Welcome to Identosphere • We Gather, You Read

Please Contribute to our efforts by PayPal, or Patreon! We’ll keep aggregating industry info.

Be sure your blog has an rss feed so we can better track and feature your content! Send us a message at newsletter@identosphere.net if you have an RSS feed you want us to track for this digest.

Upcoming 

• GS1 Global Forum 2/13-16

• Heroes of Data Privacy – the practise-oriented data privacy conference in Vienna LionsGate 5/24 Vienna, Austria

• DID:Day 3/1 around ETHDenver

• APAC Digital Identity unConference 3/1-3 Bangkok, Thailand

• Thoughtful Biometrics Workshop virtual unConference 3/13-17 [Registration]

• Internet Identity Workshop 4/18-20, Mountain View, CA

Curious about ethical use of personal data? Meet MyData Awards 2023 MyData

MyData Awards 2023 call is now open to recognise and celebrate human-centric services that put the individual at the centre of digital solutions.

Hiring

Learn how to bring a responsible data approach to your work with our cohort-learning programme Engine Room

Attacking SSI 

Decentralized Identity Attack Surface – Part 2 Shaked Reiner

Infominer thinks its incredible this is our first article detailing the attack surface of ssi. Been wishing for something like this.. Need more!

This is the second part of our Decentralized Identity (DID) blog series. In case you’re not familiar with DID concepts, we highly encourage you to start with the first part. This time we will cover a different DID implementation — Sovrin. We will also see what a critical (CVSS 10) DID vulnerability looks like by reviewing the one we found in this popular implementation.

Enterprise

Key Takeaways From CIAM Survey Ping Identity

Ping Identity strives to understand the challenges consumers face and the expectations they have for the brands they interact with. The Ping Identity CIAM Survey titled “The Balancing Act: Earning Trust Through Convenience and Security” has given us a lot of information about consumers’ relationship with their identity

Supply Chain

See the Global Supply Chain with Knowledge Graphs and UN Web Semantics Transmute

This article was based on Transmute Solutions Architect Nis Jespersen’s ‘UN/CEFACT Linked Data’ presentation from December 2022. Leading the UN Web Vocabulary project, I presented at the December 2022 UN/CEFACT Forum. 

When E-Commerce and In-Store Collide: What You Need to Know to Stay Relevant Next Level Supply Chain Podcast with GS1

Your customers want more information – and that could include your product catalog. Join us as we chat with Mike Massey, CEO at Locally, a business that gives access to real-time inventory to nearby shoppers using e-commerce tactics

Trusted and extensible product master data hub based on the OriginTrail Decentralized Knowledge Graph Origin Trail

Trusted and extensible product master data hub based on the OriginTrail Decentralized Knowledge Graph and GS1 standards Product master data — the foundation for supply chain visibility

Public Sector

• [youtube] Building on EBSI [live event]

• Mobile Driving Licence (mDL): Exploring ISO 18013-5&7 Andrew Hughes, Northern Block

“No, I don’t trust you” - Implementing Zero-Trust Architecture in the world of Self-Sovereign Identity (SSI) Trust Over IP

how the public sector should consider SSI, we examine the efforts of the US federal government to adopt zero trust architecture (ZTA) and its implications for using decentralized identity.  As stated in federal guidance, “The foundational tenet of the Zero Trust Model is that no actor, system, network, or service operating outside or within the security perimeter is trusted.

Explainer

• The Basics of DIDs ep.1 VESSI Labs and Kouki Minamoto

• Gear Up for the Future with Decentralized Identity KuppingerCole, by Warwick Ashford

• 3 Key Considerations in Your Passwordless Journey 1Kosmos

• Going Passwordless – Separating Identity and Authentication Kuppinger Cole, by Alejandro Leal

Personal Data

• Google and Facebook: Steam Engines of the Information Age MyDEX - Steam had its day. Then the world moved on.

• What has data got to do with net zero? MyDEX - At first glance it may not seem that data, especially personal data, has much to do with climate change.

• Data Privacy Day is the time to ramp up your Board-level cybersecurity expertise Entrust

Use Cases

• Future State: Digital Credentials for Healthcare Spruce - Digital credentials and self-sovereign identity have the potential to revolutionize the healthcare industry by providing a more secure and efficient way to store and share important health information.

• In God We Trust: Everything Else, we VERIFY #3TB - Are these cases for better crime detection? Or just the correct use cases for verifiable credentials?

• Employee Verification Simple and Secure Indicio

• A Digital Identity Stack to Improve Privacy in the IoT - Lockstep S. Wilson, N. Moustafa and E. Sitnikova,

Policy

• Cybersecurity Policy Forum: Identity, Authentication and the Road AheadCybersecurity Policy Forum FIDO Alliance - 2023 brings a new year and a new Congress – but America is still struggling with many of the same old problems when it comes to digital identity and authentication.

