Identosphere’s Weekly Highlights

We Gather, You Read!

We’re still aggregating industry info.
Thanks for supporting our efforts by PayPal \ Patreon!

Upcoming

• [California] Internet Identity Workshop #37 10/10-12 ← Ticket Sales Open

• [Germany] Self Sovereign Identity at Eclipse: Why, What, and How? 10/17 Eclipse Con

Soliciting Help 

[UK] Recruiting: Biometrics and Forensics Ethics Group Gov.UK (Deadline 09/11)

The Home Office is recruiting up to 6 new members with knowledge or experience in the following areas to join the independent scientific advisory committee, the Biometrics and Forensics Ethics Group (BFEG):

[EU, messaging protocol] Your views are important: consultation on AS4 2.0 and SMP 2.0 European Commission

The eDelivery team is opening two Public Consultations on the new draft Specifications of the eDelivery AS4 profile 2.0 and eDelivery SMP profile 2.0. The proposed changes have already been presented in early May 2023 during the eDelivery Informal Cooperation Forum (slides) 

Interop

[EU, tweet] Join our effort to prepare Aries Framework JavaScript for global use 2023-08-11 AnimoSolutions

Thanks to Sphereon, we will be able to build on their existing open-source mDoc work. Learn how you can contribute in our living doc

[Tweet] AIP is an excellent starting point for creating an effective #interoperability conformance test suite. 2023-08-14 Darrell O'Donnell

It has "Aries" in its name but I'd like to see it expanded to be more implementation agnostic (it is already on that path) and handle DIDComm and other communications methods specifically. 
Introduction to Aries Interoperability

Government

[2FA] Ditch SMS-based MFA, urges board investigating Lapsus$ gang’s successful attacks 2023-08-11 IT World Canada

The report released Thursday by the Cyber Safety Review Board, a branch of the Department of Homeland Security, had unkind things to say about companies, telecom carriers, and the reliance on easily-bypassed text-based SMS systems for multifactor authentication (MFA).

[Travel] The Test of a Digital Travel Credential in Aruba Shows Success 2023-08-09 DTGReviews

24 People use it…and tada big headlines

The Aruba government is now working toward full implementation of the digital travel credential. The intention is for the credential to serve as the traveler’s identification for various aspects of their trip, including car rental pick-up, hotel check-in, and entry at attractions.

Wallets

Calling All Wallets: An open solicitation for high-volume wallet projects 2023-08-09 Tim Ruff

In a desperate plea for relevance Timothy seeks ACDC & KERI capable wallet code. 

[Metaverse] Lissi’s Journey in the Metaverse: Building Trust with ID-Wallets and Verifiable Credential Lissi ID

Using ID-Wallets in the metaverse gives users the required confidence to explore, interact, and transact in the virtual world. The wallets can also help users maintain control over their relationships as well as transparency of their interaction history.

[DID:Web] Passkeys, did:web, Ed25519, Wallet Integrations, CHAPI, and More 2023-08-10 Trinsic

New wallets created within Trinsic ecosystems now have a did:web identifier rather than using did:key as we used before. This change allows us to support additional signing keys to provide developers a more flexible and interoperable platform. We’ve incorporated Ed25519 signatures, a NIST-compliant curve and when you visit the DID Document for a given identifier you’ll see both key types listed.

Digital Identity Spotlight: Belgium 2023-07-05 1Kosmos 

But to be effective, digital ID wallets must also comply with NIST-, FIDO2-, and iBeta biometrics-based standards that leverage liveness tests capable of defeating virtually any attempt at identity spoofing.

Standards Work

mDL, eID and beyond 2023-08-11 walt.id

We are proud to announce that from today, you can issue and verify Mobile Driver’s Licenses (ISO/IEC 18103-5 mDLs), Mobile eIDs (ISO/SEC 232202-2), and other credentials based on the mdoc credential format. This is made possible through our mdoc library which is available in Java, Kotlin and JavaScript. And it’s just the beginning!

