Hyperledger is once again sponsoring the annual AnitaB.org Grace Hopper Celebration as a way of supporting leaders and future women technologists in our global community. Hyperledger and the Linux Foundation are committed to supporting women-led initiatives centered around recruitment and engagement like AnitaB.org.
This year, Hyperledger is putting its resources behind Open Source Day (OSD), an all-day hackathon for participants of all skill levels to learn about open source while contributing to projects designed to solve real world problems. OSD will be held October 1 as part of this year’s Grace Hopper Celebrations (vGHC).
During OSD, the women taking part will spend the day diving into the open source world to level up their skills and start contributing code. Participants will work in groups and with the mentors for hands-on learning, tailored to their experience level.
Hyperledger is an official Open Source Partner Project for OSD and is teaming with maintainers from four Hyperledger projects to introduce participants to its diverse ecosystem. Maintainers from these projects will on hand as guides to both the Hyperledger technologies and the code contribution process:
Hyperledger Besu, an Ethereum client designed to be enterprise-friendly for both public and private permissioned network use cases;
Hyperledger Cactus, a blockchain integration tool designed to allow users to securely integrate different blockchains;
Hyperledger Indy, a framework that provides tools, libraries, and reusable components for providing digital identities rooted on blockchains or other distributed ledgers; and
For each of these projects, the maintainers have compiled an array of pull requests or tasks that are tagged as “Good First Issues” that participants can tackle as their initial code contributions to Hyperledger. These triaged, non-documentation requests include everything from bug fixes to enhancements to security plug-ins. For those who want to challenge themselves or move deeper into a project, the Hyperledger Cactus list is broken down based on level of experience:
We want to thank our maintainers Anastasia Lalamentik (FireFly), Grace Hartley (Besu), Justin Florentine (Besu), Linlu Liu (FireFly), Nicko Guyer (FireFly),Peter Somogyvar (Cactus), Renata Toktar (Indy), and Tracy Kuhrt (Cactus) for offering their time and expertise to OSD. They will play a vital role in welcoming the Grace Hopper community into the world of open source and setting them up for success as contributors to Hyperledger and other projects.
As the world continues to grapple with COVID-19, there is an upswing in interest in digital identity technologies and their potential to underpin new health passes, travel credentials and other pathways to restarting economies that are effective, secure, accessible and privacy preserving.
Stephan Curran’s post on Why Distributed Ledger Technology (DLT) for Identity? also offers a good explanation of sudden and urgent issues driving interest in identity and the role of Hyperledger technologies in delivering solutions.
Advances on these fronts are fostering important new developments. However, digital identity solutions are reshaping other industries as well. Read on for a sampling of Hyperledger-powered solutions that are in production now, bringing innovation to the telecom, supply chain, education and training and financial services markets:
Alastria ID over Red H+
Alastria ID, a project of Alastria, the Spanish association that promotes the development of solutions based on decentralized ledger technologies, is focused on decentralized identity management. It is a self-managed identity model based on the World Wide Web Consortium (W3C) Verifiable Credentials standard designed to facilitate compliance with the General Data Protection Regulation (GDPR) for individuals, companies, organizations and entities. The use of credentials issued on different networks will enable interoperability across multiple applications.
Telefonica and Inetum have partnered to implement Alastria ID in a Hyperledger Fabric production environment in Alastria. Named “red H+” (H+ network), this implementation gives more than 500 members of Alastria access to a production grade infrastructure based on Hyperledger Fabric technology. Red H+ offers a free of charge Hyperledger Fabric environment for Alastria members, designed for the deployment of proofs of concept or production projects without demanding requirements, and a production-ready paying platform for those members interested in having certain levels of service and personalised and guaranteed response times, as well as value added services such as Alastria ID.
(Note: You can learn more about Alastria’s mission to promote the digital economy and how the Hyperledger community is involved in this May 5 webinar.)
MemberPass®
MemberPass is a digital credential solution that enables financial institutions to instantly verify financial credentials seamlessly across all consumer contact points in a highly secure and privacy-preserving manner. It is the flagship product of Bonifii, the financial industry’s first verifiable exchange network designed to enable trusted digital transactions using open standards and best-of-breed security technologies. Because MemberPass is built on Hyperledger Indy, credit union members can retain full control of their private personal information. The credential is secure and flexible. It allows the member to reveal only the data necessary for a given transaction. (See more on MemberPass adoption here.)
