Identosphere’s Weekly Highlights:
We Gather, You Read!

Contribute to Identosphere by PayPal, or Patreon! We’ll keep aggregating industry info.

Upcoming

• [One Day!] Thoughtful Biometrics Workshop virtual unConference 3/16 [Registration]

  • Biometrics in Airports? Senators call for a ban IdentityWoman (Lets discuss at Thoughtful Biometrics Workshop ^^^)

• New unConference for the Fediverse and future of social media: FediForum Johannes Ernst, Kaliya, Jennifer Holmes 3/29-30 (fediforum.org)

• Webinar on European data sovereignty Innopay 3/22

• FediForum unConference 3/29-30 virtual

• Internet Identity Workshop 4/18-20, Mountain View, CA

• MeetUp Holland FinTech: The Future of Banking Innopay 4/13 Rabobank, Utrecht, The Netherlands

• eIDAS 2.0 l New Opportunities in Digital Identity INNOPAY 4/27

• Heroes of Data Privacy – the practise-oriented data privacy conference in Vienna LionsGate 5/24 Vienna, Austria

• Digital Identity unConference Europe 6/7-9 Zurich ← Registration open

Policy

US National Cybersecurity Strategy: What It Means for Digital Identity Forgerock (pdf)

While the National CyberSecurity Strategy is a great place to start, it will take some time for it to come to life. U.S. federal departments and agencies, state and local governments, and private industry verticals must develop action plans,

New PodCast

Future of Identity - The Future of Identity podcast talks to the people building the IDtech products of tomorrow. In each episode, Trinsic CEO Riley Hughes dives deep with founders and product builders to discuss their insights about what it takes to successfully launch an identity product. 

Hiring

Digital Identity Business Development Director (North America)

At CBN, we are actively developing and implementing digital ID solutions such as mobile driver’s licenses and self-sovereign identity in countries throughout the globe. 

Investments in IDTech 

• Yoti Receives £10M Lloyds Bank Investment Find Biometrics

• SSI standards can counter electronics counterfeiting Wilder

• Patterns of Successful IDtech Products Riley Parker Hughes

Thoughtful

Why We Need to Know Cybernetics // Part I Case Organic

Design thinking was supposed to fix the world. Where did it go wrong? Technology Review

“‘You didn’t talk to anyone who works in a school, did you?’ They were not contextualized in the problem at all.” The deep expertise in the communities of educators and administrators she worked with, Cornforth saw, was in tension with the disruptive, startup-flavored creativity of the design thinking process at consultancies like IDEO.org

Qualities Of Value TheDingelGroup

This is independent of the different variations within the technology stack, and more importantly is meant for the vast majority of the business? population that have never heard of different standards bodies, protocols or tech stacks, and who quite frankly don’t care and will never exert the effort to learn about them.  In many cases these are the exact people who make the final investment go/no-go decision.

SSI

[twtr thread] You don't need a blockchain Karyl Fowler, Transmute

[blog post] You don’t need a blockchain Transmute

Applied correctly, VCs + DIDs are affordable, interoperable, and already standardized. The interoperability perks of VCs + DIDs give you the ability to work across existing systems, including distributed ledgers (DLTs) and blockchains. 

[music video] Verifiable Credentials, it is so secure and neat They are our nearest future, just look at it, can't you see? Kion DGL, TransmuteNews

[explainer] SSI and why it’s important for Digital nomads Identity

The legal and regulatory framework for self-sovereign identity is still evolving, but there are several key steps that are likely to need to be taken in order for it to be implemented on a mass scale:

Self Sovereign Identity MVP Developer Jess

Two React Native mobile applications, one credential issuer server in React, four node server applications, and a JS library that they all utilize. Issue and save verifiable credentials in a holder wallet application that backs up to IPFS.

Public Review Implementer’s Draft of OpenID for Verifiable Presentations Specification OpenID

You can send feedback on the specification in a way that enables the working group to act upon it by….

[Podcast] OpenID4VC: OpenID for Verifiable Credentials (with Torsten Lodderstedt)

The focus on these three use cases means that OpenID4VC purposefully isn’t focused on supporting a broader set of trust tasks that other protocols such as DIDComm aim to support.

DIF Monthly #32 Identity Foundation - Lots of good stuff about the working group activity ongoing. 

Findynet Cooperative strengthens its organisation with two digital business professionals FindyNet

Findynet Cooperative strengthens its organisation by appointing Samuel Rinnetmäki as Chief Technology Officer and Santtu Pulli as Head of Ecosystem and Offering.

The Role of Verifiable Credentials In Preventing Account Compromise DarkReading

security protections multiply when these digital artifacts are combined with a verifiable data registry. Additionally, verifiable credentials allow for selective disclosure

[MSM] Expanding Educational And Workforce Opportunities With Verifiable Credentials Brian Platz, Fluree: Forbes [Evercred]

The University of Maine System demonstrates that this is an effective approach even within higher-education institutions. Its verified micro-credential program [evercred] allows students to gain competency in skills today’s workforce seeks.

Sim City 2000 as a metaphor for Open Recognition and Open Badges WeareOpen

You can imagine Open Badges as the roads, bridges, and buildings that make up the infrastructure of a city. They provide a way for individuals to earn recognition and for this recognition to be displayed and shared across different platforms and contexts.

