Identosphere #46 • Reflections from Identiverse • Open Standards Should be Open • zkKYC

Get your weekly dose of upcoming events, company news, community discussions, with the latest in standards development and regulatory insight.

Welcome to the Identosphere Weekly

Thanks, Patrons, for your support!

Upcoming

Recap

Reflections from Identiverse: Identity Security Threats & Trends SecureAuth

talks like “Simplify Your Least-Privilege Journey with Access Analysis” and “Managing and governing workload identities” definitively provide greater insight. [...] UberEther showed in “User Behavior Analytics: Marrying Identity and the SOC Like Peanut Butter and Jelly” how UBA (User Behavior Analytics) and UEBA (User Events Behavior Analysis) deliver additional value to help avoid threats in real-time and provide visibility to analysts.

Thoughtful

Beyond the Web Doc Searls

Is it possible to do stuff on the Web that isn’t client-server? Perhaps some techies among us can provide examples, but practically speaking, here’s what matters: If it’s not thinkable by the owners of the servers we depend on, it doesn’t get made.

What determines your digital trust halo? GlobalID

Trusting someone to predict the rise and fall of the XRP isn’t the same as trusting someone not to pretend to be someone else. And yet, you can’t help but score each identity you come across online according to some formula. Just like everyone else does to you.

Can the World Computer Save the World? Mattereum

Part 1: Wicked Problems Vinay Gupta

We live in a world beset by wicked problems. While crypto has accomplished a lot in the past decade, we must do— and are capable of doing — much more.

Part 2: World Models & Theories of Change Vinay Gupta

Technological and social movements start in minds and manifest in the world. Crypto is no different. What is our view of the world we seek to change, and how do we change it?

Part 3: Building an Economy with a Future Vinay Gupta

What is the great theory of change for Ethereum and the blockchain industry which will galvanize, inspire, and ultimately save us?

Infographic of the week

Where can you store your credentials, who can store it and control the associated keys?

Explainers \ High Level

Definitely Doug 7/30/21: Get On Your Surfboard, The Next Wave is Here!

Industry and technology experts from hundreds of leading companies, who have spent time to understand SSI, are convinced that it will fundamentally change the way customers and merchants interact, in hospitality and travel as well as virtually every other sector of the economy. You have the choice to hope that the experts are all wrong, to plan for the change and use it to build competitive advantage, or to let others build it first and have it done unto you. Which will it be?

Page 47 begins the Chapter on Self-Sovereign Identity by Lilly Lillard 

The advent of the Internet and free digital technologies has undeniably made it easier to maneuver through life’s daily tasks, but as the Internet has aged, we find ourselves in a rather precarious relationship with these technologies: for each online service we want to use, we must verify ourselves by submitting sensitive personal information to businesses that have proven incapable of safeguarding that information. 

Interrogating Self-Sovereign Identity Good ID

Privacy and data protection must be at the heart of any identity system. But beyond the promises of the tech itself, we must continually monitor what SSI is being used for, and consider what kind of world it can help to build.

Public Sector

The Roles of Government & The Private Sector in a Digital ID Program Northern Block

we dive into what’s happening within the Digital ID landscape within Europe. Sebastian Manhart is very well positioned between policy and technology in the European Union. In this episode of SSI Orbit, he shares his experiences and future projections.

Self-sovereign identity in the context of data protection and privacy YourStory

this article deconstructs the self-sovereign identity model and examines how it stacks up against The Personal Data Protection Bill, 2019.

Data Talk

Afghans scramble to delete digital history, evade biometrics Reuters

Thousands of Afghans struggling to ensure the physical safety of their families after the Taliban took control of the country have an additional worry: that biometric databases and their own digital history can be used to track and target them.

Testing the fitness of your organisation's preparedness for data MyDigitalFootprint

How do you determine if your new company is addressing the underlying issues that hold back data from being what they imagine it can be? 

Standards Work

Introduction to Verifiable Credentials Ubisecure

The Verifiable Credentials specification is quite new, and many pieces that are required to create interoperable solutions are still incomplete or missing at time of writing. However, there is significant momentum around verifiable credentials (VCs). This is partly attributed to VCs being part of the solution for blockchain-based decentralised identity.