SnapCert
SnapCert is a blockchain-based Credential Authentication platform for universities, colleges and institutes. Offered as a SaaS platform by Snapper Future Tech, SnapCert equips education customers to issue and verify credentials on a blockchain, ensuring no fraudulent credentials can be issued in their name.
Customers include Kushal, a social organization that trains unskilled labour under Indian government National Skill Development program. With SnapCert, verifiers can get real-time verification of Kushal credentials directly from the primary source of the data simply using the last four digits of the credential holder’s Aadhaar id and the name. The solution solves the problem of misplaced paper credentials and reduces the trust deficit by providing easy access to credible credentials that prove the holder’s construction training. It also helps Kushal manage long term record keeping for the skilled workers, connect stakeholders that need the data and increase transparency and ease of doing business.
SnapCert is built using Oracle Blockchain, which is powered by Hyperledger Fabric.
Trust Your Supplier
Built on Hyperledger Fabric blockchain technology, Trust Your Supplier provides organizations a trusted exchange of information across an encrypted blockchain environment to minimize risk and fraud throughout the onboarding and life cycle of partnerships.
A single, digital identity for suppliers can be shared with multiple buyers and business networks. This two-tiered supplier profile approach allows suppliers to be discovered by new customers without handing over unlimited access to their data. The Trust Your Supplier cross-industry blockchain network provides clear provenance and a single, shared, tamper-evident ledger. This is ideal for supporting auditing capabilities as it provides an immutable relationship history between parties.
Verified.Me
In our current digital landscape, securely accessing online services has never been more important. With Hyperledger Fabric, SecureKey Technologies established Verified.Me, Canada’s leading digital identity network which helps verify consumers’ digital identity so they can access the services and products they want. With Hyperledger’s support, SecureKey has put user consent at the forefront and in control of when, why and with whom their personal information is being shared. This collaboration is critical to progressing the digital identity landscape in Canada and globally.
Join the conversation about blockchain-based identity technologies and solutions with #HyperledgerIdentity this month on social channels. Also, Hyperledger has an Identity Working Group that is open to all.
Financial fraud isn’t anything new, and the extent of the crime can vary significantly. Forty-seven percent (47%) of US consumers experienced financial identity theft fraud in the past two years—in fact, every 15 seconds a financial fraud incident occurs. COVID-19 has only accelerated the growth of financial fraud. Losses due to identity theft increased by 42% from 2019 to 2020 primarily due to the COVID-19 pandemic, according to a recent study published by the Aite Group.
Today, there are multiple authentication steps in place in financial institutions thanks to the steady increase in cybercrimes. These high-tech frauds take assets from financial institutions and deliver a bit of reputation risk to their public image. Research demonstrates that consumers expect their financial institution to take active steps to mitigate financial risks. Consumers want protection, but they also want a fast and efficient user experience. Too often, each delivery channel is a silo with its own authentication method:
For example,
The call center uses knowledge-based questions
The lobby and drive-up require a driver’s license or other physical forms of identification
Online banking access calls for a username and password plus, often a two-factor authentication.
And consumers want more control over their personal data. In late September 2020, we commissioned a nationally representative survey to over 1,000 adults about their perceptions of MemberPass, Bonifii’s digital credential solution that enables financial institutions to instantly verify financial credentials seamlessly across all consumer contact points in a highly secure and privacy-preserving manner.
There were lots of noteworthy findings:
62% of credit union members said they would sign up for MemberPass if it were available.
56% of respondents who are satisfied with their financial institution would use MemberPass.
67% of consumers would feel more positive toward their financial institution if MemberPass was offered.
50% of consumers would sign up for MemberPass today if a security breach had impacted their account or if they had been identity theft victims.
There is a better way for financial institutions and consumers!
Since its launch in early 2020, MemberPass has been gaining momentum among credit unions and with the members they serve. MemberPass is the financial industry’s first digital credential solution that enables credit unions to instantly verify financial credentials seamlessly across all consumer member contact points. Because MemberPass is built on Hyperledger Indy, credit union members can retain full control of their private personal information. The credential is secure and flexible. It allows the member to reveal only the data necessary for a given transaction. Best of all, it’s impossible to hack or steal.
