Category

Hyperledger Indy

Working Together on What “Good” Looks Like

By Blog, Healthcare, Hyperledger Aries, Hyperledger Indy

On Tuesday, the Good Health Pass Collaborative (GHPC) launched. This initiative is intended to define, in the context of test results and vaccination records for opening up borders for travel and commerce, a high bar for implementations of identity and credentialing systems to meet with regards to privacy, ethics and portability. They will also work with the implementers of such systems to converge towards common standards and governance.       

A set of Linux Foundation organizations – TrustOverIP, Hyperledger, Linux Foundation Public Health, and its Covid Credentials Initiative – have engaged as supporting organizations and were part of the announcement. We did this based on very encouraging signs during formation discussions that GHPC would not only help bring many of the organizations emerging into the self-sovereign identity space into alignment on platforms and standards we have long championed, but would also give us an external reference point for our position on the importance of privacy in the design and implementation of such systems.

Hyperledger has been home to the pioneering digital identity ledger Indy and agent toolkit Aries, which form the basis of so many production privacy-preserving digital identity systems and, now, are serving as the basis for many of these emerging health pass solutions. The TrustOverIP Foundation led the formal recognition of the need and role for governance organizations in the digital identity landscape – showing how we can get both optionality and interoperability when we weave global identity and credentialing systems together in a decentralized way. 

The Covid Credentials Initiative, starting way back in March 2020, recognized the potential for credentials of all sorts in the fight against this and future pandemics, and have pulled together an amazing community of technologists and entrepreneurs working together on this. Now, as part of Linux Foundation Public Health, we are working to bring together a set of software projects that can implement credential systems and help accelerate adoption of these globally, centered on the needs of public health authorities.

On Thursday’s GHPC webinar, Charlie Walton from Mastercard said GHPC is “in the business of describing what good looks like.” We will be working with GHPC to bring our own communities’ views of not just what good looks like, but how we’re already working together to standardize and implement this work. Furthermore we’ll see if our processes can directly support GHPC’s efforts to harmonize this domain.

We recognize there are quite a few of these initiatives now, reflecting just how broadly this issue is felt across society. We can play – we must play – a key role in channeling all this market activity and good-faith sharing of expertise into applications directly in people’s hands, so we can get back to travel and re-opening workplaces and schools in a safe and equitable way. Our key levers to move the world are open source software and open public engagement, and we will double-down on those tools to have a unique and substantive impact.

Look for more on this soon within our communities. We’re incredibly excited to be a part of this global effort.

Once Again, Forbes “Blockchain 50” Shows Enterprise Blockchain’s Footprint and Impact, with Hyperledger Technologies Leading The Pack

By Blog, Hyperledger Aries, Hyperledger Fabric, Hyperledger Grid, Hyperledger Indy, Hyperledger Sawtooth

Declaring that blockchain has “gone mainstream,” Forbes today released its 2021 “Blockchain 50,” featuring companies that have at least $1 billion in revenues or are valued at $1 billion or more and “lead in employing distributed ledger technology.” And, once again, half of the companies on the list are using Hyperledger technology. 

Twenty five companies on the list name at least one Hyperledger technology as part of their solution platform. Hyperledger Fabric, specifically, is cited as a platform by 24 of the companies, topping the list as the most widely used technology. Hyperledger Aries, Indy, Grid and Sawtooth are all also deployed by companies on this list. 

The annual list, now in its third year, reflects the growing global impact of blockchain technology with 25 members from the U.S., 13 from Europe and a record 12 from Africa, Asia, the Middle East and Latin America. All in all, there were 21 companies that were new to the list, and 15 of them, including ones from Australia (BHP), India (Tech Mahindra) and Africa (Sappi), use Hyperledger-based platforms. 

Of the 12 companies that have made the list every year, six (Ant Group, Cargill, DTCC, IBM, ING and Walmart) use Hyperledger technologies.

More than just a basic list of companies and technologies, the Forbes Blockchain 50 provides a snapshot of the market-changing deployments these blockchain leaders have deployed. Accompanying stories add even more analysis and context. 

This annual look at the market is a good reflection point for the traction our technologies have in the current market but also a guidepost to what needs to come next. The increasing global adoption of blockchain – public, private, hybrid – and coming shifts in currency adoption and payments as well as uptake in markets as diverse as mining, telecom, pharma and shipping all point to the growing reach of distributed ledger technology. And, in the face of such challenges as the pandemic, climate change and income equality, it is important to put the focus on what we can accomplish building on blockchain as a cornerstone. 