Don’t Use DIDs: Political Solutions Never Solve Technological Problems DW Husebey

A large set of impact investor, international donor, and government anti-poverty policy is based on the notion that for-profit companies can be induced to serve the poor with life changing services like banking or schooling but the limits of the for profit model are not always taken into account

Hyperledger SSI Ecosystem Jakubkoci

There are three projects under the Hyperledger umbrella related to digital identity. Hyperledger Indy, Aries, and Ursa. [...] describe their purpose and how they’re related to each other.

Open standards should be developed openly

Open standards should be developed openly because not enough people work to ensure that equity is central to innovation and development. We believe that openness is an attitude, and one which bears fruit over time from which everyone can benefit.

Humanitarian

What are the limits of the private sector in serving the poor? Caribou Digital

A large set of impact investor, international donor, and government anti-poverty policy is based on the notion that for-profit companies can be induced to serve the poor with life changing services like banking or schooling but the limits of the for profit model are not always taken into account

Affinidi Partners with AID:Tech — Exploring New Horizons in Digital Identity and Verifiable Credentials

The relationship continues to grow, as Affinidi and AID:Tech are now collaborating on a new initiative to build infrastructure to power a verifiable credential-based digital wallet with multiple services geared for women in Southeast Asia to help them access government programs, banking, insurance, etc. 

Rohingya turn to blockchain to solve identity crisis Guardian

Dilek Genc, a PhD candidate at the University of Edinburgh who studies blockchain-type applications in humanitarian aid and development, saysif the aid community continues to push innovation using Silicon Valley’s creed of “fail fast and often,” and experiment on vulnerable peoples they will be fundamentally at odds with humanitarian principles and fail to address the political roots of issues facing refugees.

COVID

Vaccine Passports Must Leverage Decentralized Identity Solutions Ontology

Decentralized identity solutions offer an ideal solution to the data privacy and identity risks associated with COVID-19 passports and other verification methods.

Why health passes are NOT vaccine passports – and offer greater flexibility and choice Digi Me

Health passes, though, are much more flexible as they provide multiple options. They can still be used as proof of vaccination, if the user chooses to share their health information in this way.

But, importantly and in a crucial difference from vaccine passports, they can also be used to securely display a test result, such as a negative PCR or rapid antigen test (also known as lateral flow tests) today. Additionally, they are also future-proofed for options such as rapid antibody test results when those come into play on a large scale.

The evolution of Covid testing peaks with at-home rapid antigen test-and-show capability Digi Me

fixes the pain points of other testing processes – especially as infectious and asymptomatic people can test without travelling – is cheap, eminently scalable, and can be used as secure proof of Covid health status where needed.

Papers/Research

zkKYC: A solution concept for KYC without knowing your customer, leveraging self-sovereign identity and zero-knowledge proofs

The proposed solution concept, zkKYC, removes the need for the customer to share any personal information with a regulated business for the purpose of KYC, and yet provides the transparency to allow for a customer to be identified if and when that is ruled necessary by a designated governing entity (e.g. regulator, law enforcement). This approach breaks the traditional privacy vs. transparency trade-off and provides structured transparency, resulting in a net positive outcome for all parties involved. 

Blockchain, Interoperability, and Self-Sovereign Identity: Trust Me, It’s My Data

The current interoperability processes for data exchange result in fragmentation and lack of aggregation, impacting patient identity, consent management, and access management across stakeholders. Patients lack the ability to administer and transfer consent in managing their own data. Payers risk sharing data with partners without consent. And, providers have identified “pain points” in data sharing in consent management and care coordination.

Self-Sovereign Identity: A Systematic Map and Review

This study presents a rigorous systematic mapping and systematic literature review covering theoretical and practical advances in Self-Sovereign Identity. We identified and aggregated evidence from publications to answer four research questions, resulting in a classification scheme used to categorize and review publications. Open challenges are also discussed, providing recommendations for future work. 

Thanks for Reading!

Support this publication: https://patreon.com/identosphere

Contact \ Submission: newsletter [at] identosphere [dot] net