We Gather, You Read!

3+ years and still aggregating industry info: No Marketing, No Sponsorship, Just the top stories in the Verifiable Credentials galaxy!

Support our efforts by PayPal, or Patreon!

Upcoming

• Annual Privacy Forum 2024 ENISA. Submissions due 04/15

• [California] Internet Identity Workshop #38 04/16-18 [Sponsorships Still Available! ← Buy us lunch :)]

• OpenID Foundation Hybrid Workshop at Google 2024-04-15

• [Las Vegas] Identiverse 05/28-31 (Kaliya is Speaking)

• [Berlin] EIC: Digital ID, Web3, and Metaverses EICC 06/4-7 (Kaliya is Speaking)

• [Portugal] Open Identity Summit 2024: Research, Experience and Innovation 06/20-21

• [Switzerland] Digital Identity unConference Europe 06/18-20 [Sponsorships Available]

• [ARES Conference] International Workshop on Emerging Digital Identities Deadline 05/08 Event 07/30-08/02

• [South Africa] DID UnConf: Africa 09/25-27 registration opens soon

CALL FOR PARTICIPATION

DIGITAL IDENTITY RESEARCH INTERVIEWS New Design Congress

Help inform a major digital identity research by becoming a participant. This is an open call for security researchers, policy makers, activists, technologists, journalists, academics, artists, and other professionals whose work involves the design, development, deployment or assessment of digital identity systems.

Participants will be given a stipend for their time. Interviews are approximately 1 hour and 15 minutes in length, and are completely anonymised.

Hiring

• Product - Manager Identity IOTA

• System Analyst - Project Manager Finema 

Legal Identifiers

Decoding the California DMV's Mobile Driver's License 2024-03-18 Electronic Frontier Foundation 

The state contracted with Spruce ID to build this app. The company states that its purpose is to empower “organizations to manage the entire lifecycle of digital credentials, such as mobile driver’s licenses, software audit statements, professional certifications, and more.” In the “add-ons” section of the app, TruAge’s age verification QR code is available.  

vLEI Demystified Part 2: Identity Verification 2024-03-29 Finema

European

eIDAS 2.0: Redefining Digital Identity in The EU 2024-03-18 Lauren Hendrickson, Identity.com

• eIDAS 2.0 updates the original eIDAS regulation, offering a standardized framework for electronic identification and trust services throughout the EU.

• This revision targets technological progress, market changes, and the digital economy’s growing demands to improve trust, security, and accessibility in online transactions.

• A key feature of eIDAS 2.0 is the European Digital Identity Wallet (EUDI Wallet), which enables EU citizens to securely store, manage, and share their identity data, credentials, and attributes as needed.

Everything you need to know about the EUDI Wallet 2024-03-25 Gataca

Before being fully introduced in Member States, the EU Digital Identity Wallet is currently being tested on four large-scale projects that began on April 2023 to test digital identity wallets in real-life situations and ensure successful adoption.

More than 250 private companies and public authorities from 25 Member States and Norway, Iceland, and Ukraine are participating.

At Gataca, we are involved in the DC4EU consortium, which focuses on using the EUDI Wallet for Identity, Social Security, and Education, and in the VECTOR consortium, to advance the EBSI/ESSIF Framework.

Organization Creds

Self-Sovereign Identity for Organizations @ W3C CCG 2024-03 Ricardo Bochnia, Daniel Richter, Jürgen Anke; Hochschule für Technik und Wirtschaft Dresden

Good presentation of one of the best research papers on SSI that came out last year. 

[Literature, Organizations] Lifting the Veil of Credential Usage in Organizations A Taxonomy 2023-06 Ricardo Bochnia, Daniel Richter, Jürgen Anke; Hochschule für Technik und Wirtschaft Dresden

Our research focuses on the different characteristics of credentials in organizations and maps the characteristics of VCs to physical credentials. Our findings indicate that credentials in organizations can be classified by ten dimensions. Additionally, VCs have many possible characteristics of physical credentials, although implementation and support for certain features may be vendor-specific. Finally, we provide insights and suggestions for SSI researchers and developers.

Governance

Effective governance now with DIF Credential Trust Establishment 2024-03-27 Decentralized Identity Foundation

CTE builds upon TE by enabling ecosystems to express their trust in the issuers of decentralized identifiers (DIDs) and credentials. Credential validation steps of checking the integrity and revocation status are well known and understood, but there are not yet commonly-agreed-upon standards for evaluating the authority of a party to issue a credential’s claims. 

Companies

DHI/Mydex project wins international award 2024-03-28 Alan Michel, MyDex

The project is part of a UK government-funded Rural Centre of Excellence and run under the auspices of the Scotland-based Digital Health & Care Innovation Centre (DHI). It revolves around the generation and collation of holistic data of social determinants of health.