• Recap: 2023 Identity, Authentication and the Road Ahead #IDPolicyForum FIDO Alliance - tremendous transformation in 2023 as lawmakers and regulators alike struggle to help protect individual privacy and improve access to services 

• “Always bet on good regulation.” IDnow - the era of black-market operators is coming to an end, and which gambling trends to bet on in 2023.

iGrant.io Your Data, Your Choice

The Swedish Data Protection Authority (IMY) decided in a case involving Nordax Bank AB due to a complaint. The context is that Nordax failed to initially comply with requests from a complainant for access and erasure under Art. 15 and 17 GDPR, on the grounds that the company does not process or store the complainant's personal data. 

Standards

JFF (Jobs for the Future) Plugfest 2 ValidatedID

JFF (Jobs for the Future) and W3C aim to build an ecosystem for verifiable credentials wallets regarding learning and employment, and Verifiable Credential (VC) issuers and Decentralized Identifiers (DIDs).

[github] did:pkh Method Specification  Wayne Chang, Charles Lehner, Juan Caballero, Joel Thorstensson

did:pkh is similar in many ways to did:key, except that did:pkh is optimized for identifiers derived from hashes of public keys according to well-known algorithms (commonly referred to as "public key hashes", because, in most cases, they are a public key hashed according to a standard hash function).

Unifying Trust Registries and Trust Lists to Answer the Question of “Who Can You Trust?” Indicio

whose verifiable credentials are trustworthy in any given use case? Two solutions to this challenge—Trust Registries and Trust Lists— have emerged from two different organizations.

Organization

• WAO! We’re almost seven We Are Open

• JSON Object Signing and Encryption (JOSE) Working Group Reanimated Mike Jones

• Energy Web joins the OPENTUNITY consortium to open electricity ecosystems to decarbonize European grids Energy Web

• Identity Insights - First Ever Hyperledger Aries Bifold Summit James Ebert

• NADA Joins MOBI to Accelerate Zero Trust Innovations for Information Security and Business Automation MOBI

• Hyperledger Mentorship Spotlight: GVCR: Secure Verifiable Credential Registries (VCR) for GitHub & GitLab Hyperledger Ursa

Company Stories

• Get Your DID: Now You Can Pay with KILT and PayPal KILT

• KILT Website Features Enterprise and Consumer Onramps to DIDs KILT

• Credential Engine CEO Scott Cheney joins Velocity board Velocity Network

• Five Verifiable Data Predictions for 2023 Indicio

• Experience Secure and Private Communication With DaaS (DID-as-a-Service) InfinitySwap

Wider Team had a verifiable 2022 Wider Team

Our small band of strategy consultants gave back to our professional communities in 2022. Here's the recap of our digital identity, ethics, manufacturing, and supply chain talks, papers, standards work, and workshops.

Indicio Wins a New Government of British Columbia Code With Us Challenge Indicio

Thanks to winning one of the latest challenges, Indicio will upgrade the Hyperledger Indy SDK in all Hyperledger Indy and Aries software. This includes updating all BC Gov Aries Cloud Agent Python (ACA-Py) installations still using the Indy SDK to use Aries Askar

The YeshID kitchen: where security and usability meet YeshID

Our chefs are experienced. They have tasted good dishes and bad ones. They experiment and innovate mixing old ingredients and new, and delight when they create something delicious that no one has ever seen, tasted, or smelled before.

DWeb

• Mastodon for Developers: Everything You Need to Know auth0 - Learn how to use Mastodon effectively as a developer.

• The Rise of Decentralized Social Networks with Farcaster’s Dan Romero bankless

• Activity Streams graphical model reb00ted

[tweet thread] Reimagining the Social Landscape | State of the DAOs BanklessWriters

In this thread, you will discover the difference between the web3 social landscape and that of web2 [...] The social landscape needs to change. This is where the web3 social landscape comes in. It gives us hope as two of the biggest opportunities in web3 are to change the way communities are formed and the platform we use to come together.

For Sale

[tweet] Domain name http://atprotocol.com is for sale! NameOnline

Web 3

• What are LSDs? Defiant - Liquid Staking Derivatives! LSDs.

• ConsenSys Launches MetaMask Learn — The Next Step in Democratizing Web3 ConsenSys

• Web3 Is About Creating the Infrastructure for Digital Transformation Indicio

• Converge22 Recap: Next Gen User Experiences for Web3 Circle

Announcing did:day - An Exploration of Decentralized Identity at ETHDenver BUIDLWeek SpruceID

An Exploration of Decentralized Identity at ETHDenver BUIDLWeek. Web3 has enabled countless users to take control of their financial assets across the web, and we aim to take this a step further - allowing users to control their identity and data.  

SSX Product Update - Optimization Updates, New Features, and More Spruce Systems

We launched SSX in November to provide developers with the easiest way to integrate Sign-In with Ethereum. We are continuously working on a positive developer experience, and additional features to enable builders to work with emerging decentralized identity paradigms.

TezID 💖 Altme

Our collaboration with Altme allows for the integration of SSI verifiable credentials on the Tezos blockchain through TezID. This feature enables Tezos applications to verify user information directly on-chain, improving the user experience, privacy and enabling more customized experiences and services.

Thanks for Reading

• Read more \ Subscribe: newsletter.identosphere.net

• Please support our efforts by Patreon or Paypal

• Contact \ Submission: newsletter [at] identosphere [dot] net