Kiva Protocol, Built on Hyperledger Indy, Ursa and Aries, Powers Africa’s First Decentralized National ID system

By Blog, Hyperledger Aries, Hyperledger Indy, Hyperledger Ursa

For the 1.7 billion unbanked adults around the world, access to financial services is extremely limited. Without even a basic savings account, economic opportunity is often limited to informal offerings such as local shopkeepers who extend credit to their customers, microfinance institutions that work to serve the last mile, and community savings and credit associations that are setup by individuals living in the same village.

In the unbanked world, individuals borrow a few hundred to a few thousand dollars at a time, paying back over a relatively short time frame of 12-18 months. But despite excellent credit records, they are unable to receive even similar credit facilities at local banks. This is because the data from their informal transactions is essentially invisible: the banks either do not trust the data sources, or are otherwise unable to verify the provenance of the data.

While this is the state of the world today, it does not have to be our future. Kiva, a US-based nonprofit organization focused on financial inclusion, has built Kiva Protocol to bridge the data disconnect and help enable universal financial access. In 2019, Sierra Leone, a West African nation of about 7 million, launched the National Digital Identity Platform (NDIP) that used Kiva Protocol to enable fast, cheap, and secure identity verification for its citizens.

Kiva Protocol is built using Hyperledger Indy, Aries, and Ursa, and as implemented in Sierra Leone, allows citizens to perform electronic Know Your Customer (eKYC) verifications in about 11 seconds, using just their national ID number and a fingerprint. With this verification, it is possible for the nation’s unbanked to open a savings account and move into the formally banked population.

To find the right platform, Kiva assessed more than 20 software stacks, both centralized and decentralized. Blockchain and decentralized ledger technologies quickly emerged as good solutions for the developing world as they enable data provenance at the protocol level and stakeholders can act relatively independently to enable their various activities in the formal and informal sectors.

After deep consideration, Kiva decided to use Hyperledger’s stack for identity: Indy, Aries, Ursa. While all three projects are closely related, each has a distinct mandate:

  • Hyperledger Indy is a distributed ledger purpose-built for decentralized ID with transferable, private, and secure credentials;
  • Hyperledger Aries is infrastructure that supports interactions between peers and between blockchains and other DLTs; and
  • Hyperledger Ursa is a modular, flexible library that enables developers to share time-tested and secure cryptography.

In August 2019, Kiva launched the beta of Kiva Protocol with a public event opened by the president of Sierra Leone. Since that launch, global regulators have made significant progress in terms of how they are considering digital identity and eKYC verifications. There is a growing global movement towards user-owned and -controlled data, better privacy, and more universal access. 

As of today, Kiva is focusing on building additional ecosystem applications and services to make it easier for all stakeholders to access and use Kiva Protocol. Much of this is being contributed upstream into the Hyperledger Indy and Aires projects, with the remaining components hosted in Kiva’s repository.

Hyperledger teamed up with Kiva on a detailed case study covering the challenges of the unbanked, requirements for a solution that delivers fast, cheap and secure ID exchange, and plans for expanding Kiva Protocols’ use to other countries and other applications. 

Read the full case study here.

DEON: A Hyperledger-based DEcentralized Off-grid Network

By Blog, Hyperledger Aries, Hyperledger Fabric, Hyperledger Indy

The DEON project focuses on the application of blockchains to secure data sharing in private networks and was initiated in 2018 in the wireless and sensor networks laboratory at the Yale Institute for Network Science. The use case of off-grid communication networks was identified with the goal of enabling their full decentralization in terms of data management and identity management. Off-grid (communication) networks are peer-to-peer networks that are autonomous, without super nodes and not dependent on the Internet’s physical infrastructure. Several recent developments like goTenna[1] and the Beartooth[2] offer standalone wireless devices that could be used to form local peer-to-peer networks. Other developments like the well-known Guifi community network[3] in Catalonia, Spain, are community-led paradigms in that space. Although these networks promote decentralization, openness, and fairness, they rely on legacy, centralized technologies for specific parts of their architecture like data and identity management. The integration of blockchains into off-grid networks appeared promising since blockchain provides attributes like transparency, privacy, distribution of governance and decentralization that are highly desirable in off-grid networks.

We chose Hyperledger Fabric as the framework to build our architecture because of its flexibility, performance and the potential we saw behind this huge community of enthusiasts and developers to further advance the technology. After we got familiar with the framework, we identified a key missing aspect: a decentralized identity management component. Unlike the rest of Fabric’s architecture, its native identity management is centralized and based on Certificate Authorities. So we came across the following questions: “which of the nodes in the network is going to host and manage the CA?”, “can we stick with the initial plan of having equal nodes?”and “how can we preserve the decentralization of off-grid networks if we rely on centralized nodes?”

