removed from the app, and subsequently the Android app was pulled down from the Google Play Store.  The importance of discovering and remediating Dangling Domains 

Your domains are valuable assets and play an integral part in both the day-to-day operations of your business and the trust you build with all stakeholders. If you discover you have lost a domain that is associated with your organization, we advise treating this as a potential security breach. A dangling domain leaves you vulnerable to scammers masquerading as your organization.  You should alert all vendors and internal staff that that this domain is no longer trustworthy and advise them to no longer consider communication from this domain legitimate. 

 The FBI encourages you to contact your bank as quickly as possible, if your organization has been a victim of BEC or a hijacked domain. The FBI also encourages you to reach out directly to your local FBI office, and/or report the crime to the FBI’s Internet Crime Complaint Center (IC3). Taking action as quickly  as possible improves your chance of reducing financial ramifications.

This infographic outlines the process the FBI uses for these types of public risks, as described in their recent report

Me2BA continues to monitor and discover Dangling Domains 

The US Federal Chief Information Security Officer Council (CISO Council) has confirmed that they do not monitor for dangling domains outside of the .gov top level domain. In light of that, Me2BA has recently developed an automated tool to search for dangling domains related to education, civic, and safety URLs. We’ve already sent our first responsible disclosures to some organizations whose domains are currently for sale. We will continue to share our findings here. Note that to do this job properly requires significantly more resources, and we look forward to partnering with other like-minded businesses to develop a more robust solution

We are here to help 

Are you aware of any dangling domains or concerned about risks from this within any specific apps? Reach out to our team at contact@me2ba.org.   


Energy Web

Energy Web’s Validators launch the first phase of the Validator dashboard

The Energy Web Chain Validator code of conduct defines operational, governance, and token economic responsibilities of Validator organizations Zug, Switzerland, 14 April 2022 — Energy Web’s Validators are proud to announce the first phase of the EWC Validator Dashboard, a first-of-its-kind tool that significantly enhances transparency into the Validators’ operational and governance activities. Th

The Energy Web Chain Validator code of conduct defines operational, governance, and token economic responsibilities of Validator organizations

Zug, Switzerland, 14 April 2022 — Energy Web’s Validators are proud to announce the first phase of the EWC Validator Dashboard, a first-of-its-kind tool that significantly enhances transparency into the Validators’ operational and governance activities. The dashboard not only helps the Energy Web community better understand the roles and responsibilities of Validator organizations, but also enables Validators to hold themselves and their peers accountable for adhering to the EWC Validator Code of Conduct.

Summary
The EWC Validators voted to adopt a formal Code of Conduct in 2020 in order to establish clear standards for behavior across all three domains and strengthen community trust in the Energy Web Chain’s Proof of Authority consensus model, which relies on the reputation of Validators to maintain credibility.

To further improve transparency and enforcement of the Code, the EWC Validator community began developing a prototype dashboard in late 2021. Following months of iterative design and development, EWC Validator Dashboard is now in a public beta release. The dashboard is intended to highlight the contributions of Validator organizations to the EWC community, as well as automatically and objectively monitor Validators’ performance against Node Health, Governance & Community Participation, and EWT Block Reward Requirements of the Code.

Using data from the EWC block explorer, the Dashboard currently provides a detailed view into real-time and historical performance of each node, as well as an overview of validators’ EWT block reward stewardship as outlined in the Code. In the coming weeks, the dashboard will be enriched with new sources of data and additional visualizations to paint a more complete picture of validator performance and its broader impact on the EWC community.

Background & Initial Release
In December 2021 the EWC validators voted to amend the Code with more specific requirements related to Node Health, Governance & Community Participation, and EWT Block Reward stewardship in order to establish a more objective monitoring and enforcement mechanism. Since then, a validator subcommittee has worked to gather requirements and launch the initial version of the dashboard using publicly-available data from the EWC block explorer.

Due to the structure of the block explorer database, some metrics were not possible to derive and display for the initial version of the dashboard. Most notably, metrics related to the Minimum Balance Requirement of the Code are currently excluded because of data quality anomalies (persistent empty or missing records for certain addresses and dates in daily account balance tables), and metrics related to Governance and Community Participation are currently excluded due to challenges collecting and structuring relevant data from multiple externals sources into the dashboard backend. Validators and Energy Web are currently working together to address these limitations and expect to resolve the challenges in subsequent releases of the dashboard throughout Q2.

All users should note that in the beta release, there are two known issues that may impact user experience:

Some browsers may throw an error when loading data or fail to load the page; the most common resolution is to clear the cache and reload the page. Based on testing, the most reliable browsers are Chrome, Firefox, and Brave. Issues occur more frequently in Safari and Edge. The dashboard metrics and visuals are derived from the EWC explorer database, and for performance, reasons are updated either hourly or daily; users may encounter brief periods of data gaps if accessing the dashboard while data is refreshing.

Energy Web Chain Validator Node Dashboard
The metrics and visualizations in the dashboard align with the operational, governance, and Energy Web Token stewardship requirements outlined in the Code. In the current beta release, the dashboard displays metrics related to the Node Health and EWT Block Reward requirements as follows:

The Validator Node Health Status canvas provides a near-real-time (hourly look back) view of each node’s operational status (i.e. whether it is validating blocks consistently or not). Based on the current number of validators in the PoA consensus round and the EWC network's 5-second block time, each node is expected to validate at least 14 blocks per hour. Nodes that have validated at least 14 blocks in the last hour are considered healthy. If a node fails to achieve that threshold, the Validator receives a series of automated alerts; prolonged unplanned node outages are counted towards the Node Health requirement of the Code. The Reliability Score canvas provides a longer-term (30-day look back) view of each node’s operational performance and benchmarks it against the top-performing nodes in the network. There is natural variation in the number of blocks validated due to regular maintenance and minor issues, but assuming all nodes are performing well, then they should be within a relatively narrow range. “Best-in-class” performance is defined as the average number of blocks validated by the 5 top-performing nodes in the last month. All other nodes are assigned a reliability score of “Excellent” if their number of blocks validated is at least 90% of best-in-class, “Good” if the number is between 80–90%, and “Poor” if it is less than 80%. The Historical Block Production canvas shows the total number of blocks ever validated by each node. This metric isn’t relevant for EWC operations, but it’s a useful tool for demonstrating how long each validator has been an active participant in the community. The greater the number of blocks validated, the longer the Validator has been active. The Time Requirement canvas tracks eligibility of validators to liquidate EWT as described in the code (i.e. whether or not validators have been active for at least six months). Eligibility is calculated by querying the first block ever validated by each node and comparing that block number to the most recent block validated. If the difference is greater than ~3 million (roughly the number of blocks that occur in six months), then the Validator has met this requirement. The Rent-Seeking Requirement canvas tracks transfers from validator addresses (node or payout) to known exchanges and aligns with the Rent-Seeking Requirement of the Code (i.e. eligible validators may transfer a maximum of 10% of their total reward balance in any given 30-day period).

Next Steps
This month the validators will be launching a quarterly Governance & Community Participation (i.e. Developing Projects & Applications, Contribution to open-source EW-DOS source code, Contributing to Governance Proposals, Contributing to Community Fund Proposals, Community Building) survey that collects qualitative information related to activities in the EWC community beyond node operations in a standardized format that can be easily imported into the dashboard. The EWC Validator Technical Committee is also developing a solution to address the data quality gaps related to the Minimum Balance Requirement. These metrics, along with continued improvements in design, will be incorporated into subsequent releases of the dashboard in Q2 of this year.

About Energy Web
Energy Web is a global, member-driven non-profit accelerating the low-carbon, customer-centric energy transition by unleashing the potential of open-source, digital technologies. Our Energy Web Decentralized Operating System (EW-DOS) enables any energy asset, owned by any customer, to participate in any energy market. The Energy Web Chain — the world’s first enterprise-grade, public blockchain tailored to the energy sector — anchors the EW-DOS tech stack. The Energy Web ecosystem comprises leading utilities, grid operators, renewable energy developers, corporate energy buyers, IoT / telecom leaders, and others.

Energy Web’s Validators launch the first phase of the Validator dashboard was originally published in Energy Web Insights on Medium, where people are continuing the conversation by highlighting and responding to this story.

Wednesday, 13. April 2022

EdgeSecure

Edge Becomes Member of Global Initiative: Mutually Agreed Norms for Routing Security

The post Edge Becomes Member of Global Initiative: Mutually Agreed Norms for Routing Security appeared first on NJEdge Inc.

NEWARK, NJ, April 14, 2022 – Edge is proud to announce it has become a member of The Mutually Agreed Norms for Routing Security (MANRS). MANRS is a global initiative supported by the Internet Society, to greatly improve the security and resilience of the Internet’s global routing system. With Edge’s decades’ long commitment to protecting the Internet ecosystem on behalf of its member community, joining MANRS was a natural evolution of this commitment. 

MANRS, a global community of security-minded organizations, aims to increase overall network security and provide crucial fixes to reduce the most common routing threats including filtering, Anti-spoofing, Coordination, and Global validation. By joining MANRS, Edge agrees to specific actions to improve the resilience and security of the routing infrastructure to help keep the Internet safe. With a member community that includes institutions of higher education from community colleges to R1 research universities, MANRS is an initiative where Edge can provide leadership through action.

The MANRS initiative was created in 2014 by an international group of network operators. It is now adopted by a rapidly growing community of more than 500 network operators, Internet exchange points, content delivery networks and cloud providers from over 60 countries across all continents. 

To learn more about Edge’s Network, EdgeNet, visit https://njedge.net/solutions-overview/network-connectivity-and-internet2/.

The post Edge Becomes Member of Global Initiative: Mutually Agreed Norms for Routing Security appeared first on NJEdge Inc.


Oasis Open

Code List Representation (genericode) v1.0 approved as a Committee Specification

Genericode is a single semantic model of code lists and accompanying XML serialization. The post Code List Representation (genericode) v1.0 approved as a Committee Specification appeared first on OASIS Open.

Genericode is ready for testing and implementation

OASIS is pleased to announce the approval and publication of an updated Committee Specification by the members of the OASIS Code List Representation TC [1]:

Code List Representation (genericode) Version 1.0
Committee Specification 02
06 April 2022

Overview

Code lists can be defined as controlled vocabularies or coded value enumerations. Examples of standardized code lists include country abbreviations, currency abbreviations, shipping container descriptors, and airport codes. Examples of non-standardized code lists used between trading partners include financial account types, workflow status indicators, and any set of values representing the semantics of related concepts known between the parties involved in information interchange. Code lists have been used for many years, and they have often been published and disseminated in manners that have not been IT-enabled for ease of computer processing.

The Code List Representation format, known as genericode, is a single semantic model of code lists and accompanying XML serialization (supported by a W3C XML Schema) that can encode a broad range of code list information. The serialization is designed to IT-enable the interchange or distribution of machine-readable code list information between systems. Note that genericode is not designed as a run-time format for accessing code list information, and is not optimized for such usage. Rather, it is designed as an interchange format that can be transformed into formats suitable for run-time usage, or loaded into systems that perform run-time processing using code list information.

This Committee Specification is an OASIS deliverable, completed and approved by the TC and fully ready for testing and implementation.

The documents and related files are available here:

Editable source (Authoritative):
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/genericode-v1.0-cs02.xml
HTML:
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/genericode-v1.0-cs02.html
PDF:
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/genericode-v1.0-cs02.pdf
PDF marked with changes since previous public review:
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/genericode-v1.0-cs02-DIFF.pdf

JSON examples:
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/json-example/
Schematron constraints:
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/sch/
XML examples:
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/xml/
XML constraints:
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/xsd/
JSON translation in XSLT:
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/xslt/

For your convenience, OASIS provides a complete package of the specification document and any related files in ZIP distribution files. You can download the ZIP file at:
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/genericode-v1.0-cs02.zip

Members of the OASIS Code List Representation TC [1] approved this specification by Special Majority Vote. The specification had been released for public review as required by the TC Process [2]. The vote to approve as a Committee Specification passed [3], and the document is now available online in the OASIS Library as referenced above.

This Committee Specification 02 incorporates changes since the previous public review [4].

Our congratulations to the TC on achieving this milestone and our thanks to the reviewers who provided feedback on the specification drafts to help improve the quality of the work.

Additional references

[1] OASIS Code List Representation TC
https://www.oasis-open.org/committees/codelist/

[2] Details of public review:
https://docs.oasis-open.org/codelist/genericode/v1.0/csd04/genericode-v1.0-csd04-public-review-metadata.html

[3] Approval ballot:
https://www.oasis-open.org/committees/ballot.php?id=3692

[4] Committee Specification Draft 04, 16 October 2021
https://lists.oasis-open.org/archives/members/202111/msg00002.html
– Change description:
https://docs.oasis-open.org/codelist/genericode/v1.0/csd04/genericode-v1.0-csd04-comment-resolution-log.xlsx
https://docs.oasis-open.org/codelist/genericode/v1.0/cs02/genericode-v1.0-cs02-DIFF.pdf

The post Code List Representation (genericode) v1.0 approved as a Committee Specification appeared first on OASIS Open.


Blockchain Commons

2022 Q1 Blockchain Commons Report

In Q1, Blockchain Commons achieved a variety of milestones, from the maturation of our community to the development of Smart Custody v2.0, from the release of Gordian Seed Tool 1.4 to the design of our next generation of specifications. Major Work Our major work included: Growing the Community: New Patrons New Possibilities New Contributions Developing Specifications: New Specifications Test Vector

In Q1, Blockchain Commons achieved a variety of milestones, from the maturation of our community to the development of Smart Custody v2.0, from the release of Gordian Seed Tool 1.4 to the design of our next generation of specifications.

Major Work

Our major work included:

Growing the Community:

New Patrons New Possibilities New Contributions

Developing Specifications:

New Specifications Test Vectors

Progressing on Reference Apps:

Gordian Seed Tool v1.4 Spotbit

Releasing Services:

Esplora

Advocating for Smart Custody:

Smart Custody for Multisigs Smart Custody Case Studies Proof of Personhood Support

Looking Forward:

Rebooting the Web of Trust Self-Sovereign Identity Ethereum & NFTs 2022 Interns The Silicon Salon What’s Coming Up? Read More Growing the Community

The first goal of Blockchain Commons is to create a community: an actual commons. We saw notable advancement on that objective this quarter, a positive sign that the commons is truly gelling.

New Patrons. We want to offer a welcome to our newest sustaining patrons, CrossBar and Proxy. Each of them brings exciting new opportunities to the commons: CrossBar with silicon solutions and Proxy with a long-time focus on identity. Continued thanks also to our existing sustaining sponsors such as Bitmark, Blockchainbird, Foundation Devices, and Unchained Capital and to our other supporters on GitHub.

New Possibilities. The variety of expertises within the commons is creating synergy for all of our patrons and other participants, as Blockchain Commons is able to introduce members to each other and work with everyone to develop use cases and specifications that meet all of their needs. In particular, as a result of CrossBar joining our community we’ve been hosting dialogues about the future of secure silicon: what features it can support, and what other possibilities the future holds. We’ll be expanding on that in the near future with a virtual salon.

New Contributions. Q1 also saw an entirely independent software contribution. Jonas Wagner created seedtool.info, a version of our seedtool-cli that is accessible via the web and built using WebAssembly (as opposed to less secure JavaScript implementations). We appreciate the contribution and how it improves the accessibility of seed usage, but even more we appreciate Jonas’ interest in becoming part of our open-source community. (Thanks Jonas!) We look forward to more contributions of this sort.

Developing Specifications

By working with the commons community, we’re able to not just discover the needs of our members, but also develop specifications that both serve those needs and help our members to interoperate.

New Specifications. We have begun work on two new specifications. crypto-msg is a simple encoding of ciphertext that we’ve specced out in a first draft. We’ll be seeking CBOR registration via IANA for it once we’ve finalized. crypto-envelope is a more complex specification that can contain crypto-msgs, decryption methodologies, and more; it’s still being sketched out based on community needs.

Test Vectors. Of course creating specification is just the first step. We also create reference libraries and reference apps that demonstrate their use — and ultimately test vectors, so that our community can test their own code. Our crypto-request/crypto-responses communication specification is now mature enough that the community needs test vectors, so we created more than a dozen, allowing for easy testing of requests and responses.

Progressing on Reference Apps

Reference apps are where specifications interface with the real-world, as we demonstrate their actual usage.

Gordian Seed Tool v1.4. Gordian Seed Tool, our iOS and MacOS seed vault, continues to be our prime reference app for demonstrating the Gordian Principles and for exemplifying best practices of seed management. Our new v1.4 features usability and data display improvements, but its biggest advancements were in I/O.

Seed Tool can now write to MicroSD cards, supporting a safe and secure way of exporting seeds without going to a network. This release also supports the ur: scheme for the native camera app and for reading NFCs cards. Our open test-flight beta also includes proof of concept of writing URs to NFCs if you want to experiment. (Beware: this functionality might change!)

Altough you can compile Gordian Seed Tool from code, it’s also available through the Apple App Store.

Spotbit. Spotbit, our tor-gapped currency pricing lookup tool, was one of our biggest successes from our 2020 intern program, but we’ve long wanted to improve its stability to make it usable not just as a reference but also as a real service. Work on refactoring has just begun, courtesy of one of our former interns (which also demonstrates another of our goals: increasing the number of designers and developers in our industry).

Releasing Services

Though one of the largest goals of Blockchain Commons is working with developers to craft the open, interoperable, secure, and compassionate digital infrastructure of the future, we’ve also constructed a bit of that infrastructure ourself by providing public services.

Esplora. We now have our own copy of Esplora, the blockchain explorer, available at esplora.blockchaincommons.com or http://pf4awrbzt3ohrtukpq6xx6y73gxqlnon4zh35ik7ald3kwfb5iedogad.onion/ on Tor. This is meant to be a stable, publicly accessible blockchain explorer, so that Blockstream’s original esplora isn’t a single-point-of-failure for blockchain explorations of that sort. We’d love for more people to run their own Esplora services as well, to offer distributed sources of blockchain truth.

Advocating for Smart Custody

One of Blockchain Commons’ first projects was advocating for the Smart Custody of digital assets by outlining best practices that could equally be adopted by individuals or incorporated by developers into their works. This quarter has seen some large advances in our smart custody work.

Smart Custody for Multisigs. When we designed our original Smart Custody scenario, we were already thinking about multisigs, but the technology wasn’t yet accessible to anyone but the most sophisticated user. So, our original scenario focused on cold storage. Fortunately, three years later, multisig is much more easily available through a number of transaction coordinators, some of them self-sovereign, such as Sparrow Wallet. We’ve thus been thrilled to put together a raw draft of a complete scenario focused on using a multisig to protect your digital assets. It allows for control of digital assets that’s less prone to failure, less prone to compromise, and easier to use: everything that a SmartCustody scenario requires. The draft is still undergoing review, so this is just a preview. We expect to release it fully in the coming quarter.

Smart Custody Case Studies. We’ve also been thrilled to see an increasing number of hardware and software releases that embody Smart Custody best practices. To discuss them, we’ve begun producing case studies that talk about how each fulfills the Gordian Principles and battles against Smart Custody adversaries; in the process, we’re also coming to better understand the needs of our community members. Our initial case studies cover the Foundation Devices Passport and Sparrow Wallet. We also published discussions of how our own Gordian Seed Tool acts as a reference for Gordian principles. We’ve got one more case study in process for the Keystone Pro wallet. If you’d like us to consider other products, or even better if you want to draft a case study yourself, please contact us at team@blockchaincommons.com.

Proof of Personhood Support. Smart Custody, and its adversaries, goes beyond just the ownership of cryptocurrency. We recently hosted a discussion with the proof-of-personhood community, who we’ve long worked with at Rebooting the Web of Trust, and came up with one new adversary, a boundary breaker, which can likely be applied to #SmartCustody proper. There are no easy answers to the problem of proving whether an entity is a real person, but we think the problem is solvable, and we look forward to working more with this community.

Looking Forward

Looking torward the future, there’s lots more on the horizon.

Rebooting the Web of Trust. We are thrilled to see the return of the Rebooting the Web Design Workshops this Fall, after a break of three years due to the COVID pandemic! They’ve recently announced a save-the-date for September 26-30, when the next workshop is planned for The Hague in Netherlands. RWOT was in many ways the foundation of Blockchain Commons, so we’re looking forward to returning this year to learn more about everyone’s current interests and needs.

Self-Sovereign Identity. Working with governments to support self-sovereign identity has long been a goal at Blockchain Commons, with much of our focus on Wyoming. However, the ideas are spreading far and wide. Recently we talked with the Buenos Aires Mayor’s office about creating identities that benefit the people, not corporations. This is part of a real effort, as they’ve already produced a white paper on the topic, which is available in translation.

Ethereum & NFTs. At this point we’ve written three different unpublished documents on creating Smart Custody for Ethereum, for NFTs, and for treasuries. We’re still deciding how to advance this work, as it’s a big job that would require serious support, but if any our patrons want to see our initial notes, please contact us.

2022 Interns. Blockchain Commons has announced its 2022 intern program, to run this summer from May 23, 2022 to August 15, 2022. We’ve also produced a list of potential projects that includes many of our own ideas. If you’re interested in dedicating 40 hours of work this summer as an intern, please apply! The deadline is April 22nd. Even if you don’t want to become an intern, take a look at our projects list, as we’d be happy to work with independent open-source developers on anything there.

The Silicon Salon. This May we’ll be working with CrossBar to host The Silicon Salon, a 90-minute virtual discussion on the future of secure silicon. We’ll be talking about the possibility for support of secp256k1 and other curves as well as what other features could be included in silicon designs, from hashes and key derivations to ideas about more advanced functionality. Watch @BlockchainComns for our official announcement.

What’s Coming Up? We’ve got lots of big plans for things that we’d love to advance in the new year, but which will ultimately depend on the needs of the community (and our own resources).

Our future educational work includes expansion of our two biggest projects in that category. Learning Bitcoin from the Command Line should be updated for Taproot and Schnorr, and we’re looking even more forward with MuSig and both the benefits and challenges it’ll bring. We’d similarly like to bring our Smart Custody work to the next level, not just incorporating our last year’s work on multisigs, SSKR, and timelocks (as well as our new scenario), but also expanding Smart Custody to support Ethereum, Tezos, and other blockchains.

Beyond our educational work, we’ve also been considering the design of a Gordian Recovery reference app and need to finalize our work on new specifications such as crypto-msg and crypto-envelope. Of course, we expect the year to be further defined by the needs of the blockchain community! So, there’s plenty to look forward to!

As always, if you are interested in the work of Blockchain Commons and want to see it continue forward, the three best things you can do are become a sponsor, become a community member, and offer your own contributions as Issues, PRs, or even entirely new projects.

Thank you for your support!

Christopher Allen
Blockchain Commons

Tuesday, 12. April 2022

Centre Consortium

Welcome to Centre, Linda Jeng and Danielle Harold

 

 

Monday, 11. April 2022

Energy Web

Energy Web Quarterly Update

Using web 3 technology to solve real business problems. Update from Jesse Morris, Chief Executive Officer of Energy Web The first quarter of the year is already behind us, and I could not be more excited about what we’ve accomplished and what’s to come in the Energy Web ecosystem. In this update, leads from our three primary geographies have assembled a brief update on our impact in each r

Using web 3 technology to solve real business problems.

Update from Jesse Morris, Chief Executive Officer of Energy Web

The first quarter of the year is already behind us, and I could not be more excited about what we’ve accomplished and what’s to come in the Energy Web ecosystem.

In this update, leads from our three primary geographies have assembled a brief update on our impact in each region and important energy market developments. But first I’d like to share a brief update on a significant evolution of the Energy Web stack itself.

After years of deploying applications with dozens of companies, our organization and ecosystem have a much clearer understanding of exactly where and how web 3 technologies applied to the energy sector can create business value. More specifically, our community and technology have evolved to a point where three solutions are now being rolled out with customers around the world. They are:

Switchboards, our enterprise-grade self sovereign identity and access management solution built on the W3C administered decentralized identifier standard. Examples include Stedin’s identity and access management solution, CAISO flex alert, and our work with Vodafone, Kigen, and KORE wireless. Decentralized data exchange hubs, which enable different combinations of energy companies, prosumers, and individual devices to exchange and process granular data in a decentralized way. Examples include Project EDGE, Project Symphony, and all e-mobility related work in our ecosystem. Green proof platforms, our solution focused on enabling next-generation traceability for low, zero, or negative carbon supply chains. We are currently applying green proof platforms to two supply chains, sustainable aviation fuel, and renewably-produced cryptocurrency.

At the end of 2021, we announced a major partnership with Parity Technologies to bring a new piece of technology to market, the Energy Web Consortia Relay Chain. This quarter, we have conducted a detailed design exercise with Parity to fine-tune the design of this critical new addition to the Energy Web stack. We are nearly ready to begin announcing the details of our work in this area.

Here’s a high-level preview for how the Energy Web Consortia Relay Chain will work: each solution described above — switchboards, decentralized data exchange hubs, and green proof platforms — will soon be able to be deployed as individual instances of Energy Web technology with local blockchains powering each solution, all connected together and secured by the global Energy Web Consortia Relay Chain. This architecture will be powered by a novel token economic model that we believe will be the first instance of real-world economic activity translating to the fundamental value of a cryptocurrency.

There is an immense amount of detail to unpack regarding the Energy Web Consortia Relay Chain and its implications for the Energy Web ecosystem and our mission to decarbonize the global economy. But for now, I can confidently say it’s the most exciting technology development I’ve been a part of since co-founding Energy Web in 2017, and I can’t wait to share the full story in the coming weeks. Stay tuned!

Europe & Middle East / North Africa

Impact
Over the past several months, we have successfully completed a number of flagship projects in Europe. These projects demonstrate accelerating adoption of Energy Web solutions by key industry players, energy market participants, and original equipment manufacturers.

Energy Web, KORE, and Kigen developed a highly secure, efficient, SIM-based open-source solution for internet-of-things device communication. Leveraging SIM cards as a secure, scalable, and standardized hardware solution improves device communication and interoperability. This collaboration between KORE and Kigen leverages the features of eSIM and OPEN IoT SAFE to act as a hardware wallet anchored to an open-source, publicly accessible blockchain-powered by Energy Web. Using Energy Web’s technology, organizations can build their own applications via the world’s first open-source technology stack focused directly on the transition to renewable energy. As part of the collaboration between KORE and Kigen to deploy OPEN IoT SAFE, a purpose-built SDK designed by Energy Web was used as part of the development process.

In February, we announced the development of renewable energy electric vehicle (EV) charging in partnership with Vodafone and Mastercard. The platform will allow verified connected devices on Vodafone’s Digital Asset Broker (DAB) to transact seamlessly and securely with full owner control. This includes EVs transacting directly with charging points, as well as interactions between other vehicles, machines, and IoT assets, unlocking value from billions of devices. The service went live in a trial of a connected EV communicating autonomously and securely with a charging point in Newbury, UK. This trial marks the first-ever showcase of a 100% clean energy charging solution for EVs. The solution, which can be adapted to work with any charging infrastructure and any EV worldwide, including on-street chargers connected to the grid, will allow users to verify and prove that the energy used to charge their EV comes from renewable sources.

Finally, we have been awarded with our first project funded under the Horizon Europe framework program of the EC. The OMEGA-X project brings together top European TSOs/DSOs, industry, and research institutions to establish the grounds for an EU data space in the energy sector. Energy Web will work together with a group of 30 different EU partners to integrate its decentralized products, such as EW Switchboard and Decentralized Data Hub, into the project architecture to allow trusted and secure data exchange between energy market participants. The project has an implementation horizon of 4 years and a budget of approximately EUR 8M.

What’s Next
We are actively working together with top TSOs/DSOs, research institutions, and industrial players to establish large demonstrators across Europe to deploy our products in the context of commercial agreements or state-of-the-art research and innovation funding opportunities. Finally, our commercial and tech teams are focusing on the implementation phase of our Google Impact Challenge grant.

Market Updates
The European Commission (EC) is moving forward with the EU action plan for digitalizing the energy sector. The roadmap of the action plan has been open to public consultation, and the adoption of the action plan by the EC is scheduled for the second quarter of 2022. The action plan focuses on the way digital technologies can unleash the full potential of flexible energy generation and consumption in different sectors and increase penetration and use of renewable energy. The goal of the EC through this action plan is to foster and promote the development of a competitive market for digital energy services and digital energy infrastructure that are cyber-secure, efficient, and sustainable. Moreover, the action plan will support energy system integration, as well as the participation of “prosumers” in the energy transition, while ensuring interoperability of energy data, platforms, and services. Blockchain technology is highlighted as one of the enablers of digitalization in the energy sector, with a focus on enhancing the uptake of digital technologies. These are all outstanding developments for us at Energy Web, who are neck-deep in the process of helping major European energy market participants move digital solutions from minimum viable products into production-grade solutions running on public blockchain-based infrastructure.

Furthermore, the European Technology and Innovation Platform for Smart Networks for Energy Transition (ETIP SNET) released the Research and Innovation Implementation Plan for 2022–2025 which highlights the most urgent research and innovation needs for the next four years. The research and innovation budget requirements for this period are estimated to be on the order of 1 B EUR. Every single one of the nine high-level use cases considered can benefit from the Energy Web technology stack:

optimal cross-sector integration and grid-scale storage, market-driven TSO–DSO and system user interactions, pan-European wholesale markets, regional and local markets, massive penetration of renewable energy sources into the transmission and distribution grid, one-stop-shop and digital technologies for market participation of consumers (citizens) at the center, secure operation of widespread use of power electronics at all systems levels, enhanced system supervision and control, including cybersecurity, transportation integration and storage, and flexibility provision by buildings, districts, and industrial processes.

As with other proceedings across Europe, Blockchain technology has been identified as a key component for various projects to enable new services, such as development of robust and low-cost applications of digital technology for peer-to-peer interactions, as well as the design of internet-of-things architectures for mass data communication and processing. Moreover, the implementation plan highlighted the need for standardization of encrypted and authenticated market processes at different timescales for improved reliability to enhance DSO and TSO information exchange with DER, enabled for third party owned PV and storage from different manufacturers and using different technologies. This is exactly what we have designed the Energy Web stack to be able to support; it is incredibly encouraging to see language from energy market participants and regulators in Europe mirror our language almost 1:1 in documentation and funding announcements such as these.

Asia Pacific

Impact
Energy Web is actively bringing to life decentralized data exchange hubs for projects EDGE and Symphony in Australia. Project EDGE — Energy Generation and Demand Exchange — is trialing the development of “future market infrastructure” including the ability for Distribution System Operators (DSOs) to procure energy services from aggregated portfolios of Distributed Energy Resources (DERs). The EDGE project covers Australia’s East Coast market, the National Electricity Market (NEM). An MVP for EDGE was completed in October 2021, and the full production solution will launch in the next two months, and operate through at least March 2023.

Project Symphony relates to the West Coast market (covering Western Australia), aka the Wholesale Electricity Market (WEM). Symphony will see hundreds of distributed energy resources aggregated into a Virtual Power Plant (VPP) which can generate and store electricity at a local level. This VPP will enable DER owners to sell excess energy back to the grid via an aggregator. Project Symphony will run for a period of two years in Southern River in Perth, with the learnings informing future implementation of DER orchestration projects in Western Australia.

Energy Web’s solution for EDGE and Symphony includes Switchboard (our Identity and Access Management solution), Decentralized Data Exchange Hubs, together with a registry of organizations and devices to create a single source of truth for all registration data.

Much of our attention since arriving in Australia has been on delivering for Projects EDGE and Symphony. However, over the past few months, we have engaged a range of local regulators and market participants. We have signed our first new local member — Quinbrook Infrastructure Partners — and will soon begin a 24 / 7 renewable energy tracking project with them using our Green Proof solution to match their retail customers’ energy consumption with generation sourced from renewables.

Market Update

Research suggests the Asia-Pacific region will be a key area of focus for renewable energy development and investment during the coming decade. Many nations are seeking to deliver post-pandemic recovery programs that will target emissions reductions and growth in renewable energy capacity.

Solar and wind energy technologies are forecast to be the main focus for governments across APAC, with offshore wind playing a significant role given potential investment returns and the geography of many Asian countries. The decarbonization push is likely also to see a substantial expansion of emerging technologies such as green hydrogen (which helps fuel heavy industry located across the region) as well as utility-scale batteries.

As APAC energy markets mature in their incorporation of renewables, we see growing demand for Energy Web’s technologies, specifically:

Decentralized and digital IDs (DIDs): assisting the registration (and thus coordination) of many new generation projects and distributed energy resources, across all jurisdictions, some of which lack a strong (or efficient) administrative center and thus require the support that verifiable credentials facilitate to drive trusted interactions; Decentralized Data Exchange Hub(DDHub): the pace of technological change across the energy sector means many governments, both developed and developing, are challenged to keep abreast of and streamline various standards and protocols embedded within clean-tech energy resources. By enabling communication and data exchange between the many “data silos” being created by new technologies, EW’s decentralized DDHub provides a key support pillar for energy markets and exchanges;

Organization and resource registry: maintaining a tamper-proof single source of registration data for devices, people and organizations are critical to facilitating trusted energy transactions and services.

Market Update — United States

In the United States, interest among utilities in scalable, digital solutions to integrate distributed energy resources remains strong. As we approach summertime in the US — when peak load is typically highest — we’ll also see CAISO’s Flex Alert (launched with Energy Web last fall) playing a critical role coordinating customer flexibility during wildfire or weather-induced grid emergencies in California. We continue exploring opportunities with members for the open-source Flex Alert toolkit to support emergency response and other flexibility programs elsewhere — including demand response, managed charging, and “transactive” energy market programs.

In Q1, we also saw a flurry of activity around climate disclosure and ESG standards. In March, the SEC proposed rules requiring major companies to disclose climate-related risks, amplifying discussions about the need for more robust, granular solutions to track, trade, and report emissions associated with renewable electricity and other “green” commodities. 24/7 matching continues to attract attention as an emerging paradigm for impactful renewables’ procurement — including from the US government. And rebounding bitcoin prices, as well as President Biden’s recent executive order on cryptocurrencies, have re-energized conversations around blockchain’s energy use. Energy Web has been working on a green-proof platform-specific to creating greater transparency and impact in this area. We look forward to sharing full details on this solution with the community in Q2!

About Energy Web
Energy Web is a global, member-driven non-profit accelerating the low-carbon, customer-centric energy transition by unleashing the potential of open-source, digital technologies. Our Energy Web Decentralized Operating System (EW-DOS) enables any energy asset, owned by any customer, to participate in any energy market. The Energy Web Chain — the world’s first enterprise-grade, public blockchain tailored to the energy sector — anchors the EW-DOS tech stack. The Energy Web ecosystem comprises leading utilities, grid operators, renewable energy developers, corporate energy buyers, IoT / telecom leaders, and others.

Energy Web Quarterly Update was originally published in Energy Web Insights on Medium, where people are continuing the conversation by highlighting and responding to this story.


Oasis Open

OASIS Approves OSLC PROMCODE Standard for Exchanging Project Management Information Across Organizational Boundaries

11 April 2022 — OASIS Open, the global open source and standards consortium, announced that its members have approved OSLC PROMCODE Version 1.0 as an OASIS Standard, a status that signifies the highest level of ratification. Developed by the OSLC Lifecycle Integration for Project Management of Contracted Delivery Technical Committee, OSLC PROMCODE is designed to […] The post OASIS Approves OSLC

Fujitsu, IBM, NEC, and Others Define Common Interface for Systematic Sharing of Software Lifecycle Project Management Information

11 April 2022 — OASIS Open, the global open source and standards consortium, announced that its members have approved OSLC PROMCODE Version 1.0 as an OASIS Standard, a status that signifies the highest level of ratification. Developed by the OSLC Lifecycle Integration for Project Management of Contracted Delivery Technical Committee, OSLC PROMCODE is designed to address the need for systematic sharing of project management information within and between organizations.

Global software delivery is commonplace today. With ever increasing pressure, such as faster delivery, competitive cost, and skill availability, it is becoming common for software delivery to be done by collaboration of multiple organizations forming a chain of carriers and suppliers. Resembling the traditional manufacturing industry supply chain, this trend of software delivery is often called a Software Supply Chain (SSC). The SSC is a new paradigm of software delivery, where carriers and suppliers work together.

“Effective collaboration between a Software Supply Chain acquirer and supplier requires activities to be managed and information to be shared across organizational boundaries. As the number of organizations involved in software delivery increases, the need for more systematic and standards-based information sharing and coordination becomes critical,” said Tsutomu Kamimura, chair of the OSLC PROMCODE Technical Committee. “OSLC PROMCODE enables customers and vendors to manage project-management data via a standard interface across organizations and lowers the risk of project delays and cost overruns.”

Participation in the OASIS OSLC PROMCODE Technical Committee is open to all companies, nonprofit groups, governments, academic institutions, and individuals through membership in OASIS. As with all OASIS projects, archives of the Committee’s work are accessible to both members and non-members alike. OASIS also hosts an open mailing list for public comment.

Support for OSLC PROMCODE V1.0

IBM

“IBM is pleased to be a key contributor in the OSLC PROMCODE TC. The specification expands the existing OSLC standard so that we can realize more seamless communication between systems among organizations. Congratulations to all the contributors of the release.”

– Masaki Wakao, Senior Technical Staff Member, IBM

NEC

“NEC is pleased to have contributed to the release of the OSLC PROMCODE specification. Cooperation between software vendors is essential for large scale projects. We hope that PROMCODE, which realizes the alignment among software vendors via exchange of management data, will be the basis of smooth communication.”

– Shigenori Kobayashi, Director, Software and System Engineering Department, NEC

Additional Information

OASIS OSLC PROMCODE TC:   https://www.oasis-open.org/committees/oslc-promcode

Media inquiries:

communications@oasis-open.org

The post OASIS Approves OSLC PROMCODE Standard for Exchanging Project Management Information Across Organizational Boundaries appeared first on OASIS Open.


Elastos Foundation

ELA Buyback Program To Support DPoS 2.0 Monthly Update – March

...

Identity Review

NFTGamerTV L2E: A Gamified Learn to Earn Platform

NFTGamerTV's L2E platform rewards people for learning about crypto and web3 gaming
NFTGamerTV's L2E platform rewards people for learning about crypto and web3 gaming

Digital ID for Canadians

Request for Comment & IPR Review: PCTF Digital Wallet Draft Recommendation V1.0

Notice of Intent: DIACC is collaborating to develop and publish the Digital Wallet component of the Pan-Canadian Trust Framework (PCTF) to set a baseline of…

Notice of Intent: DIACC is collaborating to develop and publish the Digital Wallet component of the Pan-Canadian Trust Framework (PCTF) to set a baseline of public and private sector interoperability of identity services and solutions. During this public review period, DIACC is looking for community feedback to ensure that the conformance criteria is clear and auditable.

Document Status: These review documents have been developed by members of the DIACC’s Trust Framework Expert Committee (TFEC) who operate under the DIACC controlling policies and consist of representatives from both the private and public sectors. These documents have been approved by the TFEC as Draft Recommendations V1.0.

Summary:

The intent of the PCTF Digital Wallet component is to provide a framework that Digital Identity Ecosystem Participants can use to assess the degree to which the digital wallets that are part of their respective ecosystems accomplish the following: 

Provide Citizens and Consumers with a Digital Identity Wallet that complies with the human rights principles of preserving people’s privacy and control over their information. Introduces a consistent identity metaphor and consent-driven automated experience across all Ecosystem Participants to reduce impact on users caused by Digital Transformation.  Contribute to a stable infrastructure with longevity and world-wide interoperability by adopting and supporting relevant standards as appropriate (e.g., W3C Standards for Verifiable Credentials and DIDs).  Counter cyber vulnerability and extortion by enabling Service Providers to incrementally replace existing login mechanisms, some of which may be exploitable, without suffering negative impact to business. Establish an environment of trust within which the wallet’s owner can interact with other Ecosystem Participants such as Issuers, Verifiers, and other Relying Parties.

To learn more about the Pan-Canadian vision and benefits-for-all value proposition please review the Pan-Canadian Trust Framework Overview.

Invitation:

All interested parties are invited to comment.

Period:

Opens: Apr. 10, 2022 at 23:59 PT | Closes: May 20, 2022 at 23:59 PT

When reviewing the components Conformance Criteria, please consider the following and note that responses to this question are non-binding and serve to improve the PCTF.

Would you consider the Conformance Criteria as auditable or not? That is, could you objectively evaluate if an organization was compliant with that criteria and what evidence would be used to justify that?

Review Documents: PCTF Digital Wallet

Component Overview Draft Recommendation V1.0 Conformance Profile Draft Recommendation V1.0 DIACC Comment Submission Spreadsheet 

Intellectual Property Rights:

Comments must be received within the 30-day comment period noted above. All comments are subject to the DIACC contributor agreement; by submitting a comment you agree to be bound by the terms and conditions therein. DIACC Members are also subject to the Intellectual Property Rights Policy. Any notice of an intent not to license under either the Contributor Agreement and/or the Intellectual Property Rights Policy with respect to the review documents or any comments must be made at the Contributor’s and/or Member’s earliest opportunity, and in any event, within the 30-day comment period. IPR claims may be sent to review@diacc.ca. Please include “IPR Claim” as the subject.

Process:

All comments are subject to the DIACC contributor agreement. Submit comments using the provided DIACC Comment Submission Spreadsheet. Reference the draft and corresponding line number for each comment submitted. Email completed DIACC Comment Submission Spreadsheet to review@diacc.ca. Questions may be sent to review@diacc.ca.

Value to Canadians:

The PCTF Digital Wallet component will provide value to all Canadians, businesses, and governments by setting a baseline of business, legal, and technical interoperability. The DIACC’s mandate is to collaboratively develop and deliver resources to help Canadian’s to digitally transact with security, privacy, and convenience. The PCTF is one such resource and guides digital identity ecosystem interoperability by putting policy, standards, and technology into practice aligning with defined levels of assurance. The DIACC is a not-for-profit coalition of members from the public and private sector who are making a significant and sustained investment in accelerating Canada’s Identity Ecosystem.

Context:

The purpose of this review is to ensure transparency in the development and diversity of a truly Pan-Canadian, and international, input. In alignment with our Principles for an Identity Ecosystem, processes to respect and enhance privacy are being prioritized through every step of the PCTF development process.

DIACC expects to modify and improve these Draft Recommendations based upon public comments. Comments made during the review will be considered for incorporation into the next iteration and DIACC will prepare a Disposition of Comments to provide transparency with regard to how each comment was handled.

Friday, 08. April 2022

OpenID

Announcing the 2022 OpenID Foundation Kim Cameron Award

Overview The OpenID Foundation Board has resolve to begin the OpenID Foundation Kim Cameron Award Program in May 2022. Increasing representation from young people’s who’ve demonstrated an interest in subjects consistent with the OpenID Foundation Mission, to lead the global community in creating identity standards that are secure, interoperable, and privacy preserving. The OpenID Foundation […] T

Overview

The OpenID Foundation Board has resolve to begin the OpenID Foundation Kim Cameron Award Program in May 2022. Increasing representation from young people’s who’ve demonstrated an interest in subjects consistent with the OpenID Foundation Mission, to lead the global community in creating identity standards that are secure, interoperable, and privacy preserving.

The OpenID Foundation Kim Cameron Award is a recognition of the importance of mentoring a new generation of domain experts and thought leaders in user centric identity. The Foundation is interested in increasing representation from those who’ve demonstrated an academic and practical interest in subjects consistent with OpenID Foundation’s Mission. The Foundation is collaborating with the European Identity Conference and Identiverse conference organizers, other standards organizations and academics to maximize the value of the awards for recipients and the community at large. The OpenID Foundation Kim Cameron Award Program will complement similar efforts in other organizations to ensure its inclusivity, diversity and international access and opportunity.