From Phil’s Book 

Not all PBAC is ABAC: Access Management Patterns Technometra

The primary ways of implementing access control in modern applications are (1) access control lists (ACLs), (2) role-based access control (RBAC), and (3) attribute-based access control (ABAC).

Biometrics Update (Next Week)

Industry orgs “warn” states against BIPA style laws. Why not have a dialogue at Thoughtful Biometrics Workshop – March 16th Identity Woman

So what is BIPA? It is the Biometric Information Privacy Act that Illinois passed several years ago requiring any capturing of a biometric information in a template and in samples must get the subjects explicit consent.

Biometrics =/= Digital ID Identity Woman

However something very concerning – throughout the discussion there was repeated conflation of biometrics with digital ID. This conflation is a problem to have the type of real discussion we need to have about both but to not conflate them.

Federal Agencies using Facial Recognition Technology: GAO report from 2021 Identity Woman

I just learned about a 2021 GAO report. It says that This means it is likely that more agencies are using FRT for more reasons. This report seems relevant because for the third time legislation is being put forward to do a Federal Facial Recognition Ban just this week.

A Tale of Two Biometrics Styles: The differences between on-device and 1:N biometric verification and what they mean for your privacy needs Auth0

The key questions users need to ask themselves: does my biometric info ever leave the collection device?

Research

Blockchain-Based Decentralized Identification in IoT: An Overview of Existing Frameworks and Their Limitations by Seyed Mohammad Hosseini, Joaquim Ferreira and Paulo C. Bartolomeu

The article concludes with a discussion of technical aspects as well as potential obstacles and constraints to the implementation of decentralized identification in the context of the Internet of Things.

The Social Construction of Self-Sovereign Identity: An Extended Model of Interpretive Flexibility  Tom Barbereau. 2022, 55th Hawaii International Conference on System Sciences

How is SSI shaped by social actors, technical constraints and the underlying institutional context? 

Company Stories

Indicio brings seamless data sharing and trusted identity verification to financial services Indicio

Indicio recently announced the launch of Indicio Proven™ Finance, an off-the-shelf solution for customer authentication, data sharing, and reusable KYC in financial services and payments. Learn what new functionality

Startup Showcase: evercred – A Revolutionary Solution to Credentialing in Healthcare USVenture News

evercred empowers individual physicians to be the direct primary source of their identity and credentials, making the onboarding process faster, more efficient, and less expensive for healthcare providers

Spruce Developer Update #29

Code reviews, bug fixes and other updates related to SSX, SignIn w Eth, Keplr, SpruceID, SSI/DIDKit, TreeLDR, Rebase

[thread] 1/ Exciting news 🙌 Altme is now one of the first cryptowallets conformant with the European Blockchain Services Infrastructure's digital identity standard EU_EBSI AltMe

New SSI Companies

• myDid -  a customizable wallet solution allowing your users to share their Identity and easily exchange Community Badges

• 12id - primarily consists of a user-friendly 12iD mobile Application for End-users, a comprehensive Admin Panel to be in control of the identities, and an Identity Verifier service that uses a private ledger to store strictly non-personal information to make data validation possible

• Neoke - building a travel ecosystem that harnesses the power of digital ID. 

Protocol-Based Social Media

• Metadata standards for publishers

• Protocol-Based Social Media Is Having A Moment As Meta, Medium, Flipboard, And Mozilla All Get On Board

• Meta is building a decentralized, text-based social network

• Meta's decentralized social plans confirmed. Is Embrace-Extend-Extinguish of the Fediverse next?

Bluesky

• Get A Sneak Peek Of Bluesky – The Decentralized Social Network From Twitter’s Co-Founder

• OAuth Support in Bluesky and AT Protocol

• Domain Names as Handles in Bluesky BlueSkyWeb

• How to use your own domain as your BlueSky handle Aaron Parecki

Mastadon

• Here’s how The Washington Post verified its journalists on Mastodon Washpost Engineering

• Visualizing Mastodon server moderation John Udell

• Medium wants you to pay $5 a month to join its Mastodon server TheVerge

ad-driven models have their own kind of corrupting influence. I think that’s why a lot of social media ends up toxic — because people are focused on engagement, rather than substance.

People and Data

Do people really want to manage their data? Alan Mitchel

That’s our first response when we’re told that people don’t want to manage their data: well, duh!

TLS Handshake explained Auth0

Microsoft, who had its own version of the protocol, and Netscape agreed to hand over the project to the Internet Engineering Task Force (IETF) and make it an open standard. 

We Need More Control Over Our Own User Data Amber Case, Superset

We all know the problem. When we sign up for an online service, we quickly click Agree on the Terms of Service window without really knowing what that entails.

Web3

• IOTA delivers login solution utilizing SSI for onboarding users to Web2 and Web3 apps CryptoNewsFlash

• [big picture] The Future of Identity: Decentralization and Its Effect on Industries in 2023 Mindaugas Savickas

• [web3id] Bye Bye Passwords: How Decentralized Identity is Revolutionizing Security Mysekolahk

• ETHDenver: Competition and New Ideas Spur Wallet Development

Thanks for Reading

• Read more \ Subscribe: newsletter.identosphere.net

• Please support our efforts by Patreon or Paypal

• Contact \ Submission: newsletter [at] identosphere [dot] net