So far this year, we have seven active MemberPass implementations with another ten more credit unions planning their deployments in the next six months. Our active programs have gotten MemberPass credentials into the hands of about 20,000 members to date.
After we make a program sale, we continue to work closely with our credit union clients. We present each of them with a personalized copy of the MemberPass “Jump Start” playbook. This is a comprehensive toolkit to help the credit union increase the level of member adoption of MemberPass.
The playbook contains product benefits, consumer need identification tools, call center and drive-through workflow models, marketing strategies, incentive programs, and more. Our adoption goal is to get between 5-10% member adoption within six months of the “go live” date.
The demand for decentralized identity among financial institutions is only getting stronger—and, best of all, no one but the consumer owns his or her personal data!
As we continue our pandemic journey that is 2021, more and more people are getting vaccinated against COVID-19. Once vaccinated, people are (finally!) able to do more “in the real world.” However, in some cases such as international travel, there is a need to prove that you have been vaccinated before you can participate. In the past, that proof has been accomplished in the form of the paper World Health Organization Carte Jaune/Yellow Card. But in our 21st century pandemic, a handwritten paper document is not particularly trusted. It’s just too easy to buy or make your own. The sudden, urgent need to be able to prove health information in a safe, privacy-preserving and secure way has brought the spotlight on the concept of verifiable credentials and, for Hyperledger, on the three identity-focused projects in the community, Indy (a distributed ledger for identity), Aries (data exchange protocols and implementations of agents for people, organizations and things), and Ursa (a cryptographic library underlying Indy and Aries).
While people understand that paper credentials are insufficient and that a trusted digital solution is needed, they don’t understand why verifiable credentials, or more generally, identity, works extremely well with distributed ledger technology (DLT)—a distributed database spread across multiple nodes, of which blockchain is an example. To be clear from the start, it is not to put the credentials on a public ledger so everyone can see them! We’ll reiterate that a lot in this post. No private data ever goes on the blockchain!!!
To understand why DLT is useful for identity, we need to go back to the basics—paper credentials, how that model has worked for 1000s of years, and how the use of DLTs with verifiable credentials allows us to transition the great parts—security and privacy—of that model to the digital age.
Since as far back as 450BC, people have used paper credentials to enable trusted identity. Legend has it that King Artixerxes of the Persian Empire signed and gave Nehemiah a paper “safe transit” authorization that he used in travels across the empire. People have been using such documents ever since. In technical terms, a credential is an attestation of qualification, competence, or authority issued to an entity (e.g., an individual or organization) by a third party with a relevant or de facto authority or assumed competence to do so. Examples of credentials issued to people include a driver’s license, a passport, an academic degree, proof-of-vaccination and so on. Credentials are also issued to companies, such as business registrations, building permits, and even health inspection certifications.
A typical paper credential, say a driver’s license, is issued by a government authority (an issuer) after you prove to them who you are (usually in person using your passport or birth certificate) and that you are qualified to drive. You then hold this credential (usually in your wallet) and can use it elsewhere whenever you want—for example, to rent a car, to open a bank account or in a bar to show that you are old enough to drink. When you do that, you’re proving (or presenting) the credential to the verifier. The verifier inspects the physical document to decide if it is valid for the business purpose at hand. Note that in verifying the paper credential, the verifier does not call the issuer of the document. The transaction is only between the holder and the verifier. Further, it is the holder’s choice whether they want to share the piece of paper. If they want, they can keep it to themselves.
Verification in the paper credential model (ideally) proves:
Who issued the credential.
That the credential was issued to the entity presenting it.
That the claims have not been altered.
The caveat “ideally” is included because of the real possibility of forgery in the use of paper credentials. Back to our “proof-of-vaccination” problem.
Let’s see how the good parts of the paper credential model are retained in the verifiable credentials model. With verifiable credentials:
An authority decides you are eligible to receive a credential and issues you one.
You hold your credential in your (digital) wallet—it does not go on the distributed ledger!
At some point, a verifier asks you to prove the claims from one or more credentials.