Award recipients will be studying, researching, interning or working in a field relevant to one or more OpenID Foundation working groups and consistent with Foundation’s Mission. The recipients will also be invited to participate in Foundation breakout meetings at the European Identity Conference and Identiverse which will provide exposure to both the Foundation’s business as well as leading technologists.

 

Scholarship Request Process

Those interested are to send a request for award to director@oidf.org. The request is to include a 300 words or less essay describing why the individual requesting the award is deserving, how it aligns with their current studies/work and how it will help them advance their career in digital identity. The request for scholarship should also include the conference of interest.

The 2022 pilot of the OpenID Foundation Kim Cameron Award includes free admission to Identiverse or the European Identity Conference and a $2000 per diem for travel, lodging and meals at the conference. Award recipients will be required to submit a blog reporting on their experience at the conference and will have the opportunity to enter Kuppinger Cole’s Young Talents Program.

The deadline to submit award requests for both the European Identity Conference and Identiverse is Monday, April 25, 2022 6pm PT. The Foundation will announce scholarship recipients no later than Friday, April 29, 2022.

Please send any question to director@oidf.org.

 

How to Help Build the Award Program

This is to add a few notes for those interested in contributing human or financial capital to the Kim Cameron Award fund. This is a modest start, a ‘token’ literally and figuratively.

The OpenID Foundation plans to enhance and extend the program with Directed Funding from our members and in collaboration with organizations like OpenID Foundation Japan, Women in Identity and IDPro. We were inspired by a recent article by Professor Evan Peck; A Neglected Pipeline: Improving Undergrad Access to Conferences.  Our thanks to the organizers of the Identiverse and European Identity and Cloud Conferences.

For more information on how to contribute to the Kim Cameron Scholarship Program, please contact OpenID Foundation Non-Executive Director, Don Thibeau.

The post Announcing the 2022 OpenID Foundation Kim Cameron Award first appeared on OpenID.

Elastos Foundation

Elastos Bi-Weekly Update – 08 April 2022

...

Thursday, 07. April 2022

Digital ID for Canadians

2022 Budget Statement

Canada’s trusted digital ID leader, the DIACC, welcomes Budget 2022 investments for digital transformation and Canadian innovation TORONTO, APRIL 7, 2022 — Joni Brennan, President…
Canada’s trusted digital ID leader, the DIACC, welcomes Budget 2022 investments for digital transformation and Canadian innovation

TORONTO, APRIL 7, 2022 — Joni Brennan, President of the Digital Identification and Authentication Council of Canada (DIACC) released a statement following the tabling of the federal budget today:

The DIACC welcomes the federal government’s investments for digital transformation and Canadian innovation to enable a thriving digital economy announced in today’s budget.

We have seen throughout the pandemic the heightened role digital services have played in supporting Canadians; however, the disruptive events here in Canada and abroad, including the misinformation and cyber attacks surrounding it, underscore the need to protect our citizens and businesses. Core to that safety is privacy, security and choice in how citizens and businesses across Canada share personal information online. That’s why a safe and secure digital ID ecosystem is essential for the post-pandemic economic recovery. 

Digital ID allows people and organizations to verify themselves online securely and protect personal information while allowing them to control how their information is used and shared. Like a physical ID card, digital ID credentials typically include documents and cards such as driver’s licences and passports. Digital ID is a choice. It is a supplemental tool for people and organizations to access online services.

A digital identity is a highly personal yet critical component to both serve and protect Canadians. We must have a clear path forward on how Canada’s public and private sectors can work together to build a trusted platform that protects our digital identities. 

We know that an effective, safe and secure digital ID ecosystem will save manual operation costs and reduce fraud, saving an estimated $482 million for provincial and federal governments, and $4.5 billion for private sector organizations.

Today’s budget announcement keeps the importance of secure and privacy protecting digital ID in our windows and more work needs to be done to develop this path based on citizen consent, control, and trust. We look forward to collaborating with the government on consultations to support these imperative next steps while finding ways to combat misinformation that surrounds it. 

We are also pleased to see the Government of Canada maintaining the momentum on its commitment to work “towards a common and secure approach for a trusted digital identity platform to support seamless service delivery to Canadians across the country.”

Trusted, interoperability platforms that secure Canadian identities are more critical now than ever before.

About Digital ID and Authentication Council of Canada (DIACC)

The Digital Identification and Authentication Council of Canada (DIACC) is a non-profit coalition of public and private sector organizations committed to developing research and tools to enable secure, robust, and scalable Canadian digital ID solutions and services. With privacy, security, and choice at the forefront of all DIACC initiatives, we aim to enable all Canadians to participate safely and confidently in the global digital economy.

For more information

Krista Pawley

krista@imperativeimpact.com 

416 270 9987


The Engine Room

We’re hiring! Our team is looking for a Sysadmin Support Consultant and an Organisational Security Consultant 

The Engine Room is looking a Sysadmin Support Consultant and an Organisational Security Consultant to join our team. The post We’re hiring! Our team is looking for a Sysadmin Support Consultant and an Organisational Security Consultant  first appeared on The Engine Room.

Deadline extended to 20 April, 2022!

Technology is changing a lot about how our world works, including the ways in which civil society can hold power to account, build collaborations and mobilise data to push for social justice. At The Engine Room, we work with civil society partners–from big humanitarian organisations to small activist collectives–to build their technical intuition and support them in making better judgments about the role tech and data can play in their work. 

We are looking for a Sysadmin Support Consultant and an Organisational Security Consultant to join our team.

About the roles The Sysadmin Support Consultant will support the management of The Engine Room’s IT infrastructure, providing tech and strategic support to The Engine Room staff, and, upon request, providing technical support on external projects. Our ideal candidate has experience with server and cloud infrastructure management, implementation and maintenance of open source tools, monitoring and maintenance of WordPress websites and documenting technical processes. They have strong support skills, especially when providing support and advice to people with varying technical skill levels, and fluency in mail encryption using Thunderbird and PGP keys. Read the job description in full to learn more.

The Organisational Security Consultant will coordinate with and provide support to the Resilient Infrastructures Manager and technical project managers, provide support to our organisational security-related projects, contribute to our Light Touch Support offer to partners as needed and more. Our ideal candidate has 5+ years experience in research and training in topics related to encryption, password managers, two-factor authentication, and social media security, as well as experience helping people build and understand threat models for themselves and their function or role within an organisation. They are familiar with cybersecurity concepts, including social engineering, common tactics, techniques and procedures. They have an ability to propose and write protocols and guides to strengthen the digital security of the organisation and its partners and to conduct risk assessments and create risk matrixes for civil society organisations. Read the job description in full to learn more. Why work with us?

We put a lot of effort into creating a healthy, remote organisation, and we believe that caring about our team’s wellbeing is a political act. Our team members are curious, open and supportive of each other. We are critical optimists about the role technology and data can have in the push for social justice. At The Engine Room, we consider diversity to be a competency. We actively seek new perspectives, experiences and voices in our team and in our work. Our organisation prioritises empathy, respect, flexibility, fun and a healthy work-life balance.  

How to apply

Applications must be received via the Breezy platform (linked below!); submissions received via email will not be considered. In the interest of equity and efficiency, we ask people to look at our  Jobs page as well as our Job Application Process FAQs if they have questions, would like an overview of our recruitment process, or need information on what it is like to work at The Engine Room.

The deadline for applications for both positions has been extended to Wednesday, April 20, 2022, midnight Eastern Time. You can expect to hear from us about the status of your application within 3 weeks after the applications submission deadline. 

Sysadmin Support Consultant Application Organisational Security Consultant Application

Keep an eye out for another exciting opportunity with The Engine Room

Interested in working with us but don’t think these positions are right for you? Make sure you take a look at our blog in the next few weeks to check upcoming opportunities.

Image credit: Tim Mossholder via Unsplash.

The post We’re hiring! Our team is looking for a Sysadmin Support Consultant and an Organisational Security Consultant  first appeared on The Engine Room.

eSSIF-Lab

Go Aries! Enabling CL-Support on Aries Framework Go by Datarella GmbH

The “Go Aries!” project focuses on enabling CL signatures and -credentials within the Aries Framework Go to make it compatible with Aries Cloud Agent Python (ACA-Py) agents and the Indy-SDK. Therefore, the benefits of the Aries Framework Go are accessible to ACA-Py and Indy.

Background and Goals
Hyperledger Aries is the dominant protocol to enable SSI applications. The most popular framework is the ACA-Py which enables cloud-based SSI agents based on Python and is closely entangled with Hyperledger Indy, a purpose-built blockchain as trust anchor. The dominant signature scheme are Camenisch-Lysyanskaya (CL) Signatures to sign and verify DIDs and Anoncreds.
The Aries Framework Go (AfGo) comes more from a ledger-independent approach, which is based on Golang and natively supports JSON-LD credentials and standard support for ec cryptography and BBS+ signatures. Due to its language wrappers, it can be deployed directly on machines which gives it a crucial advantage over the ACA-Py and its corresponding mobile frameworks.
To make machine interaction available to ACA-Py Agents, AfGo agents need to support CL signatures. We want to add support of these signatures to make the Aries Framework Go more complete and allow for new use cases in the ACA-Py ecosystem.

Problem Statement
There are currently two distinct universes within the Hyperledger Aries Framework. The ACA-Py in connection with Hyperledger Indy is already a quite mature agent and trust anchor framework and is the mostly used framework for SSI projects to date. However, it has its limitations as is aimed to be a cloud agent and does not support mobile or other kind of edge agents. Even though the compatible Aries Framework .NET provides a framework for mobile devices it cannot be implemented on standalone devices like car internal computers. This limits the use of the ACA-Py primarily on cloud agent and mobile devices.
The Aries Framework Go comes from a more independent approach and is not tied to a specific ledger. It can be connected to Hyperledger Indy, but comes with a different form of signature schemes which limits today’s interoperability between these universes.
In order to have strong interfaces between these frameworks, the Aries Framework Go requires support for CL-signatures.

Solution approach
The project will use the Aries Framework Go as the starting point as this approach ensures high compatibility with existing projects based on the Aries Framework Go and it later allows us to easily provide merge requests. We will rewrite existing components and include CL-Signatures that are required for a well performing Aries Framework Go agent. We will also focus on the new modules Aries Askar, that acts as a new wallet to store key material and credentials, Indy CredX for credential handling, and Indy VDR to store public DIDs. Therefore, our new CL-compatible Go agents would be able to create connections by establishing CL-signed communication channels, anchor public DIDs on Indy, issue, store and verify CL-credentials, and creating and reading revocation registries. Furthermore, this makes the ACA-Py also independent from Hyperledger Indy, as it is possible to connect any ledger as a Verifiable Data Registry. This is a major leap towards completing the SSI framework as it unifies the AfGo with ACA-Py and Indy.

Results
The results will be shown in a demonstrator where an Aries Framework Go agent will create and issue Anoncreds and send it to an Aries Cloud Agent. The repository containing the framework solution itself will be open-sourced.

Country: Germany
Further information: https://datarella.com/ 
Team: Datarella GmbH

GitLab: https://gitlab.grnet.gr/essif-lab/cfoc/datarella 

Wednesday, 06. April 2022

Energy Web

Australian Energy Market Operator partners with Energy Web on Project Symphony, a future-proofed…

Australian Energy Market Operator partners with Energy Web on Project Symphony, a future-proofed solution for renewable energy integration A two-year pilot is demonstrating the future of energy system operation for more stable, reliable, and cost-effective renewable energy. Perth, Australia, and Zug, Switzerland, 6 April 2022 — Energy Web, the non-profit building operating systems for energy gri
Australian Energy Market Operator partners with Energy Web on Project Symphony, a future-proofed solution for renewable energy integration

A two-year pilot is demonstrating the future of energy system operation for more stable, reliable, and cost-effective renewable energy.

Perth, Australia, and Zug, Switzerland, 6 April 2022 — Energy Web, the non-profit building operating systems for energy grids, is proud to announce its collaboration with the Australian Energy Market Operator (AEMO) on Project Symphony, an innovative project which adds consumer-owned Distributed Energy Resources (DER), like rooftop solar, to a Virtual Power Plant (VPP) to enable participation in a future energy market. The project, a collaboration between Western Power as project lead, AEMO, Synergy and the Western Australian Government, aims to provide greater grid stability and security while unlocking economic and environmental benefits for customers and their communities.

In Western Australia, more than 1 in 3 households have rooftop solar installed, with a predicted increase to 1 in 2 by 2030. While this uptake creates value for customers and accelerates the decarbonization of the energy grid, it also presents risks to power system security and reliability. Issues like low minimum demand and variable generation arise, as the grid receives excess energy in the middle of the day while demand is low, with demand increasing in the evenings when supply from rooftop solar decreases.

Project Symphony will see approximately 900 DERs across 500 homes and businesses orchestrated into a Virtual Power Plant (VPP) which can generate and store electricity at a local level. The project will allow for the aggregation of all generated energy, optimized storage, distribution, and sale of that energy in manner similar to a traditional power plant. Initially running in an off-market environment, VPPs will eventually enable DER owners to sell excess energy back to the grid via an aggregator. Project Symphony will run for a pilot period of two years in Southern River in Perth, with the learnings informing the future implementation of DER orchestration projects in Western Australia.

Energy Web will deliver the data exchange component required for aggregators to access the market. Energy Web’s blockchain-backed operating system can assign digital identities to participants, facilitating the secure and efficient exchange and validation of market participant data. Energy Web is also working with AEMO on Project EDGE, a DER marketplace solution for Eastern Australia.

“Project Symphony models the future of DER integration into energy markets, in a format that can be replicated for energy systems worldwide”, said Jesse Morris. “Market and system operators everywhere should welcome the uptake of personal renewable energy as part of the energy transition, but we need a system that can accommodate this rapid growth — in parts of Western Australia, around 3,000 households are adding a new system each month. No such software system currently exists. We’re proud to be working with the partners on Project Symphony to play a role in enabling Australia’s energy transition to maximize the value of DER for consumers.”
“By informing the blueprint for a solution designed for the modern energy market, where DER can be actively integrated and appropriately leveraged, Project Symphony will bring us closer to a future where the full capabilities of DER can be harnessed to deliver sustainable value to all customers and to the stability of the power system”, said Bruce Redmond, DER Product Owner at AEMO. “Energy Web’s leading-edge open-source digital technologies help us to design a market fit for the future.”

Project Symphony is a flagship project under the Western Australian Government’s Distributed Energy Resources Roadmap, a program for enabling the transition to a highly distributed energy future. Energy Web are supporting Western Power, acting as the Distribution System Operator, AEMO, acting as the Distribution Market Operator, and Synergy, acting as DER aggregator to facilitate data sharing between project platforms to deliver the end-to-end solution.

Project Symphony is enabled by $35m in funding, derived from $19.3m in Western Australian state funding, $7.6m in funding from AEMO, and $8.6m from the Australian Renewable Energy Agency (ARENA) as part of ARENA’s Advanced Renewables Program.

About Energy Web
Energy Web is a global, member-driven non-profit accelerating the low-carbon, customer-centric energy transition by unleashing the potential of open-source, digital technologies. Our Energy Web Decentralized Operating System (EW-DOS) enables any energy asset, owned by any customer, to participate in any energy market. The Energy Web Chain — the world’s first enterprise-grade, public blockchain tailored to the energy sector — anchors the EW-DOS tech stack. The Energy Web ecosystem comprises leading utilities, grid operators, renewable energy developers, corporate energy buyers, IoT / telecom leaders, and others.

Media contact
Gavin Cahill
Sillion
Gavin.cahill@sillion.co.uk
+44 20 3858 7800

The views expressed herein are not necessarily the views of the Australian Government, and the Australian Government does not accept responsibility for any information or advice contained herein.

Australian Energy Market Operator partners with Energy Web on Project Symphony, a future-proofed… was originally published in Energy Web Insights on Medium, where people are continuing the conversation by highlighting and responding to this story.


DIF Blog

Nominations are Open!

We are looking for candidates to fill seats on the governing body of DIF, the Steering Committee. Nominations open 6th April 2022 for 30 days. Any member of DIF can submit a nomination for a candidate and all DIF members (including individuals) are eligible for nomination.
It's election time: DIF Steering Committee

The Decentralized Identity Foundation is governed by a volunteer board, chaired by our Executive Director, known as the Steering Committee (SC for short), which is democratically elected by DIF Associate membership. The SC’s responsibility is to represent DIF membership and define the vision, goals and strategy of our organization. Our current Steering Committee members are listed on our homepage here.

To ensure the Steering Committee is representative of the interests and diversity of our community, and that the DIF is able to continue to grow and evolve, we commit to holding regular Steering Committee Elections, with the candidates nominated from, and by, the community. The role of the SC, along with the election process, is described publicly in our governance documentation here and here.

Any member of DIF can submit a nomination for a candidate and all DIF members (including individuals) are eligible for nomination.

Nominations for SC candidates are open from today, 6th of April 2022! Any member of DIF can submit a nomination for a candidate and all DIF members (including individuals) are eligible for nomination. Nominations remain open for one month, closing at 23:59 GMT on Friday 6th May 2022.

We are looking for people who are passionate about digital transformation and innovation, who have a strong sense of social responsibility and who want to help shape the future identity landscape. Feel free to nominate standout members of the community, those with fresh ideas or industry experience. You can even nominate yourself if you so choose!

To submit a nomination, please send an email directly to nominations@identity.foundation with the candidate's full name and contact details. Once nominations are in, we will post an update outlining the next steps in the election process and introducing the candidates.

We are also looking for questions and discussion points from the community for each nominee to address, to help voters decide who best aligns with their priorities and vision for DIF. Please send these topics to nominations@identity.foundation. (Please note: making a nomination is not a requirement to submit a question)

As always, if you have any questions about the process, concerns about becoming a candidate, please reach out to us directly by email at nominations@identity.foundation, and don't forget to follow our Twitter for regular updates!


Hyperledger Ursa

Call for Applications: 2022 Hyperledger Mentorship Program

Want to jump start a career in blockchain development? Ready to build hands-on skills developing leading-edge open source technologies? Looking to work directly with mentors who are invested in you... The post Call for Applications: 2022 Hyperledger Mentorship Program appeared first on Hyperledger Foundation.

Want to jump start a career in blockchain development? Ready to build hands-on skills developing leading-edge open source technologies? Looking to work directly with mentors who are invested in you and your work? Then the Hyperledger Mentorship Program is for you. 

Now in its sixth year, the Hyperledger Mentorship Program provides a structured and guided learning opportunity for anyone, at any career stage, looking to get started in the open source movement. With full and part time options, fully remote work and a stipend, the projects are designed to be a pathway to becoming a contributor to the Hyperledger community that work for students, people in career transition and anyone else who wants to develop or sharpen their knowledge of cutting-edge blockchain technologies. Applications are now open.

This year, the Hyperledger Mentorship Program has grown to 30 planned part and full-time projects covering a range of technologies, challenges and technical difficulty levels and includes non-development projects such as Ecosystem Analysis and Developer Marketing. Each project is designed and proposed by active members of the Hyperledger community. Those who propose the projects serve as the mentors and work closely with their mentees on developing a project plan, setting milestones and solving problems. Mentees can expect regular evaluations and feedback. For more about the program, including the schedule and stipend details, go here.

Over the last five years, more than 70 mentees have completed Hyperledger Mentorship projects. Each of these mentees have made concrete contributions to Hyperledger projects and built important connections in the community. Some, like Bertrand Rioux, have gone on to become mentors themselves:

“I was accepted into the Hyperledger mentorship program last year after seeking a community to help advance my professional goals of developing software for climate action. I was fortunate to find a diverse group of mentors that helped me build the knowledge and skills I needed to effectively contribute to the Hyperledger open source community and to have the opportunity to develop technical expertise in a field I was actively working in. In addition to delivering a secure identity management solution for a Hyperledger Fabric Network, I started contributing my own ideas to the open source operating system for climate action. As a result, I am now taking a leadership role in the community. In addition to serving as mentor in this year’s program, I proposed a project on reducing waste emission in the oil & gas industry that was accepted.” – Bertrand Rioux, Independent Energy Consultant and Mentor for the Multiple Data Integration to Hyperledger Fabric Climate Accounting Network project

To learn more about the Hyperledger Mentorship experience and outcomes, check out these  spotlights on last year’s projects with highlights from both the mentors and mentees.

Read on for descriptions of some of the projects planned for this year:

Multiple Data Integration to Hyperledger Fabric Climate Accounting Network

The Hyperledger Labs blockchain-carbon-accounting project includes a Hyperledger Fabric network for recording the carbon and Greenhouse Gas (GHG) emissions that cause climate change.  Since there are many activities that cause such emissions, the network is designed to accept data from multiple sources of measurements.  In this project, we will demonstrate integrations from measurement sources with blockchain networks by integrating the ThoughtWorks cloud computing emissions calculator, the NREL OpenPath mobile application, and other web- and mobile-based API’s sources to turn instrumented readings into emissions measurements. It will leverage previous projects involving Hyperledger Cactus, Vault security engines, and client security for Hyperledger Fabric.

The expected outcomes of this project are

Successful integration of the mobile apps and API’s with Hyperledger Fabric Benchmark comparison of Hyperledger Fabric and alternatives Documentation and tutorials for integrating future data sources Demonstrate Interoperability using Hyperledger Bevel and Cactus

Hyperledger Cactus support ledger Interoperability but use a local deployment for testing; Hyperledger Bevel supports production-worthy deployments. This project aims to support Cactus deployment using Bevel to demonstrate production-like usage of Hyperledger Cactus. 

The steps will be following:

Deploy a Hyperledger Fabric network using Bevel on a Managed Kubernetes cluster Deploy a GoQuorum network using Bevel on a Managed Kubernetes cluster (can be the same cluster for simplicity). Make changes in Hyperledger Bevel code to deploy the Cactus connectors in both the above networks. Run Cactus test cases.

The expected outcomes of this project are

Successful Interoperability testing using Cactus on  production like DLT networks. Update to Hyperledger Bevel code to automatically deploy the Cactus plugins. Update to Documentation of Bevel and Cactus. Detailed tutorials and learning materials which would benefit Bevel and Cactus communities. Hyperledger Fabric-Ethereum token bridging

One of the key use cases of blockchain integration is asset bridging: in essence, “locking” an asset (typically, a native coin or token) in a smart contract on its authoritative ledger and making available corresponding, newly minted (wrapped/shadow/…) assets on another. By now, bridging is supported by quite mature solutions in the cryptoworld; however, the same is not true for “consortial” distributed ledger technologies. At the same time, such functionality can be expected to become an important requirement in the not too distant future: for instance, a central bank may choose to create a high performance, Hyperledger Fabric-based Central Bank Digital Currency (CBDC) ledger with a strongly controlled set of “smart contracts,” but allow controlled “bridging out” of the currency to dedicated distributed ledgers of industrial/enterprise cooperations. 

Last year, a CBDC prototype with such functionality was created at the Dept. of Measurement and Information Systems of the Budapest University of Technology and Economics (BME), in a research project supported by the central bank of Hungary (MNB); our initial experience with a custom Hyperledger Cactus and TokenBridge based solution showed that this is a problem worth more targeted experimentation and systematic R&D.

The expected outcomes of this project are

Report on asset representation in Hyperledger Fabric and mapping approaches to standard Ethereum tokens Report on bridging approaches and technologies and their applicability for bridging from/to Fabric Requirement specification Design specification Prototype implementation and small demo of bridging at least ERC-20 or ERC-721 to Ethereum – and back Client Connector for Hyperledger Besu

Develop a connector that provides both synchronous and asynchronous modes of interacting with a running Hyperledger Besu node. The connector would act as an interface between an enterprise application and the Hyperledger Besu node for data ingestions and it could provide event subscription options.

The scope of the project would also include an end-to-end test on a sample network.

The expected outcomes of this project are

Design and implement the connector. A new Hyperledger Labs project is proposed with a documentation. GVCR: Secure Verifiable Credential Registries (VCR) for GitHub & GitLab

As conceptualized and standardized by the W3C, the Verifiable Credentials protocol is one of the three pillars of Self-Sovereign Identity, together with the Decentralized Identifiers protocol (DIDs) and Distributed Ledger Technology (or Blockchain). The project aims to design and build a verifiable credential registry (VCR) on GitHub repository, namely GitHub-based Verifiable Credential Registry (GVCR), by leveraging existing GitHub APIs, and other open-source tools provided by other Hyperledger projects, such as Hyperledger Aries, Hyperledger Indy, and Hyperledger Ursa. The basic architecture is already built. For more details about the conceptional design and workflows, please refer to the GitHub repository GitHub-VCR.

The expected outcomes of this project are

A verifiable credential registry based on one or more GitHub repositories. Command-Line utility to automate the process of verification of a credential. Proper test cases and documentation. Codebase maintained with proper read me document.

The Hyperledger Summer Mentorship Program is part of the Linux Foundation’s overall commitment to mentoring. The application process is being managed through LFX Mentorship, a platform created by the Linux Foundations to train future open source leaders. 

Check out the full list of mentorship projects and start your application today. The deadline to apply is May 10. Mentees from diverse communities are encouraged to apply. All are welcome here!

The post Call for Applications: 2022 Hyperledger Mentorship Program appeared first on Hyperledger Foundation.


Elastos Foundation

Elastos Financial Report – Second Half 2021

...

Tuesday, 05. April 2022

The Engine Room

Upcoming community call & new research: biometrics in the humanitarian sector

In 2018 we worked with Oxfam to publish a landmark report on the use of biometric data – fingerprints, iris scans, voiceprints and so on – in the humanitarian sector. We are excited to be starting new research that will build on this foundation by taking stock of developments in the sector and looking into new and emerging evidence of harms and benefits. The post Upcoming community call & new

In 2018 we worked with Oxfam to publish a landmark report on the use of biometric data – fingerprints, iris scans, voiceprints and so on – in the humanitarian sector. Our report looked at how these types of data were being collected and used, and raised critical questions around potential risks and harms.

This year, with the support of Open Society Foundations’ Migration Initiative, we are excited to be starting new research that will build on this foundation by taking stock of developments in the sector and looking into new and emerging evidence of harms and benefits. Through this new research, we hope to support a more justice – and evidence – based approach to using biometrics in humanitarian work. 

Join our first community call on 19 April, 10 AM EST/ 4 PM CET

If you’re a humanitarian practitioner or just interested in biometrics and responsible data, please join our upcoming Community Call, where we’ll be introducing the project and hearing from practitioners on the theme. Register for the call.

Background

In 2021, the humanitarian and development sector saw several worst-case scenarios related to the management of biometric data come to pass. In Bangladesh, biometric data collected by the UNHCR from Rohingya refugees was shared with the Myanmar government – the same government that was responsible for their displacement in the first place. In Afghanistan, on the eve of Taliban taking over the country following the withdrawal of US forces, organisations scrambled to destroy information collected on those served by US programmes. We know that the Taliban took charge of biometric databases left behind by the US forces, possibly endangering thousands of people

We have also seen cases such as the hacking attack on the International Committee of the Red Cross (ICRC), which compromised the personal data of over 500,000 people. While there was no biometric data in the compromised database, this case showed that even responsible actors are vulnerable to breaches and attacks – and that humanitarian organisations are a target for malicious actors.

While the above cases have done much to raise awareness of responsible data issues related to the misuse of biometric data, far less attention has been paid thus far to the structures that make such misuse possible in the first place – like biometrics use policies or lack thereof – while unscrutinised claims by the private sector and funding organisations about the ability of emerging technologies to address social issues threaten to continue entrenching structures of harm within humanitarian responses. 

We believe that building knowledge on these issues is fundamental to ongoing efforts to foster better practices in the humanitarian sector. 

With all this in mind, here are some of the key questions that will guide our work:

How is biometric data that is gathered by humanitarian organisations governed? (ie. how the data is used, transferred, and shared; and who has access to it?)  What are humanitarian organisations’ policies on biometrics use? How have they been developed, and how are they applied in practice? What kinds of evidence exist on the benefits, harms and risks of biometric data use in the humanitarian context? How might existing regulatory frameworks support more responsible use of biometrics in the humanitarian sector? We would love to hear from you!

As mentioned above, our first community call is on April 19 – it’s open to anyone who is interested in the topic, so feel free to attend even if you’d just like to come and listen.

And if you’re a humanitarian practitioner working with data and biometrics, or part of a community impacted by such schemes, our research team would love to hear from you. Please don’t hesitate to get in touch with Teresa at teresa[at]theengineroom.org.

Photo by Marek Piwnicki via Unsplash.

The post Upcoming community call & new research: biometrics in the humanitarian sector first appeared on The Engine Room.

Monday, 04. April 2022

Digital ID for Canadians

Privacy, Security, and Choice Drive Canadians’ Desire for Digital ID

Digital ID and Authentication Council of Canada Research Finds Canadians Want Digital ID that is user-centric and aligns with their values Access the full 2021…
Digital ID and Authentication Council of Canada Research Finds Canadians Want Digital ID that is user-centric and aligns with their values

Access the full 2021 Research Report
Access the Multi-page Synopsis
Access the One-page Synopsis

Toronto, April 4, 2022 – Canadians need to feel safe and in control when they engage in the digital economy. Core to that safety are privacy, security and choice in how they share personal information online. According to the third annual national survey undertaken by the Digital ID and Authentication Council of Canada (DIACC), a staggering 91 per cent of Canadian respondents are calling for control over their personal data collected by provincial and federal governments. 

Additionally, 86 per cent of respondents want control over personal data collected by private organizations, and 80 per cent want a secure and unified digital ID ecosystem.

“A trusted pan-Canadian digital identity framework is essential to digital economic prosperity,” said DIACC president Joni Brennan. “While there is some progress on recognizing the importance of digital ID, Canada is still at a stage where more work must be done on the policy side to ensure a truly digital economy.”

Unlocking an inclusive digital economy is an opportunity for the government to rebuild much-needed trust among Canadians, enhance privacy, and demonstrate that citizens’ rights are a top priority. According to the Edelman 2021 Canadian Trust Barometer, only 53 per cent of Canadians trust government organizations – a drastic decline of six points since only the previous year.

DIACC’s research reflects this lack of trust. “A trusted digital ID framework needs to be designed with people at the centre. All Canadians need to be able to choose if and how they want to use their digital ID credentials. Digital ID is not intended to replace existing physical ID methods, but as an optional supplemental tool,” Brennan said.

Establishing a trusted digital ID will allow people and organizations the choice to verify themselves online securely, while protecting personal information with no user traceability. It offers a decentralized, privacy-enhancing solution for both the private and public sectors.

The DIACC applauds the federal government for including digital identity as a priority in Treasury Board President Mona Fortier’s mandate letter. The need to invest in digital ID was also referenced twice in the House of Commons Finance Committee’s 2021 pre-budget recommendation as critical to supporting Canada’s Digital Government Strategy in secure service delivery.

“It’s encouraging to see recognition of the critical role that digital identity plays in enabling Canada’s economy; however, we need to see a real commitment to action if we are going to reap the benefits of Digital ID and Digital Trust in meaningful economic growth,” said Dave Nikolejsin, the DIACC’s Board Chair, referring to the DIACC’s Pan-Canadian Trust Framework™ (PCTF).

The PCTF is a publicly available set of tools, shared principles, and guidelines to help organizations operate in a digital ecosystem. It includes processes like Notice and Consent, Authentication, Verification, Privacy, Credentials, and Infrastructures – both technologically and operationally.

Most importantly, the PCTF is citizen-centric. It is designed to keep users safe.

“This is an opportunity for industry and government leaders to come together and build a strong partnership. We have the fundamentals, we have the expertise, and we have the framework. Now, we need mutual investment across sectors to put the PCTF into action,” said Franklin Garrigues, VP External Ecosystems at TD Bank, DIACC Board Vice-Chair.

Nearly two-thirds of survey respondents are calling for governments to collaborate with the private sector to develop a pan-Canadian digital ID. On top of this, three quarters want the government to move quickly.

Privacy. Security. Choice.

DIACC is committed to developing research and tools to enable secure, robust, and scalable Canadian digital identity (digital ID) solutions and services. With digital advancements happening at a surefire rate, DIACC prioritizes privacy, security, and, most importantly, choice of use at the forefront of all digital ID initiatives.

To achieve real growth and sustainability, Canadians need transparency in governance. They need a digital ID they can own and choose to use. A digitally and economically prosperous Canada depends on it.

Learn more about the DIACC and digital ID.

– 30 –

ABOUT DIACC

DIACC is a growing coalition of public and private sector organizations who are making a significant and sustained effort to ensure Canada’s full, secure, and beneficial participation in the global digital economy.  By solving challenges and leveraging opportunities, Canada has the chance to secure at least three per cent of unrealized GDP or $100 billion of potential growth by 2030. Seizing this opportunity is a must in a digital society as we work through the COVID pandemic challenges. Learn more about the DIACC mandate

DIACC was created as a result of the Minister of Finance’s Electronic Payments Task Force that recommended that Canada needs a framework for digital identity and authentication that a self-governing body of experts must create.

Want to contribute to a digital ID ecosystem? Apply to become a DIACC member today. 

ABOUT THE RESEARCH FIRM

Burak Jacobson Research Partners is a full-service market research consulting firm headquartered in Toronto, Ontario. Founded in 1981, Burak Jacobson has conducted over 4,000 research projects in 39 countries across a variety of industries.


SelfKey Foundation

How will Identity be Perceived in Web3?

With the emergence of Web3, next-generation digital Identity management can become a completely decentralized peer-to-peer networking system. SelfKey is creating a digital identity system that is self-sovereign in nature, designed to bring back control of identity to users. The post How will Identity be Perceived in Web3? appeared first on SelfKey.

With the emergence of Web3, next-generation digital Identity management can become a completely decentralized peer-to-peer networking system. SelfKey is creating a digital identity system that is self-sovereign in nature, designed to bring back control of identity to users.

The post How will Identity be Perceived in Web3? appeared first on SelfKey.

Friday, 01. April 2022

Nyheder fra WAYF

Københavns Universitet tiltræder SIRTFI

Som den femte danske brugerorganisation har Københavns Universitet nu erklæret at det opfylder kravene i SIRTFI, en protokol for håndtering af sikkerhedshændelser i identitetsføderationer. Folk med KU-brugerkonti har derfor nu adgang til at identificere sig som sådanne over for tjenesteudbydere – fx schweiziske CERN – som kun accepterer fødererede logins fra organisationer som overholder S

Som den femte danske brugerorganisation har Københavns Universitet nu erklæret at det opfylder kravene i SIRTFI, en protokol for håndtering af sikkerhedshændelser i identitetsføderationer. Folk med KU-brugerkonti har derfor nu adgang til at identificere sig som sådanne over for tjenesteudbydere – fx schweiziske CERN – som kun accepterer fødererede logins fra organisationer som overholder SIRTFI.

Language Danish Read more about Københavns Universitet tiltræder SIRTFI

Thursday, 31. March 2022

Digital ID for Canadians

Report on the Adequacy of Identity Governance Transparency – DIACC Special Group Insights

In the last few years, the importance of digital identity has grown exponentially, from being an instrument employed primarily to secure closed systems (such as…

In the last few years, the importance of digital identity has grown exponentially, from being an instrument employed primarily to secure closed systems (such as corporate networks) to being a platform for governments to deliver eGovernment public services.

This report looks at Transborder use of digital identity in the context of international transfer, control, and access to private/personal data between Canada and the European Union. In particular, it looks at such data transfer considering the obligation to inform individuals during data processing and investigate into the adequacy of transparency and notice for international data transfer.

Contents of this report have been submitted by the DIACC International Pilots Special Interest Group.

Download the report here.

Report-on-the-Adequacy-of-Identity-Goverance-Transparency


Energy Web

Energy Web shares open-source tech toolkit for simplifying 24/7 clean energy procurement

Zug, Switzerland — 31 March 2022 — Energy Web (EW), in cooperation with Elia, SB Energy, and Shell, is excited to introduce the EW 24/7 toolkit, EW’s first version of its open-source Software Development Toolkit (SDK) supporting a 24/7 clean energy use case. EW 24/7, developed through proof-of-concept projects with our partners, provides the groundwork for companies to build decentralized ap

Zug, Switzerland — 31 March 2022 — Energy Web (EW), in cooperation with Elia, SB Energy, and Shell, is excited to introduce the EW 24/7 toolkit, EW’s first version of its open-source Software Development Toolkit (SDK) supporting a 24/7 clean energy use case.

EW 24/7, developed through proof-of-concept projects with our partners, provides the groundwork for companies to build decentralized applications (dApps) for tracking and matching their real-time renewable energy generation and consumption with high granularity. 24/7 is being added under the umbrella of the existing EW Origin SDK, and will continue to be improved as part of the upcoming Green Proof workstream. Energy Web welcomes companies around the world to use the toolkit, build on it, and explore cooperation opportunities as EW is planning to introduce further decentralization components to advance and scale the 24/7 toolkit.

What is 24/7 Clean Energy?

More than ever, businesses are committing to renewable energy procurement, with many companies targeting 100% renewable energy usage as part of the global push towards carbon neutrality. RE100, a global corporate renewable energy initiative, which sees members commit to using 100% renewable electricity, now has more than 350 members.

However, there’s an issue with how renewable energy procurement works. Current procurement methods match the average supply and demand for a company over a long time period, such as a year or a month at best. This means that companies purchase or generate enough renewable energy to match 100 percent or more of their electricity use over the course of the year — however, this doesn’t mean that they are actually covering all of their power use with renewables.

By pursuing a 24/7 Clean Energy strategy, which sees time of use of energy consumption matched to the time of renewable generation as closely as possible, companies can enhance the accuracy of their carbon accounting and increase grid flexibility. In addition, a 24/7 solution can enable consumers to shift their energy consumption to times with the highest share of clean energy in the grid, while providing more accurate price signals for clean energy where it’s most needed. 24/7 solutions can successfully trace energy consumption on a highly granular level, for instance, every 30 minutes. For further information on 24/7 Clean Energy and how it works, please see the ‘Additional Reading’ section.

EW, through working with Elia, SB Energy, and Shell across different projects and use cases, has tested and demonstrated how the open-source Energy Web stack can provide the necessary digital tools to spearhead 24/7 clean energy. EW is proud to announce the first release of the 24/7 toolkit available to the public for active use, testing, and deployment, with plans to release updates and improvements by the end of 2022.

Examples of functionalities of EW’s 24/7 toolkit

Based on feedback and findings we gathered while working with our partners, we developed an open-source 24/7 toolkit that enables commonly needed functionalities for companies building dApps for the 24/7 use case. It allows these companies to have a strong foundation, meaning they aren’t starting from scratch with their development. Here are some examples of applications for the SDK:

Data collection: The toolkit offers an API for collecting consumption and generation data in real-time. Data granularity (e.g., MWh vs kWh vs Wh) and time intervals (e.g., 15 vs 30 minutes) can be configurable. The API documentation is available here, and the GitHub repository is here. Collecting granular data is only possible if data is available. Granular tracking of renewables generation is already a common practice today, unlike for consumption. Many consumers (especially those renting their premises) receive verified consumption bills only once a year. So having highly granular knowledge of consumption (e.g., an hourly level) is a significant improvement and should be the first step towards 24/7 green energy. Digital certificate issuance: Based on generation data, digital Energy Attribute Certificates (EACs) are created on the blockchain (Energy Web Chain). These certificates can accommodate various attributes and can conform with the data requirements of the existing tracking systems. Now, the SDK creates EACs based on real-time data, but in the future EW is planning to incorporate onchain elements for validated (“settlement”) data as well. Matching consumption and generation: After the generation and consumption data for a specific time period is collected, the matching algorithm is executed. Available generation is matched with the consumption of that time period (e.g. 12:00:00–12:30:00). When there are multiple generation volumes that can fill the same consumption volume, a prioritization mechanism defines which generation is used to cover consumption first. Every consumer can define matching characteristics, dictating what generation should be prioritized. For example, a consumer might prefer smaller-scale solar assets in the nearest proximity. The transfer, matching, and prioritization logic is defined in agreements between consumers and producers or in some cases also energy suppliers that sit between generator and consumer. Agreements are highly dependent on local market characteristics. The 24/7 toolkit covers basic scenarios (with different priority levels for consumers and generators) that can be configured or customized based on a specific use case. Reporting: Data about granular generation, consumption, matches, surpluses, and deficits can be displayed in user-friendly and verifiable reports. With the help of onchain EACs, renewable energy buyers have a verifiable and credible way of claiming their sustainability achievements. Working with our Partners

We worked with three partners on three separate proof-of-concept use cases when developing the EW 24/7 toolkit.

Elia Group:
Elia Group and Energy Web successfully executed a proof-of-concept for 24/7 green energy tracking, as part of our ongoing partnership. Elia wanted to offer a solution aligned with its customer-centric electricity system vision, which could improve renewable energy traceability. We worked with them on a PoC which applied 15-minute energy certificates onto Elia’s ‘Exchange of Energy Blocks’ (EEOB) hub to allow for transparent, highly traceable energy transactions.

SB Energy:
SB Energy, one of Japan’s largest renewables companies, implemented a pilot for providing Japanese electricity consumers with the origin of their electricity on a 24/7 basis. EW worked with SB Energy to develop a platform capable of real-time data collection on a 30-minute basis, matching consumption and generation based on specific consumer criteria.

Shell:
In response to Shell’s customers’ changing needs and the movement towards 24/7 green energy, Shell partnered with EW to develop a solution with the aim to provide 24/7 insights on renewable electricity consumption. The solution is designed to match energy production and consumption on a 30-minute basis along the energy supply chain in a transparent, trusted way. As a first step, Shell successfully concluded a PoC to showcase the technical feasibility and customer value proposition of granular matching of renewable energy using blockchain technology.

Earlier this year, Shell, Energy Web and AI for Good hosted a webinar to discuss 24/7 Clean Energy, which you can view here.

Evolution of the Toolkit

As this is the first release of the toolkit, we’re looking forward to working on it and developing its capabilities further. Energy Web welcomes companies to work on these improvements alongside us to foster lessons in how 24/7 clean energy can best be implemented. Among other functionalities, Energy Web is considering incorporating the following under the general Green Proof work stream:

Digital Identities (DIDs) for a more seamless creation of DIDs for organizations, devices, and users and decentralized role and data management. Matching validation via a decentralized system to ensure consumption and generation are matched properly, with the results recorded on-chain Usage of settlement (validated) data in addition to real-time data

Note that the current toolkit does not initially provide integration with an official tracking system because, among other reasons, the overwhelming majority of the current tracking systems do not track renewable energy on a 24/7 basis. Some standards tracking registries are, however, exploring the 24/7 topic actively, with the M-RETS registry in the US seeming to be at the forefront.

There are great initiatives like EnergyTag that are working on introducing a standard for 24/7 clean energy and incorporating it with the existing tracking systems, which involves numerous challenges. Energy Web is continuing to investigate tracking system integration further.

Conclusion

Today, adopting a strategy for 24/7 clean energy remains a luxury for most corporate renewable energy buyers. Achieving 24/7 clean energy is a long-term vision, even for those who are already in the game. At Energy Web, we believe that open-source decentralized tech can help ease this decarbonization journey and hope the first version of the 24/7 toolkit provides the digital groundwork to track and match renewable energy consumption and generation on a 24/7 basis. Having this information is the first necessary step in the 24/7 journey: the knowledge of granular energy performance will help corporates to optimize their energy consumption and make decisions about load shifting and storage solutions.

We welcome any interested technology and energy companies to get in touch and to work with us on growing the functionalities of the toolkit.

Additional Reading

For more information on the distinction between yearly and granular renewables, please see this Stanford article.

Additionally, you can read here about the UN’s 24/7 Carbon-free Energy Compact, a set of principles for achieving the matching of consumption with clean energy generation, and find here sector association Eurelectric’s white paper on 24/7 matching.

24/7 Clean Energy is an innovative new practice, which is not the only solution for clean electricity consumption or a universal one. You can read more on the debate around the different approaches to clean grids here.

