Own your identity

I. Technical contribution

Enabling decentralized, asynchronous workflows and smart contracts, with verifiable credentials, that are trusted by the verifier.

a) Solves the last unsolved problem of the internet: identification and authentication.

b) Software: IAMX verifiable credentials set containers (IVC) are like a Minecraft-building-block. IVC enable

  • decentralized,
  • asynchronous workflows
  • and smart contracts (perfectly executed contract rights, fraud less)
  • that are accepted by the verifier
  • and owned and controlled by the holder
  • meta, source, timestamp, certificate of authentication agent, certificate of issuer
  • storage in any DID method supported (Ledger, Layer2, Peer, Static, Alternative)
  • ZKP and GDPR-conform by design (proving without revealing, never storing the source, the verifier trusts the authentication agent); filed as intellectual property
  • IVC are the foundational element of holder owned self-sovereign identity (SSI)

c) Hardware / biometric identity gateway: We have developed an interface to connect the real world with the decentral chain-world. This automatic machine converts plastic and paper such as personal ID, driver’s license, fishing diploma to digital verifiable credential, adding with the usage of the biometrical camera verifiable credentials for biometrics face, iris, fingerprints each stand alone and chained. Approved on FBI Appendix F Level. Owned by holder. Only issued by this authentication agent, if ID biometrics and camera biometrics match.

d) The used technology stack is: IAMX Allegra, Cardano Eco, Atala PRISM (decentralized identity solution built on the Cardano blockchain), Daedalus (open-source wallet for Cardano / ADA), Yoroi (light wallet for Cardano / ADA). We used Shopware (standard software e-Commerce) to onboard the first verifier.

e) Partnering Cardano Eco We do active partnering with other Cardano Eco based partners. Here we put real estate as a collateral on the chain for the stable coin. We can also do this for getting a loan on this. This means we connect the physical and the digital world with 1Click-Fulfillment.

II. Partner Contribution

We onboard 840 from the Fortune 1,000 companies, thereof 30 till 30.06.2022. This technical onboarding enables those partners to interact with smart contracts.

 

III. Verifiable Credentials | Details

Verifiable credential set containers

Pre-authenticated verifiable credential set containers, that are trusted by the verifier, owned and controlled by the holder, portable, issued by the telecommunication partners or the biometric identity terminal.

Storage

Any DID-Method is supported.

IP Filing

Allegra Credential Model “Authentication of persons, organizations, things, properties, attributes, and credentials via a technical procedure for providing zero-knowledge proof between entities.”

Container Sets

Container per Business Case to ensure selective disclosure. Metadata: source, timestamp, certificate of authentication agent, certificate of issuer.

GDPR Conformity

No storage of personal data. GDPR does not apply. Absolute anonymization through the use of verifiable data containers. It is not possible to assign the data to a known person.

AML Conformity

Yes: Post-Ident, Prepaid Europe, Terminal.

ZKP

Zero-Knowledge-Proof by design.

Processing

Low transaction costs and high-speed processing due to low computational resources by design.

Quantum proof encryption

Yes. Handshake based.

 

IV. Governance Framework | Contribution of Control

1. Verifiable Data Registry
Storage of verifiable credentials is carried out on public decentral permissionless proof of stake blockchain platform Cardano.
IAMX is interoperable and supports the storage of verifiable credentials in any DID method and starts with Cardano, contributing to make the Cardano Ecosystem become a global standard in SSI.
 
2. Trust Registry
The IAMX Biometric Identity Terminal is the issuer of the verifiable credentials, bound by the rules of the IAMX governance framework, issuer will be listed in the member directory, stored on Cardano, in order to confirm being a member of the ecosystem.
 
 
3. Basis of development
The IAMX SSI governance framework is currently being developed.
We are reviewing the metamodel of the ToIP Governance Stack Working Group (https://wiki.trustoverip.org/display/HOME/ToIP+Governance+Metamodel+Specification) and the Sovrin Governance Framework (https://sovrin.org/library/sovrin-governance-framework/). Furthermore, the IAMX governance framework includes laws, rules and regulations from the countries we will be operating in, religious organizations, standardization organizations and other industry wide governance frameworks or standardizations, that need to be considered and lead to rules, policies and specifications in the framework.
 
4. Storage
Cardanos secure and decentralized governance model ensures the decision-making process by redistributing the control to the community (collaborative intelligence) by voting on improvement proposals via the GitHub repository and for funding proposals via the Catalyst voting application.
 
5. Wallet and Agent
A portable, open-source digital wallet to selectively exchange verifiable credentials, to generate, store, manage and protect cryptographic keys and to ensure privacy and security including agent functionality is needed in every SSI solution. Please compare our proposal for an identity wallet: https://cardano.ideascale.com/a/dtd/Open-Source-Identity-Wallet/383348-48088. 
 
