KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Traditional identity and access management solutions built so far on the trust for selected identity providers and their adoption from an ecosystem of identity owners and identity verifiers. The decentralized identity paradigm is disrupting these ecosystems and required more democratic collaboration and competition among a number of identity and credential issuers, identity owners, and verifiers selecting and using them. This requires not only to design and implement new technologies but also to identify new business opportunities and business models. Collaboration, experimentation, and evaluation are the road to adoption, and the EU collaborative H2020 research and innovation framework offers the opportunity to de-risk such collaborations, in favor of innovation.
Traditional identity and access management solutions built so far on the trust for selected identity providers and their adoption from an ecosystem of identity owners and identity verifiers. The decentralized identity paradigm is disrupting these ecosystems and required more democratic collaboration and competition among a number of identity and credential issuers, identity owners, and verifiers selecting and using them. This requires not only to design and implement new technologies but also to identify new business opportunities and business models. Collaboration, experimentation, and evaluation are the road to adoption, and the EU collaborative H2020 research and innovation framework offers the opportunity to de-risk such collaborations, in favor of innovation.
The presentation will give context on the EU commission announcement of European Digital Wallets and explains what eIDAS 2.0 defines for member states when it comes to digital identities. SSI can be a potential solution, but currently does not meet the eIDAS 2.0 regulation fully. We will explain why and give an idea on how to evolve SSI and create an ecosystem that is compliant with eIDAS 2.0.
Blockchain and the underlying concept of “Distributed Ledger Technologies” (DLT) have well passed the peak of initial hype. As always, focus is now shifting to real-world applications that allow companies to improve their business. It is less about cryptocurrencies and concepts with a global impact, but more about process and supply chain optimizations as well as better identity (ID) concepts. Blockchain IDs are being heavily discussed as the number of concrete product offerings is increasing in the marketplace. With organizations facing an ever-growing ID problem in their Digital Transformation, dealing with employees, partners, customers and consumers, the following questions are being raised, “Is there an enterprise use case for Blockchain ID? If so, is it only KYC (Know Your Customer) or more? And, when and how will businesses be able to benefit from Blockchain IDs?”
Most contemporary digital identity discussions deserve another label: They are mostly about electronic trust ecosystems, considering all kinds of attributes beyond just pure identity. Additionally, nowadays they include natural persons, legal entities and (internet of) things. Everyone seems to agree the future is decentralized and all this only works with these curious wallets. Andre Kudra takes us on a journey through electronic trust ecosystems, diving into questions like: Which ones do we already have today? Some are successful, others not – why? Regulators are on it, too: What will eIDAS 2.0 and the EUDIW bring? What’s in the pipeline in other parts of the world? Will organizational digital identity (ODI) now invoke the breakthrough of decentralized identity overall? Why is decentralized identity the only way for Zero Trust Architectures which deserve the name?
The Internet of Things is disrupting all industries and use cases; from customer IoT, to Industrial IoT. Companies are forced to become more innovative with their products whilst their services are being, or will be, digitized. Top drivers of this digitization are eroding margins and changing customer behaviour, whereas new market disruptors face security challenges. The question now becomes: where do companies decide to focus their money and efforts, in order to capitalize on this disruption?
Either on business optimization, by doing things better and more efficiently, or focusing on a business transformation, to move from CAPEX to OPEX.
Skills not degrees are what matters in today's job market. Using SSI and OpenBadges standards, people can gain micro-certificates based on skills acquired during their studies, work, or volunteering. We will discuss what it takes for educational institutions and employers to adopt a privacy-friendly, frictionless, and more secure onboarding process for students and employees based on this technology. We will explore the new paradigm for IDaaS, an eIDAS 2.0 compliant process, and how we enable Life Long Learning.
At first, some insights into the background, purpose and history of the e-IDAS regulation are provided and the difference between the previous and the currently proposed e-IDAS version are explained very shortly. Core part of the presentation addresses the impact and main challenges, including the concerns expressed by various stakeholder groups. Finally, the expected timeline is given.
A second. Yes. We already announced the title. Thanks again for, for inviting me and yep. A PTA.
I won't, I wasn't able to be there. I hopefully will be able to attend the next event and I need to wait any year, one year for the next CAC many events. I will be very happy to join next one. So let's dive into that. So like I said, probably were already quite a few times during these days about the fact that the internet is a trust problem.
And the fact that now we are trying to shift between web two and the idea of monopolized internet, where most of our data, personal data are rely, are collected and store and managed on some centralized platform that are basically in data of some big tech that trade our data. Most of the time for advertisement that we receive and access to services that we, we, they offer to us. So this create the need now with emergency of emergence of new technology to ship between web two and what is so called web three.
So web three is the new idea of owning directly, whether it's our data, thanks to SSI entities, whether it's our assets, thanks to new technology liket and again, blockchain chain and ation. So counter on this digital footprint that we live on. So as well as there is again, much more privacy center regulation now finally established in place since a few years that require again, people to be inform other data use.