If you decide to share your data with the verifier, you provide a verifiable presentation to the verifier, proving the same three things as with the paper credentials.
Plus: You may be able to prove one more thing—that the issued credentials have not been revoked.
As we’ll see, verifiable credentials and presentations are not simple documents that anyone can create. They are cryptographically constructed so that a presentation of the claims within a credential proves four attributes:
Who issued the credential–their identifier is part of the credential and they signed the credential.
Who holds the credential–there is a cryptographic binding to the prover.
The claims have not been altered–they were signed at the time of issuance.
The credential has not been revoked.
Unlike a paper credential, those four attributes are evaluated not based on the judgment and expertise of the person looking at the credential, but rather by machine using cryptographic algorithms that are extremely difficult to forge. Like the paper credential, the verifier does not go back to the issuer to ask about the credential being presented. Only the prover and verifier, the participants in the interaction, need to know about the presentation. So where do the prover and verifier get the information they need for their transaction? We’re just getting to that…
Compared to the paper credentials model, verifiable credentials are far more secure. When the cryptographic verification succeeds, the verifier can be certain of the validity of the data—those four attributes stemming from verifying the presentation. They are left only with the same question that paper credentials have—do I trust the issuer enough
So where does the DLT fit in?
Three of the four things that the verifier has to prove (listed above) involves published data from the issuer that has to be available in some trusted, public distributed place, a place that is not controlled by a central authority (hmm…sounds like a DLT!). In Indy and Aries, data published to a DLT is used to verify the credential without having to check with the issuer. In particular:
The verifier has to know who issued the credential based on an identifier and cryptographic signature. From the presentation, it gets an identifier for the issuer, looks it up on a DLT to get a public key associated with the issuer to verify the signature in the presentation. Thus, the identity of the issuer is known.
The verifier has to verify that the claims data has not been altered by verifying a cryptographic signature across the data. Based on an identifier for the type of credential, the verifier gets from a DLT a set of public keys and verifies the signatures. Thus, the verifier knows no one has tampered with the claims data.
The issuer periodically updates a revocation registry on a DLT indicating the credentials that have been revoked. If the holder’s credential is revoked, they are unable to create a proof of non-revocation (yes, that’s a double negative…). If the holder can generate that proof, the verifier can check it. Thus, the verifier knows the credential has not been revoked.
The fourth attribute (the binding of the credential to the holder) in Indy is done using some privacy-preserving cryptographic magic (called a Zero Knowledge Proof) that prevents having a unique identifier for the holder or credential being given to the verifier. Thus, no PII is needed for sharing trusted data.
So why DLT? First, we can get the good parts of paper credentials—private transactions between holders and verifiers and no callback to the issuer. Second, the issuer gets a trusted, open and transparent way to publish the cryptographic material needed for those private holder-verifier transactions. Third, there is no need to have a “Trusted Third Party” participating in the interactions.
And did I mention, no private data goes on the DLT!!!
Hyperledger Indy, Aries and Ursa are enabling this approach to “self-sovereign identity” in a big way, bringing about a new layer of trust on the Internet that will let us preserve our privacy and give us control over our identity and data—where it belongs. There is a lot to learn. If you’re curious, a great place to start is this Linux Foundation edX course.
On Tuesday, the Good Health Pass Collaborative (GHPC) launched. This initiative is intended to define, in the context of test results and vaccination records for opening up borders for travel and commerce, a high bar for implementations of identity and credentialing systems to meet with regards to privacy, ethics and portability. They will also work with the implementers of such systems to converge towards common standards and governance.
A set of Linux Foundation organizations – TrustOverIP, Hyperledger, Linux Foundation Public Health, and its Covid Credentials Initiative – have engaged as supporting organizations and were part of the announcement. We did this based on very encouraging signs during formation discussions that GHPC would not only help bring many of the organizations emerging into the self-sovereign identity space into alignment on platforms and standards we have long championed, but would also give us an external reference point for our position on the importance of privacy in the design and implementation of such systems.