Looking at the rest of the Hyperledger ecosystem, we found that Hyperledger Indy and Aries enable decentralized identity management. We could transform the centralized CAs of Fabric to a distributed CA entity, aka the Indy ledger, so that they are accessible by all nodes but not hosted by a specific one. This approach would work like a distributed oracle of trust in the network but necessitated some changes in Fabric and other extensions in the entire stack to bring DIDs into the “Fabric world.”

Approach and proposed architecture

The first Fabric extension identified as necessary for the integration was an Indy-based MSP to verify identities, signatures and transactions signed by DIDs. In addition, we had to enable the Fabric SDK (Go) to sign transactions using DIDs. For the Indy/Aries part, we leveraged the Hyperledger Aries Cloud Agent (aca-py) [4], which is deployed in each node of the network and serves as both the verifier and the issuer in the network. On one hand, it signs Fabric transactions using DIDs and issues credentials to the users of the network, and on the other it verifies proofs and transactions signed by DIDs. The DEON Core Service leverages Fabric private data collections and an interface to IPFS to expose a REST API for secure, transparent, fast and privacy-preserving data storage. An overview of the integration is shown in the figure below. The proposed architecture can be employed by off-grid networks of any kind, from IoT to communication and inter-enterprise consortia networks, for enabling self-sovereign identity and user-centric data sharing.

Figure 1: HL Fabric-Indy/Aries integration

Project outcomes and future work

The work started as a joint effort between the wireless and sensor networks lab of Professor Leandros Tassiulas at the Yale Institute for Network Science and Tata Consultancy Services (TCS), which put its expertise in decentralized identity to work in the development of the identity parts. Part of the work and initial benchmarks of the architecture deployed in off-grid settings are presented in the paper “A Blockchain-based Decentralized Data Sharing Infrastructure for Off-grid Networking[5].”

Currently the Yale team is working on improving the code to make it more usable by others as a standalone solution for integrating Fabric and Indy/Aries. The team is also working on feature enhancements for the DEON platform, such as supporting Fabric v2, updating DEON identity agents to the latest version of the aca-py agent, extending the DEON REST API with admin functionalities and finally looking for new applications of the platform. The code of the project can be found on GitHub https://github.com/off-grid-block.

[1] goTenna off-grid device: https://gotenna.com/
[2] Beartooth off-grid device: https://beartooth.com/
[3] Guifi.net: https://guifi.net/
[4] aca-py agent: https://github.com/hyperledger/aries-cloudagent-python/
[5] “A Blockchain-based Decentralized Data Sharing Infrastructure for Off-grid Networking”: https://arxiv.org/abs/2006.07521v2

About the author
Harris Niavis is a Research Engineer at Yale University. His research interests lie in enterprise blockchain networks, decentralized identity management, mesh networks and IoT.

 

Cover image by Pete Linforth from Pixabay

#HyperledgerFinTech: A sampling of production applications using Hyperledger technologies in the finance market

By Blog, Finance, Hyperledger Besu, Hyperledger Fabric, Hyperledger Indy, Hyperledger Iroha

The financial services market has long turned to technology to address a range of back-end challenges and enhance customer-facing services. Blockchain is increasingly becoming a go-to technology for advancing many different financial systems and solutions with different Hyperledger platforms serving as the core for an array of applications now in production. 

Read on for just a sampling #HyperledgerFinTech solutions, built using a mix of Hyperledger technologies:

Bakong

Sponsored by the National Bank of Cambodia, the country’s central bank, Bakong is the first retail payments system in the world using blockchain technology. Built on Hyperledger Iroha, Bakong delivers value for customers, merchants and banks. Individuals can now transfer money and buy from merchants with a simple smartphone app. Merchants gain a fast, cashless, and secure payments system. And banks can do interbank transfers at much lower cost.

