/
Identity-BB Status for Tech Committee meeting w33

Identity-BB Status for Tech Committee meeting w33

Owned by Jaume DUBOIS
Last updated: Aug 24, 2022
5 min read

Reminder

List of further enhancements to be done next quarter for your BB specifications

  • Verification / Identity Verification API

    • Integration of OpenID Connect (OIDC) for Identity Verification (Authentication)

  • KYC / Attributes sharing

    • Leverage OIDC profile sharing capacity and use Verifiable Credentials as envelop to provide identity related services.

    • Benefits

      • Support interoperability

      • Improve privacy by offering multiple services with data minimization approach

      • Reuse those services OIDC/VC as data exchange protocol/format for issuance of physical and digital credentials

      • Identification services responses (ie ID attributes sharing) always allow to verify information to issuer, it will leverage VC to systematicaly include the way to verify authenticity in data structure sent.

      • Build continuous chain of certified data

      • Allow asynchronous/offline use cases

      • Integrate consent mechanism in overall KYC process

  • Management / ID Mapping

    • Offer publish and subscribe mechanism to allow notification of identity related events

    • Clarify and specify ID Mapping for privacy and open to federated and decentralized forms of Identity

    • Tokenization of identifiers: IDBB generate several sectorial identifiers for the same unique person

    • Use of Alias: Foreign existing identifiers can be linked to Unique Identity and later recognized

  • IDBB specific interfaces (API Gateway/GUI)

    • It has been identified the need to develop IDBB interface on top of IDBB candidates implementation:

    • A User Interface for individuals (select Identity provider (IDP), collect identity credential, give consent, be informed of personal data usage) This UI would naturally run on individual User Interface.

    • An IDBB API Gateway for:

      • Managing multiple IDP (default IDP being fID)

      • Check/trigger collection of consent

      • Potentially be used for ID Mapping to solve tokens

      • Manage adaptation of candidates implementations of building blocks

    • Individual User Interface need to be inclusive and adapt to various context including low infrastructures/technologies ones.

Illustration of form auto-filling flow involving UI and API Gateway.

Backlog:

  • Notification API (to notify output is ready or a change in identity)

  • IDBB Gateway with Integration of consent

  • Identity management (to create, update an identity, manage ID Mapping, authorizations, ..)

  • Credential issuance

  • Auditable logs - transaction log, administrative changes log, performance log, security log

List of apis (defined/undefined) aligned to functionalities/services (defined / to be defined) currently in your BB

API

Service

Version

Description

Priority

Status

API

Service

Version

Description

Priority