VC’s In The Supply Chain GSI

From IIW

VC’s In The Supply Chain GSI

Wednesday 9L

Convener(s): Paul Dietrich & Gena Morgan

Notes-taker(s): Gena Morgan

Tags for the session - technology discussed/ideas considered:

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

GS1 Standards are considered the Global Language of Business. The GS1 systems provides for the identification of products, logistics units, entities, and locations among other things> GS1 standards also encompass data carriers used for capturing those identifiers linked to things as well as a standard interfaces for data sharing of transactions (EDI X12), product, entity and location master data, and physical event data (EPCIS - Electronic Product Code Information Services and CBV - Core Business Vocabulary.

Globally unique product identification and data about those products are core to GS1 and its constituents, which include over 2.5 million businesses. Indeed GS1 standards are used in 6 billion scans per day.

Online commerce has introduced new challenges for brands and retailers as they look to provide product data of the highest quality to their consumers. Online data about a product stems from many more sources today and it is not always from an authoritative source, leading to inaccuracies that can lead to a lack of trust with the consumer. Presenting quality authoritative data - from a multitude of the legitimate sources with a strong degree of trust is a challenge the GS1 community is looking to solve. This includes master data, chain of custody data and the like.

We reviewed the following use cases to gather feedback from the IIW community. The use cases included:

Product Data.

After some discussion and feedback perhaps we should look at this as a data provenance solve. There is so much data out there, stemming from so many sources that it is hard to get to the truth. Understanding the origin and provenance (and proving it) of any given set of data seems to be the tie in.

Some discussion and advice to turn GTIN into a DID scheme/DID method? Can the GS1 resolver return a DID document?

Chain of Custody.

Need to make assertions about the product that pass through multi-partners where you do not want to reveal identity of party but need to share an assertion about something. Proof linked to product (how is this done?)

Org equivalent as a person needing to provide credentials without revealing certain things about themselves. Pairwise DiDs (again)

Credentialed supply chain could move independently from physical supply chain -- requires serialized identity.

Can we apply pairwise DIDs and ZKP? Need identification at the unit level.

Cross perspective of credentials is what makes the supply chain more trustworthy. Combination and comparison of assertions.

Asset becomes single source of truth - permissioned access to different levels of info about the product because there is data you need to reveal about the product and zero knowledge proof

Two experts believe ZKP could help share supply chain data without revealing identity (supply chain use case)

Drummond - 2 efforts in Canada regarding multi-tiered supply chains - Clean Energy supply chain work in Canada (John Jordan). Harvest One - Cannabis Supply chain (GS1 Canada)

Peer-wise DID relationship, the DID becomes the identifier for that party - no VC needed because DID proves identity. Output of onboarding process

Supplier On Boarding. Most straight forward use case and indeed is the foundational use case across many of the solutions here. Not necessarily all focused on "supplier" onboarding, could be a bank customer, someone getting a driver's license, etc. But the point is there is a requirement to get some entity (a person, an organization… I wonder if a thing) "set up" in the system. Today the process is often layered, paper based or requires some form of data gathering from multiple places. This aims to digitize and streamline that process. Additionally, the entity maintains and then shares their identity, versus having their identity owned by multiple organizations. Novartis has started with this use case as well. Although the direct tie to GS1 may not be as direct - except for GLN being a credential perhaps, this may be a good PoC to start with as it seems to be common issue. It would allow us to explain some otherwise complicated concepts (decentralized identity).

GS1 is looking to explore these use cases and the value decentralized identity and VCs may bring with any number of partners in this space. The goal is to understand the benefits and value in layering this technology into the existing system, but also the requirements – of individual companies from a systems and process standpoint, of industry – from an adoption and use standpoint and of GS1 from a governance and central root of trust perspective. This is all in a drive data quality and trust in the supply chain – in the digital world.

Please find the session presentation here: