Identosphere 198: States Need Stronger Identity • Govt. Investment in ID Delivers Growth • DID method standardization
Weekly edition of the latest Self Sovereign Identity related news, development, upcoming events, and thoughtful commentary from the blog-o-sphere. Thanks for your continued support.
We Gather, You Read!
We’re still aggregating industry info.
Thanks for supporting our efforts by a PayPal, or Patreon
Upcoming
Agenda for ETSI / CEN Workshop on EU Digital Identity Framework Standards 9/10-12
[South Africa] DID UnConf: Africa *an IIW Inspired Regional Event 09/25-27 REGISTRATION IS OPEN!!!
[Berlin, Global Trust Foundation] EU Digital Identity Wallets Forum 10/09
[California] Internet Identity Workshop #39 10/29-31 Early Bird Registration is Open.
Hiring
Associate DevOps (Remote) - Indicio 2024-08-07 Frances Donegan-Ryan; Indicio
Explainer
6 Facts About Digital Identities from One of the World’s Most-Streamed Cybersecurity Podcasts 2024-08-06 Anonyome Labs
Lots of businesses, such as plumbers and law enforcement, use MySudo to separate their professional from their personal communications: “The end-to-end encrypted functionality of MySudo is [particularly] useful for law enforcement,” Dr Ashley explained.
Travel
Why a Digital Travel Credential (DTC) is the strongest digital identity ever created 2024-08-05 Ken Ebert; indicio.tech
This is what gives airlines, airports, and border control the confidence to enable seamless check in, boarding, and border crossing: The data in the DTC has been authenticated and is now fully portable and instantly verifiable. And because of the way verifiable credentials use cryptography and digital signatures, this information has been digitally sealed in such a way that if someone tried to alter it, it would be easily spotted.
Travel Digital Identity – Seamless Travel Powered by Digital Identity 2024-08-05 GoodeIntelligence
The first edition of this report and the third report in the Digital Identity Series, this report includes a review of current global adoption, market analysis including key drivers and barriers for adoption, technology analysis, important technology suppliers and services providers operating in this sector and forecasts for users, biometric sensors, transactions, and revenue within the six-year period 2024 to 2029.
Government
States Need Stronger Identity Verification as Online Services Grow 2024-06-03 Matt Thompson, Senior Vice President; www.govtech.com
The National Institute of Standards and Technology (NIST) recommends against using KBA because fraudsters have gotten too adept at answering KBA questions. [...] More than half of constituents surveyed said they are “somewhat concerned,” “fairly concerned” or “very concerned” about the potential for fraud resulting from online interactions with state government.
[linkedin] Government investments in Digital ID should also be expected to deliver economic growth. 2024-08-07 Sezoo
Attached is the introduction for a series of articles on how the business case and economic benefits of Digital ID systems can be considered, and we will look at how these benefits may be impacted (positively or negatively) by choices made in areas such as standards, technology, legislature and governance.
Identity-Centric Bank & Finance Regulations - North America 2024-08-06 PingIdentity.com
See which North American financial regulations have stringent identity standards, and how identity access management helps achieve compliance.
eIDAS
The European Commission has released the initial set of eIDAS implementation regulations 2024-08-12 Mohamad Hajj
--> Certification requirements for the conformity of Digital Identity Wallets
--> Standardized protocols and interfaces to ensure cross-border interoperability
--> Core functionalities and integrity guidelines for seamless use across Member States
--> Establishing a Trust Framework for secure identity management
--> Provisions for PID and electronic attestation of attributes
eIDAS 2.0: The Ultimate Guide 2024-08-05 Dock.io
Identity companies must understand and address these challenges to make their solutions compatible with the eIDAS 2.0 framework. This will allow them to enhance their offerings and support the creation of a unified digital market in the EU.
Transforming Plastic Waste with DPPs 2024-08-09 Iota Foundation
Teaming up with Digimarc we're providing distributed ledger technology (DLT) to help track and trace the recycling journey of plastics. The use case involves collecting and recycling farm plastic waste, converting it into bioplastics used in consumer products, like plastic bags. It implements DPPs for both intermediate and final products, ensuring B2B and B2C verification respectively, and uses the GS1 EPCIS 2.0 standard for recording events in the supply chain, with proofs stored on the IOTA ledger to support claims about product provenance.
Spain plans to use W3C Verifiable Credentials to protect minors online - EBSI 2024-08-09 ec.europa.eu
The key requirement of Spain’s online age verification system is the privacy and untraceability of users’ activity, when presenting their age for verification online. This makes W3C Verifiable Credentials data model the perfect choice for such use-case. Their technical solution follows the OpenID For Verifiable Presentations (OpenID4VP) specification, ensuring secure and private verification of age credentials. Additionally, the framework includes trust management via whitelists, which ensures only trusted entities can issue or verify these credentials.
Company Stories
Public preview: Microsoft Entra ID FIDO2 provisioning APIs 2024-08-07 techcommunity.microsoft.com
With the Microsoft Entra ID FIDO2 provisioning APIs organizations can build their own admin provisioning clients, or partner with one of the many leading credential management system (CMS) providers who have integrated our APIs in their offerings.