And there is a better way to manage this rather than these sort of patch, patchwork, that inform consent provider, which is always very difficult to understand and really to understand it much better to have control of data. And in when I want to share my data, as well as the number of data growing exponentially, the rising oft brings new way of monitoring our life, creating digital footprint that is useful in different ways.
So most of the, we now talk about duplicating our work, our life from physical to virtually VES, more and more your team, more and more sensor, so that anyway, if not managed properly, they can expose to risk and other security risk contract. So all of these can be glued together by a new way of identifying people, organizations, and devices.
So, and all of these you the centralized way, because if you start to think about having an identity system for each interaction that we have in our life for each service that we access, this brings the replication of, of data, of personal data exposure to potential risk. And again, attack to steal this data. If we create some only part of information.
So, and also they need to be established before this identity system. So the best way is now to leverage on the identity that we created so far in different domain and different silos and re combined together through the centralized entities, in order to connect to different ecosystem in a seamless way, in a way that individual can control. But these students stop to individual for people is very important, but in order to transact again, this new world as well, that we expect to be developing the virtual world.
It's good to have also for organization as well as identity for device to reduce the risk of interacting transacting, whether it's a personalized device with device that are difficult to identify device that came risk in our digital life very quickly. I think you are all familiar on the concept of the centralized entities or the centralized entities leverage the power of ledger, distributed ledger technologies where now private public infrastructure or PPI can be built on top of ledger. So there is no more the need of the central target on and distribute keys.
Public key, present an ID, an identity inform of DD document can store on a ledger. Private key can be old privately. And all of this allow to reclaim an identity can be self assigned self-sovereign. So the older of identity can assign itself on identity, public key that representing this has only value. If we start to collect verifiable credential, if fiber credentials start collect by institutional already exists that have done KC on us, but now they can with their identity as well.
Let in resident start to sign certificate called credential that told keep in it digital safe, which can be is mobile phone and present to verify when it's needed verified, don't need to interact anymore. That's removed single point of failure for the system, but are interact directly with older and are able to verify identities using this public PKI that is provided by ledger by immutable blockchain. So one of this is a Iotta, which is the ledger that we are developing at data foundation.
Just saying that in this context of identity and centralized entities and many events that created entities via the documents, as well as verify them accessing existing identities to verify the sign on verifiable credential require large volume of transaction, large volume of transaction in writing and reading. And if you multiply this, not only for people that can shift to this identity system, but for organization and all value IOT device that we know are growing exponentially, 20 billion, 50 billion hundred billion, the number are always different, but big numbers.
So we need ledger that scale. So can do that because it remove the idea of mining, remove the idea of fees and transaction that need to be validated with I huge energy expenditure. It can actually scale up a realizing board by moving from blockchain to the centralized and distributed processing, which is divided by data graph, underlying data structure, no more blocks, but graphs that represent chain of transactions.
So based on that, we can really have an open system, an open ledger that scales as no fees, as low energy impact against support all the different use cases of the centralized digital. On top of that, we build entities, which is probable made of tools, SDK libraries, API gateways that allow simple development of application. So the protocol is actually based on W3C standard for the ID and verifiable credential. It's now also being expanded with proof. So you are all probably familiar again with the concept of X knowledge proof.
Now, if you have to present credential, so credential states information about us, depending on who actually give this information, the issuer, they have a different value. What is called level of assurance of this information and this information contains what are so called attributes of. So this can be my driving license number can be my and on and so forth. So when I'm going to disclose them, I don't need necessarily to give the value inside the attribute, but I can simply show that my attribute some condition it's done with very complex cryptography, which is called large proof.
So the protocol is also being expanded with this, but on top of that, there are some core features that are coming from the ledger that makes this scalable and working for the many use cases. So we don't need to issue or all token, if you want to basically create entities or the entities and makes everything much easier to, to be adopted the benefit. We know very simple of using identities.
People can, from what they are online using this credential can own their data because the action of being verified is actually triggered now by the older of identities is not going to a third party and can easily use also this information for established their S online accessing services organization. An important point, I will discuss later some organization, especially the small organization. They don't need anymore to collect and maintain personal data.
They don't need to collect anymore data that you need to have given compliance, GDP compliance for reason, but also security prevent cyber security attack as stealing of information. So kind of is creating an infrastructure that need to be high grade to guarantee the security requires. So if it's a small business, you don't need to do more. They can also save time and monitor more customer because they can rely on therefore done by specialized services that offer KC. And they can also start identify object and device like explain before I OT device.
And now we identifying on broader scale, you think about supply chain. So there is no more need to transfer the device that can identify the can be identified very few and quick example. Now we leverage this in different products in different work in, and this will show a demo later. So for commerce problem, for instance, and small eCommerce, retailer, and seller, we identify the issue of this seller to be able to identify people and understand what they're transacting with. They require to collect information that they don't know how to manage. They cost associated to it.