Our goal is to provide mdoc credentials (mDL, eID, etc.) across our whole stack, enabling even more use cases, whether that be issuance and verification via the OIDC4VC standard, or to authenticate users based on mdoc credentials.

Web Environment Integrity has no standing at W3C; understanding new W3C work 2023-08-11 W3C

For a few weeks now we have been hearing concern in the Web community in regard to Web Environment Integrity, and are asked more and more about it. Our silence is due to the fact that the Web Environment Integrity API is not being worked on in W3C, nor has there been any submission to W3C for W3C Technical Architecture Group (TAG) review.

In the rest of this article, I want to take the opportunity to explain generally how new work is brought to the World Wide Web Consortium

[WNFS, IPVM, UCAN] Breakthrough at FISSION with Brooklyn Zelenka 2023-08-04 DWeb Decoded

In this episode, we will discuss Brooklyn’s background, the groundbreaking work teams are doing at Fission, the various community technical standards that Brooklyn has led.
WNFS Working Group · GitHub
IPVM Working Group · GitHub
UCAN Working Group · GitHub
[JWT] Introduction to User Controlled Authorization Networks UCAN 

Organizations

• DIF Member Spotlight with Pakorn Leesakul, CEO of Finema DIF

[Career, Education, Notarization] Velocity Network Foundation® Rolls Out Notary Issuer Accreditation Program 2023-08-09 Velocity Network

The Velocity Network Foundation® is taking another groundbreaking step to drive global adoption of verifiable career and education credentials by launching a Notary Issuer Accreditation Program.

[Healthcare] Velocity General Assembly ’23: HCA Healthcare trailblazes the use of Velocity Network™ 2023-08-08 Velocity Network

Velocity Network Foundation’s Head of Ecosystem, Etan Bernstein speaks with HCA Healthcare’s Jennifer Berres and Mike Andrus at Velocity General Assembly 2023. They discuss how HCA is pioneering the use of verifiable credentials to background screen and onboard nurses to reduce time-to-hire from weeks to minutes.

Company Stories

• SpruceID Developer Update #34 SpruceID

Identity Insights - The Proven Cloud Verifier with Kim Ebert 2023-08-10 Indicio

In this episode we are joined by Indicio Senior DevOps Engineer Kim Ebert to discuss Indicio's latest product the Proven Cloud Verifier and how it can help your organization to easily participate in verifiable credential ecosystems.
Proven Finance Demo Indicio

Q2 2023 Product Updates Energy Web

Green Proofs for Bitcoin is a first-of-its-kind leadership initiative to promote transparency and decarbonization in the bitcoin mining industry. In May we released the GP4BTC registry and platform, which is the first production offering built with the recently released EW Green Proofs solution.

Lifelong credentials with #MARK Studio 2023-08-08 Dhiway 

Startup Interview With Fraser Edwards, CEO & Co-founder, of cheqd Cheqd, Hackernoon

cheqd provides the tools, infrastructure, and security to support a new paradigm where users are empowered at the center of their own data universe and can transact in new Trusted Data Markets.

New Social

Who Really Owns Your Social Media Handles? 2023-08-11 TBD

when Twitter rebranded as "X," causing collateral damage as the company took repossession of user handles like @X, without notice or monetary compensation.

[Twitter Spaces] Who Really Owns Your Social Media Handles Kelsey Hightower, Daniel Buchner 

After the repossession of multiple Twitter handles for the company's rebranding efforts, Angie Jones talks with Kelsey Hightower and Daniel Buchner about users' lack of control over their social media handles and how Decentralized Identifiers solves for this.

Web3/DWeb

20 Tech Experts On What Businesses Should Do Now To Prep For Web3 2023-08-09 Forbes

Generally speaking, experts say that Web3 will place more power and control in the hands of users. So how can companies begin to prepare? Below, 20 members of Forbes Technology Council discuss some things businesses should start doing now to be ready for the advent of Web3.

