Identosphere #48 • 10 Million Monthly Users of PubKeyCrypto • Me2B Flash Guide Series • Web3 Authentication

Upcoming events, use-cases, explainers, company news and updates, standardization, verifiable credentials, and twitter threads of the week.

Welcome to the Identosphere Weekly

This weekly newsletter is possible Thanks to Patrons, like yourself.

Coming up

will include a panel discussion on the ongoing global adoption of the Financial-grade API (FAPI) security profile while reviewing global open banking initiatives

Thoughtful

Principles or Cult - An Irreverant Discussion on the Principles of SSI Dingle Group

The evolution of the Principles of SSI came about through the need to differentiate what is ‘true’ SSI versus marketing forces twisting the concept. This market driven motivator can bring cultish overtones to the process.

Cult Rule Moxy Tongue

our once great bastion of "Individual Liberty" has fallen victim to the mobs ruled by media disinformation, inadequate education, and technical gerrymandering by algorithm.

High Level

Self-Sovereign Identity: a Primer Hartmut Obendorf

Digital trust is often centralised, with select, well-known entities providing an anchor of trust that is propagated to everyone else; you are using this mechanism as you read this paragraph, having accessed a https: URL to find this article on your trusted platform, Medium.

Tap and Prove Stephen Wilson

We should be able to “tap and prove” any important fact and figures about ourselves – as easily as we tap and pay with a mobile phone at any one of 100s of millions of terminals globally.

What is Self-Sovereign Identity and how does it work? Peaq

We currently live within the realms of two separate, yet intertwined worlds. They are the physical and the digital, and to accept the latter is necessary to survive within the 21st Century. 

Regulatory

Digital Identity Around the World: Why Some Countries are Embracing Self Sovereign Identity Quicker Hackernoon

Each government moves at its own pace for as many reasons as there are countries, and digital identity/SSI will only become a reality once governments voice their support, regulations, and standards are adopted, infrastructure is created or upgraded, and interoperability, inclusion, and education are all addressed.

ICO’s Child Protection Rules Take Effect Sept. 2, 2021. Are You Ready? Identity Praxis

The UK Information Commission’s (ICO) Children’s Code, officially known as the“Age Appropriate Design Code: a code of practice for online services,” after a year grace period, goes into effect Thursday, Sept. 2, 2021. 

Legal Identifiers

Kantara lays out trust-building recommendations for mDLs

A global digital ID association has published steps vendors and others need to take in order to build effective mobile driving license services that also put ID holders in control of their identity. The Kantara Initiative’s report starts from the premise that trust in mobile driving licenses grows with the degree of control that license holders have over the documents, their privacy and

\#4 in the LEI Lightbulb Blog Series - Soaring Regulatory Confidence puts LEI at Center of Trust in Payments Ecosystem GLEIF

We do not have to look back further than the global economic collapse of 2008 to fully understand the worst-case scenario of unverified legal entities engaging in financial transactions. The LEI was created at the request of the G20 and Financial Stability Board (FSB) in response to this global catastrophe.

Apple Confirms Biometric Onboarding for Mobile ID

Apple has revealed a handful of states that it is working with to develop virtual, mobile driver’s licenses, and confirmed that the Transportation Security Administration will accept is mobile IDs 

Standards

Amazon is Giving Free FIDO Security Keys to AWS Customers to Encourage Better Account Security Good ID

Ultimately, credential-based breaches (like Colonial Pipeline’s) wouldn’t be possible if accounts were protected with FIDO Authentication, which requires local possession of a device with no knowledge-based authentication credentials passed over the network.

The Infrastructure Bill and What it Holds for Crypto SelfKey Foundation

In this article, we’ll try to summarize the key points surrounding the infrastructure bill and the effect it has on crypto.
[...]
it is likely that many dApp developers now need an identity solution that preserves privacy but ensures compliance – which is exactly the solution that we are building at SelfKey.

OpenID Connect Client-Initiated Backchannel Authentication (CIBA) Core is now a Final Specification

The OpenID Foundation membership has approved the following MODRNA specification as an OpenID Final Specification:

Veridium Advocates for Use of NIST-approved Contactless Fingerprint Technologies

Veridium is encouraging more organizations to embrace contactless fingerprint technologies, especially now that the NIST has laid out comprehensive guidelines for those interested in doing so. 