About Energy Web
Energy Web is a global, member-driven non-profit accelerating the low-carbon, customer-centric energy transition by unleashing the potential of open-source, digital technologies. Our Energy Web Decentralized Operating System (EW-DOS) enables any energy asset, owned by any customer, to participate in any energy market. The Energy Web Chain — the world’s first enterprise-grade, public blockchain tailored to the energy sector — anchors the EW-DOS tech stack. The Energy Web ecosystem comprises leading utilities, grid operators, renewable energy developers, corporate energy buyers, IoT / telecom leaders, and others.

Contact:
Meerim Ruslanova
Senior Delivery Lead
info@energyweb.org

Energy Web shares open-source tech toolkit for simplifying 24/7 clean energy procurement was originally published in Energy Web Insights on Medium, where people are continuing the conversation by highlighting and responding to this story.


Identity Review

How Yuga Labs Hopes to Influence the Metaverse

Recent announcements from the creators of BAYC signal a move towards the metaverse
Recent announcements from the creators of BAYC signal a move towards the metaverse

Wednesday, 30. March 2022

Me2B Alliance

Financial Times Highlights Me2B Alliance Research; Questions remain about VPNs with the Yandex Appmetrica SDK installed.

Our research uncovers significant risks posed by mobile apps with the Yandex Appmetrica SDK that Google and Apple have yet to address. We’ve identified a current list of affected VPN’s to assist users.

As part of our work to identify and systematically analyze data sharing in mobile apps in the K-12 app space,we recently uncovered significant risks posed by mobile apps with the Yandex Appmetrica SDK installed.  The Me2B Alliance is proud that the Financial Times has picked up on this research and published a critical article outlining these risks.

As the article outlines and our research has found, there is no way for anyone using either the Google or Apple app stores to know which apps have the Yandex Appmetrica SDK installed. In our previous reports [Spotlight Report #1, Spotlight Report #4], we have urged Apple and Google to make the SDK within those apps visible to the public, so that people can make informed decisions on whether to install an app based on specific vendors. Unfortunately, neither Apple nor Google have made the necessary transparency changes to SDKs installed in apps, so we do not have any “easy advice” to avoid the 52,000+ apps using the Yandex Appmetrica SDK.

In the meantime, to help identify these risks, we’ve provided a simple list (below) of VPN apps, or Virtual Private Network apps, which people install to protect their privacy and security, often used by people with elevated risk profiles. This list was downloaded on March 28, 2022, from the AppFigures database. These apps have the Appmetrica SDK installed within them – which means that these apps likely have the Appmetrica SDK activated and are probably sending data to Yandex servers.

As the Financial Times article explained, any mobile apps providing VPN services, which also have the Yandex Appmetrica SDK installed within them, are unsafe:  

“Conversely, more than 2,000 apps have added the AppMetrica SDK since the invasion of Ukraine, including several that appear designed to track Ukrainian users. “Call Ukraine,” for instance, is a “free messenger for Ukrainians” that launched in the Play Store on March 10 using the blue and yellow flag as its icon. Once downloaded, the app can see a user’s identity and read their contacts. The developer includes a dummy email address: “help.service@internet.ru.”

Cher Scarlett [formerly a principal software engineer in global security at Apple], said it was concerning that AppMetrica was installed in 21 VPN apps just in the past 30 days. “You’re trying to be proactive in being more safe,” she added, “but actually making yourself more vulnerable”.

We believe significantly more time and resources need to be dedicated to researching data supply chains within mobile apps to ensure that all vendors within the supply chain are known and disclosed. We continue to dig into these issues, and we look forward to additional conversations about other SDKs and risks in the future.

If you have any additional questions, concerns, or edits? Please reach out to our team at contact@me2ba.org.

List of VPN apps with Yandex Appmetrica SDK

Twenty six of the apps listed below were first uploaded into either the iOS or Android store after February 1, 2022, and is sorted by “release date” to further highlight the timing.

If you are using one of these VPN’s your data could be vulnerable.

 

Bundle ID URL Developer Release Date Updated Date Storefronts com.galactic.vpn.fast.app https://play.google.com/store/apps/details?id=com.galactic.vpn.fast.app&hl=en&gl=us Intrade Team 3/23/2022 12:00:00 AM 3/23/2022 12:00:00 AM Google com.xnxxtopbrosernye.terbaruvidbrosernuwer https://play.google.com/store/apps/details?id=com.xnxxtopbrosernye.terbaruvidbrosernuwer&hl=en&gl=us Wild.Earnet.id 3/22/2022 12:00:00 AM 3/22/2022 12:00:00 AM Google com.turbovpnproxvpn.securevpnmaster https://play.google.com/store/apps/details?id=com.turbovpnproxvpn.securevpnmaster&hl=en&gl=us Nova Lab Studio 3/18/2022 7:17:00 AM 3/24/2022 12:00:00 AM Google com.fftools.onetaplauncher.gfxtool.ffsensi https://play.google.com/store/apps/details?id=com.fftools.onetaplauncher.gfxtool.ffsensi&hl=en&gl=us STUDIO GEEK ANDROID 3/16/2022 12:00:00 AM 3/16/2022 12:00:00 AM Google com.allstatussaver.status.saver.gbwhat https://play.google.com/store/apps/details?id=com.allstatussaver.status.saver.gbwhat&hl=en&gl=us Group Photo Sharing 3/12/2022 12:00:00 AM 3/12/2022 12:00:00 AM Google com.browser.unblock.securevpn https://play.google.com/store/apps/details?id=com.browser.unblock.securevpn&hl=en&gl=us Anjumk App 3/11/2022 5:07:41 AM 3/23/2022 12:00:00 AM Google com.nnc.hdmirroring https://play.google.com/store/apps/details?id=com.nnc.hdmirroring&hl=en&gl=us Entertainment Media Reality 3/8/2022 12:00:00 AM 3/8/2022 12:00:00 AM Google com.wCallUkraine_15235188 https://play.google.com/store/apps/details?id=com.wCallUkraine_15235188&hl=en&gl=us Kseniya Chibeskova 3/4/2022 8:45:07 AM 3/10/2022 12:00:00 AM Google com.wDzvoniUkrayina_15233386 https://play.google.com/store/apps/details?id=com.wDzvoniUkrayina_15233386&hl=en&gl=us Kseniya Chibeskova 3/2/2022 8:32:18 AM 3/10/2022 12:00:00 AM Google com.vidfeeo.proijhector https://play.google.com/store/apps/details?id=com.vidfeeo.proijhector&hl=en&gl=us Entertainment Studio Pro Media 3/1/2022 12:00:00 AM 3/1/2022 12:00:00 AM Google com.vpn.superfast.fast.master.turbo.secure https://play.google.com/store/apps/details?id=com.vpn.superfast.fast.master.turbo.secure&hl=en&gl=us super fast secure vpn 2/28/2022 5:54:01 AM 3/4/2022 12:00:00 AM Google com.turbovpn.vpnproxy.speedvpn https://play.google.com/store/apps/details?id=com.turbovpn.vpnproxy.speedvpn&hl=en&gl=us Fast Connection VPN service 2/28/2022 5:47:00 AM 3/12/2022 12:00:00 AM Google ru.andlancer.vpnc https://play.google.com/store/apps/details?id=ru.andlancer.vpnc&hl=en&gl=us Косяченко Роман 2/28/2022 12:00:00 AM 2/28/2022 12:00:00 AM Google com.onegd.vpn https://play.google.com/store/apps/details?id=com.onegd.vpn&hl=en&gl=us Games Do Mal 2/27/2022 12:00:00 AM 2/27/2022 12:00:00 AM Google com.microapps.screenmirroring.tv.casting https://play.google.com/store/apps/details?id=com.microapps.screenmirroring.tv.casting&hl=en&gl=us SLB MARKETPLACE 2/26/2022 12:00:00 AM 2/26/2022 12:00:00 AM Google com.serv.guardvpnprivateproxy https://play.google.com/store/apps/details?id=com.serv.guardvpnprivateproxy&hl=en&gl=us krasisdeveloper 2/22/2022 12:00:00 AM 2/22/2022 12:00:00 AM Google com.casttvstd.mirrortv.screenmirroring https://play.google.com/store/apps/details?id=com.casttvstd.mirrortv.screenmirroring&hl=en&gl=us Steve Apps Solution 2/21/2022 12:00:00 AM 2/21/2022 12:00:00 AM Google com.sensitivitytoolffhx.gfxskintool.ffmodmenu.gameslauncher.ffbooster https://play.google.com/store/apps/details?id=com.sensitivitytoolffhx.gfxskintool.ffmodmenu.gameslauncher.ffbooster&hl=en&gl=us Tool Andro 2/21/2022 12:00:00 AM 2/21/2022 12:00:00 AM Google com.gdmnetpro.vpn https://play.google.com/store/apps/details?id=com.gdmnetpro.vpn&hl=en&gl=us Games Do Mal 2/19/2022 5:46:25 AM 3/23/2022 12:00:00 AM Google com.internetssh.br https://play.google.com/store/apps/details?id=com.internetssh.br&hl=en&gl=us nacional net ssh 2/18/2022 12:00:00 AM 2/18/2022 12:00:00 AM Google com.wTVinPOCKET_15136001 https://play.google.com/store/apps/details?id=com.wTVinPOCKET_15136001&hl=en&gl=us TVinPOCKET 2/17/2022 12:00:00 AM 2/17/2022 12:00:00 AM Google com.turbovpnproxy.securevpnmaster https://play.google.com/store/apps/details?id=com.turbovpnproxy.securevpnmaster&hl=en&gl=us Logan Industry 2/14/2022 12:00:00 AM 2/14/2022 12:00:00 AM Google com.netsecurity.bestvpn.bestvpn https://play.google.com/store/apps/details?id=com.netsecurity.bestvpn.bestvpn&hl=en&gl=us Sarvar corp 2/9/2022 12:00:00 AM 2/9/2022 12:00:00 AM Google com.qulick.net https://play.google.com/store/apps/details?id=com.qulick.net&hl=en&gl=us Dev/HM 2/8/2022 1:29:27 AM 3/17/2022 12:00:00 AM Google com.wAntifilterMessenger_15091274 https://play.google.com/store/apps/details?id=com.wAntifilterMessenger_15091274&hl=en&gl=us Giji dev 2/5/2022 9:10:10 AM 3/15/2022 12:00:00 AM Google calculator.hideapp.apphider.applock.calculatorvault.app.hider.locker https://play.google.com/store/apps/details?id=calculator.hideapp.apphider.applock.calculatorvault.app.hider.locker&hl=en&gl=us Praran Dev 2/2/2022 2:14:01 PM 3/2/2022 12:00:00 AM Google com.equipevip.br https://play.google.com/store/apps/details?id=com.equipevip.br&hl=en&gl=us EQUIPE VIP SSH 1/27/2022 12:00:00 AM 1/27/2022 12:00:00 AM Google com.moster.encryptech https://apps.apple.com/us/app/encryptech/id1605165601 EncrypTechnologies Inc 1/25/2022 5:00:00 AM 1/26/2022 1:00:00 AM iOS com.didibunny.vpnproxy https://play.google.com/store/apps/details?id=com.didibunny.vpnproxy&hl=en&gl=us Tools Co, Ltd. 1/22/2022 12:00:00 AM 1/22/2022 12:00:00 AM Google com.proxymaster.superfastvpn.securevpn https://play.google.com/store/apps/details?id=com.proxymaster.superfastvpn.securevpn&hl=en&gl=us VPN proxy server 1/22/2022 12:00:00 AM 1/22/2022 12:00:00 AM Google com.xnxbroservidtop.topvpnxbroserlatesversionnew https://play.google.com/store/apps/details?id=com.xnxbroservidtop.topvpnxbroserlatesversionnew&hl=en&gl=us MMC JPN.Group 1/15/2022 12:00:00 AM 1/15/2022 12:00:00 AM Google com.alpacavpnapp.cloud https://play.google.com/store/apps/details?id=com.alpacavpnapp.cloud&hl=en&gl=us StratoPlay 1/14/2022 12:00:00 AM 1/14/2022 12:00:00 AM Google com.power.vpn https://play.google.com/store/apps/details?id=com.power.vpn&hl=en&gl=us PowerSoftware 1/6/2022 9:24:56 AM 1/26/2022 12:00:00 AM Google com.BunnyVPN.fastvpn https://play.google.com/store/apps/details?id=com.BunnyVPN.fastvpn&hl=en&gl=us BonCoin 1/5/2022 12:00:00 AM 1/5/2022 12:00:00 AM Google com.freevpnproxy.secureVPN https://play.google.com/store/apps/details?id=com.freevpnproxy.secureVPN&hl=en&gl=us Secure Proxy 12/27/2021 12:00:00 AM 12/27/2021 12:00:00 AM Google com.shieldvpn.privacyvpnproxy https://play.google.com/store/apps/details?id=com.shieldvpn.privacyvpnproxy&hl=en&gl=us Vox Vpn 12/27/2021 12:00:00 AM 12/27/2021 12:00:00 AM Google etnocode.com.ua.universe.vpn https://apps.apple.com/us/app/universe-vpn-stable-speed/id1597595617 HATEC AB 12/21/2021 5:00:00 AM 3/22/2022 12:00:00 AM iOS com.ultimatevpn.pro https://play.google.com/store/apps/details?id=com.ultimatevpn.pro&hl=en&gl=us RODRIGO ROCHA 12/19/2021 5:16:33 PM 3/1/2022 12:00:00 AM Google com.Turboapn https://play.google.com/store/apps/details?id=com.Turboapn&hl=en&gl=us JagoanDroid 12/18/2021 12:00:00 AM 12/18/2021 12:00:00 AM Google com.amzfree.br https://play.google.com/store/apps/details?id=com.amzfree.br&hl=en&gl=us PenguinEHIS 12/14/2021 1:07:56 AM 3/24/2022 12:00:00 AM Google com.fastandsecurevpn.dev https://play.google.com/store/apps/details?id=com.fastandsecurevpn.dev&hl=en&gl=us Par pari refertur 12/13/2021 12:00:00 AM 12/13/2021 12:00:00 AM Google com.singularity.vpn https://play.google.com/store/apps/details?id=com.singularity.vpn&hl=en&gl=us ma_development 12/8/2021 5:08:41 PM 1/31/2022 12:00:00 AM Google com.vpn.proxy.master.indian.vpn.app https://play.google.com/store/apps/details?id=com.vpn.proxy.master.indian.vpn.app&hl=en&gl=us Super Fast VPN 12/3/2021 6:07:34 PM 2/13/2022 12:00:00 AM Google com.wOmicronVPNMessenger_14736419 https://play.google.com/store/apps/details?id=com.wOmicronVPNMessenger_14736419&hl=en&gl=us Aiwee 11/23/2021 12:42:52 AM 11/30/2021 12:00:00 AM Google com.turbovpn.iamspeed https://play.google.com/store/apps/details?id=com.turbovpn.iamspeed&hl=en&gl=us Mr.Garu 11/16/2021 12:00:00 AM 11/16/2021 12:00:00 AM Google com.gamebooster.skintool.fflauncher https://play.google.com/store/apps/details?id=com.gamebooster.skintool.fflauncher&hl=en&gl=us Class App Studio 11/10/2021 12:00:00 AM 11/10/2021 12:00:00 AM Google com.topvpnbroserxnx.xbroserxvx https://play.google.com/store/apps/details?id=com.topvpnbroserxnx.xbroserxvx&hl=en&gl=us Lotus.osx 11/8/2021 5:19:20 AM 11/9/2021 12:00:00 AM Google com.grizzlywallpapers.wallpapersgrizzly https://play.google.com/store/apps/details?id=com.grizzlywallpapers.wallpapersgrizzly&hl=en&gl=us Nina Tools App 10/31/2021 6:07:39 PM 12/17/2021 12:00:00 AM Google vpn.privateinternet.access https://play.google.com/store/apps/details?id=vpn.privateinternet.access&hl=en&gl=us RADAMAN YAUHENI 10/30/2021 10:17:46 AM 11/23/2021 12:00:00 AM Google co.privacyvpn https://play.google.com/store/apps/details?id=co.privacyvpn&hl=en&gl=us Mobile Cosmos LLC 10/28/2021 9:21:39 AM 3/13/2022 12:00:00 AM Google com.lid.vpn https://apps.apple.com/us/app/neat-vpn-wifi-proxy-secure/id1583057820 KiberLid 10/13/2021 4:00:00 AM 12/20/2021 12:00:00 AM iOS free.vpn.unlimited.secure.proxy.private.browser.fast.speed.safe https://play.google.com/store/apps/details?id=free.vpn.unlimited.secure.proxy.private.browser.fast.speed.safe&hl=en&gl=us Avirise Limited CY 10/2/2021 10:18:11 AM 3/11/2022 12:00:00 AM Google com.jkl.tyu.fenrir_full https://play.google.com/store/apps/details?id=com.jkl.tyu.fenrir_full&hl=en&gl=us Firdev 9/29/2021 4:44:49 AM 1/31/2022 12:00:00 AM Google com.documentscan.imagetopdf.scanpdf https://play.google.com/store/apps/details?id=com.documentscan.imagetopdf.scanpdf&hl=en&gl=us Super Team App 9/17/2021 5:11:14 AM 10/5/2021 12:00:00 AM Google com.cakedragonvpn.net https://play.google.com/store/apps/details?id=com.cakedragonvpn.net&hl=en&gl=us PenguinEHIS 9/14/2021 7:20:13 PM 3/13/2022 12:00:00 AM Google com.lionvpn.lionvpnfree https://play.google.com/store/apps/details?id=com.lionvpn.lionvpnfree&hl=en&gl=us Lion Tools 9/11/2021 10:10:01 PM 12/3/2021 12:00:00 AM Google appstrain.vpn.app https://apps.apple.com/us/app/vpn-control/id1576703015 AppsTrain.io 9/3/2021 4:00:00 AM 12/11/2021 6:00:00 AM iOS com.penguinehis.socksrevive https://play.google.com/store/apps/details?id=com.penguinehis.socksrevive&hl=en&gl=us PenguinEHIS 8/27/2021 9:36:33 AM 1/10/2022 12:00:00 AM Google com.thunderboltinc.thunderboltandroidapp.vpn https://play.google.com/store/apps/details?id=com.thunderboltinc.thunderboltandroidapp.vpn&hl=en&gl=us Affiliate Networks Group FZE LLC 8/26/2021 12:00:00 AM 8/26/2021 12:00:00 AM Google com.wFastOwl_14326487 https://play.google.com/store/apps/details?id=com.wFastOwl_14326487&hl=en&gl=us Bibha Kumari 8/25/2021 12:00:00 AM 8/25/2021 12:00:00 AM Google com.vpn.proxy.secure.wifi.turbovpn https://play.google.com/store/apps/details?id=com.vpn.proxy.secure.wifi.turbovpn&hl=en&gl=us LocoMind 8/24/2021 5:26:40 PM 2/11/2022 12:00:00 AM Google com.ffskin.freeskintools.freediamondsemote https://play.google.com/store/apps/details?id=com.ffskin.freeskintools.freediamondsemote&hl=en&gl=us Media Tech Pro 8/22/2021 12:37:34 PM 9/14/2021 12:00:00 AM Google host.mate.vpn https://play.google.com/store/apps/details?id=host.mate.vpn&hl=en&gl=us Definnovation OÜ 8/14/2021 5:49:05 AM 3/26/2022 12:00:00 AM Google com.antru.sapp https://play.google.com/store/apps/details?id=com.antru.sapp&hl=en&gl=us Antonina Trunova 8/6/2021 6:46:44 PM 10/29/2021 12:00:00 AM Google com.sunrise.vpn https://play.google.com/store/apps/details?id=com.sunrise.vpn&hl=en&gl=us Blue Desert Technologies Group 8/5/2021 4:10:26 PM 12/13/2021 12:00:00 AM Google co.wachee.netflixunblocker https://apps.apple.com/us/app/wachee-vpn/id1493703272 Routeme Limited Liability Company 8/4/2021 4:00:00 AM 2/13/2022 11:00:00 AM iOS com.spacevpn.eris https://play.google.com/store/apps/details?id=com.spacevpn.eris&hl=en&gl=us JackJohnson77 8/1/2021 12:05:48 AM 2/22/2022 12:00:00 AM Google com.shufflevpn.easyapps https://play.google.com/store/apps/details?id=com.shufflevpn.easyapps&hl=en&gl=us Easy Apps Ltd. 7/28/2021 10:08:59 AM 11/19/2021 12:00:00 AM Google com.wBrowsX_13768683 https://play.google.com/store/apps/details?id=com.wBrowsX_13768683&hl=en&gl=us AHX Softwares 7/26/2021 5:28:38 PM 2/6/2022 12:00:00 AM Google com.free.vpn.unblock.proxy.vpn.unlimitedproxy.proxymaster https://play.google.com/store/apps/details?id=com.free.vpn.unblock.proxy.vpn.unlimitedproxy.proxymaster&hl=en&gl=us Reverse Gear 7/12/2021 9:07:50 AM 10/22/2021 12:00:00 AM Google com.bearvpn.bearvpnfree https://play.google.com/store/apps/details?id=com.bearvpn.bearvpnfree&hl=en&gl=us Health App Ltd 7/9/2021 12:00:00 AM 7/9/2021 12:00:00 AM Google com.ffst.vpn https://play.google.com/store/apps/details?id=com.ffst.vpn&hl=en&gl=us Roma Svakhin 7/2/2021 7:15:28 AM 10/27/2021 12:00:00 AM Google com.orangevpn.orangevpnfree https://play.google.com/store/apps/details?id=com.orangevpn.orangevpnfree&hl=en&gl=us Tools Apps Kyriaki 7/2/2021 12:00:00 AM 7/2/2021 12:00:00 AM Google com.gfxtool.freediamonds.forfree.optimiser.launcher https://play.google.com/store/apps/details?id=com.gfxtool.freediamonds.forfree.optimiser.launcher&hl=en&gl=us Space Tools 7/1/2021 12:00:00 AM 7/1/2021 12:00:00 AM Google com.racing.world.tour https://play.google.com/store/apps/details?id=com.racing.world.tour&hl=en&gl=us SpeedVPN Developer 6/13/2021 4:06:56 PM 6/20/2021 12:00:00 AM Google vpn.delta.turbo.secureUnblock.powerfulProxy.freeVpn https://play.google.com/store/apps/details?id=vpn.delta.turbo.secureUnblock.powerfulProxy.freeVpn&hl=en&gl=us Alice Burton 6/5/2021 6:55:52 PM 2/2/2022 12:00:00 AM Google com.zch.wildbrowser https://play.google.com/store/apps/details?id=com.zch.wildbrowser&hl=en&gl=us ZCH Media Services OÜ 6/5/2021 3:19:06 AM 3/22/2022 12:00:00 AM Google com.mandarin.vpn https://play.google.com/store/apps/details?id=com.mandarin.vpn&hl=en&gl=us mobilemandarin 6/1/2021 10:58:52 PM 10/26/2021 12:00:00 AM Google com.smartcode.oasvpn https://play.google.com/store/apps/details?id=com.smartcode.oasvpn&hl=en&gl=us smart code 5/26/2021 4:18:40 PM 2/18/2022 12:00:00 AM Google com.ElatiriaVarys.fancyvpn https://play.google.com/store/apps/details?id=com.ElatiriaVarys.fancyvpn&hl=en&gl=us Cuspy Software 5/26/2021 6:25:37 AM 2/8/2022 12:00:00 AM Google com.basicvpn.seo https://apps.apple.com/us/app/basicvpn/id1568740542 SEO-KOMPANIYA SEO SOLYUSHN, TOV 5/26/2021 4:00:00 AM 10/26/2021 12:00:00 AM iOS com.proxyhub.vpnhub https://play.google.com/store/apps/details?id=com.proxyhub.vpnhub&hl=en&gl=us Wallpapers HD inc. 5/24/2021 4:57:49 AM 11/25/2021 12:00:00 AM Google com.vpn.secure.allapps https://play.google.com/store/apps/details?id=com.vpn.secure.allapps&hl=en&gl=us Free VPN Security Apps 5/6/2021 11:12:29 AM 8/23/2021 12:00:00 AM Google com.wAmericanFlagWallpapersHD_13645873 https://play.google.com/store/apps/details?id=com.wAmericanFlagWallpapersHD_13645873&hl=en&gl=us Real Vish 5/2/2021 12:44:27 PM 5/11/2021 12:00:00 AM Google com.hq.vpn https://play.google.com/store/apps/details?id=com.hq.vpn&hl=en&gl=us 2GoodApps 4/28/2021 9:29:34 AM 3/14/2022 12:00:00 AM Google com.securityApps.app.VPN https://apps.apple.com/us/app/stealthy-vpn-private-proxy/id1556866779 Leading Internet Venture 4/26/2021 4:00:00 AM 9/10/2021 4:00:00 AM iOS vpn.unblock.free.fast.turbo.secure.blitz.pro https://play.google.com/store/apps/details?id=vpn.unblock.free.fast.turbo.secure.blitz.pro&hl=en&gl=us Faster VPN Apps 4/22/2021 5:25:44 AM 2/23/2022 12:00:00 AM Google com.screenmirroring2.streamtotv.tvcast.castvideo21 https://play.google.com/store/apps/details?id=com.screenmirroring2.streamtotv.tvcast.castvideo21&hl=en&gl=us JuJuRarLover Producer 4/19/2021 2:28:26 PM 3/9/2022 12:00:00 AM Google com.speed.booster.cleaners https://play.google.com/store/apps/details?id=com.speed.booster.cleaners&hl=en&gl=us SpeedVPN Developer 4/17/2021 3:22:01 AM 7/23/2021 12:00:00 AM Google com.samoukale.jaxvpn https://play.google.com/store/apps/details?id=com.samoukale.jaxvpn&hl=en&gl=us Samoukale Enterprises Ltd. 4/12/2021 6:46:17 PM 3/14/2022 12:00:00 AM Google com.sholawat_offline.mp3shoolawat https://play.google.com/store/apps/details?id=com.sholawat_offline.mp3shoolawat&hl=en&gl=us Blue_VPN 4/12/2021 12:00:00 AM 4/12/2021 12:00:00 AM Google mp3.alquran.murottal https://play.google.com/store/apps/details?id=mp3.alquran.murottal&hl=en&gl=us Blue_VPN 4/9/2021 12:00:00 AM 4/9/2021 12:00:00 AM Google com.samoukale.jaxvpn https://apps.apple.com/us/app/jax-vpn-fast-secure-proxy/id1560346858 Samoukale Ent Ltd 4/7/2021 4:00:00 AM 3/16/2022 8:00:00 AM iOS com.vpn.bile https://play.google.com/store/apps/details?id=com.vpn.bile&hl=en&gl=us BileVPN 4/3/2021 12:00:00 AM 4/3/2021 12:00:00 AM Google com.imbaapp.vpn https://play.google.com/store/apps/details?id=com.imbaapp.vpn&hl=en&gl=us Nata Kuva 4/1/2021 4:25:52 AM 1/26/2022 12:00:00 AM Google com.digitallodge.safesurfvpn https://apps.apple.com/us/app/safesurf-vpn/id1536615805 Digital Lodge 3/18/2021 4:00:00 AM 4/29/2021 12:00:00 AM iOS vpn.FreeProxy.SecureUnblock.FreeVPN.RapidPro https://play.google.com/store/apps/details?id=vpn.FreeProxy.SecureUnblock.FreeVPN.RapidPro&hl=en&gl=us Rapid & Powerful VPN Connection 3/9/2021 9:46:17 PM 3/11/2022 12:00:00 AM Google com.infinity.fast.secure.app https://apps.apple.com/us/app/infinity-vpn-unlimited-proxy/id1553057635 FORMAKS TRADE GROUP, TOV 3/8/2021 5:00:00 AM 5/13/2021 9:24:32 PM iOS com.proxyhome.vpn.proxy.hotspot.turbo.vpnmaster.proxymaster https://play.google.com/store/apps/details?id=com.proxyhome.vpn.proxy.hotspot.turbo.vpnmaster.proxymaster&hl=en&gl=us Geo Tech 3/1/2021 12:00:00 AM 3/1/2021 12:00:00 AM Google com.aflam.vpn https://play.google.com/store/apps/details?id=com.aflam.vpn&hl=en&gl=us YahyazLab 2/23/2021 9:39:48 PM 7/13/2021 12:00:00 AM Google com.noghta.CoreVpn https://play.google.com/store/apps/details?id=com.noghta.CoreVpn&hl=en&gl=us Dev.Mazen 2/20/2021 12:00:00 AM 2/20/2021 12:00:00 AM Google vpn.blitz.app https://play.google.com/store/apps/details?id=vpn.blitz.app&hl=en&gl=us Faster VPN Apps 2/15/2021 11:23:26 PM 3/2/2022 12:00:00 AM Google com.network.internet.analyzer https://apps.apple.com/us/app/speed-test-wifi-analyzer/id1546581924 MUSHTRIP LTD 2/8/2021 5:00:00 AM 3/12/2022 12:00:00 AM iOS com.wSapphireSecureIptv_13163905 https://play.google.com/store/apps/details?id=com.wSapphireSecureIptv_13163905&hl=en&gl=us NguyenIT 2/4/2021 12:00:00 AM 2/4/2021 12:00:00 AM Google com.vehicle.simulator.city https://play.google.com/store/apps/details?id=com.vehicle.simulator.city&hl=en&gl=us SpeedVPN Developer 2/2/2021 12:00:00 AM 2/2/2021 12:00:00 AM Google click.vpn.fast.good.app https://apps.apple.com/us/app/vpn-master-unlimited-proxy/id1548263833 Profeks Grup Studio 1/27/2021 12:00:00 AM 1/29/2021 10:38:58 PM iOS com.TreeVPN-MG0 https://apps.apple.com/us/app/tree-vpn-best-vpn/id1548655074 MarlerinoGroup 1/27/2021 12:00:00 AM 6/9/2021 4:07:44 PM iOS com.one.vpnapp https://play.google.com/store/apps/details?id=com.one.vpnapp&hl=en&gl=us One Host Apps 1/25/2021 11:26:33 AM 3/15/2022 12:00:00 AM Google io.wifimap.zorro.vpnapp https://play.google.com/store/apps/details?id=io.wifimap.zorro.vpnapp&hl=en&gl=us WiFi Map LLC 1/21/2021 9:42:24 PM 12/17/2021 12:00:00 AM Google com.apps.sevenvpn https://play.google.com/store/apps/details?id=com.apps.sevenvpn&hl=en&gl=us GotovoApp 1/16/2021 9:51:49 PM 3/4/2022 12:00:00 AM Google com.overdreams.odvpn https://play.google.com/store/apps/details?id=com.overdreams.odvpn&hl=en&gl=us OverDreams 1/13/2021 8:11:01 AM 3/9/2022 12:00:00 AM Google com.vpn.itop https://apps.apple.com/us/app/vpn-itop-best-unlimited-proxy/id1538546081 Orange View 12/22/2020 5:00:00 AM 3/8/2022 1:00:00 AM iOS cleaner.antivirus https://play.google.com/store/apps/details?id=cleaner.antivirus&hl=en&gl=us Stolitomson 12/18/2020 5:26:10 AM 1/25/2022 12:00:00 AM Google com.yetivp https://apps.apple.com/us/app/yeti-vpn/id1544800574 VPN security 12/17/2020 5:00:00 AM 10/21/2021 8:00:00 AM iOS com.easy.ultimate.vpn https://play.google.com/store/apps/details?id=com.easy.ultimate.vpn&hl=en&gl=us Main check 12/6/2020 6:07:52 AM 10/1/2021 12:00:00 AM Google com.pandavpn.fast.proxy https://apps.apple.com/us/app/pnd-v2ray-vpn-unlimited-proxy/id1539145866 MAKSTAR LTD 12/1/2020 5:00:00 AM 2/15/2022 3:00:00 PM iOS com.VPN.defender https://apps.apple.com/us/app/safe-vpn-secure-browsing/id1531857386 FINANSOVA KOMPANIYA DINERO, TOV 11/24/2020 5:00:00 AM 4/24/2021 4:00:00 AM iOS fast.free.unblock.secure.proxy.vpn https://play.google.com/store/apps/details?id=fast.free.unblock.secure.proxy.vpn&hl=en&gl=us SHMOBDEV 11/18/2020 4:08:00 AM 3/17/2022 12:00:00 AM Google com.ihub.vpn https://apps.apple.com/us/app/i-am-vpn-unlimited-proxy/id1538146358 IHub Limited 11/11/2020 5:00:00 AM 4/14/2021 4:00:00 PM iOS com.tekstilooo.ethervpn https://apps.apple.com/us/app/ether-vpn-light-and-secure/id1536745379 Web Keeper 11/11/2020 5:00:00 AM 12/19/2020 4:30:47 AM iOS itopvpn.free.vpn.proxy https://play.google.com/store/apps/details?id=itopvpn.free.vpn.proxy&hl=en&gl=us Proxy VPN 2022 & Quick Speed 11/10/2020 2:42:38 PM 2/22/2022 12:00:00 AM Google com.mobwave.fastvpn https://apps.apple.com/us/app/secure-fast-vpn/id1450377563 Ad Venture 11/9/2020 5:00:00 AM 12/1/2021 10:00:00 AM iOS fast.safe.guard.vpn https://play.google.com/store/apps/details?id=fast.safe.guard.vpn&hl=en&gl=us Lumos LLC 10/30/2020 12:58:37 AM 3/18/2022 12:00:00 AM Google com.legendsarchery.battlewar https://play.google.com/store/apps/details?id=com.legendsarchery.battlewar&hl=en&gl=us BETTER VPN MASTER FREE: HOTSPOT PROXY WIFI DNS 10/30/2020 12:00:00 AM 10/30/2020 12:00:00 AM Google com.otdelkaplyus.pyrovpn https://apps.apple.com/us/app/pyro-vpn-secure-unlimited/id1533827987 Ultimate Guard 10/28/2020 4:00:00 AM 11/26/2020 3:22:49 AM iOS com.quotespart.vpn https://apps.apple.com/us/app/vpn-security-defender/id1536839811 QUOTESPART PRODUCTION 10/28/2020 12:00:00 AM 9/10/2021 11:14:24 PM iOS com.dlfac.prodefence https://apps.apple.com/us/app/prodefence-secure-vpn/id1535600369 DL FACTORY SP ZOO 10/26/2020 4:00:00 AM 10/26/2020 8:00:00 PM iOS ru.kovtun.VPNMaster https://apps.apple.com/us/app/vpn-proxy-master-best-private/id1526930592 Kovtun Roman Mikhailovich 10/23/2020 4:00:00 AM 8/19/2021 12:00:00 AM iOS tap.prime.vpn https://apps.apple.com/us/app/primevpn-fast-secure-vpn/id1533249581 SMART MEDIA INTERNET MARKETING LTD 10/22/2020 4:00:00 AM 12/17/2021 1:00:00 AM iOS com.tree.vpn https://play.google.com/store/apps/details?id=com.tree.vpn&hl=en&gl=us ADSLUX MEDIA FZE LLC 10/15/2020 6:17:14 PM 2/15/2022 12:00:00 AM Google com.vpngalaxy.app https://play.google.com/store/apps/details?id=com.vpngalaxy.app&hl=en&gl=us AppLine Ltd. 10/4/2020 12:38:13 PM 7/13/2021 12:00:00 AM Google jonyvee.vpnapp https://apps.apple.com/us/app/vpn-super-speed-secure/id1527987310 Digicent LLC 9/30/2020 4:00:00 AM 7/17/2021 12:00:00 AM iOS com.neonvpn.vpn https://apps.apple.com/us/app/neon-vpn-unlimited-vpn-proxy/id1521289264 NeonSoftware, LLC 9/10/2020 4:00:00 AM 3/10/2022 11:00:00 AM iOS com.unicorn.vpn https://apps.apple.com/us/app/vpn-pro-secure/id1530424673 UNICORN APPS 9/10/2020 12:00:00 AM 2/10/2021 2:04:39 PM iOS com.wApk_12114325 https://play.google.com/store/apps/details?id=com.wApk_12114325&hl=en&gl=us Miridul Hoque 9/9/2020 12:00:00 AM 9/9/2020 12:00:00 AM Google com.wOkra_12033208 https://play.google.com/store/apps/details?id=com.wOkra_12033208&hl=en&gl=us Webies Solution 9/9/2020 12:00:00 AM 9/9/2020 12:00:00 AM Google com.purple.vpn https://play.google.com/store/apps/details?id=com.purple.vpn&hl=en&gl=us KeepTunnel 8/29/2020 12:19:21 PM 2/11/2022 12:00:00 AM Google com.almanach.securevpn https://play.google.com/store/apps/details?id=com.almanach.securevpn&hl=en&gl=us Clever Apps 8/18/2020 10:06:23 AM 4/12/2021 12:00:00 AM Google app.vpngalaxy https://apps.apple.com/us/app/vpn-galaxy-vpn-adblock/id1525215540 APPLINE LTD 8/5/2020 4:00:00 AM 2/6/2021 6:00:00 AM iOS com.vpn.lighttunnel.app https://apps.apple.com/us/app/light-tunnel-best-vpn-outlaw/id1523625237 Smobayl Apps, TOV 7/28/2020 4:00:00 AM 10/19/2021 12:00:00 AM iOS com.apps.inspironxp.changeip https://play.google.com/store/apps/details?id=com.apps.inspironxp.changeip&hl=en&gl=us InspironXP 7/22/2020 9:12:33 AM 3/4/2022 12:00:00 AM Google com.topshield.vpnpro2020 https://play.google.com/store/apps/details?id=com.topshield.vpnpro2020&hl=en&gl=us Rick Melton 7/21/2020 10:49:50 PM 8/9/2020 12:00:00 AM Google org.zerovpn.iosapp https://apps.apple.com/us/app/zerovpn-fast-secure-proxy/id1501732107 KuDi Studio 7/20/2020 4:00:00 AM 3/20/2021 4:00:00 AM iOS com.vpn.starvpn https://apps.apple.com/us/app/starvpn-fast-and-secure/id1498106735 STAR DEVELOPMENT, OOO 7/6/2020 4:00:00 AM 7/7/2020 6:46:51 AM iOS ua.ers.justVpn https://play.google.com/store/apps/details?id=ua.ers.justVpn&hl=en&gl=us Electronic Rescue Service 6/28/2020 12:26:03 PM 12/1/2021 12:00:00 AM Google com.wGkbrowserfreevpn_11297671 https://play.google.com/store/apps/details?id=com.wGkbrowserfreevpn_11297671&hl=en&gl=us gk devoloper 6/28/2020 12:24:04 PM 7/13/2020 12:00:00 AM Google bestvpn.techinfo https://play.google.com/store/apps/details?id=bestvpn.techinfo&hl=en&gl=us Tech-info-soft 6/20/2020 6:39:12 AM 9/16/2020 12:00:00 AM Google com.vpn.utilityvpnfree https://play.google.com/store/apps/details?id=com.vpn.utilityvpnfree&hl=en&gl=us The8020 6/6/2020 7:12:07 AM 6/22/2020 12:00:00 AM Google com.trust-vpn.vpn https://apps.apple.com/us/app/trust-vpn/id1492288124 Trust VPN Ltd. 6/5/2020 4:00:00 AM 12/18/2021 11:00:00 AM iOS com.agrotekh.storm https://apps.apple.com/us/app/hotspot-shield-storm-vpn/id1512215270 Agrotech, OOO 6/4/2020 4:00:00 AM 6/21/2021 8:00:00 AM iOS com.hedghehogtech.octovpn https://play.google.com/store/apps/details?id=com.hedghehogtech.octovpn&hl=en&gl=us Clyapp limited 6/4/2020 3:07:07 AM 10/28/2021 12:00:00 AM Google free.vpn.unblock.proxy.mrvpn https://play.google.com/store/apps/details?id=free.vpn.unblock.proxy.mrvpn&hl=en&gl=us Mrvpnco 6/3/2020 2:58:21 PM 8/5/2020 12:00:00 AM Google com.trustvpn https://play.google.com/store/apps/details?id=com.trustvpn&hl=en&gl=us Blinko Group LP 5/10/2020 8:03:48 AM 3/5/2022 12:00:00 AM Google com.simple.pro.fast.unlimited.private.vpn https://play.google.com/store/apps/details?id=com.simple.pro.fast.unlimited.private.vpn&hl=en&gl=us Super Fast VPN 5/5/2020 11:39:25 PM 3/25/2022 12:00:00 AM Google ogr.pn.master.iron https://play.google.com/store/apps/details?id=ogr.pn.master.iron&hl=en&gl=us Iron VPN Dev Studio 5/5/2020 11:04:25 PM 10/22/2020 12:00:00 AM Google com.demand.VPNPROtrack https://apps.apple.com/us/app/vpn-protrack-complete-protect/id1492574938 Develop Demand LTD 5/5/2020 4:00:00 AM 5/6/2020 8:00:00 PM iOS unicornvpn.vpn https://play.google.com/store/apps/details?id=unicornvpn.vpn&hl=en&gl=us Unicorn VPN LLC 4/26/2020 8:22:49 AM 12/22/2021 12:00:00 AM Google com.free.turbo.vpn https://play.google.com/store/apps/details?id=com.free.turbo.vpn&hl=en&gl=us VPN’s & Photo Editors 4/5/2020 3:16:07 AM 2/8/2022 12:00:00 AM Google com.iron.vpn https://apps.apple.com/us/app/iron-vpn-master-360-security/id1501855541 ELIF SERVICES LIMITED 4/2/2020 4:00:00 AM 3/8/2022 12:00:00 AM iOS com.androidsecurity.vpn https://play.google.com/store/apps/details?id=com.androidsecurity.vpn&hl=en&gl=us UAB Tinklu Akademija 4/1/2020 11:10:34 PM 3/21/2022 12:00:00 AM Google com.moondev.flameProxy https://play.google.com/store/apps/details?id=com.moondev.flameProxy&hl=en&gl=us Rapid & Powerful VPN Connection 3/21/2020 12:08:51 AM 3/11/2022 12:00:00 AM Google com.siilingou.vpnexpert https://apps.apple.com/us/app/vpn-expert-unlimited-proxy/id1494454085 Siiling OU 3/19/2020 4:00:00 AM 11/10/2020 3:00:00 PM iOS com.mbit.vpn https://play.google.com/store/apps/details?id=com.mbit.vpn&hl=en&gl=us ShpuntikApps 3/5/2020 11:08:17 PM 4/27/2020 12:00:00 AM Google com.switcherryinc.switcherryandroidapp.vpn https://play.google.com/store/apps/details?id=com.switcherryinc.switcherryandroidapp.vpn&hl=en&gl=us SWITCHERRY APPS FZE LLC 2/15/2020 5:09:03 PM 10/17/2021 12:00:00 AM Google com.hurhco.telegramPro https://play.google.com/store/apps/details?id=com.hurhco.telegramPro&hl=en&gl=us Andromeda Development Group 2/13/2020 12:01:02 AM 2/1/2022 12:00:00 AM Google ed.solutions.adblockforsafari https://apps.apple.com/us/app/adblock-safe-folder-browser/id1490784380 KuDi Studio 2/12/2020 5:00:00 AM 11/24/2021 1:00:00 AM iOS com.speed.cleaners https://play.google.com/store/apps/details?id=com.speed.cleaners&hl=en&gl=us SpeedVPN Developer 2/8/2020 3:07:07 AM 9/25/2021 12:00:00 AM Google com.unlim.access https://apps.apple.com/us/app/vpn-100-anonymous-browser/id1496751070 Exercises 1/30/2020 12:00:00 AM 8/21/2020 6:19:09 PM iOS net.hotspots.net https://play.google.com/store/apps/details?id=net.hotspots.net&hl=en&gl=us VPN.it 1/1/2020 12:00:00 AM 1/1/2020 12:00:00 AM Google com.bgnmobi.hypervpn https://apps.apple.com/us/app/cyberguard-vpn-secure-vpn/id1485716152 BURAKGON BILISIM TEKNOLOJI REKLAM SANAYI VE TICARET LIMITED SIRKETI 12/20/2019 5:00:00 AM 8/25/2021 10:14:52 PM iOS com.tops.super.fast.free.vpn https://play.google.com/store/apps/details?id=com.tops.super.fast.free.vpn&hl=en&gl=gb Super Fast VPN 12/15/2019 7:44:59 AM 2/22/2022 12:00:00 AM Google com.gixdev.lee https://apps.apple.com/us/app/lee-vpn-proxy-master/id1486213829 ArkVit 12/7/2019 5:00:00 AM 2/11/2022 5:00:00 AM iOS com.komodo.vpn https://play.google.com/store/apps/details?id=com.komodo.vpn&hl=en&gl=us GoodGamesStudio 11/30/2019 3:11:11 PM 4/24/2020 12:00:00 AM Google smart.lock.vpn.proxy https://apps.apple.com/us/app/vpn-%D9%81%D8%AA%D8%AD-%D8%A7%D9%84%D9%85%D9%88%D8%A7%D9%82%D8%B9-%D8%A7%D9%84%D9%85%D8%AD%D8%AC%D9%88%D8%A8%D9%87/id1489087755 IMOFEKS, TOV 11/25/2019 5:00:00 AM 10/8/2020 8:00:00 AM iOS com.vpn.box-vpn https://apps.apple.com/us/app/box-vpn-fast-express-proxy/id1484928818 Avtocenterapps 11/7/2019 5:00:00 AM 12/12/2020 10:00:00 AM iOS ru.teamdev.reward https://play.google.com/store/apps/details?id=ru.teamdev.reward&hl=en&gl=us TeamDevPro Limited 10/9/2019 12:00:00 AM 10/9/2019 12:00:00 AM Google com.grizzlyvpn.vpn https://apps.apple.com/us/app/grizzly-vpn-best-hotspot-vpn/id1479028034 Grizzly Mobile LTD 9/27/2019 4:00:00 AM 2/23/2022 5:00:00 AM iOS org.grizzly.grizzly https://play.google.com/store/apps/details?id=org.grizzly.grizzly&hl=en&gl=us Grizzly VPN 9/25/2019 10:15:57 PM 3/3/2020 12:00:00 AM Google co.wachee.netflixunblocker https://play.google.com/store/apps/details?id=co.wachee.netflixunblocker&hl=en&gl=us Routeme LLC 9/17/2019 2:11:08 AM 2/18/2022 12:00:00 AM Google com.secure.cryptovpn https://play.google.com/store/apps/details?id=com.secure.cryptovpn&hl=en&gl=us RubiDevs 9/10/2019 8:13:38 AM 2/16/2022 12:00:00 AM Google io.happybrowsing https://play.google.com/store/apps/details?id=io.happybrowsing&hl=en&gl=us Safe Browsing and Ad Blocker 8/21/2019 10:15:44 AM 12/8/2021 12:00:00 AM Google com.mushtrip.simplevpn https://apps.apple.com/us/app/secure-vpn-fast-proxy-master/id1471490637 MUSHTRIP LTD 8/15/2019 4:00:00 AM 11/3/2021 4:00:00 PM iOS com.roxi.vpn https://play.google.com/store/apps/details?id=com.roxi.vpn&hl=en&gl=us RoxiVPN 8/13/2019 8:07:22 AM 2/19/2020 12:00:00 AM Google mironapp.fast.unblock.secure.proxy.free.lion.vpn https://play.google.com/store/apps/details?id=mironapp.fast.unblock.secure.proxy.free.lion.vpn&hl=en&gl=us Fast Vpn Proxy Service 8/11/2019 1:15:10 PM 7/11/2020 12:00:00 AM Google com.roxisecurity.vpnroxi https://apps.apple.com/us/app/proxy-master/id1470595234 Roxi Security 8/3/2019 4:00:00 AM 9/25/2020 4:00:00 PM iOS tap.vpn.shield https://apps.apple.com/us/app/tapvpn-fast-vpn/id1472495080 Big Data Technologies LTD 7/28/2019 4:00:00 AM 11/29/2020 5:00:00 AM iOS com.vpn.smart https://apps.apple.com/us/app/vpnsmart-full-online-protect/id1472918713 MEDIA COMP LTD 7/24/2019 4:00:00 AM 7/18/2021 8:00:00 AM iOS mironapp.unblock.secure.proxy.fast.android.free.vpn https://play.google.com/store/apps/details?id=mironapp.unblock.secure.proxy.fast.android.free.vpn&hl=en&gl=us Fast Vpn Proxy Service 7/20/2019 10:19:45 AM 7/11/2020 12:00:00 AM Google classicstudio.phoenix.proxy.vpn https://play.google.com/store/apps/details?id=classicstudio.phoenix.proxy.vpn&hl=en&gl=us Unlimited Vpn Apps 7/17/2019 8:09:03 AM 2/7/2021 12:00:00 AM Google classicstudio.best.proxy.vpn https://play.google.com/store/apps/details?id=classicstudio.best.proxy.vpn&hl=en&gl=us Unlimited Vpn Apps 7/16/2019 6:09:17 PM 2/7/2021 12:00:00 AM Google classicstudio.light.proxy.vpn https://play.google.com/store/apps/details?id=classicstudio.light.proxy.vpn&hl=en&gl=us Unlimited Vpn Apps 7/13/2019 5:06:32 AM 2/7/2021 12:00:00 AM Google io.wifimap.vpnapp https://apps.apple.com/us/app/zorro-vpn-vpn-wifi-proxy/id1466972350 WiFi Map LLC 6/30/2019 4:37:24 AM 2/28/2021 10:00:00 AM Mac;iOS net.vpn.hub.servers https://play.google.com/store/apps/details?id=net.vpn.hub.servers&hl=en&gl=us Great Day Mobile 6/28/2019 12:00:00 AM 6/28/2019 12:00:00 AM Google com.vpncapa.vpnmaster.free.unblock.vpn https://play.google.com/store/apps/details?id=com.vpncapa.vpnmaster.free.unblock.vpn&hl=en&gl=us Unlimited DT Security Studio 6/24/2019 3:06:39 AM 12/17/2021 12:00:00 AM Google com.caller.flash.callerscreen.caller https://play.google.com/store/apps/details?id=com.caller.flash.callerscreen.caller&hl=en&gl=us vpn master 6/11/2019 6:21:51 PM 10/1/2020 12:00:00 AM Google com.clean.traffic.vpn.app.app https://apps.apple.com/us/app/clean-traffic-vpn/id1460242070 auralion Sp. z o.o 6/4/2019 4:00:00 AM 12/1/2020 5:00:00 AM iOS openvpn.vpn https://play.google.com/store/apps/details?id=openvpn.vpn&hl=en&gl=us VPN LLC (open-vpn.org) 6/2/2019 12:25:22 PM 2/23/2022 12:00:00 AM Google com.makapp.vpn https://apps.apple.com/us/app/makvpn-proxy-master/id1457441850 makapp 6/2/2019 12:00:00 AM 5/5/2020 9:46:56 PM iOS com.eversvpnapp https://apps.apple.com/us/app/speed-vpn-fast-vpn-proxy-app/id1460774293 EverSun Ltd 5/29/2019 4:00:00 AM 1/23/2021 5:00:00 AM iOS com.multivpn.app https://apps.apple.com/us/app/vpn-location-changer-multivpn/id1445674133 Exelo Media 5/2/2019 4:00:00 AM 2/19/2022 3:00:00 PM iOS com.wolf.vpn https://play.google.com/store/apps/details?id=com.wolf.vpn&hl=en&gl=us Fast Vpn Proxy Service 4/27/2019 5:09:36 PM 7/11/2020 12:00:00 AM Google com.novotech.myvpn https://apps.apple.com/us/app/my-vpn-compare-vpn/id1455210693 SOFT AND DEV LTD 4/25/2019 4:00:00 AM 7/26/2019 4:00:00 AM iOS com.titanvpn.app https://apps.apple.com/us/app/vpn-secure-hotspot-shield/id1459783875 NorthRex 4/24/2019 4:00:00 AM 6/20/2021 8:00:00 AM iOS com.lerta.vpndiler https://apps.apple.com/us/app/vpn-secure-service/id1444882463 ООО “Атлант-Авто” 1/31/2019 5:00:00 AM 11/18/2021 5:00:00 AM iOS proxy.browser.unblock.sites.proxybrowser.unblocksites https://play.google.com/store/apps/details?id=proxy.browser.unblock.sites.proxybrowser.unblocksites&hl=en&gl=us proxy browser team 12/26/2018 3:12:19 AM 3/8/2022 12:00:00 AM Google com.tlsvpn.tlstunnel https://play.google.com/store/apps/details?id=com.tlsvpn.tlstunnel&hl=en&gl=us TLSVPN 12/25/2018 4:06:54 AM 3/6/2022 12:00:00 AM Google com.99tech.vpn https://apps.apple.com/us/app/vpn99-fast-secure-vpn/id1361702640 Trust VPN Ltd. 12/15/2018 5:00:00 AM 3/9/2022 5:00:00 AM iOS com.millcroft.proxy.vpn.private.internet.access.master.free https://play.google.com/store/apps/details?id=com.millcroft.proxy.vpn.private.internet.access.master.free&hl=en&gl=us Общество с ограниченной ответственностью МОБИЛИТИ 11/16/2018 7:12:16 AM 2/20/2020 12:00:00 AM Google castle.vpn.Castle-VPN.Castle-VPN https://apps.apple.com/us/app/castle-vpn/id1440469806 Cihan Secgin 11/9/2018 3:00:00 PM 11/9/2018 3:00:00 PM iOS com.adcombo.ftlvpn https://apps.apple.com/us/app/ftl-vpn-privacy-security/id1439313710 RVSoft 10/25/2018 4:00:00 AM 4/10/2019 8:09:20 PM iOS com.guruvpn.app https://play.google.com/store/apps/details?id=com.guruvpn.app&hl=en&gl=us Zilla Technology 10/4/2018 3:12:31 AM 5/4/2020 12:00:00 AM Google com.forever.freetg.freetg https://play.google.com/store/apps/details?id=com.forever.freetg.freetg&hl=en&gl=us Netfree 8/8/2018 1:32:10 AM 4/13/2020 12:00:00 AM Google bernikovich.vpn https://apps.apple.com/us/app/securenet-for-iphone/id1373844471 LUMOS, OOO 5/8/2018 4:00:00 AM 2/25/2022 10:00:00 AM iOS com.procloud.vpn https://apps.apple.com/us/app/cloudvpn-hotspot-vpn-proxy/id1342125266 POLET MASTER 4/25/2018 4:00:00 AM 12/1/2020 1:00:00 AM iOS com.myprivacy https://play.google.com/store/apps/details?id=com.myprivacy&hl=en&gl=us MyPermissions 1/12/2018 7:17:15 AM 11/25/2021 12:00:00 AM Google com.ibs4data.novavpn https://apps.apple.com/us/app/novavpn/id1291426740 IBS 4 Data Limited 1/11/2018 5:00:00 AM 9/20/2018 8:00:00 AM iOS com.vpnfreely.siloseattle https://apps.apple.com/us/app/vpn-freely-premium-usa-vpn/id1207352095 Silo IT Group 3/1/2017 5:00:00 AM 1/23/2021 5:00:00 AM iOS vpn.privateme https://play.google.com/store/apps/details?id=vpn.privateme&hl=en&gl=us MobiPlayLLC 9/2/2016 12:09:31 PM 10/4/2021 12:00:00 AM Google org.freevpn https://play.google.com/store/apps/details?id=org.freevpn&hl=en&gl=us Free VPN LLC 1/20/2016 10:11:26 AM 3/3/2022 12:00:00 AM Google sproot.blinkt.openvpn https://play.google.com/store/apps/details?id=sproot.blinkt.openvpn&hl=en&gl=us Dev SSD 10/21/2015 4:00:00 AM 7/5/2019 12:00:00 AM Google pm.tap.vpn https://play.google.com/store/apps/details?id=pm.tap.vpn&hl=en&gl=us Big Data Technologies ltd. 8/7/2014 3:09:38 AM 3/17/2020 12:00:00 AM Google com.flyvoip.wifiapplite https://apps.apple.com/us/app/wifi-map-internet-esim-vpn/id548925969 WiFi Map LLC 9/20/2012 4:00:00 AM 3/11/2022 10:00:00 AM iOS com.opera.browser https://play.google.com/store/apps/details?id=com.opera.browser&hl=en&gl=us Opera 12/3/2011 2:21:19 AM 3/21/2022 12:00:00 AM Google