Hyperledger has been home to the pioneering digital identity ledger Indy and agent toolkit Aries, which form the basis of so many productionprivacy-preserving digital identity systems and, now, are serving as the basis for many of these emerging health pass solutions. The TrustOverIP Foundation led the formal recognition of the need and role for governance organizations in the digital identity landscape – showing how we can get both optionality and interoperability when we weave global identity and credentialing systems together in a decentralized way.
The Covid Credentials Initiative, starting way back in March 2020, recognized the potential for credentials of all sorts in the fight against this and future pandemics, and have pulled together an amazing community of technologists and entrepreneurs working together on this. Now, as part of Linux Foundation Public Health, we are working to bring together a set of software projects that can implement credential systems and help accelerate adoption of these globally, centered on the needs of public health authorities.
On Thursday’s GHPC webinar, Charlie Walton from Mastercard said GHPC is “in the business of describing what good looks like.” We will be working with GHPC to bring our own communities’ views of not just what good looks like, but how we’re already working together to standardize and implement this work. Furthermore we’ll see if our processes can directly support GHPC’s efforts to harmonize this domain.
We recognize there are quite a few of these initiatives now, reflecting just how broadly this issue is felt across society. We can play – we must play – a key role in channeling all this market activity and good-faith sharing of expertise into applications directly in people’s hands, so we can get back to travel and re-opening workplaces and schools in a safe and equitable way. Our key levers to move the world are open source software and open public engagement, and we will double-down on those tools to have a unique and substantive impact.
Look for more on this soon within our communities. We’re incredibly excited to be a part of this global effort.
Declaring that blockchain has “gone mainstream,” Forbes today released its 2021 “Blockchain 50,” featuring companies that have at least $1 billion in revenues or are valued at $1 billion or more and “lead in employing distributed ledger technology.” And, once again, half of the companies on the list are using Hyperledger technology.
Twenty five companies on the list name at least one Hyperledger technology as part of their solution platform. Hyperledger Fabric, specifically, is cited as a platform by 24 of the companies, topping the list as the most widely used technology. Hyperledger Aries, Indy, Grid and Sawtooth are all also deployed by companies on this list.
The annual list, now in its third year, reflects the growing global impact of blockchain technology with 25 members from the U.S., 13 from Europe and a record 12 from Africa, Asia, the Middle East and Latin America. All in all, there were 21 companies that were new to the list, and 15 of them, including ones from Australia (BHP), India (Tech Mahindra) and Africa (Sappi), use Hyperledger-based platforms.
Of the 12 companies that have made the list every year, six (Ant Group, Cargill, DTCC, IBM, ING and Walmart) use Hyperledger technologies.
More than just a basic list of companies and technologies, the Forbes Blockchain 50 provides a snapshot of the market-changing deployments these blockchain leaders have deployed. Accompanying stories add even more analysis and context.
This annual look at the market is a good reflection point for the traction our technologies have in the current market but also a guidepost to what needs to come next. The increasing global adoption of blockchain – public, private, hybrid – and coming shifts in currency adoption and payments as well as uptake in markets as diverse as mining, telecom, pharma and shipping all point to the growing reach of distributed ledger technology. And, in the face of such challenges as the pandemic, climate change and income equality, it is important to put the focus on what we can accomplish building on blockchain as a cornerstone.
For the 1.7 billion unbanked adults around the world, access to financial services is extremely limited. Without even a basic savings account, economic opportunity is often limited to informal offerings such as local shopkeepers who extend credit to their customers, microfinance institutions that work to serve the last mile, and community savings and credit associations that are setup by individuals living in the same village.
In the unbanked world, individuals borrow a few hundred to a few thousand dollars at a time, paying back over a relatively short time frame of 12-18 months. But despite excellent credit records, they are unable to receive even similar credit facilities at local banks. This is because the data from their informal transactions is essentially invisible: the banks either do not trust the data sources, or are otherwise unable to verify the provenance of the data.
While this is the state of the world today, it does not have to be our future. Kiva, a US-based nonprofit organization focused on financial inclusion, has built Kiva Protocol to bridge the data disconnect and help enable universal financial access. In 2019, Sierra Leone, a West African nation of about 7 million, launched the National Digital Identity Platform (NDIP) that used Kiva Protocol to enable fast, cheap, and secure identity verification for its citizens.