Bakong was developed by Soramitsu and, after a soft launch in 2019, is now expanding with 16 financial institutions using the system and more expected to join in the near future. The project was also designed to promote financial inclusion for the country’s large number of unbanked citizens. Any citizen of the country can open a Bakong account, even if they don’t have a traditional bank account. The more than 500 merchants that accept Bakong can be viewed in a map inside the app. 

daura 

Built atop the private Swiss Trust Chain run by Swisscom and Swiss Post and powered by Hyperledger Fabric, daura is a digital share platform for financing and investing in Swiss SMEs. With daura, the share register is easily digitized and capital increases are carried out quickly and inexpensively at the push of a button. Shares can be split into any number of small lots and the share register is always digitally maintained, complete and up-to-date. With daura, companies have also transitioned virtual Annual General Meetings as a response to COVID-19 with authorization and access are granted directly via the blockchain. 

ioCash

ioBuilders is a blockchain technology company focused on building regulated fintech and enterprise solutions based on distributed ledger technology to help businesses succeed in their blockchain adoption. The company offers professional services, including technical, business and regulatory, and develops its own product line. ioBuilders has been one of the first adopters and advocates of Hyperledger Besu, providing essential feedback to improve its enterprise requirements capabilities. 

ioCash, one of ioBuilder’s core products, is a fintech platform enabling the use of regulated fiat money on blockchain networks, making it programmable with smart contracts and able to interact with other blockchain use cases. ioCash’s platform operates under an electronic money licence, providing accounts (with or without IBAN) and complex payments functionalities through API and smart contracts connectivity. ioCash is also available as a technology license for financial institutions that hold banking or electronic money licences and are aiming to add the benefits of blockchain into their payment systems. 

Memberpass

CULedger, a credit union service organization (CUSO) that began when a group of credit unions came together in 2016 as a direct response to the increasing threat of fraud, set out to bring a decentralized identity solution product for credit unions to market. The result was MemberPass, a permanent, portable digital identity credential for credit union members.

Built in partnership with Evernym and using Hyperledger Indy, Memberpass replaces vulnerable authentication processes such as common knowledge-based questions. Now credit unions are able to issue a digital credential to members, giving them a hassle-free way to control and prove their identity quickly and easily while protecting their personal information.  

Verified.Me 

Verified.Me offers a secure and convenient way to help Canadians verify their identities.

Verified.Me is a service offered by SecureKey Technologies Inc. The Verified.Me service was developed in cooperation with seven of Canada’s major financial institutions – BMO, CIBC, Desjardins, National Bank of Canada, RBC, Scotiabank and TD. The Verified.Me network continues to evolve adding new identity providers and service providers to make your life easier.

Verified.Me is built on top of the IBM Blockchain Platform which is based on Linux Foundation’s open source Hyperledger Fabric v1.2, and will be interoperable with Hyperledger Indy projects. 

Users of the Verified.Me mobile app or web browser experience are able to get a free credit score with Equifax, register with Sun Life, verify their identity when registering for Dynacare Plus, an online and mobile service that lets users manage their health remotely, and more.

Join the conversation about solutions and applications in the financial service market with #HyperledgerFinTech this month on social channels. Or get involved with the Capital Markets or Trade Finance Special Interest Groups.

If you are interested in peer-to-peer transactions, mark your calendar for a webinar hosted by CoinDesk at 11:00 am ET on October 20th. A panel of experts on different Hyperledger platforms will be discussing “Governance, standards and interoperability: Getting past the roadblocks to peer-to-peer financial transactions.” Go here to find out more.

CULedger’s MemberPass™ delivers fraud protection for credit unions and their members using Hyperledger Indy

By Blog, Hyperledger Indy

How many times have you answered, “What’s your mother’s maiden name?” or named your first pet when setting up a new account? Today, those common knowledge-based authentication questions have become the most vulnerable forms of customer identification as financial institutions are being increasingly hit by fraudsters in the call center.

CULedger, a credit union service organization (CUSO) that began when a group of credit unions came together in 2016 as a direct response to the increasing threat of fraud, took up the challenge of improving the member identity authentication process across all delivery channels. CULedger was formed specifically to bring a decentralized identity solution product for credit unions to market. Hence MemberPass™—a digital identity credential held by credit union members that protects credit unions and their members from identity theft and fraud in all financial interactions, from call center authentication to lending to opening new accounts—was born.

CULedger worked with decentralized identity organization, Evernym, to build MemberPass™ (formerly called MyCUID) with Hyperledger Indy—a distributed ledger software project that is interoperable with other blockchains or can be used on its own to power the decentralization of identity. With Hyperledger Indy at its core, MemberPass™ serves as a permanent and portable digital identity that reduces member friction and injects more trust in digital interactions within credit unions.

During a pilot program with three credit unions in 2019, initial results for MemberPass™ were promising. Whereas authentication in the call center could take anywhere from 90 to 120 seconds—or sometimes even up to five minutes depending on the transaction—MemberPass™ reduced that process down to 15 seconds or less.