Verifiable Credentials

8 Reasons to use Verifiable Credentials Affinidi

VCs are interoperable across many systems and can be used in almost every possible scenario. Here is a list of use-cases where VCs can be used and PoCs developed based on them.

25 Use Cases for Verifiable Credentials LTO Network and Sphereon

Verifiable Credentials For Travel & Hospitality Evernym

In this webinar, Evernym's Jamie Smith and Andrew Tobin discuss how verifiable credentials and digital wallets can reduce fraud, automate workflows, and transform customer experiences across the travel and hospitality industries.

Tech Talk

Frontier Talk #6 | Bringing User-Centricity to Decentralized Identity - Nat Sakimura KuppingerCole

Raj Hegde sits with identity veteran, Nat Sakimura - Chairman of OpenID Foundation to understand how user-centric learnings from existing authentication protocols can be applied to future identity initiatives.

How We Test Our Android Code at Anonyome Labs

At Anonyome Labs we value well-written code that has good tests. This is a guide on how we go about producing useful and meaningful tests for our Android code. Testing approach: SDK or app?

The digital transformation of the education sector ValidatedID

The electronic signature improves the experience in education for students, teachers, parents, guardians and other school staff.

Data

What Does It Actually Mean When a Company Says, “We Do Not Sell Your Data?” The Markup via John Philipin

Probably because the alternatives produce even more income.

Catalysing transformative change: new project to produce innovative services in smart cities MyData

Cities around the world are racing ahead to be smarter by taking ethical approaches to personal data […] MyData Global is a centre of excellence for personal data management expertise, with the H3C project we are bringing together city administrations, companies and individuals to find solutions that put people in control of their personal data

Introducing the Me2B 101 Flash Guide Series Me2B Alliance

When we started drafting the Respectful Tech Specification a couple of years ago, it was immediately obvious that we didn’t have an adequate vocabulary to describe personal experiences in the digital world—never mind measure them.  

Flash Guide #5: Online Me2B Deals: Currencies in the Digital World and the Price of “Free”

The Me2B Deals or transactions that occur online typically involve three types of “currency”: money, attention or data. [...] What sets online data monetization apart from the other two currencies is that often, customers have no idea what they are paying with – or that they are paying at all.

Flash Guide #6: Online Me2B Relationships

our relationship with connected technology includes a set of “hidden affiliates” (third party integrations) that most of us are not aware of. This guide describes how these relationships – conscious or not – emerge as we interact with digital technologies.

Flash Guide #7: The Me2B Lifecycle: Overlaying Social Norms on the Digital World

This real life social context is currently missing in both existing privacy regulation and in industry standards models for ethical technology [...] Our model helps course-correct connected technology by pinpointing how the digital Me2B experience deviates from important social behavioral norms.

Flash Guide #8: Digital Me2B Commitments & Deals

This guide provides examples of common Commitments and Deals, and shows how they map to the stages of a Me2B Lifecycle. It also reflects social norms for being anonymous, recognized, or known at each stage.

Flash Guide #9: The 10 Attributes of Respectful Me2B Commitments

The Me2B Respectful Tech Specification measures technology behavior against 10 attributes that respectful Me2B Commitments should possess. These attributes represent how technology should treat us and our data at every step along the Me2B Relationship Lifecycle.

Flash Guide #10: Data Flow & the Invisible Parallel Dataverse

Our personal data flows do not start light and increase with time and trust. Instead, a firehose of personal information is released – and shared with a host of unseen third parties – as soon as we open an app or website. Me2BA’s Respectful Tech Specification V.1 is largely focused on testing for these invisible parallel dataverse data flows.

12 ways a human-centric approach to data can improve the world Me2B Alliance

Twenty-five quintillion bytes of data are generated every day. That’s 25,000,000,000,000,000,000. In this era of data abundance, it’s easy to think of these bytes as a panacea – informing policies and spurring activities to address the pandemic, climate change or gender inequality – but without the right systems in place, we cannot realize the full potential of data to advance a sustainable, equit

Ontology Partners With 4EVERLAND to Accelerate Web 3.0 Adoption

Ontology is partnering with 4EVERLAND, a Web 3.0 cloud computing platform enabling global acceleration, privacy protection, distributed storage and other technical features to accelerate the move towards Web 3.0.