Product

Microsoft Entra resilience update: workload identity authentication 2024-03-29 Microsoft

We’ll explore two complementary methods that best fit our regional-global infrastructure. One example of workload identity authentication is when an Azure virtual machine (VM) authenticates its identity to Azure Storage. Another example is when one of our customers’ workloads authenticates to application programming interfaces (APIs).  

Frequently Asked Questions (FAQ) 2024-03-28 Microsoft

If you want to move to did:web from did:ion, you can follow these steps via the Admin API. Changing authority requires reissuance of all credentials:

Application

[DWeb] “Decentralized Githhub” Radicle Launches 1.0, Pioneering Decentralized Code Collaboration 2024-03-26 Business Insider

Conceived as a decentralized alternative to centralized forges like GitHub and GitLab, Radicle extends the capabilities of these systems with a decentralized identity system, cutting-edge gossip protocol, and integrated social artifacts which together form a self-hosted network for code collaboration. 

[Microcredentials] Towards a manifesto for Open Recognition: Advocating for a more diverse future for the recognition of talents, skills, and aspirations 2024-03-27 We are Open Coop

[Travel] Travel And Mobile Are Driving Decentralized Digital Identity (DDID) Growth 2024-03-28 Andras Cser, Forrester

An interesting coincidental and synergistic event with the SITA/Indicio announcement is that the NFID Foundation (which is responsible for standardizing near field communication technologies) has announced plans to promote DDID standards (W3C, DIF, ToIP, and the OpenWallet Foundation) in the security industry and mobile device space. Forrester expects that this announcement will have the largest influence on physical security, as well as mobile device first access control.

[Literature, EV] Self-Sovereign Identity for Electric Vehicle Charging 2024-03-11 Adrian Kailus, Dustin Kern, Christoph Krauß; via Identity Economy

Electric Vehicles (EVs) are more and more charged at public Charge Points (CPs) using Plug-and-Charge (PnC) protocols such as the ISO 15118 standard which eliminates user interaction for authentication and authorization. Currently, this requires a rather complex Public Key Infrastructure (PKI) and enables driver tracking via the included unique identifiers. In this paper, we propose an approach for using Self-Sovereign Identities (SSIs) as trusted credentials for EV charging authentication and authorization which overcomes the privacy problems and the issues of a complex centralized PKI. Our implementation shows the feasibility of our approach with ISO 15118. The security and privacy of the proposed approach is shown in a formal analysis using the Tamarin prover.

[Education] What you need to know about verifiable credentials for EdTech 2024-03-28 Indicio

Education administrators are already implementing this technology to save their students and faculty time and effort. Indicio recently partnered with USA Kansas to implement verifiable credentials to over 2,000 administrators; and you can see a demonstration of just a few of the things that this technology can do for your organization today on the Indicio YouTube channel.

Identity not SSI 

• [Passkeys] Recap: Virtual Summit: Demystifying Passkey Implementations FIDO Alliance

• [Passkeys] Using Passkeys for a Seamless Login Experience in the Apple Vision Pro Auth0

• [MFA, Passwordless] The Benefits of a Converged Identity Credential Hypr

• [OAuth] OAuth: "grant" vs "flow" vs "grant type" Aaron Parecki

• [Worldcoin] Portugal orders Sam Altman's Worldcoin to halt data collection Reuters

• [use-case] Apple ID ‘push bombing’ scam campaign hits cyber startup founders SC Magazine

• [use-case] ‘Darcula’ phishing platform targets postal organizations worldwide SC Magazine

[Research Note] SELF-(DE)TERMINATION: THE FATAL AMBIGUITY OF DIGITAL IDENTITY New Design Congress

In our previous research note, Cade Diehm detailed the technical flaws of digital identity (dID). He described how digital identity’s first principles are ill-defined, untested and brittle. Combined with the shaky convictions of triumphant post-Cold-War liberalism, and the tendency of this political philosophy to confuse ontology with ownership (or being with having), identity morphed from the output of an act of identification to the property of a person. 

Paravision Launches Age Estimation Tool 2024-03-19 FindBiometrics

Paravision has officially launched its own age estimation tool based on face biometrics. The solution is available in the form of a Software Development Kit or packaged in Docker-based products, and can be used independent of Paravision’s face-matching technology, helping to ensure end users’ privacy.

Thanks for Reading

• Read more \ Subscribe: newsletter.identosphere.net

• Please support our efforts by Patreon or Paypal

• Contact \ Submission: newsletter [at] identosphere [dot] net