Block Identity

Trusted Identity Exchange
Blockchain, eKYC, biometrics, SSI credentials, smart contracts, artificial intelligence
Digital Identity

Identity is critical infrastructure

Today, global citizens, businesses and governments have become intrinsically accustomed to our historical business models, which enforce a centralised custodial approach to data management.  In order to open an account, or do business with a public or private organisation, individuals are required to hand over their personal data credentials and entrust the security of those information assets with people and organisations that they do not know. Because of these legacy business models, copies of our personal information have proliferated, duplicating again and again and again. To the point where society on the whole has become unaware of where our personal information is stored and who has access to it. 
 
Walking into a bank branch or government office and handing over our drivers license to the teller on the other side of the counter has literally become second nature. However as more business and government services move online this physical approach to identity validation has become increasingly difficult. The global COVID19 pandemic further complicated the situation, as lockdowns and physical travel restrictions prevented business transactions from being carried out in person, this further accelerated businesses and governments to explore the digital transformation of their products and services.
 
Weaknesses in digital identity infrastructure have enabled cybercriminals to steal money from government programs, as well as private sector companies. Global identity theft and fraud has been sky rocketing fuelled by post-pandemic cybercrime, with last years US statistics alone recording total losses in the region of $5.8 billion USD. 
Individuals impacted are then often drawn into a convoluted labyrinth of processes in an attempt to rectify fraudulent identity and financial claims against them.
 
Global issues with identity are nothing new. The pandemic just drove home the point: Identity is critical infrastructure.
 
The challenge is the “identity gap” which has been created by the fact that nearly all countries around the world have built their authoritative identity systems – drivers licenses, identity cards, birth certificates and passports on physical paper based solutions while the rest of the world has moved online.
 
We have seen many private businesses make attempts to fill this gap, with novel and innovative solutions. But hackers have managed to keep pace with these safeguards. There is no replacement for the roles of how government and regulated industry may work together to create a trusted source of truth for legal digital identity.
 
Cybe Defy brings together the most advanced technological concepts and innovations in blockchain, cryptography, eKYC, biometrics and artificial intelligence to deliver a trusted digital identity critical infrastructure platform for government and regulated industries. Our decentralised identity relationship management framework leverages the best in identity verification, data protection and self-sovereign controls to enable governments and regulated industries to move into a future where trusted digital identity frameworks power the success of all global digital economies.

Self-Sovereign Identity (SSI)

When properly defined, SSI shouldn’t be controversial to anyone: it’s the ability for individuals to create direct digital relationships with other people, organizations, and things and to carry and control digital artifacts (often about themselves) and disclose anything about those artifacts if, when, and however they please. The “sovereignty” means the ability to control and/or carry those artifacts plus the liberty to determine disclosure; it does not mean an ability to challenge the sovereignty of authority.

Identity Relationship Management

It's not just about identity!

At Cybe we believe that one of the biggest misconceptions in SSI concepts is a total and absolute focus on the “digital identity” only. In order to understand our perspective on this we must first take a step back from the intricacies of digital identity and ask what does “identity” actually mean? In our experience working with many people and organisations around the world, this is much harder to answer than one would believe. To some it is your drivers license or passport, while to others it is your username and password, or personal data such as date of birth, place of birth, home address or even your certificates, achievements and other entitlements. One thing is clear, it means many different things to a large variety of people and organisations around the world. For Dr Phil Windley the co-founder of the Internet Identity Workshop (IIW), identity includes all of the relationships that it’s used with, because without relationships you don’t need identity.
 
We agree with Dr Windley’s perspective, which is why our Cybe Defy platform brings together the market leading capabilities in digital asset management that a private enterprise blockchain ecosystem can offer. Using modern blockchain capabilities including, advanced cryptography, smart contracts, non-fungible tokens (NFTs) we have built a decentralised digital identity relationship management platform that not only powers true self-sovereign identity for all users, private businesses and governments. But also protects the data with the most advanced decentralised data storage strategies that ensure there is no single data store that is vulnerable to a mass data breach attack.
Through Cybe Defy, end users are able to efficiently create and manage their digital identity profiles and relationships, store sensitive personal data and documents and generating verifiable credentials that enable them to provide true verified information securely with all businesses and government agencies that they need to interact with on a day to day basis. For businesses and governments alike they are able to create digital identity assets that are linked and related to each customer profile that they do business with. With the power of the Cybe Defy platform we are able to securely create and manage a range of personal, business and government identities while securely managing all of the sensitive information that is associated with each relationship that belong to those identities.

Personal information

We enable end users to create and manage their digital identities for a range of authentication, data protection, data verification and data sharing purposes.