Kiva Protocol is built using Hyperledger Indy, Aries, and Ursa, and as implemented in Sierra Leone, allows citizens to perform electronic Know Your Customer (eKYC) verifications in about 11 seconds, using just their national ID number and a fingerprint. With this verification, it is possible for the nation’s unbanked to open a savings account and move into the formally banked population.
To find the right platform, Kiva assessed more than 20 software stacks, both centralized and decentralized. Blockchain and decentralized ledger technologies quickly emerged as good solutions for the developing world as they enable data provenance at the protocol level and stakeholders can act relatively independently to enable their various activities in the formal and informal sectors.
After deep consideration, Kiva decided to use Hyperledger’s stack for identity: Indy, Aries, Ursa. While all three projects are closely related, each has a distinct mandate:
Hyperledger Indy is a distributed ledger purpose-built for decentralized ID with transferable, private, and secure credentials;
Hyperledger Aries is infrastructure that supports interactions between peers and between blockchains and other DLTs; and
Hyperledger Ursa is a modular, flexible library that enables developers to share time-tested and secure cryptography.
In August 2019, Kiva launched the beta of Kiva Protocol with a public event opened by the president of Sierra Leone. Since that launch, global regulators have made significant progress in terms of how they are considering digital identity and eKYC verifications. There is a growing global movement towards user-owned and -controlled data, better privacy, and more universal access.
As of today, Kiva is focusing on building additional ecosystem applications and services to make it easier for all stakeholders to access and use Kiva Protocol. Much of this is being contributed upstream into the Hyperledger Indy and Aires projects, with the remaining components hosted in Kiva’s repository.
Hyperledger teamed up with Kiva on a detailed case study covering the challenges of the unbanked, requirements for a solution that delivers fast, cheap and secure ID exchange, and plans for expanding Kiva Protocols’ use to other countries and other applications.
The DEON project focuses on the application of blockchains to secure data sharing in private networks and was initiated in 2018 in the wireless and sensor networks laboratory at the Yale Institute for Network Science. The use case of off-grid communication networks was identified with the goal of enabling their full decentralization in terms of data management and identity management. Off-grid (communication) networks are peer-to-peer networks that are autonomous, without super nodes and not dependent on the Internet’s physical infrastructure. Several recent developments like goTenna[1] and the Beartooth[2] offer standalone wireless devices that could be used to form local peer-to-peer networks. Other developments like the well-known Guifi community network[3] in Catalonia, Spain, are community-led paradigms in that space. Although these networks promote decentralization, openness, and fairness, they rely on legacy, centralized technologies for specific parts of their architecture like data and identity management. The integration of blockchains into off-grid networks appeared promising since blockchain provides attributes like transparency, privacy, distribution of governance and decentralization that are highly desirable in off-grid networks.
We chose Hyperledger Fabric as the framework to build our architecture because of its flexibility, performance and the potential we saw behind this huge community of enthusiasts and developers to further advance the technology. After we got familiar with the framework, we identified a key missing aspect: a decentralized identity management component. Unlike the rest of Fabric’s architecture, its native identity management is centralized and based on Certificate Authorities. So we came across the following questions: “which of the nodes in the network is going to host and manage the CA?”, “can we stick with the initial plan of having equal nodes?”and “how can we preserve the decentralization of off-grid networks if we rely on centralized nodes?”
Looking at the rest of the Hyperledger ecosystem, we found that Hyperledger Indy and Aries enable decentralized identity management. We could transform the centralized CAs of Fabric to a distributed CA entity, aka the Indy ledger, so that they are accessible by all nodes but not hosted by a specific one. This approach would work like a distributed oracle of trust in the network but necessitated some changes in Fabric and other extensions in the entire stack to bring DIDs into the “Fabric world.”
Approach and proposed architecture
The first Fabric extension identified as necessary for the integration was an Indy-based MSP to verify identities, signatures and transactions signed by DIDs. In addition, we had to enable the Fabric SDK (Go) to sign transactions using DIDs. For the Indy/Aries part, we leveraged the Hyperledger Aries Cloud Agent (aca-py) [4], which is deployed in each node of the network and serves as both the verifier and the issuer in the network. On one hand, it signs Fabric transactions using DIDs and issues credentials to the users of the network, and on the other it verifies proofs and transactions signed by DIDs. The DEON Core Service leverages Fabric private data collections and an interface to IPFS to expose a REST API for secure, transparent, fast and privacy-preserving data storage. An overview of the integration is shown in the figure below. The proposed architecture can be employed by off-grid networks of any kind, from IoT to communication and inter-enterprise consortia networks, for enabling self-sovereign identity and user-centric data sharing.