Company Updates

Evernym's no-code solution for issuing and verifying digital credentials

Verifying credentials using Verity Flow
Creating a new verification flow in Verity Flow

The future of COVID credentials on GlobaliD

With our new platform, we’ll also be releasing a brand new COVID credential. Users will be able to validate the authenticity of their digital vaccine record from around the world and store the proof of the validation as a credential in their GlobaliD app.

Digitizing the 1st Mile with Blockchain, AI, and Self Sovereign Identity Connecting Coffee Farmers from Field to 1st Sip in Sustainable Supply Chains with Farmer Connect Supply Chain Revolution

Think about the journey of a coffee bean from East Africa to the consumer. Thousands of miles away in the 1 sip to field wrapped in a complex, and often unsustainable, inequitable supply chain. There are 25 million people living in the coffee ecosystem, and 2.5 billion coffee drinkers worldwide, and that number is expected to 2-3X in coming years.

KYC-Chain & CrypTalk Join Hands

CrypTalk is a messaging service designed to bring together verified projects and potential investors by creating a safe and secure crypto space. Crypto projects undergo thorough verifications and a number of security measures before being verified by CrypTalk.

Web3 \ Twitter Threads of the Week

KILT: Self-Sovereign Identity for a Web3 World

@dabit3

I've been diving into sign-in with Ethereum / decentralized identity / Web3 authentication. These are 11 of the most interesting developer resources I've found so far if you're interested in learning more about this too: Identity and reputation in Web3

Inventories, Not Identities • Why multisigs are the future of online accounts Kei Kreutler

Whether it’s the enforcement of legal identities, platform lock-in, or more implicit social norms, the logic of individualized identity was baked into web 2.0. With the advent of web 3.0, we have a chance to do things differently. 

Web 3.0 Talks: Decentralized Identity - Building Blocks for a Better Web ParityTech

Panel speakers: - Jesus Ruiz, Member of the Board and CTO, Alastria - Jun Li, Founder, Ontology - Ingo Rube, Founder and CEO, BOT Labs (KILT Protocol)

@BrantlyMillegan (thread)

The Ethereum community has accidentally solved a major problem of the Internet: Single Sign-On "Sign-In w/ Ethereum" is the future of login for *every app on the Internet*, crypto-related or not Not just an idea, it's already the norm for web3 & will spread 

Infominer shares a tweet thread about Metamask surpassing 10 Million Monthly active users! (up 1,800% in 12 Months)

That's 10 Million Monthly Active Key Pairs! A user-base for your wildest #selfsovereignidentity dreams...

Public Key Cryptography now has a large and growing active user-base. If you aren’t building applications to harness this burgeoning tech, you might just be missing out! See thread for more details.

Metamask isn’t just an Ethereum wallet, but it follows a BIP39 standard along with most other cryptocurrencies. All those users need to have access to your SSI application is add a new RPC to their existing wallet!!!!

Literature

Industry-Grade Self-Sovereign Identity: On the Realisation of a Fully Distributed Self-Sovereign Identity Architecture Chotkan, Rowdy (TU Delft Electrical Engineering, Mathematics and Computer Science)

revocation acceptance is at the discretion of individual clients, making our mechanism fully adhere to the principles of Self-Sovereignty. This revocation and verification structure is part of our Industry-Grade Self-Sovereign Identity (IG-SSI) architecture. IG-SSI is a purely academic fully distributed SSI scheme with intrinsic equality across the network. Furthermore, communication is facilitated peer-to-peer, requiring no specialised infrastructure.

Beyond Consent: A Right-to-Use License for Mutual Agency Lisa LeVasseur; Eve Maler

What's needed is a method to enable true mutual agency between any two parties in an Internet-enabled relationship. We propose a right-to-use license for access permissions as a practical alternative to consent and contract as used today, and a taxonomy that classifies important types of permissions. We also examine new data sharing scenarios, including decentralized identity, that may support their use.

Thanks for Reading!

Read more \ Subscribe: https://newsletter.identosphere.net

Support this publication: https://patreon.com/identosphere

Contact \ Submission: newsletter [at] identosphere [dot] net