Tuesday, 29. March 2022

We Are Open co-op

Advocating for learner-centric badge systems

Some thoughts on campaigning for the right things Advocacy Framework remix cc-by Laura Hilliger In the Keep Badges Weird community, we’re beginning to have a conversation about what the dynamic between badge issuers and badge earners is and what it should be. We need to circumvent bad habits of 20th century educational systems and help people understand how disenfranchising learners affe
Some thoughts on campaigning for the right things Advocacy Framework remix cc-by Laura Hilliger

In the Keep Badges Weird community, we’re beginning to have a conversation about what the dynamic between badge issuers and badge earners is and what it should be. We need to circumvent bad habits of 20th century educational systems and help people understand how disenfranchising learners affects their own goals.

As badges have gone mainstream, we see increased need to counteract the top-down focus of institutions or corporations to ensure that the learner remains the beneficiary of the badge. Focusing on learner recognition, rather than just credentialing, will lead to better, more empowered learners and therefore a stronger civic society.

So how do we advocate for learner-centric badge systems? This is the piece that we’ve been thinking about the past couple of weeks.

The Advocates in KBW

Most of us know, instinctively, what the word advocacy means. I like this particular definition, although I’ll admit it’s a more controversial choice than some of the dictionary definitions:

Advocacy is an assertive form of communication or activity that promotes, protects and defends the rights of people who experience disadvantage, or are at risk of being disadvantaged.”
© 2016 Wellways Australia

Learners are often disadvantaged. Often skills and competency programmes are designed with “business objectives” or “KPIs” in mind, as opposed to the learners and their motivations. We want to be active in advocating for something other than this status quo (i.e. recognition vs credentialing), and after many years of pleading and politicking, I right think it’s time for some assertive communication on the matter.

The KBW community is tailored to “Badge Champions”, people who are aware of and bought into the idea of badging. Icons from openpeeps.com

We have the authority to be assertive about badges. We are a community with people who have invented and pioneered badge systems, technologies, standards and everything else badges. People in this community are front line educators and learner advocates. We are the people who are motivated and influential in getting organisations to start thinking about upskilling in a non-traditional way.

What are we advocating for?

This is a question that we need to address! For example, we need to help people understand:

It is more important to motivate learning then to simply recognise it. Yes, badges, but not as a top down approach! Disenfranchising learners is an old story and we are fighting for a new world. We are fiercely opposed to the commercialisation of badges. We should be badging mindsets and behaviours that don’t suck (e.g. #sustainability badge, SDG goals, climate literacy, etc)

The conversation is nuanced, but the point is that recognition is bigger than credentialing and encompasses a whole range of things. We are advocating for a world in which people aren’t seen as their CV or their qualifications and accomplishments, but rather holistically – who they are in all their humanness.

How do we advocate?

As I was thinking about what bottom-up advocacy even means in this community, I stumbled upon a policy advocacy framework. Originally published in a paper called Foundations and Public Policy Grantmaking*, the framework shows how “private foundations can consider their engagement in public policy grantmaking.” There’s documented and researched approaches to influence policy. Who knew!

I skimmed the paper and studied the framework. Then I remixed it with folks in the community in mind. I tried to think who are our audiences? Who are we collaborating with or trying to influence? More importantly though, what are the strategies and activities that our community is doing or likely to do? What approaches do we need to focus on?

The original framework used terms like “litigation” and “regulatory feedback”. These terms fit well with public policy initiatives, but our community is working in educational contexts. Thus, the remix replaces some of the terminology with terms more befitting to our context:

Framework remix cc-by Laura Hilliger

*The original framework first appeared in Coffman, J. (2008). Foundations and Public Policy Grantmaking. Paper prepared for The James Irvine Foundation.

Campaigning for the right things

“Campaigning” is a faceted approach to advocacy. Again, it’s a word we understand instinctively.

Doug recently wrote a post in which he said:

“It’s taken a decade, as I predicted, for badges to be a no-brainer when it comes to recognising and credentialing knowledge, skills, and dispositions. We’re no longer in the stage of “imagine a world…” but rather “here’s what’s happening, let’s talk about how this could be useful to you”.”

It is certainly true that our job doing Awareness advocacy feels much different nowadays. It’s relatively easy to raise awareness, do outreach, convince folks to run pilot programmes — to run campaigns that help people understand what badges are and how they work. We have the research, we’ve analysed the polls.

We are running into other issues around advocating for Open Badges — namely, issues of will and action.

thinking about audiences and what they’re focused on in KBW

Using the framework, our community of Badge Champions are likely focused in the red zone. They need to advocate to people in the blue zone. Thus, our community might be supported with things like:

tools to advocate to their superiors, deciders or purse string holders communication materials or stuff for media advocacy a manifesto for learners that they can remix and reuse Let’s get concrete

The knowledge, skills and talent to advocate for learners in our organizations exist in this community. We can collaborate to build useful resources and structures for future badge champions. How can we build campaigns that go beyond awareness and into influencing the will and actions of the people who hold power in this arena? The question is What do people NEED?

Here’s some fully random ideas to get us started…

Badge Budget tips 101 (stuff like “How to ask your boss” or an Expenditure spreadsheet template with a not sucky name…) 10 Slides to help your boss sell your idea A template for showcasing your pilot program Badge your boss day …

Your turn. Ideas? Requests? Come to the community call and join the discussion.

WAO’s members are 11-year advocates of badges. If we can help you with your badge project, get in touch!

Advocating for learner-centric badge systems was originally published in We Are Open Co-op on Medium, where people are continuing the conversation by highlighting and responding to this story.

Monday, 28. March 2022

Good ID

Latest updates from FIDO APAC Marketing Forum: FIDO Members from the Region Get Together to Learn from Each Other and Stay Alert

By Joon Hyuk Lee, APAC Market Development Director According to recent research reports and news, Asia Pacific regions are witnessing a surge in cyber-attacks – and the highly publicized online […] The post Latest updates from FIDO APAC Marketing Forum: FIDO Members from the Region Get Together to Learn from Each Other and Stay Alert appeared first on FIDO Alliance.

By Joon Hyuk Lee, APAC Market Development Director

According to recent research reports and news, Asia Pacific regions are witnessing a surge in cyber-attacks – and the highly publicized online attacks all start with compromised passwords. 

In December 2021, nearly 470 customers of a Singapore bank had fallen victim to SMS phishing attacks, with total losses amounting to at least $8.5 million. In New Zealand, the Department of Internal Affairs (DIA) received over 114,000 SMS scam reports between September and October 2021, the highest in the Department’s history. In India, cyber-attacks have doubled in the past three years, according to University of Surrey research, with enterprises the most common target of these attacks. In January, a local payment provider experienced a data breach, with 35 million customers having their data, including card information and fingerprint scans, released on the dark web for anyone to buy. These are just a few examples on a list that continues to grow.

The Industry Is Uniting to End the Password Problem

On February 15th, the FIDO APAC Marketing Forum (AMF) brought together FIDO members from 12 countries in APAC to share insights, lessons learned and best practices to mitigate the surge of cyber-attacks that have taken hold of the region. 

 Here are the highlights of the sessions:

The agenda started with a welcome message from Andrew Shikiar, Executive Director and CMO of the FIDO Alliance.  Shikiar said, “2022 is the year of FIDO adoption and this time we mean it. FIDO adoption is truly happening now at scale.  Asia has always been at the forefront with early FIDO adoptions, and it is wonderful to see a new momentum in Taiwan and ASEAN.” Megan Shamas, Senior Director of Marketing at the FIDO Alliance, reviewed 2021 highlights and shared 2022 global marketing programs that are being prepared. She detailed FIDO’s new year marketing programs that are divided into many different boxes, such as PR, digital, content, industry events, seminars, and research, while seeking member feedback. The group heard from Karen Chang of Egis Technology, who is also Chair of FIDO Taiwan Engagement Forum while serving as a member at SEMI E187 Standard Committee. Chang pointed out that SEMICON Taiwan released SEMI E187, the first ever semiconductor standard. FIDO is listed as a reference of ‘Authentication Technologies’ in the document. Le Tuan Khoi from MK Group in Vietnam shared their FIDO deployment case study. The insightful local trends on cybersecurity and cybercrime statistics were highly appreciated by the members. It was very helpful for us to understand the local markets and how FIDO can be accepted there. Keiko Itakura from Rakuten Group shared Rakuten’s FIDO implementation case study. Itakura, who also serves as Co-Vice Chair of the FIDO Japan Working Group, said, “FIDO has great availability to unify authentication methods and phishing resistance by utilizing standard technology.”  At the end of her presentation, the members congratulated the 25th year anniversary of Rakuten. Special guest Yusuf Khan from Digital Dubai joined us to share digital ID trends and related activities in Dubai.  He emphasized that balance between usability and security is very important, which FIDO Authentication is on the sweet spot.  It was also exciting to learn that Dubai is exploring passwordless and secure mobile based digital identity. Finally, Young Lee from DEFEND in New Zealand joined us as a special speaker.  Lee gave us a bird-eye view of New Zealand’s 2021 Cybersecurity Landscape.  He said, “thousands of phishing and credential harvesting attacks were recorded in Q2 2021, and it was a 73% increase from the previous quarter.”

A Call to Participate

The FIDO APAC Marketing Forum (AMF), under the FIDO Marketing and Communications Board Committee, was inaugurated on November 28th, 2020, to provide a platform for regional members to connect, learn from each other and share best practices. Although it was established during the worst period of the global pandemic, the forum has now grown to 98 members from Australia, China, Japan, Korea, Hong Kong, Indonesia, India, Malaysia, Saudi Arabia, Taiwan, and Vietnam. Members in the APAC region are encouraged to participate in this forum and can get involved by contacting info@fidoalliance.org.

We look forward to hosting yet another exciting AMF meeting in Q2 2022!

The post Latest updates from FIDO APAC Marketing Forum: FIDO Members from the Region Get Together to Learn from Each Other and Stay Alert appeared first on FIDO Alliance.


The Engine Room

Transitions at The Engine Room: Some updates on what’s next

We're welcoming a new Interim ED, a new board member and going through leadership transitions. The post Transitions at The Engine Room: Some updates on what’s next first appeared on The Engine Room.

Over the past few months we’ve been on the search for an Interim Executive Director to hold the reins at The Engine Room for the next few months while our ED, Julia, is on leave. Alongside that, we’ve been looking for new board members, and today I’m thrilled to share that both of these searches have been successful! Gillian Williams has joined us as Interim Executive Director until September, and Elizabeth Eagen has joined our Board of Directors. 

In other news, I’ll be transitioning out of The Engine Room at the end of March, after nearly seven years here (more on this below!). Laura Guzmán and Paola Mosso, who have been leading our Engagement and Tech teams respectively, will be stepping into the roles of co-Deputy Directors. 

More on our Interim ED and our new Board Member 

Gillian brings a wealth of experience in leading nonprofits focused on human gain and social justice at an executive level, having served as an Executive Director herself. She has worked and consulted with a number of nonprofits around areas of leadership, organisational and board development, and how to navigate major transitions. She’s hit the ground running already, and we’re delighted to have her on the team for the next six months. 

Elizabeth has been an ally to The Engine Room for a long time – she gave us one of our first grants to start our Responsible Data work, and she’s already provided invaluable support and advice. She ​​established and led the Emerging Technology portfolio at the Open Society Foundations’ Information Program, and currently works as the Deputy Director at CAT Lab. We’re so excited to have her deep expertise on our board, to help guide our future strategy and programmatic work.

Some background on the last six months

We’ve shared some of this over social media, but for more context on some of what’s been going on in the last few months: In September last year, our Executive Director, Julia, was diagnosed with early-stage cancer. As she stepped out for treatment, I took on the role of Acting Executive Director, and I can only express my complete gratitude to the team, the Board and all our core funders for all the ways that they supported our team during that transition period. Everyone, without exception, stepped up to offer me the support, grace and trust I needed to be able to fill those big shoes under such tough circumstances, and the team as a whole really showed up for each other. 

In many ways, this period has been the biggest test of our commitment to wellbeing and solidarity that we’ve had as an organisation so far. Adjusting our organisation in a way that would allow our ED to step away for an undefined period of time, while ensuring that our commitments to partners were met, our work remained impactful and thoughtful, and that our team was supported – wasn’t easy. 

As it happened, in the months before Julia’s diagnosis we had also been discussing my exit from the organisation – I had been feeling like it was time for new challenges, and to open up new space for emerging leaders in the organisation. I’m so glad I was able to stay for longer than planned, but that personal desire, and belief in making some space, remained. 

I’ve truly loved my time at The Engine Room, and will remain a lifelong cheerleader for the team and all of their great work. I feel immensely grateful to have landed at this organisation when I did: I can’t think of many organisations where I would have had the opportunity to grow at the pace that I have, to learn so much in a hands-on and supported way, to shape so much and work on such impactful, interesting, important topics with such smart and kind people. 

What next? 

As Julia is now happily in recovery, she will slowly be easing back into a support role at The Engine Room over the next few months, before rejoining us as our Executive Director in the autumn. At the same time, the current senior leadership team (Laura and Paola as co-Deputy Directors, and Gillian as Interim ED) will be settling into their roles, with others in the organisation taking on new responsibilities as well. 

I feel so happy to be leaving The Engine Room with such strong leadership – both at the executive level, but also through all of the team, who are all leaders in their own right, shaping our programmatic work, pushing us to do and be better, and pushing forward our mission of strengthening civil society’s use of tech and data. On that note – make sure to take a look at our just-launched 2021 Retrospective to get a glimpse of the work we did last year.

You can contact Gillian on gillian[at]theengineroom.org, and our co-Deputy Directors Laura and Paola are also available to talk through any questions these transitions might bring. It’s been an absolute honour to be part of this team, and I hope to be ‘seeing’ many of you online in the future! 

Photo by Robert Horvick via Unsplash.

The post Transitions at The Engine Room: Some updates on what’s next first appeared on The Engine Room.

Friday, 25. March 2022

Elastos Foundation

Elastos Bi-Weekly Update – 25 March 2022

...

Trust over IP

Schellman Joins Trust Over IP Foundation as Steering Committee Member

Tampa-based Schellman, a leading provider of attestation and compliance services, announced today that it is joining the Trust over IP Foundation (ToIP) as a Steering Committee member. As the first... The post Schellman Joins Trust Over IP Foundation as Steering Committee Member appeared first on Trust Over IP.

Tampa-based Schellman, a leading provider of attestation and compliance services, announced today that it is joining the Trust over IP Foundation (ToIP) as a Steering Committee member. As the first IT audit firm to join the leadership of ToIP, this move represents Schellman’s belief in the growing suite of digital governance specifications and tools being developed by ToIP Working Groups.

Representing Schellman on the Steering Committee will be Scott Perry, whose firm Scott S. Perry CPA, PLLC, was recently acquired by Schellman. Scott was a founding Contributing Member of ToIP and has served as co-chair of the ToIP Governance Stack Working Group since its inception in May 2020.

“This is the culmination of work that began over six years ago when I started collaborating with Timothy Ruff, co-founder of Evernym and of the Sovrin Foundation, on audit and compliance in the emerging SSI space,” said Scott. “We realized that this could revolutionize how digital trust works everywhere on the Internet, and out of that was born the ToIP Foundation. So it is very gratifying for me to now join the Steering Committee and contribute directly to the success of the ToIP model.”

Scott has authored or co-authored a number of deliverables from the ToIP Governance Stack WG including:

ToIP Governance Metamodel Specification (PDF) and Companion Guide (PDF) ToIP Risk Assessment Worksheet Template (Excel) and Companion Guide (PDF) ToIP Trust Assurance and Certification Controlled Document Template (Excel) and Companion Guide (PDF) ToIP Trust Criteria Matrix Template (Excel) and Companion Guide (PDF)

Scott saw the acquisition of his firm as a means of harnessing a well-established delivery capability of digital trust audit services from a top CPA Firm; Schellman saw this as a quick entry into an important emerging segment of the compliance marketplace and wanted to cement this commitment by joining the ToIP Steering Committee.

“Holding digital trust actors accountable in any or all layers of the ToIP stack will require independent audit skills and experience in a variety of compliance frameworks,” said Avani Desai, CEO at Schellman. “The deliverables already published by ToIP serve as an audit methodology for trust assurance, so they will nicely complement the services we currently offer as a WebTrust CPA firm, an ISO Certification Body, a PCI Qualified Security Assessor Company, a HITRUST assessor, a FedRAMP 3PAO, and as one of the first CMMC Authorized C3PAOs.”

“I am very happy to see this recognition of the ToIP Foundation’s groundbreaking work in digital governance frameworks,” said Judith Fleenor, ToIP Director of Strategic Engagements. “Scott has been a leader in this work from the start, and the acquisition of his firm and the support of Schellman signals that the ToIP governance metamodel is starting to see serious traction in the market. Look for more evidence coming from several new digital trust ecosystems later this year.”

Visit the Schellman website to learn more about their new Crypto and Digital Trust Service practice.

The post Schellman Joins Trust Over IP Foundation as Steering Committee Member appeared first on Trust Over IP.


Own Your Data Weekly Digest

MyData Weekly Digest for March 25th, 2022

Read in this week's digest about: 5 posts, 1 question, 1 Tool
Read in this week's digest about: 5 posts, 1 question, 1 Tool

Thursday, 24. March 2022

Energy Web

Stedin, the Dutch Distribution System Operator, Announces Partnership with Energy Web to Explore…

Stedin, the Dutch Distribution System Operator, Announces Partnership with Energy Web to Explore the Future of Asset Management Partnership to develop a digital identity-backed system to enable new ways of managing assets as the energy market becomes decentralized. Rotterdam, Netherlands, and Zug, Switzerland, 24 March 2022 — Energy Web, the non-profit building operating systems for energy grids
Stedin, the Dutch Distribution System Operator, Announces Partnership with Energy Web to Explore the Future of Asset Management

Partnership to develop a digital identity-backed system to enable new ways of managing assets as the energy market becomes decentralized.

Rotterdam, Netherlands, and Zug, Switzerland, 24 March 2022 — Energy Web, the non-profit building operating systems for energy grids, and Stedin, the Dutch distribution system operator (DSO), announced a partnership today to deploy a future-proofed solution for managing energy assets. This would include DSO-native devices, such as smart meters and distribution automation devices, and consumer/prosumer devices commonly referred to as distributed energy resources (DERs).

As part of the collaboration, Energy Web and Stedin will work together on a decentralized asset management system, which will initially be tested on intelligent electronic devices for substation automation. Through the initial tests, the project partners hope to gain valuable insights into how decentralization can help with the management of future grid assets. Moreover, the project will test the ability of grid operators to maintain grid security without requiring hardware changes.

In the face of an evolving energy market, modern DSOs are experiencing increasing challenges as a result of the decentralization of the distribution network. Technology that was previously located within physical substations, including monitoring equipment, is now spread across the distribution network as the number of DERs, including wind, photovoltaics (PV), and electric vehicles (EVs), increases.

The joint Energy Web- Stedin solution currently comprises a management system which assigns each distribution asset a secure digital identity, anchored on the pre-existing SIM card in each asset. Cryptographically signed information and control signals and commands from the DSO can then be sent to and from the asset, enabling a decentralized managed system by ensuring that each asset operates as an independent point of encrypted security. The solution leverages Energy Web’s operating system (EW-DOS), with no additional hardware or swapping-out required.

“Put simply, the old way of running energy grids is no longer fit for purpose”, said Jesse Morris, CEO of Energy Web. “This is partially because the nature of the assets deployed on the grid is changing, as we move from a ‘top-down’ energy system to a much more distributed one. As energy generation becomes less centralized, we need to adapt by dispersing computational power from the center of the grid, to increase security and asset visibility. This decentralization creates new efficiencies and creates simpler routes for renewable energy sources to integrate with the traditional grid system.”

The solution will in the future enable new avenues for consumers to offer services to the grid as issuing digital identities to consumer DERs, makes it possible for aggregations of consumers/prosumers to engage in ancillary services, such as selling energy back to the grid from a home energy storage system or EV while maintaining the utmost level of cybersecurity. With numerous possibilities and programs which could be powered by Energy Web’s decentralized architecture, the integration with Stedin has the potential to transform the Netherlands’ electricity market and local economy.

The solution has already undergone several proof-of-concept tests, with development work on the platform beginning in October 2021. On its way to mainstream deployment, the product is currently undergoing rigorous testing within a sandbox environment, utilizing real energy assets. It is expected that this sandbox will run for the duration of Q1 before the solution goes live later this year. In the future, the project can be adapted for any other energy grid in partnership with other national DSOs to improve asset security & management.

Commenting on the partnership, Arjen Zuijderduijn, Innovation lead at Stedin, said: “Energy grids worldwide are undergoing profound changes at a rapid pace. Utility providers, grid operators, and consumers face previously unseen challenges to grid security given the rise of decentralized assets and the integration of renewables — but equally, there are opportunities to build more efficient, future-proofed, and profitable systems. Stedin has been a longtime advocate of innovation across the grid, and decentralization forms a central part of our strategy to modernize the national grid system. We’re excited to work with Energy Web, and to progress towards deploying this solution across our information and operational technology systems.”

Energy Web’s partnership with Stedin marks its fourth partnership with a major grid operator focused on the future of energy grid performance, including the digitization and integration of distributed energy resources into the wider energy market. In addition to its partnership with Stedin, Energy Web is currently engaged in enterprise deployments of its technology, with the Australian government’s Project EDGE and California’s grid operator (CAISO), as well as Elia E-Mobility Dashboard in Germany.

About Energy Web
Energy Web is a global, member-driven non-profit accelerating the low-carbon, customer-centric energy transition by unleashing the potential of open-source, digital technologies. Our Energy Web Decentralized Operating System (EW-DOS) enables any energy asset, owned by any customer, to participate in any energy market. The Energy Web Chain — the world’s first enterprise-grade, public blockchain tailored to the energy sector — anchors the EW-DOS tech stack. The Energy Web ecosystem comprises leading utilities, grid operators, renewable energy developers, corporate energy buyers, IoT / telecom leaders, and others.

About Stedin
Stedin Group, headed by Stedin Holding N.V., consists of the electricity and gas grid managers Stedin and Enduris that operate in a large part of the province of South Holland, in the provinces of Utrecht and Zeeland and in parts of North Holland and Friesland. In addition, the group offers services in the field of electricity and gas infrastructure under the name DNWG Infra. Together we ensure that all our customers have access to (sustainable) energy to live, work and do business.

Stedin, the Dutch Distribution System Operator, Announces Partnership with Energy Web to Explore… was originally published in Energy Web Insights on Medium, where people are continuing the conversation by highlighting and responding to this story.

Wednesday, 23. March 2022

Oasis Open

SAM Threshold Sharing Schemes V1.0 Approved as OASIS Standard

23 March 2022 — OASIS Open, the global open source and standards consortium, announced that its members have approved SAM Threshold Sharing Schemes Version 1.0 as an OASIS Standard, a status that signifies the highest level of ratification. Developed by the Security Algorithms & Methods (SAM) Technical Committee, SAM Threshold Sharing Scheme V1.0 is intended […] The post SAM Threshold Sharin

Cryptsoft, Dell, Hewlett Packard Enterprise, and Others Advance Open Standard Enabling the Interoperability of Threshold Sharing Schemes

23 March 2022 — OASIS Open, the global open source and standards consortium, announced that its members have approved SAM Threshold Sharing Schemes Version 1.0 as an OASIS Standard, a status that signifies the highest level of ratification. Developed by the Security Algorithms & Methods (SAM) Technical Committee, SAM Threshold Sharing Scheme V1.0 is intended for developers and architects designing systems and applications that utilize threshold sharing schemes in an interoperable manner.

“SAM Threshold Sharing Schemes V1.0 aids in the interoperability of applications implementing cryptographic capabilities in support of OASIS and other standards and specifications,” said Tim Chevalier of NetApp, co-chair of the OASIS SAM Technical Committee. “Many organizations are unable to conform with a range of specifications that deal with cryptographic algorithms or methods because those algorithms and methods are not documented in a manner that is able to be referenced.” 

“The primary goal of OASIS SAM Threshold Sharing Scheme is to provide a standardized set of algorithms, mechanisms, and methods that can be used in an interoperable way to recover secret data in a secure way, this should be immediately available to other OASIS Technical Committees and recognized standards bodies,” said OASIS SAM co-chair, Greg Scott of Cryptsoft. 

Participation in the OASIS SAM Technical Committee is open to all companies, nonprofit groups, governments, academic institutions, and individuals through membership in OASIS. As with all OASIS projects, archives of the Committee’s work are accessible to both members and non-members alike. OASIS also hosts an open mailing list for public comment.

Support for SAM Threshold Sharing Schemes V1.0

Cryptsoft

“Cryptsoft is pleased to be a key participant in the SAM TC. Threshold Sharing Schemes (TSS) are widely used but have typically been non-interoperable between vendors and usage domains. Interoperable TSS allows for disaster recovery and cryptographic multi-party authorization systems to be cross-vendor. This advance will allow for greater security and recoverability of secure data for a wide range of systems used in today’s modern organizations.”

 – Tim Hudson, CTO, Cryptsoft

Additional Information:

OASIS Security Algorithms and Methods (SAM) TC: 
https://www.oasis-open.org/committees/sam

Media inquiries: 
communications@oasis-open.org

The post SAM Threshold Sharing Schemes V1.0 Approved as OASIS Standard appeared first on OASIS Open.

Tuesday, 22. March 2022

OpenID

Registration Open for OpenID Foundation Hybrid Workshop at Google – Monday, April 25, 2022

Workshop Overview OpenID Foundation Workshops provide technical insight and influence on current digital identity standards while offering a collaborative platform to openly address current trends and market opportunities. This OpenID Foundation Workshop includes a number of presentations focused on 2022 key initiatives for the Foundation as well as updates on active working groups.   Worksho
Workshop Overview

OpenID Foundation Workshops provide technical insight and influence on current digital identity standards while offering a collaborative platform to openly address current trends and market opportunities. This OpenID Foundation Workshop includes a number of presentations focused on 2022 key initiatives for the Foundation as well as updates on active working groups.

 

Workshop Details

Thank you kindly to Google for hosting this hybrid workshop.

Google
1240 Crossman Ave Sunnyvale, CA, 94089-1116
Room US-SVL-CRSM1240-1-Ankimo Tech Talk

***Registration is required for all workshop participants and must be completed by Monday, April 18, 2022 at 1pm PT: https://www.eventbrite.com/e/openid-foundation-workshop-monday-april-25-2022-tickets-304150210467

Drinks and snacks will be provided to those attending in person. All registered participants will receive the Google Meet link to participate virtually prior to the workshop.

The Foundation’s Note Well Statement can be found here and is used to govern workshops.

 

Agenda TIME (PT) PRESENTATION PRESENTER(S) 1:00-1:05 Welcome Gail Hodges – OIDF 1:05-1:35 [Re]Assessment of the HEART Landscape
Debbie Bucci has been working on behalf of the OpenID Foundation to better understand the Health sector and to access and raise awareness about the potential use of other OpenID profiles, such as FAPI, that have gained wide acceptance/ traction broadly in other sectors. To start the conversation, Debbie has been working on a cross walk of standards/profiles used in the health space and recently invited members of the HEART WG to join her to present her findings to date and to give others the opportunity to share activities/lessons learn. This session will provide an update and insights gained from those discussions as well as an opportunity for workshop participants to share their perspectives. Debbie Bucci – Equideum Health 1:35-2:00 OpenID Connect for Self-Sovereign Identity Protocols
The OpenID Connect for Self-Sovereign Identity (OIDC4SSI) protocols are facilitating adoption of Self-Sovereign Identity (SSI), empowering individuals to take control of their own identity. By using OpenID Connect, a cornerstone of modern identity systems as the foundation, OIDC4SSI ensures that SSI applications are trusted, secure, interoperable, and easy to deploy. For that reason, OIDC4SSI specifications are already being adopted and deployed in a number of implementations, rapidly becoming the foundation of many Self-Sovereign Identity solutions. This talk will discuss use cases motivating the work, how these protocols solve the problems, what challenges remain, and how they have come together to weave a web of trust for Self-Sovereign Identity. Kristina Yasuda – Microsoft & Torsten Lodderstedt – yes.com 2:00-2:25 GAIN 1.0 POC Community Group Forum
The Globally Assured Identity Network (GAIN) White Paper was extraordinary effort of 150 co-authors who proposed a pragmatic approach to the burning business problem of the international interoperability of digital identity. This presentation will introduce and provide an update on the GAIN Proof of Concept (PoC) while encouraging global community input to help shape the PoC and maximize benefit for all participants and supporters. Torsten Lodderstedt – yes.com 2:25-2:30 Break 2:30-2:45 Shared Signals & Events: How to Notify Resource Providers / RPs of Token/ Session Revocation
Notifying resource servers that a token has been revoked remains a largely unsolved problem in the industry. Recent browser privacy changes are rapidly affecting the ability to sign out users and revoke sessions reliably. Can the Shared Signals and Events Framework solve these two problems? Let’s discuss! Tim Cappalli – Microsoft 2:45-2:55 MODRNA WG Update Bjorn Hjelm – Verizon Wireless 2:55-3:05 FAPI WG Update Nat Sakimura – OIDF 3:05-3:15 Connect WG Update Michael Jones – Microsoft 3:15-3:20 EAP WG Update Michael Jones – Microsoft 3:20-3:30 FastFed WG Update Tim Cappalli – Microsoft 3:30-3:40 Shared Signals & Events WG Update Tim Cappalli – Microsoft 3:40-3:50 eKYC & IDA WG Update Daniel Fett  – yes.com 3:50-4:00 Wrap Up and Open Q&A The post Registration Open for OpenID Foundation Hybrid Workshop at Google – Monday, April 25, 2022 first appeared on OpenID.

Monday, 21. March 2022

Identity Review

Koop Aims to Define the Next Generation of Web3 Tooling

A growing startup to pioneer a Web3-native platform for collectives
A growing startup to pioneer a Web3-native platform for collectives

The Engine Room

Takeaways from our community call on intersections between data & digital rights and social justice

We held a community call to discuss our newly-published research findings on intersectional collaboration between social justice communities and data and digital rights (DDR) communities. In this blog post, we share three key takeaways from the call. The post Takeaways from our community call on intersections between data & digital rights and social justice first appeared on The Engine Room.

On February 15, we held a community call to discuss our newly-published research findings on intersectional collaboration between social justice communities and data and digital rights (DDR) communities. We were joined by speakers Temi Lasade-Anderson from Alaase Lab, Luã Cruz from IDEC, Patronella Nqaba from Atlantic Fellows for Racial Equity and Paromita Shah from Just Futures Law

Below we share three key takeaways from the call, alongside a list of readings and projects shared by participants. 

1. Intersectional approaches to data and digital rights work must centre the priorities of social justice communities 

Despite doing important work monitoring the impact of digital technologies and fighting potential harms related to their use, many DDR organisations are not working with social justice groups from impacted  communities. This lack of connection between issues and communities came up in the call (and in our research) as something that needs to be addressed. 

All our speakers talked about how social justice groups are equipped to build solutions that are right for their communities, and suggested that the priorities of these groups should be the compass that guides future organising in the DDR ecosystem. As one speaker said, “let’s strive to put grassroots groups’ priorities first, and not what ‘sounds best’ from a policy perspective.” 