So in order to reduce the, this burden, we identify a new way to basically use identities, to prove age verification. For instance, as a first this case, without sellers or merchant, to have any information about customer, they will see an application pretty soon in terms of transport. We are working another project called orchestra. So if you want to optimize transport in a city, we need to be able to react fast in terms of scheduling people on different transport needs, depending on for instance, disruption happening in a city or in other transport means.
So the main problem here is when we route people, we need to issue new tickets. We need to verify these tickets. If a person was traveling with transport operator, they need to jump another sign so forth. There's a lot of information to be shared. So if you transferred this now to the word of the centralized identity, SSI, and credential, so we can start to see transport credential as an attribute of an identity that is allowed to travel on a given transport mean on a given timeframe in a given day.
And this can be verified much more easy supporting the concept of a self identity and the centralized entities in terms of security and safety of quality device. We are working on a product, which is called second.
Again, if you think about medical device identifying this medical device from manufacturer to GP, doctor that require us to, to carry up to hospital that have to analyze the result of this data. All understand the device are working properly, are working in a right way. They're not being temper, they're actually being certified. And so and so forth require again, exchange of information across complex supply chain.
So if you can only attach now the attributes of an IOT device that belongs to me to my self zone identity, and also the features that yes has been verified has been certified, has been basically maintained and updated in the fieldware and so, and forth. All of this makes much more safe, the healthcare and the tele of, of a patient. So in a way that allow this verification of patients, much more sort of device, and they working correctly much easier.
Finally, we are also working with circular economy and digital passport, and the idea of basically tracking life cycle of different consumer electronics or EV batteries in this case, again, when we talk about EV batteries, we want to know if our batteries has been charged, how long has been used when you get refurbished and when you get reuse and when you get file discontinued. So all of this is process that are manage a different stakeholder. So to avoid black market, to be sure we track from cattle to grave, battery, and avoiding harmful component in the environment.
So we can see the batteries with a device with this one as identity that start to collect credential about this life and life cycle. All of this can be shared in a much easier way across heterogene ecosystem. So we also solve the problem of login by attaching way of using our identity to replace a simple, well known log with the platform I was talking about and manage our identities and decide we share our data.
So, but I want to jump now very quickly to demo all of these for the project. I mentioned at the beginning and short said, let me see if this open, I will keep very quick. Hopefully you see the screen now going for screen like this takes just two minutes and you are already probably familiar with the concept of identities. You have to imagine that the process of an where issuing a credential that says I am above 18, for instance happened before. So now we have already a person with a credential wallet linked to his identities.
I that's stored 35 credentials still certificate that stay are from faster SOS about himself. So yes, this wallet on iPhone and an example, and the work we are doing is with the bank now S a bank large bank in Spain. So bank have to this process anyway for compliance. So they need to identify their customer in order to know, they're actually dealing with customer to apply animal laundry regulation and so and so forth. So they already done this job. So why not reduce this job for the small seller now that we want to sell to a customer nature, restricted product, and that can be done that.
So we start from what I showed before we start from a previous interaction, me be part of my bank, having a mobile banking app and in depth, deputy to request the bank, can you please sign a reliable credential according to standard in this case for me, that states my age and I put my wallet. Yes, that's happen already.
So now, if I go to purchase something on the website, what I have to do is basically I go and select an item. In this case, I select something that is actually age limited restricted for, for purchasing. So it's a bottle of wine I put in my cart. Now I go to check out. I go to my cart in the normal world. I will have it to register with the seller, give him information about who I am with credit card. The credit card is being used probably to go and check in the bank. If I'm actually me and doesn't really need, I can't end off where this to my, to my son for doing that.
I'm not a responsible father, but doesn't mean that I can't do this as well. So in order to remove all this risk to clearly identify person and also to bring the burden on the small seller, to this information, maintain and use this information to verify the person. Now I can decide to check out with a verifiable credential in my wallet. So now the example is that I have the credential on my wallet. Now we set upload, of course, this comes through APIs that you already provide. But now for the demo sake, I have to show that I'm doing it manually. That's the credential.
It shows my birth of date 1980. So we definitely have, and then I can just ask very family. And of course I can do checkout. And I been identify, and I can do the checkout. And that's really simple. I'm not going now to show that if I was somebody else that is, doesn't have the bill, I try to forge the credential. And the only credential that have, I know, I don't know that, that I have sorry, a credential that is above a team, but I forged and, or I ask somebody to forge for me and doesn't show that actually I'm above AE.
And that's an example that's already detected and you can't do what you want to do. So that's basically some way we are trying not to leverage this with our partner. And very simple, of course, it's a demo, but of course, this can be implemented in real life using our APIs that you already provide. So thank you.
That's, that's about it again about, with many persons, not for profit organization in Germany. And if you want to explore the world of the centralized entities and trust to us, we be to the, to identify potential collaboration in this case, especially now in relation with all the initiative that the European commission is put in place like the U digital wallet, data of the AI infrastructure and the, the as well infrastructure for, of which we partner, we are developing for together. We do that partners for the European commission, the new version of infrastructure. Thank you.