Figure 1: HL Fabric-Indy/Aries integration
Project outcomes and future work
The work started as a joint effort between the wireless and sensor networks lab of Professor Leandros Tassiulas at the Yale Institute for Network Science and Tata Consultancy Services (TCS), which put its expertise in decentralized identity to work in the development of the identity parts. Part of the work and initial benchmarks of the architecture deployed in off-grid settings are presented in the paper “A Blockchain-based Decentralized Data Sharing Infrastructure for Off-grid Networking[5].”
Currently the Yale team is working on improving the code to make it more usable by others as a standalone solution for integrating Fabric and Indy/Aries. The team is also working on feature enhancements for the DEON platform, such as supporting Fabric v2, updating DEON identity agents to the latest version of the aca-py agent, extending the DEON REST API with admin functionalities and finally looking for new applications of the platform. The code of the project can be found on GitHub https://github.com/off-grid-block.
About the author Harris Niavis is a Research Engineer at Yale University. His research interests lie in enterprise blockchain networks, decentralized identity management, mesh networks and IoT.
The financial services market has long turned to technology to address a range of back-end challenges and enhance customer-facing services. Blockchain is increasingly becoming a go-to technology for advancing many different financial systems and solutions with different Hyperledger platforms serving as the core for an array of applications now in production.
Read on for just a sampling #HyperledgerFinTech solutions, built using a mix of Hyperledger technologies:
Bakong
Sponsored by the National Bank of Cambodia, the country’s central bank, Bakong is the first retail payments system in the world using blockchain technology. Built on Hyperledger Iroha, Bakong delivers value for customers, merchants and banks. Individuals can now transfer money and buy from merchants with a simple smartphone app. Merchants gain a fast, cashless, and secure payments system. And banks can do interbank transfers at much lower cost.
Bakong was developed by Soramitsu and, after a soft launch in 2019, is now expanding with 16 financial institutions using the system and more expected to join in the near future. The project was also designed to promote financial inclusion for the country’s large number of unbanked citizens. Any citizen of the country can open a Bakong account, even if they don’t have a traditional bank account. The more than 500 merchants that accept Bakong can be viewed in a map inside the app.
daura
Built atop the privateSwiss Trust Chain run by Swisscom and Swiss Post and powered by Hyperledger Fabric, daura is a digital share platform for financing and investing in Swiss SMEs. With daura, the share register is easily digitized and capital increases are carried out quickly and inexpensively at the push of a button. Shares can be split into any number of small lots and the share register is always digitally maintained, complete and up-to-date. With daura, companies have also transitioned virtual Annual General Meetings as a response to COVID-19 with authorization and access are granted directly via the blockchain.
ioCash
ioBuilders is a blockchain technology company focused on building regulated fintech and enterprise solutions based on distributed ledger technology to help businesses succeed in their blockchain adoption. The company offers professional services, including technical, business and regulatory, and develops its own product line. ioBuilders has been one of the first adopters and advocates of Hyperledger Besu, providing essential feedback to improve its enterprise requirements capabilities.
ioCash, one of ioBuilder’s core products, is a fintech platform enabling the use of regulated fiat money on blockchain networks, making it programmable with smart contracts and able to interact with other blockchain use cases. ioCash’s platform operates under an electronic money licence, providing accounts (with or without IBAN) and complex payments functionalities through API and smart contracts connectivity. ioCash is also available as a technology license for financial institutions that hold banking or electronic money licences and are aiming to add the benefits of blockchain into their payment systems.
Memberpass
CULedger, a credit union service organization (CUSO) that began when a group of credit unions came together in 2016 as a direct response to the increasing threat of fraud, set out to bring a decentralized identity solution product for credit unions to market. The result was MemberPass, a permanent, portable digital identity credential for credit union members.
