Evernym AMA
Evernym AMA
Tuesday 3E
Convener: Richard Esplin
Notes-taker(s): Drummond Reed
Tags for the session - technology discussed/ideas considered:
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
Introductions: Where are you from, and why are you interested in Identity.
- Privacy “making sure our kids aren’t monitored everywhere”
- Trusted computing and trust issues in computing
- Bringing people together
- Having a way to truly prove who you are while retaining control
- Interesting technically (and increasing interesting politically)
- Removing control from gov’t
- Lots of efficiencies to be gained by fast verification
- Identification of the entities in a supply chain
- Telecommunications (peer wise communication) using SSI/DIDComm
- Governance and how it fits in identity infrastructure
Evernym use cases:
http://www.memberpass.com/ - The digital credential being developed by CULedger
- Give customers surity of knowing who the person they are talking to online is who they say they are
- Transferring medical personnel with VCs, went from days to minutes to transfer
- Prove doctors are not sick the day before
- Alberta Credentials Ecosystem (ACE)—http://www.aceprogram.ca/
Question about what our technical focus areas are. Richard’s answer:
- We are very happy with the work we’ve done on the Hyperledger Indy/Ursa/Aries stack in terms of core DID and VC functionality
- We are very excited about new technical functionality like Rich Schemas
- Moving from the abstract/theory to actually doing it is very exciting
- Much of our focus right now is on the rest of the business problems, tooling, and governance needed to deliver a “whole product” to customers
Verity and LibVCX?
- Evernym started with code that looks like hyperledger and aries
- The core of it was a library calle LibVCX. Got a lot of mileage, but was hard to keep revising to bring it current with Aries interop specs.
- The work on interop has revealed a lot about the specs and where the gaps on interop really are
- The Verity product was a rewrite, starting anew, designed to take advantage of all the learnings. Verity will use Indy and the Aries libraries but builds on top of those components.
- Will not be put back into hyperledger
What do you open source vs keeping closed?
- Open sourcing is very time consuming
- Have to get alignment through the org
- Accelerated adoption that comes from openness Vs. commercial viability
- Controlling your business to make money
- Take into account how “easy” something is, if it’s easy then you should probably just open it
- Write down and stick to principles for when to open source
- Publish these principles for contributors
- Will have another session dedicated to this topic.
Shift from Federated IDs to SSI changed everything, and it is much better.
- Short term is an integration play: SSI credential issuance is about how someone gets their identity. Traditional IAM systems pick up once the identity is granted, and integrates throughout the enterprise.
- Long term: SSI is a paradigm shift. Enterprises have a hard time buying something that is new, but we are at the tipping point where enterprises can by a native SSI solution.
Where the identity industry is going, especially regarding KYC and AML.
- South African banks are experimenting with KYC (get the national ID into the bank), but staying away from AML (it’s opinionated has more liability).
- Eventually there will be primary SSI credentials, but the industry can bootstrap with secondary credentials: proof that a primary credential (physical) was presented..
- When ingesting an identity document, there are a lot of edge cases that makes it hard to process.
- Over time, there will be a “supply chain” of credentials. Issuers who check credentials, and provide new credentials for a specific purpose within a different trust model.
- Goal is to achieve a “web-like” adoption model. We publish our data so others can link to it, and then we can link to their data . . .
- CULedger’s Memberpass originally thought “KYC / AML is the problem we should solve”. But currently that is the banker’s job. It is a big problem, and technology is a small part of it. Someone has to accept the liability of the credential. So focus currently is:
- Making things inside the credit union easier (authenticate customers).
- Prove to a 3rd party that the person is an actual human.
Related to adoption, do we have efforts in the works to make SSI a built-in browser standard so that for example consumers can have a built-in DID wallet in the browser?