Business information

We enable businesses to onboard customers, verify customers, authenticate customers and store digital assets that are related to their customers on our platform.

Government information

We enable governments to create citizen profiles, verify citizens, authenticate citizens and store digital assets that are related to their citizens on our platform.

Which biometrics systems are best?

Biometric solutions are typically implemented in one of two forms; device biometrics or biometric capture platforms.
 
1. Device biometrics include solutions such as facial and fingerprint recognition.
 
Device biometrics do offer a decentralised method of storing biometric data, but a lot of these solutions allow for the registration of numerous biometric profiles (for example, iOS 14 currently supports up to five fingerprints and two facial profiles). So, who exactly is being authenticated? Is it the tool? Via these processes, there is no real assurance that you are authenticating the right person, such as your customer.
 
The majority of current biometric authentication implementations, which make use of biometric data provided by device manufacturers, could be seen as a form of “authentication outsourcing,” and many regulated businesses will likely face difficulties in the years to come due to the risks involved with this kind of outsourced authentication solution.
 
2. Biometric capture platforms use cameras and scanners to capture individual biometric image templates, which are then [typically] stored centrally.
 
Enterprises can use biometric readers or device cameras to capture photos of a person’s biometric data as an alternative to the device biometrics option. The organisation is therefore confronted with the difficult task of deciding where to store and how to safeguard these biometrics templates. Industry and market data demonstrate that the present strategy used by many businesses to centrally store sensitive data, including biometrics templates and photos, is insufficient in protecting this data.
 
Cybe Defy integrates the most advanced facial and voice biometrics with artificial intelligence that defends against the sophisticated artificial intelligence attacks  to prevent identity fraud and credential theft.
Verifiable Credentials

Digital Signatures that secure and protect your Personally Identifiable Information (PII)

Many things come to mind when people think about what a “verifiable credentials”. Maybe it’s a driver’s licence, passport, Social Security number, university degree or college diploma, or anything else that serves as your unique identifier.

A credential, in general, is a document that proves a person’s possession of a certain quality, qualification, or claim or identifies a specific institution. A university degree is a claim you make, whereas a passport is evidence of your identity.

Documents can be examined in the real world to authenticate them, but how can you do so in the digital one?

Verifiable credentials are design to help with this problem.

Verifiable credentials, or VC for short, are tamper-evident credentials that can be cryptographically confirmed at the most fundamental level.

Three factors are necessary for verifiable credentials:

  • It can be checked by a machine
  • It has been issued by a competent body
  • It is safe and tamper-evident.
So how does Verifiable Credential Ecosystem work?
 

The Issuer, Holder, and Verifier are the three parties that make up the verifiable credential ecosystem.

The entity that mints and publishes the credential is the issuer; the entity for whom the credential is issued is the holder; and the entity that determines if the credential satisfies the requirements for a VC is the verifier.

The W3C Verifiable Credentials Data Model must be followed in terms of implementation for these VCs. The verification and sharing of credentials on the web is made possible by this set of specifications and verifiable documents.

Cybe Defy is built on the decentralised identity foundations of Block Identity, which brings together to most advanced innovations in Digital Identity (DID) origination, verification and management with trusted Verifiable Credentials verification, storage and sharing. 

Cybe Defy provides trusted digital identity foundations and critical infrastructure for governments and regulated industries around the world.

Issuer

An organisation that has the right to issue credentials is known as an issuer. These issuers frequently include governmental agencies, hospitals, banks and other financial institutions, educational institutions, and perhaps even businesses that offer job documentation. These entities demonstrate their authority to provide credentials using a variety of techniques, including digital signatures and unique schemas.

Holder

A holder is the person who has full authority over the credential's management, including sharing it with other people and revoking it. Typically, holders are either people or organisations. As the holder is the owner of the credential, it is their responsibility to compile data sent by one or more issuers in a machine-verifiable format that complies with the established standards to produce a verifiable presentation.

Verifier

A verifier is an organisation that examines a credential to confirm that it is legitimate, was issued by a reputable party, and is currently valid (not expired or revoked). The verifiable presentation is taken from the holder by a verifier in order to check its validity.

Example of Verifiable Credentials

To better comprehend these things and how they relate to one another, let’s look at an example.

Imagine that a medical facility certifies that a certain person has received the COVID-19 immunisation, and that a machine verifies the accuracy of this information.

In this case, the healthcare provider is the issuer, the person who received the vaccination is the holder, and the verifier is a device that authenticates the verifiable presentation. The holder is free to share it with anyone when it has been validated.

Thanks for sharing!

Have a project for us? Let's discuss it!