There are now thousands of MemberPass™ credentials in live production, with the expectation that number will grow year after year as the focus shifts to scaling and evolving the network. Credit unions recognized the advantages of MemberPass™ from the get-go and are looking to get more of their members using the digital identity credential. One participating credit union is working with CULedger on a strategy for issuing new MemberPass™ accounts inside its branch locations as part of their new member onboarding process. Other credit unions have expressed interest in implementing MemberPass™ in its Internet banking channel and its mobile banking channel. More use cases are being defined as more credit unions begin to understand the power of this privacy-enhancing technology.

Hyperledger teamed up with CULedger to capture the details behind the launch of MemberPass™ as well as steps that are underway to grow adoption and interoperability. Find out more in the full case study.

Hyperledger-Powered Education Solutions in Action

By Blog, Education, Hyperledger Aries, Hyperledger Fabric, Hyperledger Indy, Hyperledger Iroha

Just before the age of COVID began in earnest, The New York Times ran a feature on “How Technology Is Changing the Future of Higher Education.” The rise of remote learning and other pandemic-related changes and challenges have added to the need and opportunity for technology-driven advances. 

The Hyperledger community is doing its part to help the higher education market adapt to an increasingly digital world. Below we look at five Hyperledger-powered solutions that are at work now in the education market. They are helping colleges and universities modernize how they tackle a number of core tasks, including issuing and verifying academic credits, automating on-campus payments and managing students’ identity and privacy. 

Read on for more about these #HyperledgerEdu solutions, built using a mix of Hyperledger technologies:

Byacco, an on-campus payment system

Soramitsu has officially released Byacco, a payment system based on Hyperledger Iroha, for the University of Aizu, Japan. Byacco is a system that allows students and staff of the University of Aizu to use an application on their phones to pay for goods in the cafeteria and university store and to transfer funds within the campus. To make a transaction, all they need is to scan or to provide a QR code, depending on the operation. Byacco’s technology also has high standards for transfers: it follows the EMV® QR Code specification and has bank application level financial security protocols. The keys that are used to authorise transactions on the blockchain are stored only on the device, in a secure storage, so that no one except the owner can access the funds. Students of the university can join the development of the system, thus acquiring skills in creating financial systems based on Hyperledger technologies.

DoDream, a “Study Abroad Platform”

Dain Leaders is an education solution provider for universities in Korea. It serves more than 45 Korean universities by providing services for students’ career path development. As part of that effort, Dain Leader is introducing its “Study Abroad Platform,” called DoDream, to support the extended education ecosystem of the universities, accreditation and related agencies, and prospective employers. Based on Oracle Blockchain Platform Cloud Service (which is powered by Hyperledger Fabric), the platform is an O2O service that provides foreign students with information on studying in Korea and a matching service with Korean universities.

Oracle Digital Certificates Solution

In the face of fast-changing demographic and economic drivers and student expectations, the current processes for issuing and verifying student certificates are too inefficient and time consuming. They can also lead to fraudulent or counterfeit certifications.  

The Oracle Digital Certificates Solution, built on the Oracle Blockchain Platform (based on Hyperledger Fabric), provides a complete, end-to-end solution for educational institutions to issue verifiable tamper-proof and secure credential certification that improves the student experience after graduation and improves operational efficiency. The solution enables institutions to issue digital certificates along with transcripts and provide self-sovereign capability to the students who can share them securely with third parties through an access token.

This solution has been successfully deployed in production by customers like China Distance Education Holdings Limited (CDEL) and Taibah Valley University. CDEL uses Oracle Blockchain to share educational records and professional certifications across many educational institutions to help employers and recruiters verify the educational credentials claimed by individuals. 

Many other institutions like national universities, employment agencies, government organizations, professional skills academies and universities that provide student grants/scholarships are using this solution as part of ongoing or planned pilots.     

PwC Smart Credentials

Data is the new gravity in the world today and organisations are gravitating to and concentrating around trust as the ultimate currency in this data driven world. This trust is crucial for people to exchange information, especially in this digital age when trust is often violated. 

With that premise, PwC developed Smart Credentials, a credential issuance, sharing, reviewing and revocation platform levegering the inherent core benefits of blockchain technology such as immutability, tamper-proof nature, transparency, authenticity and security.

Built using Hyperleder Indy and Hyperledger Aries to support the verification process, Smart Credentials has two key pillars: Authentication (you are who you say you are) and Authorization (genuine claim). Both are crucial ingredients of building trust in any ecosystem. 