Built in partnership with Evernym and using Hyperledger Indy, Memberpass replaces vulnerable authentication processes such as common knowledge-based questions. Now credit unions are able to issue a digital credential to members, giving them a hassle-free way to control and prove their identity quickly and easily while protecting their personal information.
Verified.Me
Verified.Me offers a secure and convenient way to help Canadians verify their identities.
Verified.Me is a service offered by SecureKey Technologies Inc. The Verified.Me service was developed in cooperation with seven of Canada’s major financial institutions – BMO, CIBC, Desjardins, National Bank of Canada, RBC, Scotiabank and TD. The Verified.Me network continues to evolve adding new identity providers and service providers to make your life easier.
Verified.Me is built on top of the IBM Blockchain Platform which is based on Linux Foundation’s open source Hyperledger Fabric v1.2, and will be interoperable with Hyperledger Indy projects.
Users of the Verified.Me mobile app or web browser experience are able to get a free credit score with Equifax, register with Sun Life, verify their identity when registering for Dynacare Plus, an online and mobile service that lets users manage their health remotely, and more.
Join the conversationabout solutions and applications in the financial service market with #HyperledgerFinTech this month on social channels. Or get involved with the Capital Markets or Trade Finance Special Interest Groups.
If you are interested in peer-to-peer transactions, mark your calendar for a webinar hosted by CoinDesk at 11:00 am ET on October 20th. A panel of experts on different Hyperledger platforms will be discussing “Governance, standards and interoperability: Getting past the roadblocks to peer-to-peer financial transactions.” Go here to find out more.
How many times have you answered, “What’s your mother’s maiden name?” or named your first pet when setting up a new account? Today, those common knowledge-based authentication questions have become the most vulnerable forms of customer identification as financial institutions are being increasingly hit by fraudsters in the call center.
CULedger, a credit union service organization (CUSO) that began when a group of credit unions came together in 2016 as a direct response to the increasing threat of fraud, took up the challenge of improving the member identity authentication process across all delivery channels. CULedger was formed specifically to bring a decentralized identity solution product for credit unions to market. Hence MemberPass™—a digital identity credential held by credit union members that protects credit unions and their members from identity theft and fraud in all financial interactions, from call center authentication to lending to opening new accounts—was born.
CULedger worked with decentralized identity organization, Evernym, to build MemberPass™ (formerly called MyCUID) with Hyperledger Indy—a distributed ledger software project that is interoperable with other blockchains or can be used on its own to power the decentralization of identity. With Hyperledger Indy at its core, MemberPass™ serves as a permanent and portable digital identity that reduces member friction and injects more trust in digital interactions within credit unions.
During a pilot program with three credit unions in 2019, initial results for MemberPass™ were promising. Whereas authentication in the call center could take anywhere from 90 to 120 seconds—or sometimes even up to five minutes depending on the transaction—MemberPass™ reduced that process down to 15 seconds or less.
There are now thousands of MemberPass™ credentials in live production, with the expectation that number will grow year after year as the focus shifts to scaling and evolving the network. Credit unions recognized the advantages of MemberPass™ from the get-go and are looking to get more of their members using the digital identity credential. One participating credit union is working with CULedger on a strategy for issuing new MemberPass™ accounts inside its branch locations as part of their new member onboarding process. Other credit unions have expressed interest in implementing MemberPass™ in its Internet banking channel and its mobile banking channel. More use cases are being defined as more credit unions begin to understand the power of this privacy-enhancing technology.
Hyperledger teamed up with CULedger to capture the details behind the launch of MemberPass™ as well as steps that are underway to grow adoption and interoperability. Find out more in the full case study.
Since as far back as 450BC, people have used paper credentials to enable trusted identity. Legend has it that King Artixerxes of the Persian Empire signed and gave Nehemiah a paper “safe transit” authorization that he used in travels across the empire. People have been using such documents ever since. In technical terms, a credential is an attestation of qualification, competence, or authority issued to an entity (e.g., an individual or organization) by a third party with a relevant or de facto authority or assumed competence to do so. Examples of credentials issued to people include a driver’s license, a passport, an academic degree, proof-of-vaccination and so on. Credentials are also issued to companies, such as business registrations, building permits, and even health inspection certifications.