Circle launches Programmable Wallets as Part of its Web3 Services Line 2023-08-08 Circle

Programmable Wallets, the first product of our Web3 Services product line, that’s designed for developers to embed secure crypto wallets in any application and tap into the speed and global reach of Web3 technology for their users. Programmable Wallets bridge the gap between today’s internet and blockchain networks by abstracting complexities such as private key security, blockchain node operations, transaction management, interoperability

[Security, Development] Can you pass the Rekt test? 2023-08-14 Trail of Bits

The Rekt Test focuses on the simplest, most universally applicable security controls to help teams assess security posture and measure progress. […]

1. Do you have all actors, roles, and privileges documented?

2. Do you keep documentation of all the external services, contracts, and oracles you rely on?

3. Do you have a written and tested incident response plan?

4. Do you document the best ways to attack your system?

5. Do you perform identity verification and background checks on all employees?

6. […] 12. Have you considered and mitigated avenues for abusing users of your system?

What's Next for the DWeb? 2023-08-03 Holochain

The main theme I heard was that the specific tools don’t matter. What matters is that they work. The appropriate solution for a given context might be as simple as a web service running on a ten-year-old laptop, or even pen and paper, or it might be complex enough to warrant a blockchain.

AI

AI and Digital ID's 2023-08-07 Daily Kos

The right to choose how we present ourselves to the world should be inalienable. Otherwise we are at the mercy of various administrative regimes (programming/social media/AI) usages that we voluntarily/or non-voluntarily interact with

Explainers

• 5 Aha! Moments About Decentralized ID from Privacy Files Podcast 2023-08-10 Anonyome

• [Enterprise Resources] Decentralized Identity Insights KuppingerCole

Identity not SSI 

• [Open Banking] Fighting Fraud with Digital Identity and Open Banking Data Finicity

• [Document Verification] Unlocking Security with Document Verification: A Detailed Overview 1Kosmos

• The Perilous Path of Microchip Implants: A Cautionary Tale of Digital ID Lionsgate

[Biometric Exit Expands] Miami airport expands facial-recognition verification of passengers’ identities The Brunswick News

When you reach your gate, you should see in the boarding area where to line up for the camera to take a picture of your face. That camera is connected to U.S. Customs and Border Protection’s cloud-based facial-matching service. The camera matches live images of you arriving at the gate with photos and documents from the database it will already have of you. The connection is secure and encrypted to block hackers.

‘No better present’: Henrietta Lacks’ family celebrates historic settlement over stolen cells 2023-08-01 The Baltimore Banner

The Lacks lawsuit raised a question that had lingered since her cells were taken while she received cervical cancer treatment in a segregated Johns Hopkins Hospital ward more than 70 years ago: Who owns those tiny pieces of her?

Database-ism 2023-07-22 MoxyTongue

•  Seeing world through a view of structured data.

• Defining one's self as data abstraction in req'd formats.

• Reading "Rights" but accepting "Permissions".

• $ID primary key as a database provisioned service.

• Administrative process > human life

WorldCoin Saga Continues

Worldcoin Protocol Cryptography Security Audit Report - Tools for Humanity 2023-07-26 Least Authority

The scope of this review was sufficient and encompassed the cryptography of the Worldcoin Protocol.

Further audits are planned for the Worldcoin Orb biometric tool as well as a Holistic Review of the Worldcoin Protocol

• World ID Critique from Dick Hardt

• Kenyan police raid WorldCoin warehouse in Nairobi: report Cryptosaurus

• Scammers are cashing in on Worldcoin’s chaotic Kenya launch RestofWorld

• Worldcoin Regulatory Scrutiny Grows as Argentina Opens Investigation Coindesk

• Sam Altman’s Eyeball-Scanning Crypto Project Worldcoin Is Having An Identity Crisis Forbes

• Hackers stole passwords of Worldcoin Orb operators Tech Crunch

Thanks for Reading

• Read more \ Subscribe: newsletter.identosphere.net

• Please support our efforts by Patreon or Paypal

• Contact \ Submission: newsletter [at] identosphere [dot] net