Smart Credentials recently won a “Bronze” medal for the Best Global Blockchain Innovation 2019 at the Reimagine Innovation awards (Backed by Wharton and QS) and is a finalist in the DataIQ 2020 awards “Best data product/ service” of the year category.

Verified.Me

As higher education moves deeper into online and remote learning for traditional and non-traditional students, colleges and universities are now offering a broader array of services that extend the campus experience to the digital realm. Beyond the advent of digital programming, educational institutions are also privy to sensitive personal student, faculty and alumni data from income and payment information to disciplinary records, healthcare and insurance information. 

SecureKey Technologies’ Verified.Me service is one approach that supports education’s new digital and data privacy demands. This new digital identity verification service can help verify students, alumni and faculty in a timely and secure manner, strengthening educational institutions’ ability to expand their digital offerings with confidence – while also providing much-needed cost savings. Verified.Me is built using the IBM Blockchain Platform, which is based on Linux Foundation’s open source Hyperledger Fabric.

Join the conversation about solutions and applications supporting the higher education marketing with #HyperledgerEdu this month on social channels. Also, Hyperledger has an Education Architecture Special Interest Group that is open to all.

Interoperability and Integration Developments in the Hyperledger Community

By Blog, Hyperledger Aries, Hyperledger Besu, Hyperledger Cactus, Hyperledger Fabric, Hyperledger Grid, Hyperledger Indy, Hyperledger Sawtooth

Interoperability and integration are top of mind issues across the blockchain space right now. From new projects to new solutions, the Hyperledger community is taking on the challenges of cross-chain and cross application communication and data flow. 

Here are some of the most recent #HyperledgerInterop developments from across the community.

New Project – Hyperledger Cactus

The newly announced Hyperledger Cactus is a blockchain integration tool designed to allow users to securely integrate different blockchains. This pluggable architecture helps enable the execution of ledger operations across multiple blockchain ledgers, including Hyperledger Besu, Hyperledger Fabric, Corda, and Quorum available today, with the aim of developers continually adding support for new blockchains in the future. 

 Cactus started as a Hyperledger Labs project six months ago and has attracted significant attention and become a locus of collaboration between developers from teams at Accenture and Fujitsu, and dozens of others working on DLT platforms both inside and outside Hyperledger.

Member applications

  • Smart Block Laboratory built the Hyperledger Fabric-powered distributed register Cryptoenter, blockchain infrastructure for digital banking that unites banks into a single digital space for transmitting financial messages and brings a new level of interaction to the financial market. The platform is designed for p2p interaction between consumers of financial services, safe execution of payment transactions with cryptocurrencies, fiat currencies and cryptocurrencies, user interaction within a social network for investors / distributed crowdfunding platform.

    The basis of the platform is the Rubicon Blockchain, a cloud platform for the blockchain economy, built on Hyperledger Fabric. Cryptoenter has a dual security system: at the Hyperledger blockchain network level and at the Rubicon Blockchain (also based on Hyperledger Fabric) network level. The solution uses an SRP authentication system. TLS (transport layer security) protocol based on SSL (Secure Sockets Layer) protocol is also included. This dual security system allows Cryptoenter to authenticate the person who signed the message, control message integrity, protect the message from fakes and prove the authorship of the person who signed the message.

Technical talks from Hyperledger Global Forum

Nathan George from the Sovrin Foundation offers his take on “Standards and Interoperability for Identity”

 Identity platforms have made significant advances leveraging blockchain technology and standards developed at Hyperledger. In his talk, Nathan covers the latest in trusted information flows and the standards being incubated to promote interoperability and create network effects across multiple blockchains and identity platforms.

Key topics include the advancements incubated in Hyperledger Indy, Hyperledger Aries, the W3C Credentials Community Group and at the Decentralized Identity Foundation for Verifiable Credentials, Decentralized Identifiers (DIDs), DID Communications, Identity Hubs, Authentication, and the data models that power them.

Panelists Rich Meszaros and Sarah Banks from Accenture, Melanie Nuce from GS1 US, David Cecchi for Cargill and Patrick Erichsen from Target discuss “Business Interoperability – The Key to Supply Chain Traceability”

Technology such as blockchain has the power to solve complex challenges and achieve improved supply chain traceability. In order to tap into this powerful technology, interoperability, enabled by robust data and transaction standards, are a must! Segments of the supply chain, such as the food industry, have made significant progress leveraging data standards to support food safety and product transparency use cases. The panelists discuss their companies’ work on improved supply chain traceability, the importance of standards and the role business interoperability plays in accelerating the success of new technologies like blockchain. 