Microsoft Entra Suite now generally available 2024-07-11 Microsoft
Microsoft Entra Internet Access – an identity-centric Secure Web Gateway (SWG) for SaaS apps and internet traffic that protects against malicious internet traffic, unsafe or non-compliant content, and other threats
Indicio and DNP partner to offer Indicio Academy certified training in decentralized identity technology to the Japanese market 2024-08-06 Indicio
“DNP was immediately impressed with Indicio Academy from the moment our in-house team was trained and certified. We used the Indicio Academy as an opportunity to let people know what they can do in this burgeoning technology field and formed an active partnership to offer the program with the goal of gaining business partners,” said Takahito Kanazawa, Managing Director, Head of Advanced Business Center, DNP.
Indicio and DNP bring training to Japan. 2024-08-07 Chris Burt Biometricupdate
Rotating signatures are compatible with ISO/IEC 18013-5 mDL, SD-JWT, and W3C Verifiable Credentials standards for digital credentials, and the FIPS 140-2/3
Development
[github] A collection of example projects and scripts for atproto development. bluesky-social/cookbook
Read the review paper on selective disclosure (6) idmlab.eidentity.jp
I will continue to read research papers on selective disclosure. Selective disclosure in digital credentials: A review https://www.sciencedirect.com/science/article/pii/S2405959524000614
Who Should Build a Digital Wallet? 2024-08-05 Wayne Chang; Spruce ID
Numerous other use cases are built using W3C Verifiable Credentials, such as Microsoft’s Entra Verified ID product, C2PA for content authenticity (a specification supported by Adobe, OpenAI, and Google), and GS1’s digital supply chain integrity efforts. Further, the EU Digital Identity efforts include SD-JWTs .
Standardization
Update on DID Method Standardization 2024-08-09 Decentralzied Identity Foundation
Does this effort mean all DID methods have to be standardized in a certain organization like DIF or W3C? No – In fact our goal is open collaboration so that DID method creators / backers can standardize where they choose. The effort mentioned in the LOI is twofold: Initial working group to standardize a cross-section of a few widely-implemented DID methods. This will use the liaison structure referenced in the LOI to ensure open participation.
Letter of Intent to Promote DID Method Standardization 2024-07-30 identity.foundation
With the rechartering of the DID WG, the leaders of DID-related work streams believe that now is the right time to extend standardization to DID Methods, with an initial focus on methods that have proven useful to multiple implementers over the past several years. In that spirit, we are proposing that we start the standardization process for a few selected DID Methods, subsequently informing standardization and conformance criteria across categories of DID methods.
There is only one reason you should care about decentralized data: Freedom covering OCA 2024-08-12 Alex Cahana
Decentralized Semantics: A semantic engine user perspective. This practice paper describes the release of the first version of the Semantic Engine leveraging OCA, an architecture to document schemas optimized for decentralized collaboration and reproducibility. OCA leverages new technologies on self-addressing identifiers and enables content-based authority vs. location-based authority.
Organization News
Guest blog: Let’s focus on user acceptance of the EUDI-Wallet! 2024-08-07 Adrian Doerk, Lissi; Decentralized Identity Foundation
The technical standards are decided on by the eIDAS expert tool group. This group consists of two representatives of every EU member state. They define the Architecture and Reference Framework (ARF). The four eIDAS Large Scale Pilots (LSPs), which started in May 2023, each have 50+ partners exploring different use cases. A lot of know-how has been built up already, but we also wait for the implementing acts to provide further information. The standards themselves are defined in recognised standardization bodies such as the European Telecommunication Standards Institute (ETSI).
DIACC Unveils New Board of Directors to Champion Digital Trust and Verification in Canada and the Global Digital Economy 2024-08-06 diacc.ca
The new and returning Directors bring fresh perspectives and experience-based commitment to DIACC’s mission. Their leadership will help the council ensure its initiatives align with and influence standards and practices that mitigate security and privacy risks. DIACC’s leadership works collaboratively to support a more inclusive, secure, and efficient global digital economy that benefits people and organizations of all sizes.
Bluesky Welcomes Mike Masnick to Board of Directors - Bluesky 2024-08-06 Bsky.social
We’re thrilled to announce that Mike Masnick has joined Bluesky’s Board of Directors. He is the author of the Protocols, not Platforms paper that first inspired the Bluesky initiative, and he is the founder and editor of Techdirt, among other accomplishments.
Beyond ID
A federal judge ruled that Google violated US antitrust law by maintaining a monopoly in the search and advertising markets. 2024-08-06 Lauren Feiner; The Verge
Apple received $20 billion from Google in 2022 to be the default search engine (it shares 36% of ad revenue from Safari users with the company). That's a big number, but nothing compared to its $394bn in total revenue. But for Mozilla, the impact might be more profound: in 2021, these payments represented 83% of its revenue. What happens to it without this underwriting