2. Strong collaboration requires trust, patience, understanding, and prioritising health and safety  Successful collaboration takes time. In our research, we looked into how collaborations have been built between social justice and DDR groups in the past.  In this area, we found the principle of ‘moving at the speed of trust’ (as articulated by writer adrienne maree brown in her book Emergent Strategy) to be ever-present. During the call, speakers brought this up as well, highlighting that meaningful collaboration – relationship building, knowledge sharing, designing common agendas and co-creating advocacy strategies  – are all things that take time. Building connections can be difficult, stressful and resource-consuming, especially under difficult political circumstances. Approaching collaboration as a process – as opposed to an outcome –  is the way to go. Identifying the strengths and challenges of each community is key. There are areas in which both DDR and social justice actors need to build their capacities. Our speakers pointed out that it’s important to recognise the challenges and strengths within each community, as this enables more nuanced perspectives on emergent issues and more fluid joint action. The health of movements should be prioritised. More and more social justice actors are dealing with threats to their security and wellbeing, from state surveillance and persecution to burnout and fatigue. Protecting social justice actors and ensuring their health and safety should be a priority if we want to build strong, long-lasting collaborations.  3. Sharing information is a key part of building connections 

Our speakers emphasised that there’s a lot of work to be done around knowledge sharing between DDR organisations and social justice groups. As one said, “It’s hard to create meaningful collaborations when there is no equal sharing of information.” The lack of accessible knowledge about the impact of data and tech on communities across a variety of geographies (and not just in the global north) was highlighted as one of the obstacles social justice groups face when seeking to take part in DDR advocacy. 

Our speakers also noted a need for, among other things: 

more cross-sector dialogue between DDR groups and social justice groups more actors who are dedicated to building connections between digital rights and social justice communities, and more spaces where people from different communities can be creative and come up with innovative solutions to the DDR challenges they’re facing. 

All of the above could work to strengthen social justice groups as they use tech and data in ways that are aligned with their work, and support them in resisting and rejecting technologies that could potentially harm their communities. 

Reading list:

Below are some readings and projects that came up during the call. 

Building bridges between the digital rights and consumer protection communities in Latin America (shared by Luã Cruz). Recent research from IDEC that highlights the need for more connections between digital rights organisations and other rights-seeking communities. The Intersection of Things (shared by Temi Lasade-Anderson): An example of a podcast on tech that takes an intersectional perspective.  Black feminist internet lab, alaàse led by Temi Lasade-Anderson develops media and research exploring equitable and joyful technological futures. The Deadly Digital Border Wall: A report from Mijente, Just Futures Law, and the No Border Wall Coalition on the “digital border wall”, detailing the harmful surveillance technologies implemented along the U.S.-Mexico border.  Internet for All: A post by The Atlantic Fellows for Racial Equity on the importance of access to the internet for Black people and people of colour. Read our report in English [PDF] Lee nuestro reporte en Español [PDF] The post Takeaways from our community call on intersections between data & digital rights and social justice first appeared on The Engine Room.

Human Colossus Foundation

DDE @ DIA

We are excited to present Human Colossus “Dynamic Data Economy” as an alternative to bridge digital innovation and regulatory requirements in healthcare.

The Human Colossus Foundation will present its Dynamic Data Economy -DDE concept at the DIA conference in Brussels.

The meeting is a synergetic forum of healthcare professionals from National Authorities, Patient Representatives, EMA, EU Commission and the Industry.

 

Promising advances in digital personal health empower patients. Technologically, we could shift from symptom based intervention to prevention and early treatment. But advanced innovations also generate debates on trust in sharing intrusive data and regulatory compliance. You can find details regarding our panel presentation here. HCF will position DDE as a paradigm shift in digital transformation where innovations meet regulations while promoting patient centricity.

For those who can’t attend, we provide an opportunity to catch up in one of our HCF Community calls.

Count me in !

Friday, April 8th @ 12h00 CET HCF Community Call: Post DIA Conference feedback: HCF perspective

The Human Colossus Foundation (HCF) is a Swiss-based independent non-profit organisation. It envisions a new paradigm in digital interaction underpinned by a data-agile economy that aims to empower people, businesses and organisations to make better decisions based on insights from harmonised, accurate data. HCF’s mission is to facilitate the creation and subsequent development of such a data-agile economy, focusing on building open source core public utility technologies.

DDE "Dynamic Data Economy" refers to a data-agile economy composed of three foundational pillars - semantics, inputs and governance. The DDE is essentially a decentralised trust infrastructure aligned with the European data strategy where actors have the transactional sovereignty to share accurate information bilaterally. HCF facilitates DDE development by promoting standards that guarantee digital objects' structural and contextual integrity, the factual authenticity of events, and the consensual veracity of purpose-driven data agreements.

Friday, 18. March 2022

OpenID

OpenID Foundation Publishes Whitepaper on Open Banking

The OpenID Foundation is pleased to share its new whitepaper, “Open Banking, Open Data and Financial-Grade APIs”. The paper documents the international movement towards Open Banking, Open Finance, and secure, consent driven access to all user data. It describes the OpenID Foundation and in particular the Financial-Grade API (FAPI) Working Group’s experience with Open Banking ecosystems i
The OpenID Foundation is pleased to share its new whitepaper, “Open Banking, Open Data and Financial-Grade APIs”. The paper documents the international movement towards Open Banking, Open Finance, and secure, consent driven access to all user data. It describes the OpenID Foundation and in particular the Financial-Grade API (FAPI) Working Group’s experience with Open Banking ecosystems internationally.

The whitepaper has been developed for Open Banking and Open Data ecosystem participants globally, including government officials and those tasked with designing such ecosystems. It includes an overview of the different approaches, including a balanced view of the pros and cons. It contains recommendations for new ecosystems and a detailed explanation of the specifications produced by the FAPI Working Group.

We trust that the whitepaper is beneficial and wish to thank all the contributors that reviewed and provided feedback, notably government officials and entities responsible for Open Banking in the US, Australia, Brazil, and Singapore as well as FAPI Working Group contributors.

The whitepaper can be downloaded here. We encourage you to share it and welcome feedback directed to director@oidf.org

To learn more about the OpenID Foundation FAPI Working Group including how to get involved and contribute, please visit: https://openid.net/wg/fapi/ The post OpenID Foundation Publishes Whitepaper on Open Banking first appeared on OpenID.

Trust over IP

No need for superhumans!

Ethics can be baked into the design process simply by calling on the human in all of us. The post No need for superhumans! appeared first on Trust Over IP.

A practical guide to ethics in socio-technical systems design

by Kalin Nicolov & Nicky Hickman

Albert Einstein is quoted as saying ,”I do not believe in the immortality of the individual, and I consider ethics to be an exclusively human concern without any superhuman authority behind it.”  It is fitting therefore, that in the first of our Human Experience Working Group Expert Series we heard from Lisa Talia Moretti, a Digital Sociologist with the Ministry of Justice (UK) with a talk entitled ‘Dear Human, The Future Needs You!’.  

Ethics doesn’t have to be complex, feared or pushed to one side under pressure to ship product or to get an MVP out of the door.  Instead, ethics can be baked into the design process simply by calling on the human in all of us.  After all as Lisa said, *’humans are messy!’ Lisa’s talk took us on a journey of discovery as to what ethics is (a branch of philosophy), and what ethics is not (religion, law, science or social norms).   Infused with insights and practical examples from UK’s Ministry of Justice digital journey around Lasting Power of Attorney (LPA), Lisa’s talk included many practical steps that all designers and technologists can take throughout the design process including asking very tough questions, taking time to think things through, and mapping interconnecting systems that are part of the ecosystem you are designing for.

Of course we are not as Albert Camus once said, ‘wild beasts loosed upon this world’, all of us have a moral compass and a sense of what is right and wrong, no-one intends for their product or service to cause harm.   Neither are we superhuman, able to always understand the perspectives of all stakeholders or foresee the consequences of every cool feature or elegant line of code, nor indeed can we forecast how our products and services will be used for good or ill. Lisa called on all of us to remember that “technology is not a product, but a system”,  and  gave us practical steps to help us tap into our innate moral compass and design for those systems with the human experience and human flourishing at its heart.

You can read a summary and watch the video of Lisa’s talk here on our Wiki or on our YouTube Channel here

About Lisa

For more than a decade, Lisa has researched and written about the relationship between technology, information and society for a diverse range of organisations across public, private and third sector. In addition to her role at the Ministry of Justice in the UK, Lisa is an Associate Lecturer at Goldsmiths, Plymouth and Cardiff Universities. In 2020, the British Interactive Media Association (BIMA) named her as one of Britain’s 100 people who are positively shaping the British digital industry in the category Champion for Change. She is a member of the AI Council for BIMA, Co-Chair of Sovrin Foundation’s Guardianship working group and previously a taskforce member for the All-Party Parliamentary Group for Blockchain Cities. 

Links & Further Reading

Lisa’s Ted Talk, Technology is not a product, it’s system, is available for viewing on TED.com HXWG Expert Series Summary including video of Lisa’s talk A SocioTechnical Process for Researchers, Designers and Creators The responsible tech guide is full of useful links and insights Ethics for Designers also has practical tools 

To Join Trust Over IP and participate in excellent discussion on topics like this just fill out a membership agreement here.  If you are already a member of ToIP join the Human Experience Working Group.

The post No need for superhumans! appeared first on Trust Over IP.


Own Your Data Weekly Digest

MyData Weekly Digest for March 18th, 2022

Read in this week's digest about: 14 posts, 1 Tool
Read in this week's digest about: 14 posts, 1 Tool

Thursday, 17. March 2022

Elastos Foundation

Elastos Essentials to Become Primary Wallet Application for Elastos Ecosystem

...

Good ID

Charting an Accelerated Path Forward for Passwordless Authentication Adoption

Andrew Shikiar, executive director and CMO, FIDO Alliance FIDO Alliance released a paper today that outlines the next steps in the evolution of FIDO and passwordless authentication adoption. Specifically, we […] The post Charting an Accelerated Path Forward for Passwordless Authentication Adoption appeared first on FIDO Alliance.

Andrew Shikiar, executive director and CMO, FIDO Alliance

FIDO Alliance released a paper today that outlines the next steps in the evolution of FIDO and passwordless authentication adoption. Specifically, we are introducing the concept of multi-device FIDO credentials to address current challenges with account recovery for consumer deployments at scale.

FIDO Alliance has really been successful in changing the nature of authentication – FIDO Authentication is now built into every leading device and browser and many major brands have made FIDO logins available to their users. 

However, a challenge that persists is the requirement that users enroll their FIDO credentials for each service on each new device, which typically requires a password for that first sign-in. So what happens to your FIDO login credentials and how do you recover your account if you change your phone or laptop? They are not recoverable in today’s FIDO model. This presents issues for deploying FIDO at scale to consumers who are constantly moving between devices and updating to new ones. This is less of a challenge in the enterprise, where companies can solve this issue by deploying internal management tools used to support passwordless authentication, and for employees to recover accounts and credentials.

So while FIDO is available to deploy at scale today, a feature has been missing to make it as fully ubiquitous and available as passwords: the ability to have your FIDO credentials available to you across all of your devices, even a new one, without having to re-enroll for every account. 

Introducing multi-device FIDO credentials

The new paper released today outlines the next steps for the evolution of FIDO to address this limitation. The paper introduces multi-device FIDO credentials, also informally referred to by the industry as “passkeys,” which enable users to have their FIDO login credentials readily available across all of the user’s devices. This will help service providers bring passwordless sign-in to consumers at scale by addressing the issue of account recovery – the key barrier to mass adoption of cryptographically secure, passwordless authentication. 

The paper outlines how the FIDO Alliance and the W3C WebAuthn working group propose to achieve this, which includes two key updates:

The ability to use a phone as a roaming authenticator through a defined protocol to communicate between the user’s phone (which becomes the FIDO authenticator) and the device from which the user is trying to authenticate. Making FIDO credentials universally available on all the user’s devices to ensure they can survive device loss and sync across different devices

By introducing these new capabilities, we hope to empower websites and apps to offer an end-to-end truly passwordless option; no passwords or one-time passcodes (OTP) required. The user experience of sign-in becomes a simple verification of a user’s biometric or a device PIN – the same consistent and simple action that consumers take multiple times each day to unlock their devices. The vision is that these experiences will be available across all our devices, operating systems and browsers.

FIDO Alliance sees the introduction of multi-device FIDO credentials to be an important step towards deployment of phishing-resistant FIDO authentication at a broader scale in many use cases that today are totally reliant on passwords or legacy forms of MFA such as SMS OTPs that are under increasing attack. 

We’re looking forward to hearing from industry stakeholders about this development and will be sharing more details on a webinar in April.

View White Paper View FAQs

The post Charting an Accelerated Path Forward for Passwordless Authentication Adoption appeared first on FIDO Alliance.


Lissi

eIDAS and the European Digital Identity Wallet: context, status quo and why it will change the…

eIDAS and the European Digital Identity Wallet: Context, status quo and why it will change the world. Thumbnail: Why the European Digital Identity Wallet will change the world. In 2021 the European Commission announced the European digital identity wallet. This article explains the basic concepts, highlights the significance of this development and provides an overview of the status 
eIDAS and the European Digital Identity Wallet: Context, status quo and why it will change the world. Thumbnail: Why the European Digital Identity Wallet will change the world.

In 2021 the European Commission announced the European digital identity wallet. This article explains the basic concepts, highlights the significance of this development and provides an overview of the status quo.

The vast majority of citizens regularly use the internet. According to statista, for 16–24-year-olds, the European average of daily internet users amounts to 95 per cent in 2020. Even for the age group of 55–64 years, the percentage of daily users is as high as 69 per cent on an EU average. Hence, access to digital services is expected. This includes services offered by governments and the private sector alike.

The difference between foundational and contextual identity

When speaking about “digital identity” we need to differentiate between a foundational and contextual identity. A foundational identity has a legal context and uniquely identifies a natural person. A contextual identity exists depending on a particular context and is not directly subject to government regulations. While a person generally only has one foundational identity, he or she can have hundreds of contextual identities.

Foundational Identities are also referred to as government-issued, eID, regulated-, foundational-, base-, or core identity.

Foundational or regulated identities are issued by an authoritative body of a government. A classic example is a passport. It grants rights and privileges in a global context and is subject to a highly regulated environment.

The Pan Canadian Trust Framework defines a foundational identity as followed: “A foundational identity is an identity that has been established or changed as a result of a foundational event (e.g., birth, person legal name change, immigration, legal residency, naturalized citizenship, death, organization legal name registration, organization legal name change, or bankruptcy)” PCTF V1.4.

Contextual identity: also referred to as non-regulated-, private- or pseudonymous identity.

The Pan Canadian Trust Framework defines a contextual identity as followed:
“A Contextual Identity is an identity that is used for a specific purpose within a specific identity context (e.g., banking, business permits, health services, drivers licensing, or social media). Depending on the identity context, a contextual identity may be tied to a foundational identity (e.g., a drivers licence) or may not be tied to a foundational identity (e.g., a social media profile)”.

Hence, one needs to know the context of the identity in question to understand who we are talking about. If we just say “follow @earthquakebot to get immediate information about earthquakes 5.0 or higher” you don’t know where to go and search for this bot. The context, which is missing is that the bot exists within the authoritative domain of the twitter platform. However, on other platforms, this name might already be taken or used for other purposes.

Identification and authentication

Before we dive deeper into the topic of the eIDAS regulation we want to explain two key concepts, which the regulation is aiming to improve: identification and authentication.

The history and future of identification and authentication.

Identification asks: Who are you?
This implies the person or organisation you are interacting with doesn’t know you yet and has a legitimate reason or even the obligation to identify the natural person it’s interacting with.

Current means of identification include officially notified eID means as well as offerings from the private market such as postal service, video- or photo identification of your physical ID documents in combination with a photo or video of you. Currently, there are multiple eID implementations within Europe, however not every member state has notified an eID for cross border usage.

Authentication asks: Is it you again?
This implies that you had a previous interaction with the person or organisation you are interacting with so they already know you.

Current means of authentication include the username (mostly an email) in combination with a password or a single sign-on (SSO) service also referred to as “social login” provided by big technology companies.

Passwords are cumbersome to remember especially considering that users should use different passwords for different services. While “social logins” are more convenient and user-centric, they also come with critical drawbacks, since they lead to a high dependency on the “social login” provider and a lockin within their ecosystem. Interoperability is missing and oftentimes the business models of these providers are based on surveillance practices.

In the early stages of the web, we mainly used postal ident for identification and only passwords for authentication. In the second and current iteration of the web, we use photo- or video identification for the verification of regulated identities or notified eID means provided by the member state. For authentication, we use a combination of passwords and “social logins”. In the third iteration of the internet “WEB3”, we will use digital wallets for both identification and authentication.

A key differentiator is the control over identificators. Until now users were only able to choose an identificator within an authoritative domain, such as email addresses, usernames on social media platforms or telephone numbers. Ultimately the legal entity governing the domain, in which the identificator is used, has full control over the usage of these identificators. That’s different with decentralised identificators (DIDs), which are created and controlled by users.

The eIDAS regulation (electronic IDentification, Authentic and trust Services) instructs all relevant stakeholders regarding the use of electronic signatures, electronic transactions and their involved bodies as well as their embedding processes to provide a safe way for users to conduct business online. The first version of the European regulation came into effect in 2014. In June 2021 the European Commission proposed a revised version “eIDAS 2.0”, which is currently in draft.

This revision was initiated due to the current limitations as described in more detail in the impact assessment:
1) Optional eID notification for member states.
2) Limited option to exercise data protection rights.
3) Strong limitations to public services in practice.
4) No level playing field for trust service providers from different member states.

More information about the findings on the implementation and application of the revised eIDAS regulation was published by the European Parliamentary Research Service.

The European Digital Identity (EUDI) Wallet is an application for citizens running on a mobile device or a cloud environment, which can be used to receive and store digital credentials and interact with third parties to get access to digital services. The wallet will be provided to citizens by all member states. Its usage is optional for citizens.

Illustration of the roles interacting with the EUID Wallet. Graphic by Lissi.

The graphic above illustrates that there are multiple issuers of identity information. This information can be received, stored and presented by the EUDI Wallet. Entities requesting information from a citizen can be public institutions or representatives of those or commercial entities, which are required by law to identify their customers such as banks or airlines.

The wallet will enable:
1) both identification and authentication
2) the verification of third parties
3) the storage and presentation of verified identity data and
4) the creation of qualified electronic signatures

Currently, the intention for the EUID Wallet is to reach the level of assurance (LoA) “high”. The LoA represents the degree of an issuer’s confidence in a presented credential and its trustworthiness.

Similar to how the European General Data Protection Regulation (GDPR) forced the internet to recognise the data protection rights of users, the eIDAS regulation will set the foundation for digital identity and identity wallets on a global scale.

Very large platform providers will be mandated to accept the digital identity wallet. The digital markets act classifies a platform as such, once they reach 45 Million monthly active users in the European Union, which is equivalent to 10 per cent of the European citizens. This solves the initial problem of a two-sided market in which both issuers and consumers of identity data want the other party to be present before joining. It also expands the scope of the regulation from initially regulated identities only to also include contextual identities — at least the access to them via means of authentication.

While some European Member states such as Sweden or Estonia already have an advanced framework for digital identities, which is used by the majority of citizens, this isn’t the case for all member states. Those who lag behind have the opportunity to leapfrog existing infrastructure.

Furthermore, there is a massive opportunity for Europe as a whole to standardise user-centric processes for identification and authentication while preserving citizen control and privacy. This will facilitate access to digital services from the public and private market alike. The harmonisation of legislation and technology on a European level will enable public bodies and private market participants to better reach European consumers.

The regulation has the chance to significantly improve processes via automatisation, verified data, flexibility and availability of a common infrastructure. It furthermore has the potential to reintroduce organisations with a direct encrypted communication interface to consumers without an intermediary.

A shared infrastructure for all member states with easy access for private entities would also greatly facilitate information exchange between ecosystems, which are currently separated and fragmented. Infrastructure with a suitable legal framework would benefit all stakeholders by providing much-needed trust and security for digital interactions.

Timeline of the toolbox process of the revised eIDAS regulation.

The European Commission has set itself a tough timeline by planning to mandate member states to offer a EUDI Wallet at the beginning of 2024. The next big milestone will be the

announcement of technical specifications as part of the eIDAS toolbox in October 2022. Hence, from the adoption of the legislation in early 2023 until the availability of the wallets there is only a one year period for member states to implement the wallet based on the defined standards.

These standards are defined in the eIDAS Toolbox. You can find more information about the timeline published by the German research team accompanying the Showcase Digital Identity projects in Germany.

The outline of the toolbox was published by the eIDAS expert group in February 2022. You can find it here.

Who is working on the eIDAS 2.0 toolbox?
The eIDAS regulation is revised by an expert group consisting of representatives from the 27 member states. The work of the eIDAS expert group is divided into four working groups (WG):

The WG Provision and exchange of identity attributes is concerned with the set, format and issuance and validity of personal identification data.

The WG Functionality and security of the wallets also takes into consideration the APIs and protocols for the communication between the stakeholders as well as the creation and usage of qualified electronic signatures.

The WG Reliance on the wallet/identity matching is concerned with the unique identification process, the authenticity of received credentials by the relying party and its authentication.

The WG Governance is concerned with the accreditation of certification bodies, the trusted lists, the list of certified European Digital Identity Wallets, security breaches as well as business models and fees structures.

What’s the status quo of the eIDAS toolbox?
The current outline of the toolbox contains information about the objectives of the EUDI Wallet, the roles of the actors of the ecosystem, the wallet’s functional and non-functional requirements as well as potential building blocks. However, it currently doesn’t provide any further information regarding a technical architecture and reference framework, common standards and technical specifications or common guidelines and best practices. These components will be added later.

There are multiple possible directions regarding the technological design of the EUDI Wallet. This primarily includes (de)centralized public key infrastructures, certificates such as X.509 certificates or verified credentials as well as communication protocols such as OpenID Connect or DIDComm. However, at this point, the final choice is still unclear.

The toolbox technical architecture will result in a single connection interface for relying parties as stated in the outline: “To ensure that the EUDI Wallet can be used in a seamless way by trust service providers and relying parties alike, a common authentication protocol shall be specified, ensuring interoperability (…).”

If you want to know more about how the toolbox process is defined, you can find a detailed description in the summary of the first meeting of the eIDAS expert group.

There will be at least four pilot implementations of the European digital identity wallet, which are funded by the European Commission as part of the Digital Europe Programme. Each pilot implementation should contain the use cases driver licence, diploma, payment authentication and eHealth as well as use cases in other areas such as digital travel credentials and social security. Such scenarios may also demonstrate the functionalities of the wallet for example qualified electronic signatures.

For one pilot implementation, at least three member states have to collaborate. While stakeholders from the private sector can also participate, the application must be submitted by the member states. The funding opportunity was announced in February 2022. With the application deadline of 17.05.2022, interested parties only have very limited time to form a consortia for a joint application.

The objectives of the call are as followed:

Support the piloting of the European Digital Identity Wallet Promote the development of use cases Test the interoperability and scalability of use cases Trial user journey and collect feedback for updates Promote the opportunities of the EUDI Wallet Help build the necessary expertise and infrastructure

The announcement of the funding and tender opportunity can be found here.

In the following, we would like to summarise feedback from diverse experts and highlight the most important aspects, which need further attention. However, there are also other aspects, which need to be improved, which aren’t listed here.

Anti-coercion

Coercion is the practice of persuading someone to do something by using force or threats. Since there is a big imbalance of power between big corporations or governments and users/citizens, safeguards against abuses of this system for tracking, profiling or targeted advertising is of the utmost importance. When the only way to get access to a service is to surrender personal data to a third party, there isn’t much an individual can do against it. The regulation currently doesn’t address this issue adequately. Potential solutions could be to require information requests to have a non-repudiable digital signature from the verifier to prove inadequate requests as well as an anonymous complaint mechanism to report this bad behaviour as pointed out by Drummon Reed in the manning publication “Self-sovereign identity”.

Privacy:

There are very positive principles included in the current draft, such as the explicit prohibition for issuers of a European Digital Identity Wallet to collect more than the necessary minimum information about the user than required to provide the service. However, it also includes a unique and persistent identifier of a wallet/citizen. The European Data Protection Supervisor recommends alternative ways to replace the proposed unique and persistent identifier by stating: “This interference with the rights and liberties of the data subject is not necessarily trivial; in some Member States, unique identifiers have been considered unconstitutional in the past due to a violation of human dignity. Therefore, the EDPS recommends exploring alternative means to enhance the security of matching.”

Transparency of the Toolbox process:

Since the eIDAS expert group solely consists of representatives from the member states, security or privacy experts from the private sector have very limited options to participate in the legislative process. The current draft also includes 28 occasions of statutory instruments, which clarify further details at a later stage, making it impossible to conduct a holistic risk and privacy assessment according to an article by Epicenter.

Evernym, an Avast company, also points out that remote wallet deletion, the limitation of just holding credentials from qualified trust service providers as well as high barriers to entry for the private market can significantly stifle the positive impact of the regulation.

The revision of the eIDAS regulation brings major opportunities with it. The European Commission has clearly identified the need to act and provide a holistic solution for the digital identities of natural and legal entities within the European Union. The eIDAS framework has the potential to be a global vanguard in creating trusted relationships for all stakeholders while also preserving privacy, security and transparency for its citizens.

While going in the right direction the technical details are still unclear. Without further information about the potential technical implementations and their consequences, a concluding assessment isn’t possible. There is a high risk that the planned pilot projects will develop in different technical directions, making future interoperability much more difficult. It’s also necessary to address the coercion and privacy concerns explained above. The limited options of participation for data protection and social experts also stifle public trust in the process.

Given the global consequences of the GDPR, the eIDAS trust framework will likely have an even more severe impact on the daily lives of European citizens and beyond. Hence, it’s essential to get this right. Currently, it’s too early to draw conclusions. The publication of the final toolbox in October 2022 will include technical aspects and more detailed legal and business prerequisites. But one aspect is clear already: Wallets will be the future.

If you have further questions regarding Identity Wallets don’t hesitate to reach out to us via info@lissi.id — Your Lissi Team.

About Lissi:

Lissi provides convenient applications for companies and organisations to receive, organise and share trusted data from end users while respecting privacy and data sovereignty. This includes the Lissi Wallet as well as our applications for organisations. You can find more information on our Website.


Digital Identity NZ

The important of Research to enrich our understanding of Digital Trust

What a rollercoaster the last few weeks have been! But through it all, DINZ remains on track with its mahi to advance both its purpose, where every New Zealander can easily use their Digital Identity and its mission, to empower a unified, trusted and inclusive Digital Identity ecosystem for Aotearoa New Zealand that enhances Kāwanatanga (honourable governance), Rangatiratanga … Cont

What a rollercoaster the last few weeks have been! But through it all, DINZ remains on track with its mahi to advance both its purpose, where every New Zealander can easily use their Digital Identity and its mission, to empower a unified, trusted and inclusive Digital Identity ecosystem for Aotearoa New Zealand that enhances Kāwanatanga (honourable governance), Rangatiratanga (self-determination & agency) and Ōritetanga (equity & partnerships).

DINZ’s legendary keystone research of recent years is planned to be repeated in 2022 and is shaping up very well. But it needs your support to make it happen. Its critical importance to understanding year-on-year consumer perspectives of Aotearoa’s digital identity landscape is to be augmented in 2022. There will be an additional focus on sectors of society more challenged by digital identity, as well as a new focus on business perspectives. This is so important in the year that the Digital Identity Services Trust Framework Bill progresses through Parliament, where it is envisaged that some Digital Identity Service Providers may opt to become accredited/certified under the eventual regulation.

Leading by example, InternetNZ has stepped up as Platinum sponsor for this important research. DINZ deeply appreciates its support, this gets us over halfway towards the funds needed to begin the work. DINZ needs additional like-minded organisations who are leaders in this space – members or others – to lend financial support to enable this important research to start.

Get in touch for a Gold, Silver, or Bronze sponsor pack, outlining the opportunities available. Align your brand with this important piece of work and support and advance the industry.

Events planning is well underway, with the Digital Trust Hui Taumata moved two months later to 27th July at the Museum of New Zealand Te Papa Tongarewa, Wellington. It takes place straight after the Cybersecurity Summit 25-26th July and there are a few sponsorship opportunities still available to associate your organisation’s brand and purpose to this landmark event (details below).

DINZ has plans for several events in the major centres once restrictions ease, if venues can be located. Please get in touch if your organisation has a suitable space that DINZ could use to host an event and do some long overdue face to face networking and catching up.

Ngā mihi nui,

Colin and the DINZ Executive Council

To receive our full newsletter including additional industry updates and information, subscribe now

The post The important of Research to enrich our understanding of Digital Trust appeared first on Digital Identity New Zealand.

Wednesday, 16. March 2022

MyData

Exemplary personal data businesses: 33 organisations receive the MyData Operator 2022 Award 

The MyData Operator Award recognises personal data companies that have shown leadership by empowering individuals to control their personal data. As promoted by the European Commission, putting people in the centre of digital transformations is needed for a safe and sustainable digital future. Further, boosting data sharing and ensuring its trustworthiness is critical to reaping […]
The MyData Operator Award recognises personal data companies that have shown leadership by empowering individuals to control their personal data. As promoted by the European Commission, putting people in the centre of digital transformations is needed for a safe and sustainable digital future. Further, boosting data sharing and ensuring its trustworthiness is critical to reaping […]

The Engine Room

Meet our new Matchbox partners

We are thrilled to announce two new Matchbox partners for the upcoming cycle: Albinism Umbrella and Y-Fem Namibia. Read more about these two organisations below!  The post Meet our new Matchbox partners first appeared on The Engine Room.

Through our Matchbox Programme, we provide intensive support to selected organisations over a period of six to eight months. 

We are thrilled to announce two new Matchbox partners for the upcoming cycle: Albinism Umbrella and Y-Fem Namibia. Read more about these two organisations below! 

About Matchbox 

A Matchbox partnership involves working with an organisation to think through the design, development and implementation of a data and tech project that the organisation has in mind to strengthen their work. 

Read more about our Matchbox partnerships, and find out how to engage with our programmes. 

What we’ll be working on together  Albinism Umbrella 

Based in: Uganda

Focus areas: The protection and promotion of the rights of people with albinism

Find them here: Albinism Umbrella website, Twitter, Facebook

Founded in 2017, Albinism Umbrella is “the National Voice that engages the community to reduce the vulnerability of persons with albinism, promoting and protecting their interests while preventing the violation of their rights”. 

Albinism Umbrella wants to make sure that they are collecting, managing and storing their data in equitable and responsible ways. With this in mind, we’ll primarily be working with them to assess their data practices and processes across the organisation. 

We’ll also be looking specifically at data practices in their current spatial mapping data collection project — analysing the tech tools involved, providing recommendations, and working with them on implementing some of these.

Y-Fem Namibia

Based in: Namibia

Focus areas: Feminist movement-buidling, sexual and reprodutive health and rights, gender-based violence, women’s rights. 

Find them here: Facebook, Twitter 

The Young Feminists Movement (Y-Fem) Namibia is a feminist human rights organisation dedicated to advancing women’s human rights by promoting women’s access to health, education and justice. 

Y-FEM would like to make sure that they have the tools to establish a more stable and safer tech and data environment for their team and for the feminist movement in Namibia. We’ll be conducting an organisational tech and data assessment together, and co-creating a plan for the future based on the assessment’s findings. This will include a roadmap with short-term, mid-term and long-term implementation recommendations, and we’ll be working with the team on prioritising these.

If your organisation is interested in getting support from The Engine Room, please schedule a Light Touch Support call with us and we can take things from there. Visit our blog to learn more about how Matchbox has changed in 2021 (and why) and how your organisation can get support.

The post Meet our new Matchbox partners first appeared on The Engine Room.

Tuesday, 15. March 2022

Digital ID for Canadians

DIACC Women in Identity: Merissa Silk

DIACC is hosting a series of spotlights showcasing our amazing female DIACC members in the digital identity space, noting the importance of diversity. These spotlights…

DIACC is hosting a series of spotlights showcasing our amazing female DIACC members in the digital identity space, noting the importance of diversity. These spotlights will be regularly socialized through DIACC’s LinkedIn and Twitter channels as well as our monthly member newsletters.

If you’re a DIACC member and would like us to feature your spotlight, contact us today to learn more!

What has your career journey looked like?

My educational background is in Gender Studies, so it was never my aim or expectation to have a career in the tech industry. In my first few jobs, before I had any knowledge of terms like ‘agile’ or ‘scrum’, I was naturally inclined to bring together colleagues from different functions, divide up our work into milestones, and deliver collaboratively as a team. In those early roles, because I was ‘good with computers’, I often found myself with tasks related to process digitization, website updates, and running digital marketing initiatives, in addition to team leadership and project management.

Several years into my career when I was working at ELLE.com, a mentor told me to look up product management, and I had a major lightbulb moment — I discovered there was a name for what I thought I did, professionally. Since that time, I’ve built a rich career in product, both as an individual contributor and as a people manager, and I’ve found my passion in strategic research and bringing new products to life.

When you were 20 years old, what was your dream job and why?

This is such a tough question — at 20, I don’t think I was mature enough to have had a dream job. I had always been inclined to want to help people, and during my teen years I spent most of my free time volunteering with nonprofits. At 20, I’m sure I expected that I would pursue a career in an area that would better the world, with a particular focus on women and the environment.

As a female leader, what has been the most significant barrier in your career?

As I’ve taken on more senior roles, it’s been a challenge to find my leadership style and voice and to develop the resilience needed to continue to lead despite unfounded criticisms or biased feedback. Sometimes it can feel lose-lose for women in leadership, meaning that we are often penalized for demonstrating too many classically ‘male’ behaviours, while also penalized for being too classically ‘female’. There will always be critics, so I like to shift my focus inwards and frequently ask myself if I’m being true to my principles.

How do you balance work and life responsibilities?

Perhaps it’s the New Yorker in me, but I wasn’t naturally good at creating boundaries between work and life. It wasn’t until I moved from NYC to Sydney that I finally understood what balance could look like. I still work more than your typical 9-5, but my mindset is different. I leave my work at work, and I don’t check emails or Slack after I’ve closed my laptop for the day. And most importantly, I now take my annual leave on time and don’t check in with work while I’m away. I’ve finally learned how important it is to ‘switch off’ and leave space in my mind and my day for things that bring me personal fulfillment.

How can more women be encouraged to pursue careers in the digital ID/tech space?

Women working in digital ID/tech need to be more visible, inside our orgs and externally in the industry. I think this is the #1 way we can encourage more women to pursue the same path. We have a responsibility to the generations coming up to create a presence, which we can do by asking to be part of hiring committees, volunteering to be mentors, and submitting to be speakers at industry events.

What are some strategies you have learned to help women achieve a more prominent role in their organizations?

Early in my career I learned that the best way to make myself known to decision-makers was to put my hand up and ask for the work I wanted to be doing. This created opportunities for learning, development, and recognition. As I began to grow my reputation, when it came time to assign new projects or grant promotions, I was already visible and ‘proven’ to the management.

What will be the biggest challenge for the generation of women behind you?

I think we’re only just starting to see the widespread negative effects of product decisions made by my generation. Things like always-on culture, social media, endless scroll, filters, and nudges may feel like an essential part of digital life, but we’re already seeing the negative effects. As we get more distance from these so-called popular advances, more examples of ethically questionable decisions and results will emerge. Unfortunately, it will be the next generation’s responsibility to ‘clean up’ 20 years of tech-driven behaviors and culture, and I see this as a great challenge for the generation coming up now.

What advice would you give to young women entering the field?

Find a mentor. Find a work friend. Find someone who champions you. Being a woman in tech can be difficult, but it can also be fun, engaging, and inspiring. It’s worth the challenge.

Merissa Silk is the Staff Product Manager at Onfido

Follow Merissa on LinkedIn.


Centre Consortium

How Centre-Sponsored Stablecoins Help Enforce Economic Sanctions

 

 


We Are Open co-op

Catalysing the KBW community

Keeping Badges Weird in a way that’s sustainable In 2022, there’s a lot of online social inertia. The pandemic, coupled with people being comfortable with platforms they’ve been on for over a decade, can make it difficult to bring together people in a community on a platform with which they may not be familiar. This post shows how being intentional about community building can help people feel w
Keeping Badges Weird in a way that’s sustainable

In 2022, there’s a lot of online social inertia. The pandemic, coupled with people being comfortable with platforms they’ve been on for over a decade, can make it difficult to bring together people in a community on a platform with which they may not be familiar.

This post shows how being intentional about community building can help people feel welcome, safe, and able to contribute. It explores three ways in which WAO has collaborated with Participate to do this:

Being intentional about the kind of community we want to create / sustain by using a community canvas Creating an easy on-ramp to the community through a dedicated URL Encouraging new members to introduce themselves in an interesting way

These three approaches, coupled with some other community building strategies, means that our community now stands at over 200 members!

1. Community canvas

It’s easy to create a forum, a channel, or a room online. A few clicks and it’s done. What’s harder is to think about how people use it to interact with one another in a positive way.

Using a modified version of the community canvas (which will soon make its way to our Learn with WAO site) we spent some time with Mark Otter and Julie Keane from Participate. We considered the purpose of the community, its identity and the values participants share. What success looks like and the experience for community members. We discussed roles and rules, and of course governance and communication.

Not only does this surface any slight difference in opinion or assumptions, but it gives us something to discuss at the next community call, happening on March 29th. Please join us, and bring with your experience of positive governance!

2. On-ramp

The Participate platform uses long, unique URLs for everything from communities to resources. This is great for being able to specifically link to anything on the platform, but doesn’t result in an easy-to-give-out link for those who might be new to the community.

WAO has been sitting on the domain badges.community for a few years, and now we have the perfect opportunity to put it to good use! We discussed what an MVP of the site would need to do, and decided that it would just need to:

Link to the KBW community and Badge Wiki Explain the organisations behind these initiatives (WAO and Participate) Link to the GitHub repository

We’ve now launched the site, and so if you’ve got design experience please do suggest ways we can improve it via our GitHub repo!

3. Introductions

Most of the people who have joined the KBW community have introduced themselves. This is either because they followed the link on the introductory welcome message, or because an existing moderator messaged them and nudged them to do it.

The prompt asks new members to tell everyone “a little bit about why you’re here” as well as “a ‘weird’ tidbit or fact about you”. In the screenshot above, you can see Ben Wilkoff talking about his desk setup, as well as reflecting on the link between blockchain and Open Badges. Others have talked about dissecting sharks, pen-and-paper roleplaying games, and their love of cats!

Why not join us and introduce yourself?

Next steps

WAO and Participate aim for this community to be self-sustaining by the end of 2022. That means deputising moderators, ensuring that a governance model is in place, and establishing a regular rhythm of community calls. At that point, we’ll be able to step back and be regular participants and/or moderators.

If you have any questions about the KBW community, feel free to ask in the comments here, or (better yet!) join the community and start a new discussion.

Catalysing the KBW community was originally published in We Are Open Co-op on Medium, where people are continuing the conversation by highlighting and responding to this story.

Monday, 14. March 2022

Hyperledger Aries

Interoperability in the Open Source community

Without interoperability, you wouldn’t be able to read this article. Websites, computers, and servers must be able to recognize and share information with each other, and shared standards and protocols... The post Interoperability in the Open Source community appeared first on Hyperledger Foundation.

Without interoperability, you wouldn’t be able to read this article. Websites, computers, and servers must be able to recognize and share information with each other, and shared standards and protocols allow them to do so, thereby giving us the web. On a smaller scale, companies have their own intranets, and, on the smallest scale, you might have your own private thumb drive for personal documents that can interact with whatever machines you typically work on. 

Interoperability is not a technological given or an inexorable process. It is a choice that needs to be actively made, and it can sometimes take considerable effort to make work. Think of electronic health care records and the years it has taken to make it easier for a patient to access their health data, something originally provisioned in a 2000 Privacy Rule to the Health Insurance Portability and Accountability Act (HIPAA) of 1996.

Crises, however, can accelerate the slog to technological convergence—and that’s precisely what we’ve seen as a result of the global COVID-19 pandemic. In April 2021, a data-sharing provision of the 21st Century Cures Act came into effect: Patients must be able to have direct digital access to eight categories of clinical notes in an electronic health record, notably—given the need for COVID testing—lab test results. 

Cometh the legislation, cometh the tech. Indicio and SITA had already been working on a decentralized, verifiable credential solution to integrate passenger health data with air travel in a privacy-preserving way. Built on Hyperledger Indy and Hyperledger Aries, the technology solved the problem of patient privacy by eliminating the need for a centralizing party to store patient data in order to facilitate verification. 

With the Cures Act provision, there was now no obstacle to passengers in the US accessing their COVID test data directly from a Health Information Exchange in the form of a digital credential. They could use this credential to prove their test status without having to share personal information. In situations where it was important to know which test they had taken and when, they could choose to share this information with a verifier, such as the border control or health agency of the country they were visiting.

This solution is now known as the Cardea Project. Successfully trialed in Aruba, its codebase has been donated to Linux Foundation Public Health as an open source solution for sharing health data through verifiable digital credentials. It has an active community group, led by Indicio and Shatzkin Systems, that is working on expanding its features and, critically, its interoperability.

To do this, Cardea launched a hackathon for interoperability— dubbed an “Interop-a-thon”— in September 2021. The goal was to get companies using Aries agents to test those agents against a reference implementation of Cardea and each other. Over a half day, SITA, Liquid Avatar, IdRamp, GlobalID, Canadian Credentials Network, and Network Synergies all successfully interoperated. That’s the headline; the story, however, is that it took work to make this happen—it was an exercise in uncovering glitches, unexpected problems, and overcoming them. That’s what made the Interop-a-thon so valuable for all the participants—and that’s why Cardea is holding a second Interop-a-thon on March 17.

This time, in addition to  agent testing, Cardea is going to field “out-of-band” invitations (a critical change coming to Hyperledger Aries at the end of March) and a simple reference implementation of machine readable governance (a way of adding governance rules at the agent level, thereby making governance portable and available offline).

Participants see interop-a-thons as a testing ground for interoperability, and therefore a way to ensure that the products and services they are building have the capacity to scale. This is a critical step toward achieving a network of networks effect. Not surprisingly, the number of participants signed up for the next Interop-a-thon is much greater than the first.

For Cardea, there are more and bigger trials on the way. And with each solution delivered, the scope for expansion becomes greater. If we can successfully implement a system for incorporating health data in travel, what about all the other clinical notes described by the Cures Act? What’s the roadmap to creating a decentralized health record?

This is the perfect challenge for an open source community to solve. And by testing the solution through an interop-a-thon, we can figure out how to make the many function as one.

If you want to learn about interoperability first hand, I highly encourage you to watch the video of their last Interopathon here: https://www.youtube.com/watch?v=KVywPPLhG0U. For more details or to register for the  next event on the 17th of March, go here: https://docs.google.com/forms/d/e/1FAIpQLSdpQmjxnYqohk0SfleulNOJXYsi1bhVhMjeGP5MxBMxCa-9TA/viewform 

The post Interoperability in the Open Source community appeared first on Hyperledger Foundation.


eSSIF-Lab

Infrastructure to facilitate payments for verifiable credentials by Symfoni AS

We aim to provide one essential piece that is missing for uncommitted parties to engage in SSI with enthusiasm: the ability to get paid for sharing valuable insights (verifiable credential) will greatly encourage SSI uptake.

We believe three components are necessary and sufficient.

Issuers get the means to specify the terms and conditions for sale and verify that a payment has been executed. Holders get the means to pay using “programmable money,” drawing on a prepay system, or tapping into an escrow account. More commonly, the holder will be able to forward the bill to a verifier. Verifiers, typically a service provider seeking business from qualified holders, get the means to deal with the invoice or draw on a partner to facilitate the payment.