Join the conversation about blockchain-based identity technologies and solutions with #HyperledgerInterop this month on social channels.

Cover image by Clker-Free-Vector-Images from Pixabay

Identity Applications in Action & Powered by Hyperledger

By Blog, Hyperledger Fabric, Hyperledger Indy, Hyperledger Sawtooth

Digital identity is gaining a lot of traction as a driver for blockchain adoption. There is growing recognition across many markets that reshaping how digital information is managed and verified can simultaneously increase online trust and privacy. The Hyperledger community is working hard to develop and deploy blockchain-enabled identity technologies and solutions with an eye towards decentralizing control of information and creating new models for verifying identities. 

To illustrate where this technology can take us, we are showcasing some applications where it’s already being put into action:

Known Traveller Digital Identity

Known Traveller Digital Identity, or KTDI, is a World Economic Forum initiative with Accenture that brings together a global consortium of individuals, governments, authorities and the travel industry to enhance security in world travel. The pilot leverages cryptography, blockchain technology and biometrics and aims to allow cross-border travel without presenting physical documents, accelerating the flow of passengers through airports, improving passenger experience, and enabling authorities to better focus limited resources on security improvements.

QDX™ HealthID platform 

QDX™ HealthID platform is a service from Quantum Materials Corp that leverages self-sovereign identity technology to provide end-to-end visibility to support testing and immunization for infectious diseases, including COVID-19, at scale. The platform enables multiple methods of authenticating the individuals being tested, those who are administering the test, as well as the test kits themselves, whether to detect the presence of the virus itself or associated antibodies. 

The QDX™ HealthID platform uses Hyperledger Sawtooth as the backing distributed ledger technology, which is deployed and managed using Blockchain Technology Partner’s platform Sextant for Sawtooth. The platform is also readied for integration with other distributed ledger applications via DAML, the smart contract language open sourced by Hyperledger member, Digital Asset.

MemberPass

Provided by CULedger, MemberPassTM is a digital credential held by credit union members that protects credit unions and their members from identity theft and fraud in all banking interactions, from call center authentication to lending to new account opening. MemberPass is a simple, secure replacement for user IDs and passwords, and supplants the traditional knowledge-based interrogation contact centers employ today to authenticate members calling for telephone banking services. MemberPass seamlessly authenticates both, the member and the credit union to each other, in any call-in, log-in or walk-in exchange, providing a consistent, frictionless experience across all channels. 

Sovrin Network

Operated by independent Stewards, the Sovrin Network uses the power of a distributed ledger to give every person, organization, and thing the ability to own and control their own permanent digital identity. With recent advancements in digital identity standards, Sovrin provides a secure and private network for identity holders to collect, manage and share their own verifiable digital credentials.

The Sovrin Network is governed by The Sovrin Foundation, a nonprofit organization established to administer the Governance Framework for this open source decentralized global public network enabling self-sovereign identity on the internet. 

Trust Your Supplier

Trust Your Supplier is a production Hyperledger Fabric blockchain network, running on the IBM Blockchain Platform, that provides suppliers with a trusted digital passport to streamline on-boarding with their customers.

The Trust Your Supplier network is a cross-industry source of supplier information and identity helping to simplify and accelerate the on-boarding and lifecycle management process. TYS was built to be a cross-industry blockchain network to facilitate procurement functions within an organization. The network’s first use case is focused on supplier onboarding and validation.

VerifiedMe

Verified.Me is a service offered by SecureKey Technologies Inc., in conjunction with a consortium of seven of Canada’s major financial institutions – BMO, CIBC, Desjardins, National Bank of Canada, RBC, Scotiabank and TD. Verified.Me is a privacy-respecting digital identity and attribute sharing network. The service simplifies identity verification processes by allowing individuals (subjects) to share identity and attribute information from trusted sources (including financial institutions, mobile operators, credit bureau, and government) with the services that they wish to access.

The network is based on permissioned distributed ledgers operated by the consortium. It is built using the IBM Blockchain Platform which is based on Linux Foundation’s open source Hyperledger Fabric  and is aligning with W3C decentralized identity standards, to enable interoperability with other networks. SecureKey’s Triple Blind® approach means that no network participant alone, including SecureKey, can have a complete view of the user journey – the subject can’t be tracked.

The service is free for consumers to use, either using their web browser, or by downloading the mobile app through the App Store (iOS) or Google Play (Android).

Join the conversation about blockchain-based identity technologies and solutions with #HyperledgerIdentity this month on social channels. Also, Hyperledger has an Identity Working Group that is open to all. Learn how to get involved via this video.