6. Credential Governance
 
A. Issuer
The IAMX Biometric Identity Terminal is the issuer of the verifiable credentials.
 
A1. Credentials, possible to be issued by the Biometric Identity Terminal
a) Iris, biometric
b) Face, biometric
c) 4 Fingerprint flat
d) 2 Fingerprint flat
e) 1 Fingerprint flat
f) 1 Fingerprint rolled
g) Signature
h) Multimodal biometrics
i) All attributes of the Passport and ePassport’s / biometric passports
 
A2. Level of Assurance
a) Fingerprint flat, compliant with FBI CJIS Divison´s Next Generation Identification System Image Quality Specifications (IQS): Appendix F Specifications. Disclaimer: This does not constitute an endorsement, but only attest, that the product meets the above-mentioned standards. Continued acceptance is contingent to the ability of the product to meet the IQS over time.
 
b) Electronic passport authentication conformity based on BSI Conformity Tests for Official Electronic ID Documents (German Federal Office for Information Security). Full high resolution color passport scanner, including ultraviolet (UV) and infrared (IR) images, plus image checks. Passport data stored on the chip can be read by integrated RFID Reader. Conformity Specification for Technical Guideline Biometrics in Sovereign Applications. This does not constitute an endorsement, but only attest, that the product meets the above-mentioned standards. Continued acceptance is contingent to the ability of the product to meet the standards over time.
 
c) Fingerprint conformity based on BSI Biometrics for Public Sector Applications (German Federal Office for Information Security). Life detection for each finger, fingerprint segmentation. This does not constitute an endorsement, but only attest, that the product meets the above-mentioned standards. Continued acceptance is contingent to the ability of the product to meet the standards over time.
 
d) AML conformity: This technology enables the proof of whole set of attributes and properties needed by a verifier to be compliant with AML, in order to be able to legally binding interact, e.g., authenticated passport-no, first name, last name, street, street no, zip, city, country, birthdate, place of birth, nationality.
 
Additional information:
e) Countries using electronic passports
e1) Africa: Algeria, Botswana, Cape Verde, Egypt, Gabon, Ghana, Kenya, Lesotho, Madagascar, Mauritania, Morocco, Mozambique, Namibia, Nigeria, Rwanda, Tanzania, United Republic of Togo, Tunisia, Somalia, South Sudan, Sudan, Zimbabwe.
e2) Asia: Armenia, Azerbaijan, Bangladesh, Brunei, Cambodia, China, Georgia, Hong Kong, India, Indonesia, Iran, Iraq, Israel, Japan, Kazakhstan, Kuwait, Laos, Lebanon, Macau, Malaysia, Maldives, Mongolia, Nepal, Oman, Philippines, Qatar, Saudi Arabia, Singapore, South Korea, Taiwan, Tajikistan, Thailand, Turkey, Turkmenistan, United Arab Emirates, Uzbekistan, Vietnam.
e3) Europe: Alle states of the European Union / EFTA.
e4) Other European: Albania, Bosnia and Herzegovina, Kosovo, Sovereign Military Order of Malta, Moldova, Montenegro, North Macedonia, Russia, Serbia, Ukraine, United Kingdom.
e5) North America: Canada, Mexico, Panama, Saint Vincent and the Grenadines, United States.
e6) South America: Argentina, Bolivia, Brazil, Chile, Colombia, Ecuador, Peru, Uruguay, Venezuela.
e7) Oceania: Australia, Fiji.
 
 
A3. Security, privacy and data protection
 
a) Security: Verifiable credentials, derived from a passport / ID are only generated, if person standing in front of the Biometric Identity Terminal is matching the person on the passport / ID.
 
b) Privacy: Cryptographically protected private storage, privacy protected connections, end to end encryption JSON LD BBS+, watermarked personal data, wallet issuing functionality, selective disclosure, verifiable consent.
 
c) Data Protection: Pseudonymous identifiers, data minimization, data accuracy, right of erasure. Compliant with GDPR, DSGVO, CCPA.
 
B. Insurance
Verifiable credentials, issued by the IAMX Biometric Identity Terminal, will include an insurance, to reduce the involved risk and to increase the attractiveness for the verifiers, relying their decisions on trusting and processing the verifiable credentials.
 
C. Roles and policy types
Further policy types for holder, verifier, issuer and insurance are in development process, as described above.
 
D. Ecosystem Governance
Ecosystem Governance is in development modus as described above, laying the groundwork for the entire digital trust system and to ensure interoperability, delegation and guardianship, credentials that are accepted by the verifier, usability, trust assurance, business rules, other.
 

V. IAMX Identity Wallet