To protect privacy, we propose to link payments to the act of issuing (as opposed to presenting or verifying VCs). As a minimum, the logic would need to support most both debit and credit payments, the ability to charge different prices based on urgency and expiry, “invoicing” compliant with account and vat rules, and possibly to deal with refunds and the assistance of third parties to settle a transaction on behalf of all parties involved.

Country: Norway
Further information: https://www.symfoni.dev/
Team: Symfoni AS

GitLab: https://gitlab.grnet.gr/essif-lab/cfoc/symfoni/Symfoni_project_summary

 


SSI based authorization for cross-border government and business representatives in logistics by Systems Integration Solutions, UAB

SIS is developing an SSI solution in the e-Government area that will enable government and business organizations operating in the cross-border logistics ecosystem to authorize their representatives in order to perform appropriate actions on behalf of the organization using an ecosystem-specific scheme (with required attributes).

Currently there are no authorization mechanisms that could link natural persons to organization in the cross-border logistics ecosystem. Problems occur if the organization and the representative are from different countries or the representative does not agree to use their personal identifier for organizational purposes. As well, lack of such a solution results in inability to ensure interoperability, security, and to prevent fraud. ESSIF4Log will allow to authorize the representative (by issuing him verifiable credentials). It will ensure better governance, security, interoperability, will become an enabler to speed up the eCMR development/implementation process.

Country: Lithuania
Further information: https://essif.sis.lt/credentials
Team: Systems Integration Solutions, UAB

GitLab: https://gitlab.grnet.gr/essif-lab/cfoc/sisuab/SISUAB_project_summary 


Product Circularity Data Sheets Digital Passport (PCDS-DP) by Compellio

The Product Circularity Data Sheets Digital Passport (PCDS-DP) is a trusted accountability system delivering decentralized verification to businesses and auditors in circular supply chains.
With PCDS-DP, Compellio enhances trust and accountability within the PCDS ecosystem by building blockchain-enabled verifiable data and verifiable credentials that leverage SSI components to ensure trusted authentication, auditability, and data access services in Europe and beyond.

Driven by the Luxembourg Ministry of the Economy and supported by major international industry leaders, the PCDS initiative addresses the difficulty for industry and consumers to access reliable data on the circular properties of a product. For each product, an internationally accepted dataset will describe all relevant information in controlled and auditable statements, helping the consumer and manufacturer to make educated choices, increasing the value of the product and enabling future uses in a circular economy. Since its inception, more than 50 companies from 12 different European countries, including global industry leaders, have joined the initiative.

Country: Luxembourg
Further information: https://compell.io/ 
Team: Compellio S.A.

GitLab: https://gitlab.grnet.gr/essif-lab/cfoc/comp/Compellio_project_summary 

Friday, 11. March 2022

Elastos Foundation

Elastos Bi-Weekly Update – 11 March 2022

...

Digital ID for Canadians

Spotlight on CIRA

1. What is the mission and vision of CIRA? As a nonprofit organization, CIRA’s mission is to build a trusted internet for all Canadians. Leveraging…

1. What is the mission and vision of CIRA?

As a nonprofit organization, CIRA’s mission is to build a trusted internet for all Canadians. Leveraging more than 30 years of experience managing .CA domains, CIRA offers one of the world’s most advanced back-end registry solutions and operate one of the fastest-growing country code top-level domains (ccTLD) in the world. CIRA researches and develops new technologies and solutions that help increase the security and resilience of the internet; mitigate and respond to cyber-attacks; and support new network, data, and security standards around the world. We also participate in global internet governance and advocate for a variety of internet issues in Canada such as access to broadband internet, privacy and security. Their Community Investment Program provides more than $1 million in grants every year to projects that help create a better internet.

2. Why is trustworthy digital identity critical for existing and emerging markets?

We are going digital in all aspects of our lives and it’s important to have trust in our own ecosystem. CIRA believes that to build a competitive, safe, inclusive society for all Canadians; governments, organizations, businesses and the public need to trust that credentials created in a decentralized identity model are indeed from an authentic source.

Citizens who access services by authenticating with digital identity credentials have an expectation that the intermediary organizations responsible for performing the authentication will keep their personal information secure. Organizations involved in this chain of trust must adhere to a strict governance framework with clear rules for the collection, storage, and usage of personal information. Such a governance structure must be replete with accountabilities, checks and balances, and an audit function to ensure strict adherence. Ultimately, public trust in any system hinges upon user buy-in to the governance structure.

3. How will digital identity transform the Canadian and global economy? How does your organization address challenges associated with this transformation?

We have seen incredible changes and significant economic advantages over the last two decades with the move to online service delivery. Critical issues have risen, from trust to privacy and security. CIRA believes that the evolution of privacy-enhancing, security-respecting, models for the delivery of digital identity is a key foundational requirement for the next stage of evolution. They believe that the approach to establishing trust anchors for decentralized digital identity may benefit from CIRA’s expertise in running one of the largest digital registries in the country and our experience in managing Canada’s DNS infrastructure.

CIRA believes that some important parallels can be drawn between the governance and international alignment in the management of the internet and maybe applicable to some of the issues we see with emerging decentralized identity models. W may be able to draw on our experience to help contribute to the next evolution of digital identity

4. What role does Canada have to play as a leader in this space?

Canada is an advanced digital society and has contributed to the development of standards, policy and governance in all aspects of technology. Trust is very important not just nationally but internationally as various aspects of business and personal rely on digital identity. Trust is one of the core values in which Canada implements its innovative projects around the world and our capacity to be thought leaders is driving forward the creation, development and adoption of digital identity.

CIRA believes that community initiatives such as DIACC and other public and private sector collaborative forums in Canada, along with the presence of thought leaders and very significant contributors to the evolution of digital identity make Canada uniquely positioned to be a significant contributor to the continued evolution of digital identity.

5. Why did your organization join the DIACC?

CIRA believes that the significant issues we are seeing with trust in digital Identity and the important principles in the philosophy embedded in decentralized identity are critical to the continued evolution of a healthy digital economy. Further, the CIRA’s decades of experience in managing the .CA domain registry on behalf of Canadians—which is at its core a form of digital identity—will positively contribute to community efforts to advance the state of digital identity and the digital economy as a whole.

6. What else should we know about your organization?

CIRA also has an innovation hub called CIRA Labs with a focus on leveraging our DNS expertise and managing their large network footprint, data centers and servers globally. They have been managing Canada’s original digital identity registry, the .CA domain name registry, on behalf of Canadians for more than 30 years. CIRA believes that the internet is an overwhelming force for good in the world, and with the right vision and collaborations, Canada can be a leader in its continued success.


Digital ID & Trust

By Julianne Trotman formerly Growth Marketing Lead at Vaultie with additional contributions by members of DIACC’s Outreach Expert Committee. For those of us new to the Digital Identity…

By Julianne Trotman formerly Growth Marketing Lead at Vaultie with additional contributions by members of DIACC’s Outreach Expert Committee.

For those of us new to the Digital Identity scene, separating fact from fiction and deciphering the benefits from the vast array of information written on the topic is not an easy task. Over the past 24 months, the use cases for Digital Identity have become more prevalent and the news surrounding the myriad of solutions and their applications in the marketplace continues to be front and centre. It has left the Digital Identity novice trying to understand the technology and asking three questions:

Why should they care about digital Identity? How will it benefit them? Whose responsibility is it to safeguard their personal data in a Digital Identity ecosystem and why they should care?

Having a Digital Identity is an important component for those wanting to interact in the digital economy. But what really is a Digital Identity and what is it used for? One way to think of a Digital Identity is as the equivalent of your identity in the physical world, such as having your physical driver’s license or health card digitized. It helps us to prove we are who we say we are, in an online context. Your identity can be used to replace physical identification such as a digital driver’s license, job credentials, or vaccine passport. Or it can also be used as a credential to access online services such as banking, apps on a mobile phone, or educational diplomas and certificates. Without trust in these relationships; between customers and organizations, citizens and government adoption and continued development of Digital Identity will be a challenge. Getting people to participate in the digital ecosystem is reliant on how much they trust that their information will be kept safe and not subject to unauthorized access by those in authority or with nefarious intent. For some, the trade-off between the ease of use and convenience of a Digital Identity, and the potential danger of having information compromised is not a great concern. They see the advancement of the technology that facilitates secure Digital Identity as progress and the trade-off as being a reasonable one. However, for many, the risk is not worth the adoption of a Digital Identity and their lack of confidence in the powers that be to keep their data, especially financial details, secure.

So, what’s missing? What is needed to instill trust into the equation? It seems as though almost every week there’s a story in the news about the latest organization that has been affected by a data breach. These breaches have been directed at private sector organizations, public institutions, and government targets. The hackers are indiscriminate about which institutions they attack, so the general public’s faith and trust in these institutions continue to be eroded every time another one of these attacks comes to light. The uncertainty that comes with not knowing whether data you have shared with an organization is secure or not, or what you can do to avoid this type of thing happening again in the future, is very unnerving. For people to have more faith in the current systems they need to understand how and why an organization is collecting their data and how it will be used, shared, and stored. This issue has been the source of much debate when it comes to trusting that some areas of government will not collect and use their citizen’s data for purposes that have not been fully disclosed. For example, with law enforcement, many people are hesitant to open pandora’s box of police-citizen data collection with a historical lack of transparency around its use and to what extent this data is collected in the name of public safety.

To deal with the issue of trust, governments and industries have looked to put what are known as trust frameworks in place, such as the Pan-Canadian Trust Framework (PCTF). These frameworks provide auditable criteria for different capabilities in an identity ecosystem, such as those for issuers of digital credentials, the people who use them, and the organizations who rely on identity assertions linked to the credentials. Trust frameworks vary in scope as some seek to verify the trustworthiness of information, technology, and processes of a solution, such as the PCTF, while others seek to facilitate a clear understanding between the people using Digital Identity products, the organizations providing and using the services, and the data being used. A trust framework is a tool to facilitate information verification and compliance that help promote trust and technical interoperability while allowing for information assurance verification and technical implementation compliance. Trust Frameworks enable digital systems and technologies to be able to communicate with each other or together measure each system’s trustworthiness. However, having these frameworks in place does not in and of itself help guarantee trust in the system. In order for this to happen there needs to be education around what the frameworks are given that trust frameworks define outcome-based requirements trust frameworks themselves may not guarantee interoperability between systems. For this to be secured solutions would need to build on the same technologies and standards with additional technical compliance verification required.

The journey to a more ubiquitous world of Digital Identity is one that still has many hurdles to overcome before it becomes a more pervasive reality. As many of these challenges are met and the acceptance of the ecosystem becomes more the norm than the exception, ensuring that we do not lose sight of the human side of the discussion is paramount. Trust is earned not given, and we, those involved in the Digital Identity industry must continue to work towards building an ecosystem that encompasses systems and technologies that help to instill trust into the process.


Elastos Foundation

ELA Buyback Program To Support DPoS 2.0 Monthly Update – February

...

Nyheder fra WAYF

Nota ny brugerorganisation i WAYF

Nu er Nota, Danmarks nationalbibliotek for mennesker med læsevanskeligheder, indtrådt i WAYF som brugerorganisation. Ansatte herfra kan derfor nu identificere sig som Nota-brugere over for de mange webtjenester i WAYF og eduGAIN af relevans for forskning og uddannelse. Language Danish Read more about Nota ny brugerorganisation i WAYF

Nu er Nota, Danmarks nationalbibliotek for mennesker med læsevanskeligheder, indtrådt i WAYF som brugerorganisation. Ansatte herfra kan derfor nu identificere sig som Nota-brugere over for de mange webtjenester i WAYF og eduGAIN af relevans for forskning og uddannelse.

Language Danish Read more about Nota ny brugerorganisation i WAYF

Own Your Data Weekly Digest

MyData Weekly Digest for March 11th, 2022

Read in this week's digest about: 20 posts, 1 Tool
Read in this week's digest about: 20 posts, 1 Tool

Thursday, 10. March 2022

Centre Consortium

Verite: A Technical Deep Dive with Kim Hamilton, Director of Identity & Standards

 

 


Identity Review

A History of Crypto and the Ukraine Crisis

How the latest invasion of Ukraine reveals cryptocurrency's mainstream effect
How the latest invasion of Ukraine reveals cryptocurrency's mainstream effect

Wednesday, 09. March 2022

DIDAS

Verifiable credentials for healthcare professionals

We have already reported that ambition level 3 obviously goes beyond the creation of the e-ID and aims to build an ecosystem of domain-ecosystems in which a variety of credentials can be exchanged and provided securely in addition to the e-ID. In his presentation, one of our experts, Urs Fischer from HIN, explains in ...

We have already reported that ambition level 3 obviously goes beyond the creation of the e-ID and aims to build an ecosystem of domain-ecosystems in which a variety of credentials can be exchanged and provided securely in addition to the e-ID.

In his presentation, one of our experts, Urs Fischer from HIN, explains in detail which challenges the SSI approach can help to address in the healthcare field. A special attention is made on the use-cases and challenges for physicians and other healthcare professionals.

The report therefore emphasises both the advantages of Ambition Level 3 as well as the reasons why the future ecosystem of the digital credentials in Switzerland should be based on on interplay of multiple sectors.

The presentation was held as part of online meetings of the discussion platform on the subject of e-ID and digital trust infrastructure and is available on Github and on our website (German only)


Digital ID for Canadians

DIACC Women in Identity: Ananya P. Lahiri

DIACC is hosting a series of spotlights showcasing our amazing female DIACC members in the digital identity space, noting the importance of diversity. These spotlights…

DIACC is hosting a series of spotlights showcasing our amazing female DIACC members in the digital identity space, noting the importance of diversity. These spotlights will be regularly socialized through DIACC’s LinkedIn and Twitter channels as well as our monthly member newsletters.

If you’re a DIACC member and would like us to feature your spotlight, contact us today to learn more!

What has your career journey looked like?

I started out with an engineering degree and an MBA in Finance and Systems. Completed my Masters in Finance from London Business School on a British Council Chevening scholarship. Spent the time from 2002-2019 across 3 top-tier investment banks in London…then joined Onfido as a Machine Learning Research Intern!

It’s been a great journey so far – I had to unlearn and completely rewire my expertise. My current job is in Biometrics, I deal with documents, selfies and videos. Skills include computer vision, deep learning, Python and Tensorflow…everyday I come to work wide-eyed and eager to learn.

When you were 20 years old, what was your dream job and why?

I studied mechanical engineering in India. I was the only woman in a batch of 90, and there were no other women in the batch before or after mine! So you can say I trained for a career in STEM.


As a female leader, what has been the most significant barrier in your career?

When I started my career there was no concept of flexibility, work-from-home was a privilege, daily long commutes on packed London Underground trains was a given. I had to raise my daughter while doing an intense job… reliable, affordable and quality childcare definitely helps. As a woman of colour with an accent to match, and limited local knowledge, I of course faced unique issues early on in my career. I’ve also had the privilege of having some of the best bosses and managers one can ever have. So it kind of evens out.

How do you balance work and life responsibilities?

I don’t! As a working mom, some days are good, other days not so. Resilience and a long-term view go a long way. I’ve been blessed with a cracking set of colleagues in my current org and function (Onfido Research) – you may say they have my back.

How can more women be encouraged to pursue careers in the digital ID/tech space?

Get them to talk to me? We women tend to second guess ourselves a lot. Just having a go at things, without expectations, is key.

What are some strategies you have learned to help women achieve a more prominent role in their organizations?

It largely depends on the type of management and mentors on offer. There is no magic bullet. There is only so much “leaning in” women can do, if the organisation is not ready for it then those strategies can even backfire. The organisation needs to be ready to embrace women leaders, and mentor them to success.

What will be the biggest challenge for the generation of women behind you?

There is already a subtle backlash I feel, against Diversity and Inclusion initiatives. We don’t want a set of “token women and minorities”, we need solid professionals who are mentored, given challenges and more importantly given space to fail and grow as much as their straight male colleagues.

What advice would you give to young women entering the field?

Don’t overthink! Just do it. You have one life. When you are seventy years old you don’t want to think what could’ve been. Take that shot, learn that skill, get past the challenge and rise to your true potential.
This is not empty advice – I gave myself this advice when I made a career change into Identity. Good luck!

Ananya Lahiri, Machine Learning Research – Applied Scientist at Onfido

Follow Ananya on and LinkedIn.



MyData

MyData Global in motion – key developments in 2022

In this blog post, newly appointed Deputy general manager Sille Sepp explains the main developments for MyData Global in 2022 – Collective sensemaking and channels for impact, Strengthening the MyData brand, Renovating the infrastructure of MyData Global, and Changes in the staff and leadership team.   In January, we wrote about our perspectives on 2022, […]
In this blog post, newly appointed Deputy general manager Sille Sepp explains the main developments for MyData Global in 2022 – Collective sensemaking and channels for impact, Strengthening the MyData brand, Renovating the infrastructure of MyData Global, and Changes in the staff and leadership team.   In January, we wrote about our perspectives on 2022, […]

We Are Open co-op

Audience Ikigai

An attempt to simplify complexity in content Just want to learn how to do your own Audience Ikigai? Head over to our template and guide on Learn with WAO! In the Web Strategy implementation project we’ve been working on with Greenpeace International (GPI), we’ve been researching. We’ve been looking through GPI programme guidance, channel strategies, engagement plans and geo-prioritisat
An attempt to simplify complexity in content

Just want to learn how to do your own Audience Ikigai? Head over to our template and guide on Learn with WAO!

In the Web Strategy implementation project we’ve been working on with Greenpeace International (GPI), we’ve been researching. We’ve been looking through GPI programme guidance, channel strategies, engagement plans and geo-prioritisation projects to understand the strategy behind communicating with certain audiences. We’ve been looking into research outputs from The Internet to find insights that can help GPI communicate with intention.

cc-by We Are Open Co-op

Mostly, we’ve been digesting all of this information and trying to come up with an idea that can help a global team of storytellers and communicators make sense of a very complex information landscape that is the Greenpeace global network. We came up with an Audience Ikigai, and it’s kind of great.

Complexity in Audience

The complexity surrounding any global audience can’t be understated, really. I mean, we’re talking about millions of people. GPI communications have to take into account that many are coming to Greenpeace for the first time, while others know the organization well. The audience is diverse. From young to old, every color and creed, a massive spectrum of people who are interested in the mission to “ensure the ability of the earth to nurture life in all its diversity.”

No global organization can resonate across the board with every single person, which is why strategic decisions are made. The best way for GPI to have global impact is to focus its website content, and we’ve been researching the best way to do that.

Speaking with GPI’s Desired Audience cc-by We Are Open Co-op, Icons from Graphic Enginer at the Noun project

Over the last years the organization has clearly defined the desired audience through its various projects. The Comms Department summarised this audience in their own channel strategy. This desired audience is listed in no particular order.

Young (18–34)
Not only are they the tastemakers and cultural influencers we need to begin to tap to spread our campaign messages for us […], they’re also the fastest growing group of social media users. This age demographic spends more time online than its older peers, making it easier to reach […]. On channels where user growth is expected to grow among this age group, […] we can strive to do both.
Urban
As articulated in the global programme guidance, cities are at the forefront of change on many of the issues we campaign on. At the same time, we must seek to shift the mindset that an “urbanized” lifestyle is one defined by consumption and separation from the natural world. For these reasons as well as their organizing potential, urban dwellers are a key audience across channels.
Global South
This focus is spelled out clearly in the conclusions of the geo-prioritisation exercise. As the Global South rapidly urbanizes, focusing our growth on both the Global South and cities should be mutually reinforcing in reaching high-potential new audiences.
Women
“This fight is not gender neutral: women are disproportionately affected by the impacts of climate change, and at the same time, climate change denialism is strongly connected with accepting patriarchal structures.”
Audience Ikigai cc-by We Are Open Co-op, Icons from Graphic Enginer at the Noun project

Through our research, we identified 3 desires and/or areas of focus for each kind of audience. We read papers about those areas of focus and distilled (a great deal of) information into an overview slide deck. We pulled content from across the Greenpeace global network to provide examples.

As we were creating this piece of work, we kept asking ourselves “Ok, but how do you focus on the very specific group that is “young, urban women in the Global South?”

Enter the Audience Ikigai. The outer ovals of the Audience Ikigai are the “non-specific” audiences. Women and young people are found around the world in every city, village, rural district. Women are 50% of humanity as are young people. The inner ovals are the slightly more specific audiences, although they are, still, incredibly large audiences. Global trends show that people are moving into urban areas, and our inference is that young people move to urban areas. Women do as well, of course, which is the magic of the Audience Ikigai — your inference matters.

The Audience Ikigai will shift depending on the assumptions we make. Each of the desires and areas of focus for the various audiences is layered on our Ikigai image. It could be done in a different way, but after all that research, we had a sense of sureness as to which bits overlapped.

cc-by We Are Open Co-op, Icons from Graphic Enginer at the Noun project Why is this useful?

We have created a resource that GPI comms folks can use to overlay content streaming in from various campaigns and offices. This can be used to check if something is appropriate for the Greenpeace International website audience, or if it needs to be rewritten or looked at from a different angle. It provides a framework for focusing and streamlining that incredibly complex information ecosystem.

Make your own

We thought this was such a useful exercise, that we created a template for other organisations and thinkers to use. You can check it out here.

Special note: Doug and I would like to offer a a huge public kudos to WAO’s intern, Anne Hilliger, who did some very heavy lifting on this work.

Attribution: Our version of the background is inspired by this Information is Beautiful version.

👋 WAO makes sense of complex problems while spreading the benefits of open. We’re a collective of independent thinkers and makers helping charities, ethical companies, government departments and educational institutions with sensemaking and digital transformation.

Think we might be able to help you? Get in touch!

Audience Ikigai was originally published in We Are Open Co-op on Medium, where people are continuing the conversation by highlighting and responding to this story.

Tuesday, 08. March 2022

Digital ID for Canadians

Spotlight on AIT

1. What is the mission and vision of AIT? The AIT (Austrian Institute of Technology) is a professional non-profit RTO enterprise focusing on the key…

1. What is the mission and vision of AIT?

The AIT (Austrian Institute of Technology) is a professional non-profit RTO enterprise focusing on the key infrastructure topics of the future. AIT provides research and technological development to realize basic innovations for the next generation of infrastructure-related technologies in the fields of digital safety and security, energy, health and bioresources, low-emission transport, vision, automation and control, technology experience, and innovation systems and policy.

Dedicated to serving governments, operators of all kinds of critical infrastructure and its industrial suppliers, AIT bridges the gap between research and technology commercialization, which is a key aspect of developing new technologies and enabling an economic boom.

2. Why is trustworthy digital identity critical for existing and emerging markets?

Full digitization of businesses is key to holding one’s ground in global competition. Customers will select those services that provide maximal efficiency and usability while ensuring full data security. Day-to-day news about data breaches makes customers feel insecure. The winners will be those companies that manage to establish and maintain a maximum level of trust for generally accepted applications.

Some emerging markets strongly rely on biometrics as the basic or even single way of personal identification. Trust in the corresponding identity management processes is key for the secure operation of access control to services in everyday life.

3. How will digital identity transform the Canadian and global economy? How does your organization address challenges associated with this transformation?

Digital identity will introduce huge opportunities for new business processes and at the same time pose tremendous threats regarding security and privacy. Any new application must bring along the appropriate security level. New business models must come hand-in-hand with trusted security features. Again, being able to fulfill the requirements of a convenient application and a high level of trust will be key criteria for success or failure in business. Global competition will select the winners.

AIT addresses exactly these challenges by investigating and piloting innovative methods and tools for ensuring the required security of the biometric applications of tomorrow.

4. What role does Canada have to play as a leader in this space?

Any community aiming at leadership should act as a promoter and supporter of innovations in identity management processes and involve all market participants, from private customers to governmental administrations. In parallel, it should prioritize efforts for the broad implementation of efficient, convenient, and secure identity management processes in all forms of business.

5. Why did your organization join the DIACC?

DIACC’s goals and agenda fit perfectly to the AIT mission of realizing basic innovations for the next generation of infrastructure-related technologies in the fields of digital safety and security. AIT is interested and prepared to contribute to advancing Canada’s digital economy agenda with innovative biometric solutions and secure identity management processes.

6. What else should we know about your organization?

In the area of digital identity management, AIT experts investigate new technologies in the field of biometrics (high convenience, contactless, at a distance, multimodal approaches, privacy-preserving, highly secure, mobile), showcase those technologies to interested end-users as well as to companies working B2B, and are involved in or lead national and European applied research projects. The present focus is on contactless biometrics including fingerprints and 2D/3D face for person identification and identity verification and secure identity management processes. AIT seeks partners to a) incubate end-users and industry with novel identity management solutions, b) enable small and medium-sized prototypes and pilots, c) distribute and roll out its biometric technologies, and d) build new connections into North America’s scientific community.

Friday, 04. March 2022

Trust over IP

Layer 1 Utilities: An underground network connecting all SSI ecosystems

We want to develop a cohesive map and topology of all Layer 1 Utilities, and what route is best to take for each destination. The post Layer 1 Utilities: An underground network connecting all SSI ecosystems appeared first on Trust Over IP.

“Please mind the gap between the DID and the DID Document! Just like the London Underground, Layer 1 Utilities are a collection of connected rails and overlapping networks, on top of which SSI ecosystems are developed. The ToIP Utility Foundry Working Group (UFWG) are mapping out how they overlap, intersect and differentiate from each other.”

Layer 1 Utilities for decentralized identity are becoming increasingly diverse, complex and  multi-functional. Covering a range of use cases from anchoring digital trust with DIDs, to decentralized governance, to enabling payments for identity credentials.

And as they continue to develop and expand, invariably, one question will keep coming up:

“What Layer 1 should I use?”

And to the person asking this question, I would say the following.

“It depends, where are you trying to get to?” 

Just like the London Underground, Layer 1 Utilities are a sprawling megalopolis of interconnecting chains, rails, and zones, laying the foundation of the ecosystems built on top. 

There are multiple routes and options to reach some destinations. Whereas, for other destinations, you may need to take one specific line. Some zones are more expensive than others. Others are far better connected. You can find lines underground, while some are above the surface. And if you really want, you can even find lines with trains that drive themselves! 

Utility Foundry Working Group

As with any metro system and underground, there is not one line which goes to all stations. You need to understand where you may need to change, and where the overlaps are. 

At the Utility Foundry Working Group (“UFWG”), we want to develop a cohesive map and topology of all Layer 1 Utilities, and what route is best to take for each destination. We want to help those interested in utilizing decentralized identity understand why some Utilities may fit certain use cases better than others, in terms of price, convenience, interoperability, functionality, and speed-to-production.

Please mind the gap between the DID and the DID Document!

The old and the new

The London Underground began in 1863 with the Metropolitan line and is still being built today, with the Elizabeth Line potentially launching this year, connecting central London with Reading. 

Similarly, decentralized identity has established Layer 1 utilities, and repurposed Layer 1 utilities, such as did:sov or did:web, as well as newcomers like did:keri, did:orb, or did:cheqd. In this new phase of the UFWG, we intend to continue existing work and deliverables on ToIP registered utilities, as well as branching into new innovations, DeFi, and Layer 1 Payments, as well as decentralized governance. 

We would welcome all who are interested in the quickly developing ecosystem of Layer 1 utilities, or if you just have a desire to get more involved in SSI, to come and contribute to our deliverables:

Understand: A general framework for choosing which Layer 1 Utility and did method to utilise Compare: A comparison chart of all Layer 1 Utilities and identity overlay networks Comply: A guidance document for data protection and GDPR compliance Innovate: DeFi compliance on top of Layer 1 Utilities (Shyft, Notabene, Centre), payments for Verifiable Credentials (cheqd, Kilt, Velocity), overlay networks (did:ion, did:tz, did:orb), KERI and self-certifying identifiers, self-executable governance (to name a few!) are all Layer 1 Utility innovations on the horizon. Let us know what you’d like to see going forward and how we can build guidance and documentation around it!

Alternatively, if you are involved in building a Layer 1 Utility and would like to present your work and roadmap, we’d be happy to incorporate you into our agenda as a Special Guest.

We will also work alongside you to map out your Layer 1 Utility, and help:

List: on our Utility Directory Define: Utility stories and functionality breakdown Build: Layer 1 Governance Frameworks: Traditional (e.g. Sovrin), or Self-Executable & Decentralized (e.g. cheqd) Differentiate: Features and technical specifics against other Utilities

To get involved, please jump into our Working Group and introduce yourself:

The UFWG runs biweekly on Tuesdays [6am AEST, 15:00 EST, 20:00 CET] and the next meeting falls on the 1st March. [Google Calendar] [Meeting Link]

This is the Victoria Line train to Brixton, please use the method, did:sov, and get your DIDDocument ready for inspection.

For more information, please contact our leadership:

Jessica Townsend, Co-Chair, UFWG Alex Tweeddale, Co-Chair, UFWG Lynn Bendixsen, Co-Chair, UFWG

Contact Jessica, Alex and Lynn through our contact page.

The post Layer 1 Utilities: An underground network connecting all SSI ecosystems appeared first on Trust Over IP.


MyData

Event: Connecting with MyData Operators 2022

Recording from the event is available here. Join this online event to learn about and connect with MyData Operators – service providers that help individuals to share their personal data between organisations and get better services. Data sharing across sectors and ecosystems require suitable infrastructure, governance and standards. When it comes to personal data sharing, […]
Recording from the event is available here. Join this online event to learn about and connect with MyData Operators – service providers that help individuals to share their personal data between organisations and get better services. Data sharing across sectors and ecosystems require suitable infrastructure, governance and standards. When it comes to personal data sharing, […]

Lissi

EU ID Wallet: Illustration of the eIDAS roles and functions

EUDI Wallet: Illustration of the eIDAS roles and functions In June 2021, the EU Commission presented a new draft on eIDAS regulation. The aim is to provide all citizens and businesses in the EU with digital wallets with which they can not only identify and authenticate themselves, but also store a variety of other documents (such as diplomas) and present them in a verifiable manner. In recent mon
EUDI Wallet: Illustration of the eIDAS roles and functions

In June 2021, the EU Commission presented a new draft on eIDAS regulation. The aim is to provide all citizens and businesses in the EU with digital wallets with which they can not only identify and authenticate themselves, but also store a variety of other documents (such as diplomas) and present them in a verifiable manner. In recent months, a group of experts has now presented a first outline for the architecture of an “eIDAS Toolbox” describing the reference architecture.

The current version of the toolbox of the revised eIDAS regulation already defined new roles within the framework as well as their functions.

In the graphic below we reorganised and regrouped the stakeholders to map the requirements for the eIDAS toolbox architecture onto a SSI framework (Self-Sovereign Identity framework). The graphic shows very clearly how well the requirements for the eIDAS toolbox can be implemented with SSI technology. This is also supported by the paper “Digital Identity: Leveraging the SSI Concept to Build trust” by the European Union agency for cybersecurity ENISA.

We also added the arrow from the different issuers to the trust registries, since they need to provide information to these registries.

EUDI Wallet: eIDAS roles and functions reorganised by Lissi

Until the end of the year member states are now requested by the EU Commission to implement first pilot use cases on top of the reference architecture. We expect many member states to implement use cases on top of an architecture similar to above graphic.

We used the graphic below as basis for our infographic, which was published as part of the current eIDAS Toolbox document on page 8.

Infographic of roles and functions the eIDAS Toolbox as of March 2022

We would be delighted to hear your feedback. Do you think the reorganisation makes sense? Which roles or functions are missing?

Your Lissi team


Own Your Data Weekly Digest

MyData Weekly Digest for March 4th, 2022

Read in this week's digest about: 12 posts
Read in this week's digest about: 12 posts

Thursday, 03. March 2022

Trust over IP

Radio With Pictures

Exploring why human trust should be an essential design element in the next generation of digital solutions. The post Radio With Pictures appeared first on Trust Over IP.

Exploring why human trust should be an essential design element in the next generation of digital solutions

Every day I have conversations with people about verifiable credentials and digital identity. Invariably some form of the following challenge is put to me:

The world already operates pretty well using paper credentials. The costs, risks, and benefits writ-large are all well understood and accounted for. I get that Trust over IP is doing something different but what is the extra value we should expect for the effort and investment we would need to make to change the status quo?

Good question.

This year the Ecosystem Foundry Working Group (EFWG) at Trust Over IP (ToIP) wants to focus on just this question. In the early days, credential insiders had a vision of why what we were doing was not just different but better, and took to evangelizing the art of the possible. Since then, the vision and technology have matured sufficiently and we now seek to engage the larger community to hear about the business challenges they are facing that involve identity, credentials, and trust. Equally important, we want to hear from them about the organizational contexts in which these problems exist. Contexts that can expedite or hinder broader adoption and contexts that can help guide our thinking and evolution.

Since its inception, the EFWG has been hosting a very popular Presentation Series showcasing projects, ideas, and solutions. This year we continue the series but with an emphasis on understanding the ‘why’ behind ToIP-aligned solutions. We believe we’re approaching the point where high-value solution patterns and sustainable contexts will emerge and the EFWG wants to be the place that fosters and shares this understanding.

We also want to communicate these ideas beyond working group discussions which is why we plan to distill and transmit this knowledge in a series of whitepapers and blog posts. We want to continue to socialize the concepts of verified credentials and digital identity, and explain the benefits and tools available to a broad audience. To help in communication and uptake we are spearheading the creation of Learning Pathways at ToIP. This will pull together the outputs of ToIP working groups and task forces into organized and digestible chunks with clear audiences and outcomes. We want to make the content that ToIP produces even more easy to access, put into context, and become actionable through the creation of these Learning Pathways.

Radio with pictures, music without a disc, computing capacity on demand. In hindsight these were all charmingly simplistic attempts to explain why certain emerging technologies were destined to usher in tectonic shifts. Over time though, we all began to understand the real impact the words tried to express. The EFWG is a community of experts and visionaries looking to provide context to some bold new ideas and welcome your participation.

We welcome all who are interested in the evolution of, or in being part of evolving this space to join us during our community zoom calls every other Thursday at 8:00-9:00 am PST / 11:00-12:00 am EST / 16:00 – 17:00 UTC / 17:00 – 18:00 CET. 

If you are affiliated with an organization that would like to be part of our Presenter Series, or would like to have a conversation with the community about how identity, credentials, and trust impacts your business, please reach out to:

Steve Magennis, EFWG co-chair Carly Huitema, EFWG co-chair

Contact Steve and Carly through our contact page.

The post Radio With Pictures appeared first on Trust Over IP.

Wednesday, 02. March 2022

OpenID

Introducing the Global Assured Identity Network (GAIN) Proof of Concept Community Group

The OpenID Foundation is pleased to announce the launch of the Global Assured Identity Network (GAIN) Proof of Concept Community Group, which aims to test the technical hypotheses underlying the “GAIN Digital Trust” white paper. Back in September 2021, more than 150 co-authors called for the creation of a globally interoperable network for high-trust identity […] The post Introducing the Global A

The OpenID Foundation is pleased to announce the launch of the Global Assured Identity Network (GAIN) Proof of Concept Community Group, which aims to test the technical hypotheses underlying the “GAIN Digital Trust” white paper.

Back in September 2021, more than 150 co-authors called for the creation of a globally interoperable network for high-trust identity assurance. It was a “no logo, pro bono, open source” collaboration. Since then, an informal alpha proof of concept (POC) has been connecting Identity Information Providers and Relying Parties, leveraging OpenID Connect for Identity Assurance. Now, under the auspices of the OpenID Foundation, the group will be able to grow and test whether identity information can be shared across a variety of architectures, protocols, and jurisdictions.

The Community Group will meet each Thursday at 7pm UTC beginning Thursday, March 3, 2022. Further information about the POC, including meeting details, FAQs, events, media, and other resources, can be found on the GAIN Community Group webpage.

Enrollment in the POC is open to the public including organizations and individuals. If you are interested in becoming a member of the POC, please complete the registration form and sign the Participation Agreement. Any POC questions can be directed to the co-chairs at GAINPOC@oidf.org.

The post Introducing the Global Assured Identity Network (GAIN) Proof of Concept Community Group first appeared on OpenID.

Tuesday, 01. March 2022

We Are Open co-op

Learn with We Are Open Co-op

Free resources to help charities, non-profits, and impact-focused organisations Visit the site One of the bigger projects I’ve been working on during my internship at WAO was redesigning and rethinking our learnwith.wearopen.coop platform. Over the past years, We Are Open worked with a variety of charities and noticed a need for similar kinds of thinky thinky approaches. It was my project to
Free resources to help charities, non-profits, and impact-focused organisations Visit the site

One of the bigger projects I’ve been working on during my internship at WAO was redesigning and rethinking our learnwith.wearopen.coop platform.

Over the past years, We Are Open worked with a variety of charities and noticed a need for similar kinds of thinky thinky approaches. It was my project to take these bits and pieces and turn them into something a bit more structured.

Today we are launching this project to share it with you. How exciting, especially for me! A lot has happened since I wrote about it the last time. But go have a look for yourself. Soon I will share more detail on how I built some of the things and publish another article.

What is learn with WAO?

This platform is stuffed with courses, resources and other products that members and collaborators of We Are Open Co-op have created.

On the platform you can find:

Templates that can be used in workshops or meetings with clients and collagues Email courses you can learn how to facilitate a good online meeting or what it means to work openly (spoiler alert, our list of ideas for new courses is long so stay curious for all the things that will be published soon) The Podcast “Tao of WAO” with its very awesome guests And a list of a lot of the things that WAO’s members have published over the years on the internet

Because of its variety of content it is also for different groups of people. This is for our clients, for facilitators that are looking for an approach to use at their next workshop. It is for learners, people interested in Open Badges or other topics that our members are experts on.

You can support Learn with as well as other We Are Open Co-op products and projects at open-collective.com/weareopen.

If you visit the site and find any bugs or are willing to give us some feedback visit our GitHub repository and submit your thoughts there. This is just the beginning and we will keep on working on developing this platform further!

And lastly I want to say a huge thanks to all the members of WAO for the constant support and co-working time to help me get this project to where it is now.

Learn with We Are Open Co-op was originally published in We Are Open Co-op on Medium, where people are continuing the conversation by highlighting and responding to this story.


Velocity Network

Velocity Network Foundation® has announced its successful launch of Velocity Network™ Mainnet: Internet of Careers®

A game changing, blockchain based, public utility layer, which makes it simple for people and organizations to exchange verifiable, immutable, trusted self-sovereign career credentials. The post Velocity Network Foundation® has announced its successful launch of Velocity Network™ Mainnet: Internet of Careers® appeared first on Velocity.

Monday, 28. February 2022

Identity Review

Athletes Enter in the NFT Space, Garnering Significant Attention

NFTs are reaching some of their most passionate audiences—those who follow sports.
NFTs are reaching some of their most passionate audiences—those who follow sports.

Friday, 25. February 2022

MyData

EU Data Act – making data portability actionable

The EU Commission published the long-awaited Data Act on February 23, 2022. This is a progressive legislative proposal to increase access to data for the users of connected products suchs as Iot devices and related services. It is a significant move towards realising the MyData principle of portability, access, and re-use as well as the […]
The EU Commission published the long-awaited Data Act on February 23, 2022. This is a progressive legislative proposal to increase access to data for the users of connected products suchs as Iot devices and related services. It is a significant move towards realising the MyData principle of portability, access, and re-use as well as the […]

Own Your Data Weekly Digest

MyData Weekly Digest for February 25th, 2022

Read in this week's digest about: 10 posts
Read in this week's digest about: 10 posts

Thursday, 24. February 2022

Commercio

Welcome to Commercio.network 3.0 the era of the legally binding NFTs

What happened Wednesday night and how did we get to this point ? Commercio.network on February 23rd at 18:11 reached  the 66.66% consensus  to  migrate  the blockchain  core software to the 3.0 version. A great operation that involved 70 of the 100 nodes that are part of the network and reached 100% consensus a few minutes later. What a rush […] L'articolo Welcome to Com
What happened Wednesday night and how did we get to this point ?

Commercio.network on February 23rd at 18:11 reached  the 66.66% consensus  to  migrate  the blockchain  core software to the 3.0 version. A great operation that involved 70 of the 100 nodes that are part of the network and reached 100% consensus a few minutes later. What a rush ! The absolute migration’s protagonists  were  Marco, Mario, Nicola, Markus, Daniele, Angelo, Mattia, Dave, Greg, Dilan, Ivar and all the other CTOs of the companies that are part of the network.

These intense minutes in which the chain migrated from version 2.2 to version 3.0 have been preceded by a year of hard work by  20 developers coordinated by CTO Marco Ruaro who built from scratch the new release based on the latest version of COSMOS SDK.  This release will allow Commercio to join  the #IBCGANG and then finally be able to exchange virtual assets from  commercio.network to  the whole Cøsmos ecosystem  via IBC interchange protocol and finally on Ethereum thanks to the new Gravity Bridge.

What has changed and what will change for users of the Commercio.network blockchain ?

Commercio.network is the world’s only legally binding blockchain (eIDAS compliant) that can solve 6 fundamental problems:

1. E-ID Create and manage Self Sovereign Identity SSI.

EIDAS2 electronic identity by implementing W3C SSI standards to issue DID DDO and external verifiable credentials (VC)

2. E-SIGNATURE Electronically sign PDF and XML documents

To electronically sign any digital document with the same legal effect as a paper document.

3. E-DELIVERY Notarizes the exchange of documents between parties

To exchange and notarize any digital document with the same legal effect as a paper document.

4. E-KYC Manage KYC procedures for AML purposes

To perform Know Your Customer (KYC) and sign the due diligence form in accordance with Anti Money Laundering (AMLD) regulations;

5. E-PAY Request a Certified SEPA Payment

To request SEPA payment from a user with a certified IBAN certified on blockchain eliminating most of frauds related to identity theft

6. E-MINT Issue and exchange NFT Certificate tokens

To allow users with an identity and electronic signature to issue an NFT to bind any digital, physical or financial asset

How will Commercio NFT Certificates  on commercio.network change the world ?

An NFT on commercio.network is a digital bearer certificate, simply put it is a negotiable instrument that transfers ownership of any asset (such as certified digital assets, physical assets, receivables, stocks or debts) not to a specific person (assignee) but rather to whoever holds the NFT.

Who holds the NFT in their  Wallet (non custodial) is the owner of the underlying asset. But not by virtue of a smart contract, but by a true legally binding contract between the parties. A contract written and signed following the  European eIDAS   that make any digital contracts legally binding. The scope of this invention is EPIC!

From version 3.0 it will be possible to invoke a function called Mint, to create  an NFT that is a certificate related to a good (a watch, a picture, a car, a house, an invoice that you actually own) To do this it is necessary to sign a contract in which you confirm that you are the owner and that you are willing to transfer its title (sale) to whoever owns the NFT. This Contractual Obligation can be obtained only thanks to the fact that Commercio.network as eIDAS compliant, allows the exchange of legally binding documents.

L'articolo Welcome to Commercio.network 3.0 the era of the legally binding NFTs sembra essere il primo su commercio.network.


Lissi

Case Study: DATEV eG stellt digitale Nachweise in das Lissi Wallet aus.

Case Study: Zusammenarbeit von DATEV eG und Lissi für die Ausstellung von verifizierbaren Nachweisen. Case Study: Vereinfachtes Zugangsmanagement für Mitarbeiter:innen durch digitale Nachweise. Einführung Anwendungsfall Ende November 2021 startete DATEV eG die Nutzung von verifizierbaren Nachweisen mit der intern entwickelten CovidSHIELD-App, um Covid-19 PCR-Testergebnisse für Mitarbeiter:innen n
Case Study: Zusammenarbeit von DATEV eG und Lissi für die Ausstellung von verifizierbaren Nachweisen. Case Study: Vereinfachtes Zugangsmanagement für Mitarbeiter:innen durch digitale Nachweise. Einführung Anwendungsfall

Ende November 2021 startete DATEV eG die Nutzung von verifizierbaren Nachweisen mit der intern entwickelten CovidSHIELD-App, um Covid-19 PCR-Testergebnisse für Mitarbeiter:innen nutzerfreundlich in einem Wallet darzustellen.