Coverage image by PublicDomainPictures from Pixabay

The Social Impact of “being”

By Blog, Hyperledger Indy

To be or not to be is not a question nowadays. To the normal citizen, you have your birth certificate that enables you to have an identity, a driver’s license, a passport and voilá: You are.

Even that digitally seems quite common and straightforward. Most of the western citizens have not one but many digital identities with them: a Google account, a Microsoft account, a Facebook account, etc. 

This is not the case for a large segment of mankind: A group that has no identity, knows little or nothing about their roots and cannot provide any proof of them. By not being able to prove their identity, they cannot open a bank account, access healthcare or enroll in university. They cannot have a “normal” life. Unfortunately, for this group, it is easier to buy a pizza using Bitcoin than to prove their names, origins and history.

This happens because we lack a common ground for identities. Governments have strong agreements on how each of them will “understand” documents issued by other nations. Internal conflicts, commercial disputes or other political situations make it hard for some countries to be part of such agreements and they end up being left outside. In some cases, those excluded countries are the ones facing issues that force their populations to migrate. Without an identifying document recognized by their host countries, these migrants become “nobodies” in their new home.

Self-Sovereign Identity, Interoperability and Trust

Hyperledger Indy, a distributed ledger built for the purpose of decentralized identity, will be a powerful tool to overcome this issue. It will do so by being a carrier of trust.

Distributed Ledger Technology (a “blockchain”), in an identity management scenario, enables everyone in the network to have the same source of truth about which credentials are valid and who attested to the validity of the data inside the credential, without revealing the actual data.

Through the infrastructure of a blockchain, an identity verifying party does not need to check the validity of the actual data in the provided proof. Instead, the verifier  can use the blockchain to check the validity of the attestation and attesting party to determine whether to validate the proof.

For example, when an identity owner presents a proof of his or her date of birth, rather than actually checking the truth of the date of birth itself, the verifying party will validate the government’s signature who issued and attested to this credential to then decide whether he trusts the government’s assessment about the accuracy of the data.

Hence, the validation of a proof is based on the verifier’s judgement of the reliability of the attestor.

But trust is not the only issue we face. Most of the identity credentials issued by an institution are particular to that institution. There’s no standard on those schemas. Through Indy and standards such as Verifiable Credentials (whose Data Model 1.0 was recently published as a W3C recommendation) interoperability between institutions and different identity management systems might be achieved.

Using this technology, Non-Governmental Organizations (NGOs) can help those “invisible people” gain access to services and expedite the humanitarian process. In the future, it may even enable NGOs to  issue some sort of universally verifiable digital identity credentials to refugees. Credentials that refugee host countries could “understand” and accept because they use the same interoperable digital identity standards and trust the NGO that issued the credentials. This would allow refugees to fully access services in their host countries. They would be able to be included in society, open bank accounts, rent houses and be productive as any other citizen. 

The key is interoperability and the decentralization of trust.

Hyperledger Indy

Hyperledger Indy is still quite young with a lot to be discussed and done. However, it  has an engaged community around it, researching, asking questions and working towards the maturity of the ecosystem. The main tool to start using Indy is Indy-SDK. An SDK (Software Development Kit) is a “kit” that brings all-you-need tools in one library.

Today the solution still relies solely on said SDK. That can be tricky as it carries a lot of heavy-weight assumptions like using ZeroMQ, which browsers are not compatible with because of RAW TCP usage, to communicate with the node. That usually requires more recent mobile devices to work. Also, being a kind of all-in-one library it carries functionalities not always needed to everyone that uses it. 

To be the solution for the problem that plagues 1.2 billion people around the world who do not have an identity, the current technology still needs improvements. It has to be easier to use on basic phones, easier to integrate and easier to develop. It still requires users to have powerful smartphones to hold wallets. It’s not possible to run on a browser. And, we are challenged with little and sometimes confusing documentation on the technical side.

There are a lot of initiatives tackling those issues. Hyperledger Aries, which is making it more modular, Indy-crypto, indy-vcx and other projects are working to make this tech more democratic, transparent and easy to use. 

A lot of independent programmers are also experimenting with it, successfully creating, for example, a nodejs indy request that made a “sdkless” call to the node. I would personally love to see an HTTP with encrypted body request work over an Indy node and other “think outside the box” kind of tools.

Overcoming those issues will not be easy, but when we, the entire digital identity community, position ourselves in a united front to fight these problems, there’s a huge chance to succeed.