At NEO DevCon 2019, Swisscom Blockchain, a consensus node and NeoID candidate, announced its decentralized digital identity solution entitled SERAPH ID. Swisscom Blockchain’s co-founder and head of enterprise, Waldemer Scherer, discussed a self-sovereign data model to protect personal information.
Swisscom Blockchain is a subsidiary of a telecom giant, Swisscom AG. Its services include digital asset custody, coding audits, and banking grade high secure infrastructure, among others. In previous years, Swisscom delivered its underlying infrastructure services to large bank institutions. Today, the company finds enterprise-level interest in blockchain-based solutions throughout the logistics and pharmaceutical industries.
Swisscom Blockchain’s office sits near Trust Square, where NEO Global Development (NGD) opened a regional office in November of 2018 – the same month as the NEO Zürich hackathon, previously covered by NEO News Today. Currently, Swisscom operates a consensus node on NEO TestNet but aims to launch on MainNet in the near-term future.
Types of identity and digital identity evolution
In his presentation, Scherer states that individuals often have up to 10 or 20 different identities. These identities may encompass physical identities, such as company ID’s, passports, and credit cards; or, digital identities such as entertainment services (Netflix, Amazon), email services, or social media (Twitter, LinkedIn, or Facebook).
Scherer described the process of a user signing up for a new service, where they must enter redundant data such as personal information, and sensitive payment details like credit cards and bank account numbers. As service providers collect and track user data, the provider may share or sell user data to third parties without the user’s consent.
Scherer then outlined the historical digital identity models. Traditionally, digital identity exists within a siloed model, where independent centralized organizations require a set of credentials for access to its services, via standards such as HTTP and SSL. In this model, the service provider is the identity provider.
The federated model was the next step in the evolutionary process, where a third party serves as the authenticating identity provider (such as Facebook or Google) with single sign-on (SSO) credentials that allow users to access the services of various platforms. Standards for this model include OAuth2 and OIDC.
In the latest evolutionary iteration, the self-sovereign identity (SSI) model, individuals control of the ownership of their data through decentralized data collection, processing, and encrypted anonymous communication. As the owner of their data, users can selectively disclose and share only the most pertinent and necessary data with a service provider. Currently, there are no standards for self-sovereign identity, though W3C and DIF are designing standards.
SERAPH ID for verifiable claims on the NEO blockchain
Swisscom Blockchain’s SSI solution for data control is entitled SERAPH ID, which offers a verifiable claims process by utilizing the NEO blockchain. The goals of SERAPH ID include the ablity to:
- Give each user the possibility to access and manage their own identity within the NEO blockchain.
- Enable dApps, smart contracts, or third parties to verify the identity of the user and the validity of their claims.
As an example in his presentation, Scherer portrays a university graduate in the job application process. The graduate requests confirmations of their diploma, so that they may share it with a future potential employer. SERAPH ID offers services to the issuer of information (The University), the owner of information (The Graduate), and the verifier of information (The Company).
The University signs the diploma claim and transfers it to the identity owner, The Graduate. The Graduate then counter-signs the claim and presents the claim to the verifier, The Company. The Company is now able to verify the claim by both the identity holder and issuer, if the claim is valid, and if the claim hasn’t been revoked.
In this scenario, as the issuer, The University, must be a trusted party in the network to issue those claims. The issuer can revoke claims at any time.
The Graduate has a wallet that stores data and assigned claims, as there may be more than one issuance party that has issued a claim to The Graduate.
With SERAPH ID, the signs claim, counter-signs claim, and signature verification are all processes which occur on the NEO blockchain. The blockchain stores the issuer identity (smart contract), schema definition, and revocation registry. Such storage capabilities offer the verifier the ability to validate the holder’s identity, the issuer’s identity, verify the claim is valid, and that the claim has not been revoked.
Scherer believes the SERAPH ID SSI model offers the user privacy through design, interoperability between blockchains, verifiable claims, and decentralized identifiers (DID). A DID is a “globally unique identifier that does not require a centralized registration authority because it is registered with distributed ledger technology or other form of decentralized network.”
March 2019, Swisscom Blockchain aims to release the SERAPH ID NEP standard, as well as finalize the definition of NEO DID. Both of which are currently under review.
May 2019, Swisscom Blockchain seeks to develop a smart contracts template for the issuer, verifier library and interface for smart contracts, and offline library for DID generation.
June 2019, Swisscom Blockchain tentatively plans to perform the first dApp live demo producing (SERAPH ID) SSI on NEO.
In Q3 of 2019, Swisscom Blockchain intends to integrate an agent to agent communication layer, offline wallet for identity owners, and a cloud wallet for identity owners. Additionally, SERAPH ID aspires to offer a NEO DID universal resolver, which will help to ensure interoperability between platforms.
Scherer’s Swisscom SERAPH ID NEO DevCon presentation can be found on the livestream replay at 4:35:11 here.