Die PCR-Tests werden in einem internen Testcenter durchgeführt, welches Pooltests verwendet und damit sehr effizient arbeitet. Bei einem Pooltest werden bis zu 35 Personen (in der Regel aus demselben Arbeitsbereich und derselben Schicht) in einem “Pool” zusammengefasst.

Testablauf und Verbindungsaufbau

Jede Person gibt zwei Proben ab, eine für den gemeinsamen Pooltest und eine B-Probe für einen ggf. notwendigen individuellen Test. Zusätzlich wird von allen am Pooltest teilnehmenden Personen das Lissi Wallet auf das Handy geladen. Die Pool-Master — das sind diejenigen Personen, die die Koordination eines Pools übernehmen — verfügen zusätzlich über die CovidSHIELD Web App.

Über den Scan eines QR-Codes mit dem Lissi Wallet wird eine Verbindung zur CovidSHIELD-App des Pool-Masters aufgebaut.

Illustration der CovidSHIELD Anwendung sowie des Lissi Wallets. Inhalt der Nachweise

Die im Falle eines negativen Testergebnisses ausgestellten Nachweise enthalten den Vor- und Nachnamen der getesteten Person, den Text “…ist negativ” sowie das Datum an dem der Test durchgeführt wurde, um die Gültigkeit überprüfen zu können.

Ein Nachweis wird immer nur über ein negatives Testergebnis ausgestellt, niemals über ein positives.

Ablauf bei negativem Pooltest

Zunächst erfolgt der PCR-Test der gemeinsamen Poolprobe. Ist diese negativ, so wird für alle Personen, die am Test teilgenommen haben, ein negativer Testnachweis über die CovidSHIELD-App erstellt.

Dazu wird durch Klick auf die Schaltfläche “Alle Proben sind negativ” automatisch die Ausstellung an alle getesteten Personen eines Pools gestartet und an das Lissi Wallet gesendet. Nach Annahme des Nachweises im Wallet kann dieser dann in Verbindung mit dem DATEV-Mitarbeitenden-Ausweis bei Bedarf beim Betriebsschutz gezeigt werden.

Illustration der CovidSHIELD Anwendung sowie des Lissi Wallets. Ablauf bei positivem Pooltest

Alternativ ist im Falle eines positiven Pooltests eine Analyse der abgegebenen B-Proben notwendig, da mindestens eine Person positiv ist. Nachdem diese Ergebnisse vorliegen, wird für jede Person das Ergebnis der B-Probe individuell in der CovidSHIELD-App ausgewählt und im Falle eines negativen Ergebnisses über die anfangs aufgebaute Verbindung an das jeweilige Lissi Wallet bzw. den/die Mitarbeiter:in gesendet.

Illustration der CovidSHIELD Anwendung sowie des Lissi Wallets. Zeitlicher Ablauf

Die folgende Darstellung zeigt den zeitlichen Ablauf für den Fall eines negativen als auch eines positiven Pooltests mit anschließender Überprüfung der B-Proben.

Illustration des Ablaufs des Anwendungsfalls. Technische Integration

Der Anwendungsfall wird aktuell von mehr als 700 Mitarbeiterinnen und Mitarbeitern genutzt und es wurden bereits über 5.900 verifizierbare Nachweise ausgestellt. Dabei gab es bisher keinerlei Probleme hinsichtlich der Performance, der Verfügbarkeit oder des Speicherverbrauchs.

Von technischer Seite aus werden folgende Komponenten verwendet

Keycloak als Zugriffsschutz (nur die Pool-Master können die CovidSHIELD-App nach korrekter Authentifizierung aufrufen) Die selbstgeschriebene CovidSHIELD-App, um die Verbindungen zu den Lissi Wallets aufzubauen und die Testergebnisse einzupflegen Der Aries Cloud Agent Python (“Aca-Py”) für die Kommunikation mit dem BCGov-Testnetzwerk und das Ausstellen der Nachweise an die Lissi Wallets Die Backend-Komponente für die Business-Logik Das BCGov-Testnetzwerk, um den dezentralen Identifier (DID) der DATEV, das Schema und die darauf aufbauende Credential Definition für die Nachweise zu hinterlegen Das Lissi Wallet Technische Komponenten und Rollen im Anwendungsfall Nutzung des Lissi Wallets

Zu Beginn wurden mehrere Wallets getestet. Die finale Entscheidung fiel auf das Lissi Wallet, da dieses das größte Maß an Benutzungsfreundlichkeit sowie den stabilsten operativen Betrieb bietet. Zusätzlich ausschlaggebend waren die automatische Auswahl des Netzwerks und die Verfügbarkeit der deutschen Sprache.

Implementierung

Der Anwendungsfall konnte zügig durch das Blockchain-Team aus dem DATEV eG Inkubator implementiert werden. Das Backend und auch das Frontend der CovidSHIELD-App wurden über TypeScript und Svelte implementiert. Die Kommunikation inklusive Ausstellung der Nachweise zu den Lissi Wallets erfolgt dabei über den Aca-Py.

Das Schema und die darauf aufbauende Credential Definition (also die Struktur der Daten, die in einem Nachweis enthalten sind) wurden auf dem BCGov-Testnetzwerk hinterlegt. Dazu sind Schreibrechte notwendig, welche über den Endorser-Service beantragt wurden.

Die anderen Komponenten (Aca-Py sowie das Lissi Wallet) bedürfen keiner expliziten Zustimmung für die Nutzung.

Vorteile der Implementierung

Die Implementierung des Anwendungsfalls basierend auf der SSI Technologie mit dem Lissi Wallet bringt folgende Vorteile mit sich:

Direkte Ausstellung der Nachweise an Mitarbeiter:innen, die Nachweise liegen nur in dem Wallet der jeweiligen Person Einfacher Empfang, Verwaltung und Präsentation der Nachweise Schnelle Implementierung ohne große Genehmigungsverfahren Kostengünstige Implementierung, mit lediglich Personalkosten und Hosting des Agents der CovidSHIELD-App Verbindung mit weiteren Anwendungsfällen (DATEV-Mitarbeitenden-Ausweis, Zugangsmanagement etc.) Vermeidung von Honeypots von personenbezogenen Daten durch dezentrale Speicherung Weiterer Ausbau des Anwendungsfalls

Bisher wird lediglich eine Sichtprüfung des Nachweises durchgeführt. Um die kryptografische Verifizierung des Nachweises zu vereinfachen, wird das Lissi Wallet zukünftig die Funktion anbieten, dass Nutzende ihre Nachweise direkt als QR-Code präsentieren können. Zudem soll das Basic Massage Protokoll unterstützt werden, sodass getestete Personen über den aktuellen Stand des Tests informiert werden können (z.B. “Poolprobe positiv, B-Proben werden analysiert”).

Bei Fragen oder Anliegen der Case Study können Sie sich an info@lissi.id oder blockchain@datev.de wenden.

Herausgeber:

Blockchain@DATEV
DATEV eG
Paumgartnerstr. 6–14
90429 Nürnberg

Lissi
Main Incubator GmbH
F&E Einheit der Commerzbank Gruppe
Eschersheimer Landstr. 6
60322 Frankfurt

Wednesday, 23. February 2022

SelfKey Foundation

Significance of NFTs in Web 3.0 and the Metaverse

Understanding the contribution of SelfKey to digital identity powered by NFT in Web3.0 and the Metaverse – handing over ownership back to the hands of the users in a secure and decentralized manner. The post Significance of NFTs in Web 3.0 and the Metaverse appeared first on SelfKey.

Understanding the contribution of SelfKey to digital identity powered by NFT in Web3.0 and the Metaverse – handing over ownership back to the hands of the users in a secure and decentralized manner.

The post Significance of NFTs in Web 3.0 and the Metaverse appeared first on SelfKey.

Tuesday, 22. February 2022

Trust over IP

“No, I don’t trust you” – Implementing Zero-Trust Architecture in the world of Self-Sovereign Identity (SSI)

We examine the efforts of the US federal government to adopt zero trust architecture (ZTA), and its implications for using decentralized identity. The post “No, I don’t trust you” – Implementing Zero-Trust Architecture in the world of Self-Sovereign Identity (SSI) appeared first on Trust Over IP.

The Trust over IP Foundation was established to bring trust into the virtual, online world where, all too often, there is low or no trust in data exchanges. In this post, on the topic of how the public sector should consider SSI, we examine the efforts of the US federal government to adopt zero trust architecture (ZTA) and its implications for using decentralized identity.  As stated in federal guidance, “The foundational tenet of the Zero Trust Model is that no actor, system, network, or service operating outside or within the security perimeter is trusted. Instead, we must verify anything and everything attempting to establish access.”

The proliferation of cloud computing, mobile devices, Internet of Things (IoT), and wireless technology has changed the traditional paradigm of computing, and with it the traditional approach to cyber security leveraging access management and security controls at the network boundaries. 

Recognizing this increasing threat, the US Government, through the Department of Defense (DoD) and National Institute of Standards and Technology (NIST) has led the development of a new approach to security and threat management called Zero Trust Architecture, or ZTA. A zero trust cybersecurity approach removes the assumption of trust typically given to devices, subjects (i.e., the people and things that request information from resources), and networks. It focuses on accessing resources in a secure manner, regardless of network location, subject, and asset, and enforcing risk-based access controls while continually inspecting, monitoring, and logging interactions. 

Two weeks ago, the requirements of the Executive Order were further delineated in the Office of Management and Budget memo M 22-09, Moving the U.S. Government Toward Zero Trust Cybersecurity Principles, and set a deadline of October of 2023 for all federal agencies to implement ZTA standards and objectives in their technology infrastructure. Unfortunately, the opportunity to truly recognize “zero trust”, and by extension the principles of SSI, appear to be left as a gap. The ToIP framework provides an opportunity to implement design choices which help address this gap. 

The role of Identity in Zero Trust

Identity plays a key role in ZTA. “Users” and “Devices” are two of the seven pillars of Zero Trust in DoD, and one of the Cybersecurity and Infrastructure Security Agency’s (CISA’s) “five pillars” for zero trust maturity (identities, devices, networks, applications and workloads, and data). The DoD implementation guide specifically references the Identity and Credential Access Management (ICAM) Reference Design as the basis for managing the identity of Person and Non Person Entities to support ZTA. The OMB guidance comes up short, only referencing “Using centrally managed systems to provide enterprise identity and access management services” to support an agency ZTA strategy. NIST and DoD have both laid the foundation for serious consideration of SSI and decentralized identity that appear to fail to make it to the guidance at a federal level. 

Zero Trust and SSI

Zero Trust is based on the premise that “that no actor, system, network, or service operating outside or within (emphasis added) the security perimeter is trusted”. In the same respect, SSI ascribes to the principle that identity is retained by the person (entity) and only shared based on pre-agreed terms of trust – a Trust Framework. ZTA requires that “we must verify anything and everything attempting to establish access” while SSI prescribes selective disclosure and zero knowledge proofs that cryptographically confirm an identity without repeated disclosure of identity attributes for both authentication and authorization. ZTA and SSI then become “both sides of the same coin”, protecting both the entity (which must trust the verifier in sharing their information) and the network (which must verify the entity to trust it with access).

The President’s Executive Order makes one thing clear – “…the Federal Government needs to make bold changes and significant investments in order to defend the vital institutions that underpin the American way of life.” This bold change means moving from the traditional thinking of centralized, or even federated, identity structures and methods and recognizing “trust must go both ways” or  expect no trust at all. 

Although the ToIP Framework has yet to be demonstrated at the scale of full  ZTA interoperability needed by the U.S. government—or other world governments—it is indeed the architecture they should be investing in to reach that level of interoperability at scale. It will also enable governments to do so without vendor lock-in, support “digital sovereignty” and—even better—it will enable peer-to-peer trust between any governments, their agents, and citizens based on their own governance frameworks and trust policies.

If You Are a Government…

Efforts are underway around the globe to promote new trust models between governments and citizens that promotes privacy and improves how trust is established between entities sharing information. Now is the time for the US government to consider and adopt the ToIP Framework as a starting point to not only support ZTA but promote greater privacy in information sharing within its ecosystem. 

…and want to learn more about how ToIP can help give you the tools for designing and implementing interoperable decentralized digital trust infrastructure, please contact us.

The post “No, I don’t trust you” – Implementing Zero-Trust Architecture in the world of Self-Sovereign Identity (SSI) appeared first on Trust Over IP.


SelfKey Foundation

$KEY Gets Listed on Simplehold

SelfKey ecosystem’s native token $KEY gets listed on Simplehold, the native wallet of Simpleswap. The post $KEY Gets Listed on Simplehold appeared first on SelfKey.

SelfKey ecosystem’s native token $KEY gets listed on Simplehold, the native wallet of Simpleswap.

The post $KEY Gets Listed on Simplehold appeared first on SelfKey.

Monday, 21. February 2022

DIF Blog

🚀DIF Monthly #26

Our February round of updates from DIF in 2022: Stay on top of developments at our Working Groups, news from our members, events and much more.
Table of contents Foundation News; 2. Group Updates; 3. Member Updates; 4. Funding; 5. DIF Media; 6. Members; 7. events; 8. Jobs; 9. Metrics; 10. Join DIF 🚀 Foundation News DIFCon: now there are two!

DIFCon F2F Virtual
Feb 24th 2022 7:00 PST / 16:00 CET until 15:00 PST/ 00:00 CET.

Our Virtual Event is happening in 3 days! We are delighted to have a diverse program of content: upates from all the groups at DIF, to panels, workshops and demos from the wider community. Check out the highlights now: Program is HERE Note: Zoom links are not live until 24th Feb, and agenda may be subject to (minor) changes Event is free and open to all, not just DIF members Signups are still open at our Eventbrite page here: feel free to share and invite your team and wider network, including those curious about or just starting their decentralized identity journey! Use hashtag #DIFCon

DIFCon APAC F2F Virtual
3rd March 2022

A second event with a focus on APAC/ASEAN timezones and markets

A continuation of the digital identity conversations from DIFCon on the 24th Feb as well as host to some region-specific sessions, panels and workshops.

Eventbrite registration page here: please also invite and share ! #DIFCon

This virtual event is also free and open to all, not just DIF members

Call for Workshops/Demos - We are excited to hear your ideas for demos, workshops, panels and presentations for the DIFCon program: Google form to submit sessions for DIFCon APAC is here. Submissions close 28th Feb 2022

Join our DIF Discord!

Invite link: https://discord.com/invite/F4Qw7h6Sr9 For open-groups such as DIDComm User Group and Hospitality & Travel SIG channel. non-IPR-protected space. The DIF Code of Conduct still applies. Staffing changes at DIF

Balázs' time at DIF coming to an end: both the team here at DIF and all of our members would like to thank Balázs for his tireless work in building up and supporting a vibrant community over the past few years.

We wish him all the best in his future endeavors at multi-chain KYC verification platform kycDAO. We also expect him to still come back and visit! Balázs: Thank you. Seriously, the DIF community was my home for the past 2,5 years. Getting involved with such an exciting and ever-growing group was a life-changing experience. I had the chance to help hundreds of companies take their first steps on their decentralized identity journey. With the help of our membership, the foundation grew from ~70 members to 300+ members spanning the globe. From the original 4 working groups, we have formed 10 WGs, including multiple joint groups with some of the most established players in the industry.
My role as the head of operations offered extensive exposure to concepts and ideas that were challenging the status quo of digital identity management. With the help of members, we explored different work items and models that sometimes never reached the market.
I look forward to leveraging my understanding of decentralized identity and open source IPR protected work. I will still be available on DIF slack and around the community!

DIF would like to welcome Paul Grehan to DIF as Program Manager: A warm welcome from the entire community; we are excited to work together and see how was can engage, delight and surpass in 2022 and beyond!

Paul: Firstly, I would like to acknowledge all the hard work and effort that Balázs has put into this community to date, amazing! I feel privileged to be a part of such a strong and committed cohort of like-minded people and organizations, driven by a need to develop such a crucial element missing in today's digital environment - decentralized identity.
To say it's an exciting time in this field would be the understatement of the decade and I am thrilled (and a bit nervous!) to help the foundation support and grow the community to deliver on its incredible potential. There is a long list of individuals that help make this community a success, my promise is to ensure we, at DIF, continue to enable you all to do so.
Please feel free to contact me via any of our platforms (incl. Slack & Discord) or directly - I would love to hear your story and how DIF plays a role in that. 🛠️ Group Updates ☂️ InterOp WG (cross-community) Dmitri Zagidulin presented part 2 of his common QR-code initiation discussion. Zoom recording here. Part one (8th December 2021) is linked here Bob Blakely shared his reflections on SAML interop work. Link to Zoom recording. Meeting on 3rd Feb is cancelled, but all are welcome to attend the DIDComm WG session at DIFCon F2F Virtual on the 24th Feb at 9:20 PST / 12:20 EST / 18:20 CET 💡 Identifiers & Discovery Discussion of whether DIDs can be considered 'personal data' Community browser extension and abstract wallet architecture (continued topic from last week) Discussion mobile wallet app vs. extension Extension comes with default, but other modules can replace certain parts, e.g. present a better dashboard Community defines the (sets of) basic functions, then we define an extensibility model, e.g. what modules can you plug in DIFCON - Dedicated DID Registration Work Item session in addition to WG presentation 🛡️ Claims & Credentials

https://i.imgur.com/Pmplyre.png

Workitem Status: JWS Test Suite notes work has been done for a while. still meeting to discuss up and down stream issues. currently discussing VC Working group charter issues. how the non-normative examples can help implementation the next 1-3 meeting will be about vc working group charters discussions Workitem Status: WACI-PEX currently taking a small break while some dependencies sort out some BBS+ implementations have surfaced issues in the core specs Finished presentation & have made progress on issuance stack Workitem Status: PE (2.0) + Schema Directory Workitem Status: Credential Manifest + Wallet Rendering Closed PRs and issues Approval: Verifier Universal Interface (VUI) tracking Follow-up on Signoff process SF lab regular meeting are being wound down more official announcment to come at DIFCon on 24th Feb Work item PR to be set up against the C&C repo Prep for WG presentation (20min) at DIFCon 📻 DID Comm DIDComm UG on Discord - Please join using this invite Discussion NIST algos - more on GH here ACKs - more on GH here 📦 Secure Data Storage PRs 3 open PRs Closed PR 316 - OOB Fix DIDcomm Users Group Time Poll: http://whenisgood.net/d8dkhgi No clear time found proposal for holding an "UnSync Meeting" every 2 weeks on Wednesday, for 12 hours, beginning at 2000 Tokyo / 1700 Delhi / 1200 Central Europe / 0600 Eastern / 0400 Pacific group members engage async on UG Discord 🌱 Wallet Security WG Bernard is stepping down as co-chair, the group would like to thank him for his hard work and valuable contributions discussion on interest for implementing the device binding feature achieving interoperability tests with multiple implementations Wallets: BCGov: Aries/AnonCreds with iOS/Android/SE eSatus: Aries/AnonCreds with iOS/Android ID-Wallet: Aries/AnonCreds with iOS/Android Issuer/Verifier: acapy, .NET Further discussions with Lissi Team Aries -> create a new Aries RFC to specify the DIDComm protocol for device binding two separate protocols for device binding/wallet authentication or same protocol? start a workshop with technical experts for first proposal focusing Aries/Anoncreds
Wallet implementers survey: GDoc Sheet Results data Output PDF in short: most wallet implementers rely on mobile and do not support multiple security levels yet Wallet authentication discussion from last week excursion of non-trust wallet architectures Trusted Verifier - UX and security checks performed by the wallet concept screens from German Trusted Verifier project 🔧 KERI KERI is moving to a new home at IETF for further work 🌱 Applied Crypto WG Work Item status

bbs signatures

Lots of progress great discussion on scope of draft, splitting out core draft and associated features Proposals for Holder binding Global message generator creation procedure Curve specific profiles for the BBS signature scheme Deterministic signatures Mike Lodder contributed some tooling to test the spec https://github.com/tplooker/draft-looker-bls-jose-cose

bof secure software supply chain

CBB Data Encoding & CBB Crypto Service Protocol

cbb_delegatable_anonymous_credentials

cbb-distributed_zkp_authentication

cbb_policy_as_code

cbb-service_protocol

JSON Web Proof

Working through updating the language, possibly getting it to an I-D for the up and coming Vienna meeting Interesting discussion on presentation header helps schemes like BBS, PR in-bound from Jeremie

revocation_methods_for_verifiable_credentials

Spartan ZKP signatures

Kick off call last week Requesting a repository in the next fortnight Expect progress before next call Focus on reviewing a broad set of ZKP based schemes ✈️ Hospitality & Travel 🏦 Finance & Banking 🌏 APAC/ASEAN Open Call Group is looking forward to DIFCon APAC on 3rd March COnversation continues on region-specific sessions 🌍 Africa Open Call 🦄 Member Updates

Condatis

Condatis' blog takes a look at the identity model called Bring Your Own Identity, and how decentralization brings privacy and data ownership to individuals. In Wallets turned Digital, Condatis' Solutions Architect, Richard Astley, talks about the importance of identity, the links between physical and digital wallets, verifiable credentials, and more.

Centre.io

Centre.io just launched Verite, an open-source Verifiable Credential framework bringing data minimization and “once-only” architectures to portable KYC verification across the Web3 and DeFi ecosystems. The press release includes a link to the comprehensive "dev docs" and sample implementation.

ValidatedID

Is it possible to issue Verifiable Credentials compliant with the existing European regulation while eIDAS v2 is not approved? ValidatedID have integrated a new eIDAS Bridge in their VIDchain Services to do just that, based their development in the EC’s ISA2 program. More details here 💰 Funding 🌐 Identity Community

Ancon Protocol v1.0.0 has been released with support for did-web, did-key and did-ethr, use cases are NFTs, secure off-chain data and content provenance / authenticity

The Indiverse discusses what place decentralized tech like DIDs and VCs have in a future where Metaverse looms large on the horizon.

SocialKYC is a decentralized identity attestation service for regaining control over your digital identity using KILT Protocol. SocialKYC is a decentralized cornerstone for Web3.

Blockchain Monday, 14.02.2022, Hanseatic Blockchain Institute, Hamburg, Germany. Markus Sabadello and Tim Heidfeld join the video podcast to discuss: Key differentiators and evolution of web1-web2-web3, The next 5 big things in web3, NFT Identity and Properties, Layer Identity, DIDs and more.

The European Union Agency for Cybersecurity, ENISA, released their SSI Landscape report: Digital Identity: Leveraging the SSI Concept to Build Trust

This paper explores the potential of self-sovereign identity (SSI) technologies for secure electronic identification under the eIDAS Regulation, and assesses existing eID solutions, as well as the standards, communities, and pilot projects that are presently developing these solutions.

🖋️ DIF Media 🎈 Events & Promotions

KuppingerCole European Identity and Cloud Conference 2022
May 10th – 13th 2022, Hybrid Event

Call for Speakers - 20 minutes to present your thoughts and findings in front of the identity community. After the event, your presentation will be published on the KuppingerCole website Speaker applications close 28th Feb 2022, apply here.

Internet Identity Workshop
April 26 - 28, 2022

IIW34 returns to their in-person format for this industry-defining bi-annual unfocerence at the Computer History Museum, Mountain View, California. Read our recap of IIW33 from OCtober 2021 here to get a sense of the groundbreaking and mind-bending conversations that happen at these events! Get your ticket here.

CALL FOR PAPERS: Blockchain in Healthcare Today (BHTY) - an open access, peer reviewed journal on distributed ledger technology research and innovations in healthcare, information systems, clinical computing, network technology and biomedical sciences. Read more and submit here

💼 Jobs

Members of the Decentralized Identity Foundation are looking for:

Software Engineer- IO Global Decentralized Identity Foundation (DIF) Project Lead Location: remote Software Engineer- IO Global Project Lead
Location: remote Software Engineer- IO Global Decentralized Identity Foundation (DIF) Project Lead Location: remote Community Manager - Jolocom Location: Berlin, German-speaking Consultant (junior/senior) - Jolocom Location: Berlin, German-speaking SDK Developer (midlevel/senior) - Jolocom Javascript, Typescript, NodeJS Location: Berlin Senior Backend Engineer - Diwala Location: Remote Senior Frontend Lead - Diwala Location: Remote
Check out the available positions here. 🔢 Metrics

Newsletter: 5,340 subscribers (that's you!) | 31% opening rate (yes, you!)

Twitter: 5,452 followers | 4.7k impressions | 5.9k profile visits

Website: 22.46k unique visitors

Youtube: 292 Subscribers

In the last 30 days.

🆔 Join DIF!

If you would like to get involved with DIF's work, please join us and start contributing.

Can't get enough of DIF?
follow us on Twitter
join us on GitHub
subscribe on YouTube
read us on our blog
or read the archives

Got any feedback regarding the newsletter?
Please let us know - we are eager to improve

Sunday, 20. February 2022

Identity Review

University of Austin (UATX) Launches the Forbidden Courses

The new university releases its “Forbidden Courses,” opening applications
The new university releases its “Forbidden Courses,” opening applications

Digital Scotland

Estonia: The Baltic Tiger – Inspiration for a Digital Scotland

How Estonia grew from the post Independence early challenges to become the world's leading digital nation. The post Estonia: The Baltic Tiger – Inspiration for a Digital Scotland appeared first on DigitalScot.net.

A headline theme of our Digital Nation campaign is the inspiring story of E-Estonia, and how Scotland may emulate their success. Lesley Riddoch and filmmaker Charlie Stuart traveled to Estonia in late February 2020 to make a film about this story, about one of the most recent small north European states to become independent.

Tiny Estonia (pop similar to Wales) sees itself as a forgotten Nordic nation, sharing its language, forest and bog-covered topography and Baltic location with Finland.

And it’s widely regarded as Europe’s Digital Tiger economy, performing an incredible transformation from terrible poverty in the wake of reestablishing independence just 30 years ago.

Thirty years ago, Estonia became the latest small European nation to declare independence. Faced with terrible winters, they struggled to even find petrol for ambulances and the supermarket shelves were empty. But today, Estonia is one of the most successful small countries in the EU. How did they do it?

Video Summary

The Estonian people were preparing themselves for independence all their lives, and they actually planned a lot of this transformation ahead since they had a firm belief that they would become independent.

A wave of young people took over dismantling everything. So they said those people who have been working for the Soviet Union and have been supporting this kind of things have to leave now. They need to clean the entire state.

And by cleaning the state, it means everything. The first years were tough for this new Baltic nation. They literally had nothing on the shelves of grocery stores in Tallinn or elsewhere in Estonia. They were in a very difficult situation. But Estonia embraced the new digital world, and in just 20 years, its GDP has increased fivefold. It’s nothing short of extraordinary. This transition happened within a generation. The Estonians have adopted their independence day as the 24th of February. It’s a holiday, everyone gathers together on this day.

Estonia first proclaimed independence in 1918 after two centuries of Russian rule, but soon the country was occupied, first by the Soviets, then the Nazis, then the Soviets again, who ruled for almost 50 years. In March 1949, 20000 people were deported, most to Siberia by the KGB. Two thirds were women and children under the age of 16.

In 1986, there was a seismic shift at the Kremlin. President Gorbachev introduced Glasnost to modernize and refresh the communist bloc. But in the Baltic states, the newfound political freedom gave the chance for dreams of nationhood to be rekindled. The Estonian people were preparing themselves for independence, all their lives through whole time in Soviet Union and then especially, intensely, during those three years they had the singing revolution, they were prepared.

Throughout the years of repression, huge singing events continued, the choirs were a symbol of Estonia’s unique culture. As freedom can’t be achieved by only movements, they not only were singing and shouting and streets, but they were undertaking hard legislative work too. In August 1989, the movements of Estonia, Latvia and Lithuania combined to form a 400 mile chain of two million people demonstrating their unity for freedom. This was to catch media’s attention to pressurize Gorbachev. After all this, Estonia got its independence.

Estonia set up its own currency pegged to the Deutschmark, but the country had traded almost exclusively with Russia and so the economy collapsed. It was a government in crisis from the start. In 1993, in the midst of a Baltic winter with daytime temperatures below minus 10, the state coffers are empty, businesses face bankruptcy, pensions might not be paid.

There was a struggle to find petrol for ambulances and the shops were empty. Mart Laar became the first formally elected prime minister at the age of just 32. The unemployment rate was 40-50%. No countries were buying anything from Estonia as their production was really bad. The changes were really very, very harsh because they didn’t have money. People were patient, expecting that the country will grow up, will improve. And after this harsh time, there will be better times. The Estonians people had hope that Estonia will again flourish someday.

Very soon help and investment came from Nordic neighbors. There was were even food and clothing parcels from abroad. Very quickly, Estonia began to grow as Europe’s newest democracy. It was a society shaped by a new generation without baggage from the communist era, with new ideas and a blank canvas.

E-Estonia

Estonia’s main claim to fame today is the Digital Economy. Estonian education has fueled 20 years of digital innovation, 90 percent of schools deliver subjects using digital technology by choice, not compulsion, and 70 percent of kindergartens have access to robotics. Scottish education was once the envy of the world. Now a different small country is turning educational heads.

The education system has spawned a nation of digital entrepreneurs and innovators. Three Estonian engineers have built Skype with almost 700 million worldwide users.

In Estonia, everyone must have a digital ID. This is a compulsary document for absolutely every person who lives in Estonia. The citizens of Estonia use this smart electronical id card as their driving license also. They also get discounts from various shops by using this id card. This card is also essential for medical care because they need this card at hospitals and health care centre for their medical prescriptions.

This card is also used by the citizens for tax payment system. With the aid of this card it takes only one minute in order to declare citizens’ taxes. The citizens of Estonia have a great faith on their state law authority as they provide their all information of themselves to one institution. Only one percent of entire state budget is used in order to keep up the system. The citizens’ get back two percent of their GDP by using this one single solution.

It took three years after independence for the last Russian military to leave. Now, Estonia has an army of its own and an international peacekeeping role. It has 3000 full time soldiers with 20000 in reserve and the support of its Nato Family since it joined in 2004. Joining the NATO has cultural, economic, social and mostly political consequences on Estonia.

In Estonia 2/3 of the population live in the traditional country. They tried to keep alive their cultural heritage even when they were part of the Soviet Union. The country celebrates its traditions and identity big time.

The country has been criticized for a flat tax regime that leaves the well off paying the same as the lowest earners, just 20 percent. And corporations can skip tax altogether if they reinvest. One man well-placed to make international comparisons is the Estonian TV journalist Johannes Tralla, he is a former EU correspondent.

According to him oligarchy does not exist in the Estonia every taxi driver here is an entrepreneur and the low tax system is really beneficial for the citizens. In Estonia there is no dramatic class gap in society. The taxation framework in Estonia is really appreciable in the whole Europe.

Inspiration for Scotland

Another video shares a short case study of E-Estonia from Freethink, interviewing Toomas Hendrik Ilves, President of Estonia from 2006 – 2016, telling the compelling story of the global success of Estonia as a digital nation leader, boasting the most advanced digital government in the world.

Ilves recalls how Estonia faced massive economic challenges upon achieving the restoration of independence in 1991, a time that soon saw the emergence of the Internet.

Toomas realized the opportunity was that Estonia was no further behind than any other country in this field, and so began pioneering their adoption, with all schools being online by 1998 and the framework for E-Estonia in place by the early 2000’s.

Fast forward to today and Estonia now enjoys an entirely digital society – Via a single digital identity everything except weddings and real estate can be transacted online, including voting.

Not only is it a convenience but it’s also the foundation for a prosperous and healthy society. Being entirely digital has meant Estonia has continued uninterrupted during Covid-19, and their ‘E-Residency’ program has contributed €14m to its economy.

A keynote theme is that size and money isn’t the essential ingredient for success.

Toomas now lives in the heart of Silicon Valley in the USA, and despite their vast wealth and being surrounded by the behemoth tech giants like Apple, Google and Facebook, American digital government is surprisingly poor. Processes are still paper-based, requiring photocopies be taken to government offices, whereas Estonians can file taxes in only six clicks in two or three minutes.

Scotland, a similarly sized small nation and with an unparalleled history of invention, absolutely could emulate Estonia and achieve and enjoy an equally advanced digital nation.

As SNP leaders like Martin Docherty, Doug Chapman and Angus Robertson have written for The National, Scotland’s opportunity is to emulate the Baltic nation one fifth the size of Scotland but that has achieved the staggering accomplishment of becoming the world’s leading digital nation, following their own independence.

Writing for The Herald the SNP’s Spokesperson for SME and Innovation Douglas Chapman issues a rallying cry for Scotland to emulate the similarly sized digital nation exemplar, highlighting how their entirely online society has meant they could adapt easily to the challenges of Covid-19.

“Estonia dared to dream and took that leap of faith; Scotland should be next.”

The post Estonia: The Baltic Tiger – Inspiration for a Digital Scotland appeared first on DigitalScot.net.


Transforming Scottish Education for the 21st Century

Decentralizing the exam system through the Blockchain and Digital Badges. The post Transforming Scottish Education for the 21st Century appeared first on DigitalScot.net.

The most powerful way Scotland can advance their ambition to become a world leading digital nation is to identify where key objectives intersect and a single strategy would yield multiple benefits and the achieving of multiple goals.

For example as this article explains, leveraging technologies like the Blockchain could transform Scottish education AND simultaneously progress our ambition to become Europe’s Blockchain capital. It’s a technology capability that could be similarly used across multiple industries.

There are of course many different technologies that have great potential for Scottish learning. The Cloud makes powerful new teaching tools more easily available, Virtual Reality provides an immersive experience, and so on, but these are at the level of individual teaching. To define the wholesale transformation of education we need to look at technologies operating at that systemic level.

Writing for TES James McEnaney sets the scene for the types of changes needed, describing 4 Ways to Transform Scottish Education, most notably a reformation of the exam system:

“Our current approach, the one that grinds students through a needless annual exam cycle and ties so much of their future to performance in just a few hours of a single day, has failed far too many people for far too long. The richest pupils are more likely to leave school with five Highers than the poorest are to leave with one. Those from the most deprived backgrounds are also more likely to fail their courses than achieve an A grade.”

This of course is the backbone of the education system, how grades are assessed and rewarded, and it is here therefore where the biggest levers for change are possible, and in this article we’ll explain the role new technologies can play in underpinning and enabling such a transformation.

Blockchain Certs

The purpose of introducing the Blockchain into the mix is to ensure the authenticity of awarded certificates.

Our school diplomas and university degrees are credentials that every one can easily relate to and understand the societal value of, and with the rise in fake certificate fraud an obvious demonstrator of the need for the assured integrity of these documents. Countries like the Bahamas are now issuing Blockchain-based academic certificates.

The types of innovation that seem to be focusing on this type of use case include ‘Blockcerts‘, an open source blockchain project for enabling a Universal Verifier that will verify any Blockcert issued by any institution, anywhere in the world.

Via their Medium article UniversaBlockchain explore the scenario of Blockchain in Education.

They highlight keynote problems like the high rates of medical school diploma falsification as pain points a technology like Blockchain is ideal for tackling in some form, among a wave of other transformative benefits for the sector as it ripples through all workflow areas related to HR, resume checking, et al.

Athena builds on this some, notably detailing the core signature process that underpins the integrity of the record, as a comparison to traditional paper-based approaches:

Blockchain-enabled digital certificates are immutable and cannot be forged. The records are stored on a distributed ledger, hence certificates can be only evaluated by anyone who has access to the blockchain. Since the records are stored in a shared distributed ledger, the certificate can still be validated even if the organization that had issued it no longer exists. The digital certificates stored in the ledger can only be destroyed if all the copies in every system are destroyed. Digital Badges

This capability would ideally go hand in hand with ‘Digital Badges’, which can also be authenticated via the Blockchain the same way. LearningMachine provides this thorough introduction and Hastac explains :

“A digital badge is a validated indicator of accomplishment, skill, quality, or interest that can be earned in many learning environments. Open digital badging makes it easy for anyone to issue, earn, and display badges across the web—through an infrastructure that uses shared and open technical technical standards.”

Educational organizations like WES are pioneering their adoption, and the role and value of digital certification in today’s modern world can most simply be described visually:

This example highlights their immediate value to employment, how they can be modular and very specific to workplace roles – an AWS Solution Architect is a very well defined function, and not only does the digital certificate validate the required skills have been achieved but they can also be used to socially promote the fact we have them, increasing our chances of securing such a job.

Open digital badging makes it easy for anyone to issue, earn, and display badges across the web—through an infrastructure that uses shared and open technical technical standards.

Organizations like Credly facilitate their universality across industries and their CEO describes how they help foster a more diverse and inclusive workforce.

Educause Review covers some examples of universities now blending digital badge schemes into their awards programs, and a pertinent example of how this can be applied in the corporate world is this example of the Scottish Social Services Council using them to underpin workforce learning. The BCS describes this as the future of professional development, with many organizations like Siemens using them this way.

What if your CV was based on how many ‘#digitalbadges’ and skills you could list, rather than what degree you held? A new report from @theRSAorg labels this future-of-work scenario as the ‘Precision Economy’. Read more: https://t.co/MTf3ds5XRN #futureofwork #skills2035 pic.twitter.com/fzEAonIN58

— Skills Development Scotland (@skillsdevscot) March 11, 2020

Verified Credentials and Digital Recognition Networks

The other core technology used in conjunction with the Blockchain in this scenario is Digital Identity, the systems we use to log in to web sites and services.

The building block of how these are work are ‘Verifiable Credentials‘, the mechanism for different digital services to recognize those login details provided by another.

In his blog Amit Jasuja explains the core mechanics of this and how multiple organizations can share digital identity services, an ecosystem of ‘relying’ and ‘issuing’ parties.

Academic certificates are a great example of a digital credential, and how they will be shared and recognized by other academic organizations can be facilitated by this core Digital Identity capability. Hence another great way of describing this ecosystem is “Digital Recognition Networks” – The ecosystem will be formed through organizations establishing agreements to share data and recognize the digital credentials of partners they work with to fulfill these processes.

In Endorsements 2.0 – Taking Open Badges and E-Credentials to the Next Level the author explores this scenario, looking at how a student uses their HIPAA certifications and as a way of explaining the The Open Badge specification, and its purpose to provide this type of assurance network.

“New features in the Open Badges Specification will soon make it possible for third parties to add verifiable endorsements to these e-credentials — a necessary step for their credibility in many settings.”

Writing for the CPHR Terrahub explains the principle through exploring an excellent use case of how this will take shape and the economic benefits it will bring: Education and Employment.

“In a recognition network, skills and credentials are represented by digital badges that organizations use for achievement and an employee can us for permanent external branding during or post-employment.

As brands move global and geographical boundaries dissolve, these recognition networks enable talent to shift and move without having to re-qualify their competency, eliminating frustration for the employee, and inefficiency for the employer by getting the right people to work fast.”

Education and Employment is a great scenario as the core components are easily understood: The credential – Your academic qualification in certificate form, and the recognition – How employers seek that qualification as a requirement for employment.

Digital Wallets – MyCreds

The method for storing these digital badges and certificates will be digital wallets, aka “Learner Wallets”.

In his Medium blog Timothy Ruff provides an excellent, detailed summary of this interconnected ecosystem will begin to take shape and the role these wallets will play.

He explains how:

Organizations like the T3 Innovation Network, within the U.S. Chamber of Commerce, are developing Learning and Employment Records, powered by the same VC standards and technologies that enable self-sovereign student ID, with the same issue, hold, verify model to/from an SSI wallet, which they call a “learner wallet” for simplicity. This will help reduce and eliminate student fraud. Once organizations realize they can receive cryptographic proof directly from the student, they can lessen their reliance on passwords, social security numbers, and other personal information.

As this news highlights one of the first customers to harness this capability is the Association of the Registrars of the Universities and Colleges of Canada (ARUCC), choosing Digitary as the solution provider for the Made for Canada National Network.

This has been followed by launching ‘MyCreds‘, a national, bilingual credential wallet supported by a comprehensive website for Canada’s post-secondary community and learners.

This initiative means the Canadian higher education community is creating the very first online platform and national credential wallet for post-secondary learners. Once fully operational, the Network will enable 3 million learners across the country to access and share their official digitized post-secondary transcripts and credentials online – anytime, anywhere.

As Digitary CTO Takis Diakoumis writes:

“Portable learner credentials and the ability to securely assert claims to knowledge is the key enabler in ensuring this freedom of movement across places of learning and work. In exploring the next sustainable ecosystem for learners, we begin to note the technological evolution of self-sovereignty and the broader reimagination of our digital identity.”

“SSI enables the sharing of data in a new, controlled and trusted way, a way where no one can take it away or switch it off. A new foundational connection between institutions and learners is formed where we can completely reimagine the learner relationship, for life. The enormous impact is beyond any one sector. It is about human connections and digital trust; about how we relate to the world around us and where learners become the cornerstone of the next digital revolution.”

Scottish Case Study: City of Glasgow College

In this white paper the authors document the MySkills project, a collaboration between the City of Glasgow College, The Scottish Qualifications Authority and APPII, to define a generic model of digital certification to be used and adapted by other awarding bodies throughout the rest of the UK.

This explores in specific detail the concepts described in this article, applying them to the Scottish Education and Employment market, demonstrating walk-throughs and process models for how it would work in practice and defining how the pilot project can be scaled to a nationwide roll-out.

Most notably it highlights the core challenge that really stands in the way of modernizing Scottish Education:

“Government policy can be driver. In Scotland, where this project is based, the adoption of digital certificates for vocational education qualifications is a good fit with the Scottish government ambitions for digital services and a digital economy.”

However:

“Adopting digital certificates is not a very technically demanding challenge, it’s more an issue of cultural change. The challenge in going digital with certificates of learning is symptomatic of the wider challenge of adopting technology generally in education. We are dealing with a complex social, legal and economic system that is resistant to change – despite all the hype (and worse) about the ability of technology to transform education.”

Conclusion: Decentralizing Education

Digital Badges provide the building block for modernizing how assessment is conducted and how the associated academic certification is awarded, setting the foundation for transforming education – Think of the Boy Scouts and Girl Guides, and how progress accomplishment is not one final cram exam but an ongoing journey of building a portfolio of modular skills achievements.

The impact of this technology will go far beyond simply securing the integrity of the issued certificates, it will provide a foundation for the wholesale transformation of how education is provided. This Cointelegraph article explores the nature and details of this transformation.

Blockchain and Digital Credential experts Christopher Allen and Kim Hamilton Duffy explain how a key trend is ‘personal data agency’ – To date academic credentials like degrees and transcripts are held centrally, and individuals must navigate a number of challenges and approvals to obtain access to and share them for employment purposes.

They can also be changed, deleted and shared without consent or knowledge of the individuals, and so the advent of the Blockchain era will see users take direct control and ownership of their records, and via technologies that ensure their integrity. This would be hugely impactful in scenarios like immigration, where an increasing number of migrants that either have lost their credentials or for whom it is impossible to tell if their documents are valid.

This will enable a “peer to peer” approach to learning. Christopher Allen highlights:

“This makes it possible for there to be P2P [peer-to-peer] competency credentials, from fellow students, teachers, co-workers, clients, contractors, employers — not just educational institutions.”

In other words not only can a single individual be the teacher providing the education but also the ‘institution’ certifying the student has learned the skill accordingly. Their own reputation as an expert in the field would underpin its’ legitimacy.

Ultimately this reflects education modernizing for the 21st century ‘Web 3.0’ world we now live in. The antiquated, top down authoritarian models of recognizing academic achievement are no longer fit for purpose and this approach would enable Scotland to pioneer the future that will replace it.

The post Transforming Scottish Education for the 21st Century appeared first on DigitalScot.net.

Friday, 18. February 2022

DIDAS

Implementing the Swiss SSI Ecosystem – Two Streams Approach

The challenge of dealing with unknowns How to move forward when expectations are high whilst divers and many open questions seem to lure on the way? How to demonstrate value of a constantly developing technology before all open issues are clarified? These uncertainties seemingly dominated the recent participation conference organized by the federal project team ...
The challenge of dealing with unknowns

How to move forward when expectations are high whilst divers and many open questions seem to lure on the way? How to demonstrate value of a constantly developing technology before all open issues are clarified? These uncertainties seemingly dominated the recent participation conference organized by the federal project team as the start of a series of similar events to accompany in the most transparent way the development and legislation of the newly proposed E-ID-Ecosystem for Switzerland. 

DIDAS (Digital Identity and Data Sovereignty Association), a not-for-profit organization uniting leading experts on Self Sovereign Identity (SSI) from academia, public and private entities in Switzerland, proposes a two streams approach to tackle this great endeavour. 

Stream 1  – Exploring the Foundations

The main goal of stream 1 is to show, not to tell.  In a sandbox-type test environment practical uses cases of all sorts and sectors shall be developed and demonstrated to the general population not yet familiar to the concepts of an E-ID-Ecosystem.  Here the main effort is to develop prototypes of the tools and applications for verifiers, holders and issuers of digital credentials, which will be made easier by leveraging readily available tools and frameworks for the underlying decentralized trust network . This is a standard procedure in modern product management known as MVP (minimum viable product). These applications will never go in production directly but serve to demonstrate the interactions of all players in such an ecosystem with all its different sectors. The key goal here is  to demonstrate user interactions and raise all necessary questions upfront to enable the construction of a secure and efficient future E-ID-Ecosystem for real life in Stream 2. 

Stream 2 – Building the Extended SSI Ecosystem

Stream 2 takes up all important tasks which are necessary to design and build the infrastructure, tools and governance required to provide the solid, secure and internationally interoperable basis for a Swiss E-ID as well as digital credentials from all other sectors. Key questions such as security, privacy, efficiency and resilience as well as necessary business models will be carefully evaluated, discussed and implemented. 

Moving Fast Towards Production

Both streams will run in parallel. They will nurture each other by sharing experiences, identifying and raising new questions and finding new answers.  The key is to iterate on the implementation in an agile way until the moment when the system, tools and governance will be safe enough to be put into production. We expect the first pilot implementation not to be the E-ID itself but rather verifiable credentials in need of lower assurance levels such as membership cards, tickets or other credentials which will be used , potentially, on a daily basis. 

In such pilot applications, critical questions of user experience and acceptance can be validated in real life. The findings and results will feedback into further development of the systems and hardening of security and privacy. This is also a great practical way to identify legal aspects that need clarification or even potential changes in the relevant laws. Since we expect strong further development in all aspects of SSI, this approach allows for agile and continuous improvement until the stage where it will be safe enough to broadly launch the Swiss E-ID with great user experience and many questions answered. 


Own Your Data Weekly Digest

MyData Weekly Digest for February 18th, 2022

Read in this week's digest about: 13 posts
Read in this week's digest about: 13 posts

Thursday, 17. February 2022

Centre Consortium

Welcome to Verite: A Message from Centre CEO David Puth

 

 


We Are Open co-op

HOWTO: Set Open Standards for your project

Make decisions and share early and often At the end of last year, we delivered a robust digital strategy to Julie’s Bicycle (JB), an organisation working at the forefront of the climate emergency and its intersection with the arts and culture industry. Together with our friends at Outlandish, we are at the beginning of a journey to: “grow a welcoming Open Source platform and experience
Make decisions and share early and often

At the end of last year, we delivered a robust digital strategy to Julie’s Bicycle (JB), an organisation working at the forefront of the climate emergency and its intersection with the arts and culture industry. Together with our friends at Outlandish, we are at the beginning of a journey to:

“grow a welcoming Open Source platform and experience that gives the international cultural community the shared knowledge and tools they need to take creative climate action with measurable impact, inspiration, confidence, and solidarity.”
What is the Creative Climate Platform? a diagram of the various communities and components of the CC Digital Platform

Well it isn’t one single thing, it is a series of technical and social solutions that will help JB have the impact it wants to have in the world. Each piece of the puzzle is complex. There are multiple communities in play, multiple sets of tools and resources. There are a variety of ambitions and pre-existing partnerships.

We know that setting up an open project can help JB. An open project can help them receive creative input to its product(s). We can establish some sustainable processes that will help JB staff, partners and community members get involved. We will showcase solidarity and understanding with what JB’s audience needs and wants.

Another Architecture of Participation (AoP)!?

We’ve applied our AoP framework often enough that we have a special page on our website to explain it. We’ve mentioned before that an AoP is a contextual exercise and with Julie’s Bicycle we have a blank canvas. The Creative Climate Platform is in its infancy, and we’ll be kicking off the Discovery phase of the project while maintaining the various components as separate projects and relationships. Because the work is to bring things together in the best possible way, we have an opportunity to ensure that our set up is tested and robust, using the best practices of open source.

Establishing the System Ecosystem the tools we’ll use

As we set up the project out there in the wild of the Internet, it’s important to establish and document a system to run the pieces we need. A “system ecosystem” is simply a map of exactly which tools your project is using. These maps can be more or less complex depending on what the project is. For example, a highly technical system ecosystem may have notes about the kind of tech involved (e.g. middleware, database, front-end). For our purposes, we just need a simple map of our systems.

We’re well aware that this won’t cover everything, but if we’re going to build a minimum viable product, we’re going to need a minimum viable set-up. Broadly, there are three categories of tools we know we’ll need right from the get-go:

Code Repo & Issue Trackers — We intend to use a public Trello board for project management tasks and actions. We will use Github for code repositories and utilize Github’s issue tracker for development tasks. Communications & Feedback — The Digital team has a Slack channel hosted by Outlandish. We will use this for team coordination. We will publish regularly about the project to a bespoke Medium publication (TBD!). We will tie in with JB’s marketing team (e.g. Twitter) for sharing of outputs from the project. Another mechanism is an email list where the team can share outputs. Documentation & Project Overview — We will continue to use Google docs for project documentation, planning and notetaking. We will spin up a site / wiki (TBD) at project.juliesbicycle.com (TBD) to house an overview of the project, evergreen project documentation, contribution content, and other public facing resources about the project.

We haven’t made all the decisions yet! The TBDs above are things we, as a team, need to discuss. However…

Release Early and Often: Comms

One of the biggest problems in the world of open source is the flow of information from maintainers and/or paid staff to the wider community. It takes transparency and translation to take what is said at a meeting and turn it into documentation that everyone can refer back to. For products, this can be quite an easy translation — things end up on a product roadmap and in an issue tracker. When a project is a bit more complex, involving community engagement, storytelling, partnerships and more inter-personal relationships, it can be easy to lose track of where and how decisions were made.

How we will document the project

The work of engagement is essential to this sort of project. So, in an effort to be fully transparent with JB staff, community and partners, we’ve created a communication ecosystem and workflow. This will help people understand how we move information from “inside” the project to become community engagement resources.

A workflow for moving information around Open Licensing

For our engagement content as well as eventual resources in the Creative Climate platform’s E-Learning Library, we’ve recommended Julie’s Bicycle use the CC BY-SA license. This allows people and organisations to use and remix the resources, but crucially requires them to also share any derivative works under the same license.

Popular copyleft licenses

Software licenses are a bit more complicated than permissive licenses such as Creative Commons. In this area, where almost every codebase includes code from elsewhere, instead of the default ‘All Rights Reserved’ approach of copyright we use copyleft licenses. We recommended the GNU Affero General Public v3 (in green). This closes some loopholes and adds SaaS competitor protection — other organisations providing a service based on the codebase would have to release any modifications to the source code.

You can read our full licensing recommendation here.

Get involved

We’ve found that specifically establishing and publishing the open standards your project will adhere to is a good way to make sure that typical problems around communication are mitigated. We, obviously, have more to do in this arena, but we are setting our intentions for the Creative Climate platform out loud!

We see contributing to climate-related open source projects as a way to use tech, design and collaboration skills to help impact-focused organisations respond to the climate emergency. There’s plenty to do, no matter what your experience or skill level — leave us comments or send us a note to get involved!

HOWTO: Set Open Standards for your project was originally published in We Are Open Co-op on Medium, where people are continuing the conversation by highlighting and responding to this story.


Commercio

INAZ, with its subsidiary DDocuments, offers a new Blockchain service

Milan, 17 February. INAZ is moving another step on the ground of innovation and expands the portfolio of IT-HR solutions with the Blockchain. From today, in fact, the Validator Node of DDocuments, digital transformation company controlled by INAZ, is active on the Blockchain of Commercio.network. “We are excited to be part of Commercio.network. It is the first time we are […] L'articolo INAZ, wi

Milan, 17 February. INAZ is moving another step on the ground of innovation and expands the portfolio of IT-HR solutions with the Blockchain.

From today, in fact, the Validator Node of DDocuments, digital transformation company controlled by INAZ, is active on the Blockchain of Commercio.network.

“We are excited to be part of Commercio.network. It is the first time we are actively participating as validators in a decentralised network like Blockchain. It is a technology in which we believe and which, we are sure, will bring benefits to the entire Italian production apparatus,” explains Diego Dal Ben, president of DDocuments.

“The partnership with Commercio.network will allow us to advance the Italian technological leadership in the Self Sovereign Identity space in Europe” comments Valerio Busnach, Business Relationship manager of INAZ.

The blockchain project of Commercio.network was conceived in January 2018, saw the light with the launch of the network on 4 July 2020 and today, with its nodes, among the largest European Blockchain oriented to the corporate sector.

“Having on board an innovative company like DDocuments, which is part of one of the most important IT groups in Europe like INAZ, increases the resilience of our Blockchain. As a network we are ready to face new challenges and seize the opportunities that the market presents us” says Enrico Talin, co-founder of Commercio.network.

Inaz Srl is one of the most important Italian companies in the production of software and services for the administration and management of human resources. Founded in 1948, it is a family-run business, today led by Linda Gilli, Cavaliere del Lavoro. With a sales network throughout Italy, Inaz offers innovative digital solutions to thousands of customers, including companies, public administration, professional firms, employment consultants and trade associations. Inaz, with its Study Centre and the Osservatorio Imprese Lavoro, is also a point of reference for companies and professionals in terms of updating, consultancy and training. Its headquarters are in Viale Monza 268 in Milan. www.inaz.it

DDocuments srl is a specialised company that has been operating for over thirty years in the dynamic international panorama of document digitisation. The expression of this know-how is DDocuments, the extremely high-performance proprietary platform of the same name, which provides high added-value services in digital document management: standard digital storage, document transmission, PEC, digital signatures, electronic invoicing to B2B and PA, graphometric signatures to completely dematerialise digital processes such as the issue of delivery notes, contracts, approval cycles, etc. For further information www.d-documents.it

Commercio.network spa is the company that has conceived, realised and is further developing the blockchain Commercio.Network. It is an open-source project that gives companies the possibility to sign and exchange documents using blockchain technology. It enables its member companies to create digital identities, electronically sign and exchange digital business documents with a guarantee of authorship (i.e. that the document was created by the stated sender), validity (i.e. that the sender cannot disavow having electronically signed the document) and integrity (i.e. that the document has not been altered in transit/exchange). The Commercio.Network blockchain provides a simple, fast and profitable way to create value for them and their end customers. www.commercio.network.it

 

 

L'articolo INAZ, with its subsidiary DDocuments, offers a new Blockchain service sembra essere il primo su commercio.network.

Wednesday, 16. February 2022

Digital Identity NZ

All set for inspired mahi in 2022

Check out the latest news update from Digital Identity here The post All set for inspired mahi in 2022 appeared first on Digital Identity New Zealand.

Kia ora koutou,

Thank you for reading DINZ’s first newsletter for 2022! 2021 finished in a whirl of activity as we delivered both our written and oral submissions to the Select Committee regarding the draft Digital Identity Services Trust Framework Bill and held our annual meeting and elections for the Executive Council for 2022. We welcomed Angela Gill and Paul Platen (as Chair) and farewelled Janelle Riki-Waaka, Jane Retimana, John Evans and invited-independent Tamāra Al-Salim, thanking them for their outstanding service. Further announcements will be made regarding those filling the three seats that became vacant after the annual election cycle.

2022 looks set to be even busier than 2021 as DINZ embarks on further keystone research and two additional working groups. One working group examines digital identity challenges in marginalised communities, the other is seeking feedback on and finalising DINZ’s Statement of Intent regarding Te Tiriti o Waitangi with its associated action plan. We are also growing the existing working group that supports its identity service provider members on the operational rules aspects of the Trust Framework. And it goes without saying that we remain closely involved with making the Digital Trust Hui Taumata simply the best digital identity event in Australasia. More details of DINZ’s plans for 2022 will be released as they are confirmed by the Executive Council.

Ngā Mihi nui,

Colin and the DINZ Executive Council

To receive our full newsletter including additional industry updates and information, subscribe now

The post All set for inspired mahi in 2022 appeared first on Digital Identity New Zealand.


Ceramic Network

$30,000,000 Series A led by Multicoin Capital and Union Square Ventures

The Ceramic community is on a mission to unlock data composability in the Web3 ecosystem.

We're excited to share that 3Box Labs, core developers of Ceramic, has raised a $30,000,000 Series A co-led by Multicoin Capital and Union Square Ventures to accelerate development of Ceramic and unlock data composability in the Web3 ecosystem. Ceramic's decentralized data network makes it easy for developers to build powerful applications on top of an open ecosystem of composable data.

3Box Labs is 15 employees today and we're growing quickly. If you want to have a massive impact on the next foundational Web3 infrastructure, join us at careers.3boxlabs.com

The Composable Web3 Data Network

At its core, the internet is a bunch of applications running on stateful data. Every time we post, follow, like, share, edit and otherwise use any of our favorite apps like Facebook, Reddit, Twitter, or TikTok, we're generating data – hundreds of millions of data events every second – data that is quickly becoming society's most valuable resource. On today's web, this value is locked away on centralized application database servers like MongoDB, mySQL, and Confluent that weren't designed to be open and collaborative. The architecture of these databases, and the incentives they create, prevent us from collectively realizing the true potential of data and the original vision for the internet.

Decentralized networks provide alternative incentive structures that allow data to be unbundled from applications. However, not all networks are equal. Ethereum, Solana, and similar blockchains decentralize state for financial use cases like tokens and NFTs. Because they're made for finance, they aren't designed to support the scale and transaction volumes required by non-financial use cases for data. Most Web3 developers building dapps today use a blockchain as their financial backend, but store application data and other user-generated content on a centralized database, drastically limiting the types of applications that can be built on Web3.  

This is why we created Ceramic, a decentralized network for composable Web3 data. The network consists of three core components:

Scalable, decentralized data infrastructure Open APIs for storing, modifying, and retrieving data Community-created marketplace of reusable data models

With this design, Ceramic makes it possible for developers to build applications by on a global network of composable data. For example on Ceramic, Twitter-like apps would run on a few shared data models: one for each user’s tweets, one for their social graph, and one for their DMs. By simply adopting the same data models, applications automatically share data and developers no longer need to worry about bootstrapping their database from scratch.

Ceramic's community-driven approach to creating and sharing data models provides developers with a rich set of standards and tools to use when building their apps. Today there are thousands of developers who’ve already built over 400 applications on Ceramic. As more data models are created by the community, the variety of use cases for Ceramic will continue to expand, creating compounding innovation across applications in Web3.

Growing the community

This $30M Series A funding round gives us the opportunity to welcome some of the brightest minds in Web3 to the Ceramic community.

We're thrilled to welcome the following funds and ecosystem partners: Multicoin, USV, Placeholder, Reciprocal Ventures, CoinFund, Jump Crypto, Figment, Hashed, Metacartel Ventures, Edge & Node, Digital Currency Group, Variant Fund, Dapper Labs, Animoca Brands, Protocol Labs, Coinbase Ventures, ConsenSys, The LAO, Dialectic, Zee Prime, StreamingFast, BlockScience, P2P Capital, DaoSquare, Polymorphic Capital, Redbeard Ventures, Collab+Currency, Not Boring Capital, Gaingels, Distributed Global, Bitscale, Northzone, Venrock, Fenbushi, Amplify Partners, Page One, The Fintech Fund, Warburg Serres, 6th Man Ventures, and Underscore.

And angels: Aditi Sriram, Alan Curtis, Alessio Fanelli, Alex Salnikov, Alisha.eth, Annika Lewis, Billy Luedke, Blake Jennelle, Brian Flynn, Calvin Liu, Chase Chapman, Chris Hamm, Dan Heyman, Dan Romero, David Phelps, DeFi Dad, Derek Yoo, Ele Diakomichalis, Florian Hagenbuch, Illia Polosukhin, Jad Esber, Jeremy Sklaroff, Joe Lallouz, Julia Lipton, Julia Rosenberg, Ken Gunter, Kerman Kohli, Mason Nystrom, Meltem Demirors, Nima Ashgari, Oaksprout, Robert Toews, Roham Gharegozlou, Ryan Selkis, Sari Azout, Sean Li, Stefan George, Suji Yan, Tegan Kline, Vadim Koleoshkin, Yannick Folla, and Zach Frankel.

Here's what Multicoin and USV had to say:

The Composable Web3 Data Network, by Kyle Samani @ Multicoin Ceramic, by Nick Grossman @ USV What's next?

In the coming weeks, we will be launching Ceramic 2.0, the next major version of the protocol. We're also considering plans to introduce a blockchain powered by a native token that will be used to coordinate storage, compute, and bandwidth within the network, as well as enhance incentives around data composability.

3Box Labs is hiring for more than 25 positions across engineering, product, community, and marketing. Notably, the team is looking to bring on a Head of Engineering, Head of Product, Product Marketing Lead, Community Lead, and talented software engineers. Apply today at careers.3boxlabs.com.

To get started building with Ceramic, visit developers.ceramic.network and join the Discord.


The Engine Room

From shared concerns to productive frictions: on the intersections of digital rights and environmental/climate justice

Here are some early findings from our research on intersections between digital rights and environmental/climate justice. The post From shared concerns to productive frictions: on the intersections of digital rights and environmental/climate justice first appeared on The Engine Room.

In October 2021, The Engine Room launched a new research project exploring intersections between digital rights and environmental/climate justice. Responding to a mounting sense of urgency around the intensifying climate crisis, our research, in partnership with the Ford Foundation, Mozilla and Ariadne, seeks to identify shared concerns and synergies between diverse movements and communities working on these issues, with the goal of strengthening funding and other support for work at their intersection. 

Our report will be published alongside a set of research deep dives exploring different issue areas related to digital rights and climate/environmental justice, forthcoming from the Open Environmental Data Project, BSR, and the Association for Progressive Communications – so keep an eye out for those, too!

We’ll be publishing our findings within the next few months but in the meantime we’d like to share some of what we have learned so far through our initial desk research, community calls, and interviews with practitioners.  

Those we’ve spoken to come from a diverse set of movements and communities, and work in different regions of the world, including:  

Digital rights activists and technologists looking to pay closer attention to the needs of climate struggles as they’re being articulated by those closest to the problem  Engineers creating more sustainable internet infrastructure and web services  Youth climate organizers pushing for internet access so their communities can participate in international climate debates  Environmental lawyers supporting communities collecting data on environmental harm Fossil fuel divestment specialists concerned with the digital safety of climate defenders.

We’ve learned that among this diverse group of people, there are number of important shared concerns, including: 

Sustainable internet and green technologies. Technologists and sustainability experts are working to increase the efficiency of technological infrastructure and transition this infrastructure to renewable energy sources. As more energy-efficient infrastructure is developed in both the corporate and nonprofit sphere, digital rights practitioners are raising concerns around the data-intensive nature of some of these infrastructures, and are looking to ensure that more sustainable tech doesn’t also lead to potential digital rights infringements. Climate-related disinformation. A long-standing problem perpetuated by fossil fuel companies and other corporate actors, digital rights and environmental/climate justice practitioners are now exploring how algorithmic techniques and big tech business models contribute to the spread of this disinformation online. Those we’ve interviewed are asking if it’s possible to disrupt the incentives behind climate disinformation spread on social media platforms like Facebook and twitter.  Environmental data and pollution monitoring. A number of community-led initiatives around the world have been collecting and sharing data in order to defend local communities against extractive companies and to monitor biodiversity loss. This field has grappled with how to ethically steward collected data and best use it to push for accountability. Practitioners focused on this intersection of digital/data and climate/environmental issues are exploring alternative data governance models which can respect digital rights and indigenous data sovereignty while using this data to build a data commons. Threats to safety. With new laws banning protest and intensified surveillance against climate movements around the world, the climate and environmental justice practitioners we’ve spoken to have expressed deep concern about the ability of their communities and movements to protest and push back against powerful harm-doers.They argue that safety and digital security should be understood as a precondition for being able to continue to fight for climate/environmental justice. While the digital rights field has spent the last decade plus increasing digital security capacity within civil society, those working directly with climate movements identify an enormous need for more support. Migration justice. An intensifying climate crisis is already pushing vulnerable populations to militarised international borders, with surveillance-intensive border technologies being used to preempt migration. The climate/environmental and digital rights practitioners we’ve spoken to argue that both digital rights and environmental/climate justice movements have a responsibility to address injustices around migration, and anticipate how these issues may intensify in coming decades. 

Along with such shared concerns, we also see what we call ‘productive frictions’ – differences in worldview, which affect the kinds of collaborations that are possible across movements and communities. We outline a couple here:

The first is around how sustainability is defined by different groups. While a lot of work is happening in the corporate tech space to move towards sustainability, both the environmental/climate and digital rights practitioners we have spoken to disagree on what meaningful sustainability actually means in the context of a ‘just transition’. As big tech companies promise to transition to renewable energy sources, some are happy to see any progress on this front, while others argue for a more critical lens on climate pledges and net zero promises. ‘Greenwashing’ is one concern. Furthermore, some of those we’ve spoken to argue that ‘net zero’ is not a meaningful sustainability goal on its own. Instead, the environmental impacts of technologies must be considered more broadly in light of the many continued forms of extraction and injustice that come with a transition to ‘renewable’ energy sources. Relatedly, we observe differing views on the potential of technologies to serve as tools to mitigate the climate crisis.  For example, some environmental/climate justice practitioners and technologists are optimistic about the use of AI and machine learning to advance sustainability goals, while others highlight that these technologies can actually increase fossil fuel use and exacerbate sustainability issues. The debate around the role of AI in sustainability is part of a broader concern both digital rights and environmental/climate justice practitioners express about ‘techno-solutionist’ thinking around how to ‘solve’ the climate crisis. They argue that tech-centric discourse about solutions diverts energy and resources away from already well-established and community-led interventions.  Finally, we see that practitioners working on both environmental/climate justice and digital rights have differing perspectives on the role of corporations and governments in coming up with solutions. Some push for a focus on government responsibility and corporate accountability, while others argue that movements shouldn’t wait for institutional change and should instead focus on autonomous and local efforts. These differences inform where energy is placed in pushing for progress.

The points we’ve shared here offer just a glimpse of the issues we’ve encountered so far, and we’re excited to learn more as we continue our research. 

As mentioned, we’ll be publishing a report with our full findings in the next few months, which will also include a set of recommendations for funders for how to support work at these intersections forward.

For now, we invite you to reach out to us if you have any thoughts on these issues you’d like to share! Please feel free to email us at becky[at]theengineroom.org.

Photo by Tyler Casey on Unsplash.

The post From shared concerns to productive frictions: on the intersections of digital rights and environmental/climate justice first appeared on The Engine Room.

Trust over IP

The IRS and ID.me: Privacy Optional

A news item caught the attention of the ToIP Foundation in the past week where there was a lot of controversy. The post The IRS and ID.me: Privacy Optional appeared first on Trust Over IP.

The Trust Over IP Foundation was established to bring trust into the virtual, online world where, all too often, there is low or no trust in data exchanges. To overcome this challenge, the 100s of public and private sector members of ToIP promote open standards-based, interoperable solutions where the individual is in possession and control of their cryptographically verifiable identity attributes. In this context, a news item caught the attention of the ToIP Foundation in the past week where there was a lot of controversy over an exclusive contract between the United States Internal Revenue Service (IRS) and identity provider ID.Me. We base this post on publicly available information and begin with a quote from a Washington Post article:

Millions of Americans could soon have to scan their faces to access their Internal Revenue Service tax accounts, one of the government’s biggest expansions yet of facial recognition software into people’s everyday lives. For now, taxpayers can still file their returns the old-fashioned way; the IRS began accepting returns for 2021 earnings on Monday, encouraging electronic filing. But by this summer, anyone wanting to access their records — including details about child tax credits, payment plans or tax transcripts — on the IRS website could be required to record a video of their face with their computer or smartphone, and send it to the private contractor ID.me to confirm their identity.

Background

On November 17, 2021 the IRS announced the launch of an improved identity verification and sign-in process that enables more people to securely access and use IRS online tools and applications. And we agree with IRS Commissioner Chuck Rettig that, “Identity verification is critical to protect taxpayers and their information.”

To access certain IRS online tools and applications, the IRS decided to mandate that citizens provide extremely sensitive personal information, both biometric and biographic, to a single, private-sector entity. This entity would centrally store it, perform probabilistic analysis (biometric matching) with little or no transparency of how the solution was certified, how often it will be recertified, by whom, and what accuracy, security, or privacy criteria will be utilized.

While it is not clear why the IRS would relinquish this extremely sensitive capability in its entirety to a single, private-sector entity using a proprietary solution, there are clues. In the associated Privacy Impact Assessment (PIA) under PRIVACY TESTING, for example, the response to “Does the system require a System Test Plan?” is NO and the follow-on response to “Please explain why:” is “This [is] a[n] ID.me owned and operated system and not subject to IRS System Test Plan at this time.”  The fact that IRS removed the mandate for the Facial Recognition component of the proprietary ID.me solution several days after the story was broadly publized does not resolve the underlying challenges of this approach to achieve trusted, remote authentication. 

Challenge 1 – Ethical Use of Biometrics

Strong authentication can benefit from the use of biometric technologies but there are no policies in place for their ethical use which should include measures to ensure that accuracy, security, and privacy criteria commensurate with the specific use case(s) are certified and monitored.  

To this end, the Office of Science and Technology Policy recently published a Notice of Request For Information (RFI) on Public and Private Sector Uses of Biometric Technologies. To meet the Ethical Use of Biometrics challenge, our policy makers must provide guard rails for the use of biometrics technologies in both the public- and private-sectors which are use-case specific. That is, similar to the FDA’s 12-step approval process for drugs to be considered safe and effective, before any drug can be released to the market for a specific, on-label use, it must go through a process that includes rigorous testing, with independent review, to demonstrate safety and efficacy, as well as post-approval monitoring.

Challenge 2 – Trusted, Remote Authentication

The Trust Over IP (ToIP) Foundation was established to simplify and standardize how trust is established over a digital network [PDF] or using digital tools (whether online or disconnected) by expanding the opportunities of digital trust by bringing a unified stack of standards for technical interoperability—the same approach that has been successful with the Internet and the Web— together with a unified model for expressing the rules and policies (“governance”) by which people and organizations can cooperate to achieve trust.

ToIP provides guidance, frameworks, and other assets to obviate the need for entities such as the IRS to rely on a single, private-industry contractor’s centralized solution to enable U.S. citizens to strongly prove their digital identities—any more than they would need to rely on a single company to provide them access to the Internet. Instead, like the Internet, the open standards-based ToIP stack (depicted below from the interactive model) would enable citizens to use any digital wallet, any verifiable credentials, and any privacy-respecting biometric verification technologies that meet the requirements of the IRS (as published in their governance framework) to prove a citizen’s identity and give them safe access to their tax records.

There are experts within the US Government that are familiar with, supporting, and promoting the standards associated with decentralized digital identity.  They, along with many others internationally, support related ecosystems that enable entities to establish verifiable trust to issue cryptographically verifiable identity attributes that remain in the possession and control of the individual who may then selectively disclose cryptographically verifiable proofs (with or without the underlying identity attributes) through secure channels to verifiers that have established trust.

Where a citizen has a Foundational Identity through a government sanctioned identity proofing process – where the sanctioned entity, as per this NIST Special Publication, was able to “Resolve a claimed identity to a single, unique identity within the context of the population…”, e.g., passport, REALID driver’s license, that Foundational Identity should be used to authenticate an identity claim for each Functional Identity activity like paying taxes, voting, opening a bank account, receiving COVID-19 vaccination, or receiving a COVID-19 vaccination credential.

The ToIP trust ecosystem enables individuals to authenticate themselves using their trusted, cryptographically verifiable Foundational Identity and share cryptographically verifiable Functional Identity proofs without intermediation.

Conclusion 

Instead of pushing proprietary, privacy-diminishing, honey-pot creating solutions, the IRS should strive for open standards-based, interoperable solutions where the individual is in possession and control of their cryptographically verifiable identity attributes (versus a single, private-sector vendor) as are the members of the ToIP Foundation.

The post The IRS and ID.me: Privacy Optional appeared first on Trust Over IP.

Tuesday, 15. February 2022

We Are Open co-op

Emergent community building

Last week, we ran the first Keep Badges Weird community call, and it was even more energising than we expected it to be. We were so pleased to see so many people interested in the current and future status of badges and open recognition. We were elated to begin to have a deep conversation about counteracting the top-down focus of institutions and large organisations using badges for corporate stuf

Last week, we ran the first Keep Badges Weird community call, and it was even more energising than we expected it to be. We were so pleased to see so many people interested in the current and future status of badges and open recognition. We were elated to begin to have a deep conversation about counteracting the top-down focus of institutions and large organisations using badges for corporate stuff. There’s an outstanding question, for us, around how this community explores and thinks about the theoretical underpinnings of a Community of Practice (CoP), but one thing is for sure, Keep Badges Weird is a CoP.

cc-by-nd Bryan Mathers of WAO

When we started this project in the middle of last year, we knew that we wanted to bring together people who are motivated and who are influential in getting an organisation to start thinking about upskilling in a non-traditional way. We also wanted to make sure curious folks had a place to learn and engage.

“It was an interesting start to an important topic. I was thinking afterwards, pulling from the need of having metaphors and analogies, that #keepbadgesweird needs to come couple with #keepbadgessustainable, #keepbadgesviable, and #keepsbadgesuseful” (Stella Porto)
Community values?

We’re pleased that curious badge advocates as well as badge champions showed up to the KBW call. The call definitely had a positive(?) vibe about it — the community is truly interested in keeping badges WEIRD. We also acknowledged, however, that metaphors and analogies are required. Our shared language is contextual.

“How can we convey the usefulness of badges to recognise all different kinds of learning, participation and professional development?” — Esther Grieder

There are other things, though, that the community seemed to value as evidenced through the sorts of discussions we had about badging and co-creation. This community is interested in:

• Trust — We are using and building a shared language, but trying to ensure that diverse voices can be heard. Our call was for everyone, and we had people show up and contribute from a wide variety of backgrounds.

• Integrity — Based on the vibe at the community call, this community is a place where we can practice what we preach. There was honest discussion and admirable dissent. There was an obvious adherence to the idea that badging is about the learner, not about the issuer.

• Advocacy — There seemed to be a thread about the community’s job to advocate for that learner. Contributors spoke about the “true” value of badging within a community and balancing badges as community connectors vs personal certificates or markers.

These values indicate that we need some sort of a manifesto, a way to align the work the community does together. Community badges could start to signal what Serge Ravet and Julie Keane were really talking about — that badging can build a collective identity.

Community members pointed out that context matters and that trying to generalise may make it hard to be helpful to all participants. Co-creating a manifesto for the community might make a great frame for a future call.

Co-creating the “Moderator” badge images cc-by-nd Bryan Mathers from WAO

One of the things we intended to do on the community call was to define the metadata for the ‘CoP Coach’ badge. We envisioned that this would recognise moderation duties within the community, so we had in mind talking about benefits and responsibilities.

However, during the call, we split into two virtual rooms, with one focusing on this element of the discussion. This group started off, quite rightly, by questioning the name of the badge. Given we only had an hour together in total, we had interesting meta discussions but didn’t get into the metadata itself!

In our next community call, we would hope to take this further and perhaps pin down some of the criteria for this badge, so we can get on with deputising active community members and growing the KBW community

Next steps Open Peeps from https://openpeeps.com

Since the first KBW community call there have been useful suggestions and discussion, including ideas around building badges in sprints, creating a gallery of ‘weird’ badges, and potentially creating a website at a level above KBW which is for all different kinds of community projects related to badges and open recognition.

If you would like to be part of the discussion, join the community!

Emergent community building was originally published in We Are Open Co-op on Medium, where people are continuing the conversation by highlighting and responding to this story.

Monday, 14. February 2022

MyData

Event: MyData & Govstack – Accelerating Digital Transformations in the Public Sector Globally

The recording from the event is available here! Join the MyData Global Slack workspace to continue discussing on consent and beyond! Digital transformations have taken speed across the globe. Yet, many countries’ efforts are hindered due to a lack of available resources and access to state of the art know-how, potentially leading to fragmented, inefficient […]
The recording from the event is available here! Join the MyData Global Slack workspace to continue discussing on consent and beyond! Digital transformations have taken speed across the globe. Yet, many countries’ efforts are hindered due to a lack of available resources and access to state of the art know-how, potentially leading to fragmented, inefficient […]

Advocating for human-centric consent – MyData joins GovStack Initiative

Digital consent may be simultaneously the best understood and most misunderstood concept by both individuals and organisations. Many are unaware of the dangers in simplifying a series of complex decisions around personal data rights to an “Agree” button.  Behind the button, experts are grappling with a series of complex implementation challenges to address issues such […]
Digital consent may be simultaneously the best understood and most misunderstood concept by both individuals and organisations. Many are unaware of the dangers in simplifying a series of complex decisions around personal data rights to an “Agree” button.  Behind the button, experts are grappling with a series of complex implementation challenges to address issues such […]

Sunday, 13. February 2022

OwnYourData

OpenID Connect

Der Beitrag OpenID Connect erschien zuerst auf www.ownyourdata.eu.

Im Zuge des FFG-geförderten Projekt IDunion wurde von OwnYourData unter anderem ein Login ohne Passwort auf Basis von OpenID Connect für Semantic Container und Data Vault implementiert. Das esatus Wallet stellt dabei die Autorisierungsebene zur Verfügung.

OpenID Connect (OIDC) ist ein offenes Authentifizierungsprotokoll, das OAuth 2.0 um eine Identitätsebene erweitert. Es ermöglicht Anwendungen, die Identität eines Endbenutzers mithilfe der Authentifizierung durch einen Autorisierungsserver zu bestätigen. Die Implementierung von OIDC auf OAuth 2.0 schafft die Möglichkeit für APIs, mobile Anwendungen und Browseranwendungen, dass Authentifizierung und Autorisierung in einer einzigen, zusammenhängenden Architektur gewährleistet werden.

Als Autorisierungsserver wird die Softwareplattform SOWL der esatus AG verwendet. SOWL ist eine Software zur Verwaltung von Identitäten und Zugriffsrechten in Unternehmen. Sie implementiert die Self-Sovereign Identity-Technologie (SSI), die Nutzerrechte stärkt und die Verwaltung von Identitäten für Unternehmen vereinfacht. Ein in SOWL registrierter Benutzer kann mit der esatus Wallet App (verfügbar für Android und iOS) seine Identität eigenständig verwalten. Darüber hinaus können mit der Wallet natürlich auch andere Credentials verwaltet und für Authentifizierungs- und Autorisierungsprozesse verwendet werden.

Um in einem Semantic Container das OIDC Login via SOWL zu konfigurieren, müssen im Container eine entsprechende Doorkeeper Applikation (Doorkeeper wird als OAuth2 Provider von OwnYourData verwendet) eingerichtet werden und zusätzliche Parameter in einem Configuration Item abgelegt sein. Ein Beispiel für die Einrichtung einer Doorkeeper Application (via
POST https://api-docs.ownyourdata.eu/semcon/#/Authorization/post_oauth_applications
):

{ "id":2, "name":"oidc_app", "scopes":["admin","write","read"], "oidc_identifier":"1234", "oidc_secret":"secret", "oidc_token_endpoint":"https://auth-ssi-demo.esatus.com/services/idp/oidc/token" }

(oidc_identifier & oidc_secret müssen aus der entsprechenden SOWL Anwendung eingetragen werden)

Und das zugehörige Configuration Item:

{ "content": { "key": "oauth", "value": { "authority": "https://auth-ssi-demo.esatus.com/.well-known/openid-configuration?tenant=9876", <- eigene Tenant-ID "client_id": "1234", <- von SOWL Anwendung "scope": "openid", "response_type": "id_token", "redirect_uri": "http://localhost:3000/signin-oidc", "title": {"en":"Login with SOWL", "de":"mit SOWL einloggen”}, "application_id": 2 <- ID von Doorkeeper Application }, "schema_dri": "zQmVXrH8ZwrKKTKXeZVjAprWhwMNHn2q6SiwBwvbdXj2sTz" }

Beim Datentresor, der unter der Adresse https://data-vault.eu von OwnYourData gehostet und gratis angeboten wird, sind diese Konfigurationen bereits vordefiniert. Das SOWL Login kann über einen Link unter der Anmeldemaske aufgerufen werden und der Ablauf ist in folgenden Bildern dargestellt:

Eine Besonderheit bei diesem Login ist die Bereitstellung des Passworts für die Entschlüsselung der Daten. Der Datentresor speichert Daten Ende-zu-Ende verschlüsselt und für den Zugriff ist damit der private Schlüssel notwendig, welcher aus dem Login-Passwort erstellt wird. Daher ist es notwendig, neben der Authentifizierung in SOWL ebenfalls eine Beweisanfrage (ProofRequest) zu bestätigen, um diese Information (also das Login-Passwort) bereitzustellen.

In diesem Blogpost haben wir das Login mittels OpenID Connect für Semantic Container und Datentresor unter Verwendung von SOWL und dem esatus Wallet beschrieben. Besonders soll dabei hervorgehoben werden, dass es sich bei diesen Produkten um MyData Operator Lösungen handelt – diese also den Prinzipien einer menschen-zentrierten und ethischen Verwendung personenbezogener Daten verpflichtet sind. Solltest du Fragen oder Anregungen dazu haben, zögere nicht einen Kommentar zu hinterlassen oder uns via support@ownyourdata.eu zu kontaktieren!

Der Beitrag OpenID Connect erschien zuerst auf www.ownyourdata.eu.

Friday, 11. February 2022

Own Your Data Weekly Digest

MyData Weekly Digest for February 11th, 2022

Read in this week's digest about: 14 posts, 2 questions
Read in this week's digest about: 14 posts, 2 questions

Thursday, 10. February 2022

Lissi

memoresa testet passwortlosen Login mit Lissi

memoresa testet Login ohne Passwort mit Lissi memoresa bietet einen einfachen Login ohne Passwort mit dem Lissi Wallet an. memoresa ist der digitale Wegbegleiter für das ganze Leben. Im memoresa-Portal können Nutzerinnen und Nutzer digital vorsorgen, ihren Nachlass planen und Ordnung schaffen — und das alles unter der Prämisse von höchstem Datenschutz und höchster Datensicherheit. Über d
memoresa testet Login ohne Passwort mit Lissi memoresa bietet einen einfachen Login ohne Passwort mit dem Lissi Wallet an.

memoresa ist der digitale Wegbegleiter für das ganze Leben. Im memoresa-Portal können Nutzerinnen und Nutzer digital vorsorgen, ihren Nachlass planen und Ordnung schaffen — und das alles unter der Prämisse von höchstem Datenschutz und höchster Datensicherheit. Über den Desktop oder das Smartphone können Angelegenheiten aus verschiedensten Lebensbereichen geregelt, geordnet und aktualisiert werden, angefangen bei Versicherungsunterlagen und Immobilien über Online-Zugänge und Mietverträge bis hin zu Patientenverfügungen, Testamenten und Impfnachweisen.

Zum Authentifizieren bzw. Einloggen in Online-Portale und Apps wird üblicherweise eine Kombination aus E-Mail-Adresse und selbst gewähltem Passwort oder ein von großen Technologieanbietern bereitgestellter Login-Dienst genutzt. Der Login mit Facebook, Google und Co. ist dabei zwar sehr einfach und nutzerzentriert, macht Nutzende jedoch gleichzeitig noch abhängiger von großen Konzernen, die Daten über das Nutzerverhalten häufig an Werbetreibende verkaufen.

Login mit dem Lissi Wallet: nutzerzentriert und selbstbestimmt

Beim Thema digitale Identität sind sich die europäischen Mitgliedstaaten insofern einig, dass diese in Zukunft mit einem digitalen Wallet verwaltet werden soll. Dies ist eine Anwendung (App) auf dem Endgerät der Nutzenden, welche die Verwaltung von Kontakten und Nachweisen erleichtert. Zwar ist ein sogenannter Social Login über große Technologieanbieter (auch Single Sign-On genannt) genauso nutzerfreundlich wie der Login mit dem Lissi Wallet, zweiterer basiert jedoch auf einer selbstbestimmten Identitätsverwaltung. Damit gehen folgende Vorteile einher:

Privatsphäre: Daten zum Nutzerverhalten können durch den Login-Anbieter, in diesem Fall Lissi, nicht ausgelesen werden.

Datenportabilität: Nutzende sind nicht von einem Anbieter abhängig und können den Wallet durch ein kompatibles Wallet ersetzen.

Einfachheit: Die Login-Nachweise können zusammen mit anderen Identitätsnachweisen in einem Wallet aufbewahrt werden.

Der Login-Prozess: 3 Schritte zum selbstbestimmten Login

1) Registrierung: Nutzende registrieren sich per E-Mail auf der Seite des Anbieters (in diesem Fall memoresa).

2) Ausstellung: Im zweiten Schritt wird ein digitaler Nachweis, welcher für den Login genutzt wird, über die Einstellungen in memoresa in das Lissi Wallet ausgestellt.

3) Login: Für den Login können Nutzende dann das Lissi-Logo anklicken, um die Authentifizierung mit dem Wallet durchzuführen. Dies funktioniert sowohl auf einem Computer als auch auf dem Smartphone.

Zusammenarbeit: Mit memoresa und Lissi zum selbstbestimmten Login

Für memoresa stehen Datenschutz und Selbstbestimmtheit der Nutzerinnen und Nutzer an erster Stelle. Die Sicherheit der Daten, die im memoresa-Portal eingetragen und hochgeladen werden, wird durch verschiedenste Maßnahmen gewährleistet, und soll auch beim Login ins Portal gegeben sein. Aus diesem Grund möchte memoresa eine Login-Möglichkeit anbieten, die die Nutzenden nicht abhängig von großen Technologiekonzern wie Apple, Google und Facebook macht. Für das Lissi-Team ging es bei der Zusammenarbeit primär darum, den Prozess und die Software außerhalb der eigenen Domäne zu testen und Nutzerinnen und Nutzern einen digitalen Dienst mit gesellschaftlichem Mehrwert anzubieten.

Integration mit Lissi Connect:

Die Option, sich ohne Passwort bei Plattformen einzuloggen, wird heutzutage von Nutzenden erwartet. Serviceanbieter suchen nach Integrationen, welche von Nutzenden angenommen werden und einfach zu integrieren sind. Zusätzlich zur Authentifizierung der Nutzer bietet Lissi Connect als Software-as-a-Service-Lösung (SaaS) die Möglichkeit, digitale Nachweise auszustellen und abzufragen.

Ausblick:

Bei der Integration handelt es sich um einen Test, welcher allen Beteiligten mehr Erfahrung in der Praxis liefert. Wir sind mit der Funktionsweise und der bisherigen Integration sehr zufrieden, wissen aber auch, dass noch weitere Aspekte notwendig sind. Dazu zählt, dass die Registrierung direkt mit dem Wallet möglich ist, und nicht erst ein klassischer Account mit Passwort angelegt werden muss. Auch die Exportfunktion des Lissi Wallet soll künftig verfügbar gemacht werden.

Das Thema digitale