Welcome. Yeah, I'm Roland. We are from VER GLAD to be here and we would like to introduce how an ID wallet can be AML compliance, especially in Germany, which is not self-explaining. So we press the slides this way.
Yeah, this is kind of the title we are talking about. Yeah. First of all, I think throughout the conference we've heard many technical standards. We are not talking about technical standards in, in a deeper sense because we believe, first of all, it's important that we deliver a great user experience and, and then we need to deliver an efficient process to our partners. And just talking from the practical experience, neither the customer nor the partner cares about the technology behind. It's mainly that it's all digital and it shall just work with maximum efficiency.
And this is actually what a ID wallet can deliver. And this is where we are dealing with every day with fully digital customer experiences.
And to make this happen with in an AML standard in Germany is yeah, a little complicated because first of all, you need to put the ID data into the wallet. And here usually you talk about video ENT or EID Dent or some local ient even, but this is not fully digital. So how to get the data in an ID wallet in an AML compliance sense so that you can reuse it from there and then that you can reuse it fully digital.
So this is what we are dealing with to have really fully digital customer experience and to end, and this actually works in many standards and many regulations already. I mean there is s, there's substantial there. You need an approval from the BMI in Germany, which we've got if you need approval from B Nets R for telecommunication and for a standards. And so there are many standards that you can work in and more or less you can deal with fully digital experiences in these circumstances.
But the only one left where it's more than complicated is actually Thel standard to comply with FIN standards in Germany. That you have an anti-money laundry conform identity in an ID wallet that you can use per one click and how this actually works, Dick will dive into, yeah, thanks.
Yeah. The thing is everyone is talking decentralized identity, so everyone is talking, put the identity data on the phone and then you have it sort of in a server way the user can have so owns it, can control it and then you just click it and push it over to the bank.
You wanna open up a bank account with or to where ida's provider to get a qs, a qualified signature out there and that's not possible, be scanned it in sort of in all the regulations. And it turned out it is not possible from the regulation to have that one click identity. There's only one solution left. And which is you need to become basically a bank itself. The wallet needs to be a bank because the regulation allows for trusting two financial institutions to trust each other. So the bank, the bank can trust another bank for doing the identification.
So, and that's why the only way is if you have here a bank and the wallet wants to transfer the identity into the bank on the digital way is one click and not doing any sort of video and then in between. So you need to become a bank as well. So the bank trust the bank and that's the only way, and of course we are not the bank, it's called payment service provider. They are different licenses, not only banks of course, and we are not a bank, but we are sort of obliged and licensed payment service provider. And today that's the only solution to have one-click identity.
And everyone is talking about decentralized identity and having an app and the ID data on the wallet and, and the user can sort of share it. It is pointless in the regulation. It is pointless. And there are 2, 2, 2 reasons.
One is who is taking care about the identity on the, on the phone? And who guarantees that is not fraudulent. It's still up to date, the user hasn't changed. Authentication means the user has not moved to another postal address, has not sort of changed his name, who is taken care of.
And the aunt says the bank, the wallet provider who, so they are obliged to do that and that's why that's the only way and that's why RIME did actually exactly that very me became a payment service provider according to the AML act. So we are a payment service provider with all the obligations quite a lot. And of course we need to take care about, ID update procedures, we take about fraud, we take about very important authentication means we control if you don't control the authentication.
But we take care that authentication is sort of still valid with that user when he reuses identity a year later, 10 years later from the wallet.
So, and also secure storage and all that. And then when we sort of what are the regulations, you cannot do it just because we, I want to become a wallet. No forms of regulation and forms of law. You need to have your own business relationship with the customer. So every ID provider out there, so cannot say, oh, my business relationship is to be an ID wallet provider. That is not possible.
So because in Germany, at least in Germany, you can say no, you have to have an own business relationship. You have to to business with a user to store that identity. And of course we can use and that's why payment, we offer payment services. Yeah. Because it's obliged by law. Yeah. And that's that no, not so many people knows that everyone is talking about ID wallets, but from the regulation there's no way to offer regulated ID wallet.
Of course maybe it's coming later on ida's level or on the ID wallet in the u blah blah, blah. But today it's not possible.
And that's why the only way is to offer em a compliant identities is you are solved as a wallet provider. You are sort of a licensed payment service provider itself and offer payment services to the user. And that's why of course you have also sort of a lot of sort of increased risk doubts, risk management and path regulations quite a lot. But that's the only way. And the good thing is we solved it.
It's, it's it's life. Yeah. Since 2019.
2019, yeah. So already sort of in the fourth year. But we talk the same approach also to get compliance into IDAs and the telecommunication and maybe also in other sort of proper regulated sectors because we always say we are valid provider and we don't care, you don't wanna profile the user, but we need to make sure that everything is fine with identity and we guarantee it as a, as a, as as a trusted partner to the relying parties like banks or trust service providers, IDAs level.
And that's innovation not in someone new, but I just wanna make sure that's only we in Germany to offer one click identity if the valid provider is itself a licensed payment service provider according to Thein. So, and that idea was also very much supported by our 27 shareholders now. So we are focusing on insurances and, and banks of course in the financial sectors but also in the mobility and other services. So I thank you for that very quick talk and enjoy the evening event.
Thank you very much. And of course, any questions from the audience? Cause we do have time questions this time.
So you were talking about the, the processes that are also covered by your by, by the, by the certification or so and what type of of identity attributes are there actually And and and where, where do they come from? Come they, do they come from your own processes or do they come from the the Germany ID card or where they stem from?
No, yeah, maybe that, that picture is right. So VR and the wallet provider, and of course we need to identify the, the, the person once, no, we do in the EML sort area, we offer four different methods like local ID and face-to-face this partners or you do a video I, and I think according to the B or circulate E IDs, a German ID card or other sort of IDAs conformed identities. Yeah. Which are coming from other European member states. And also the Verese bank identity, which is basically a reference transparent qs. So these are the four currently.
But of course we are open to a lot of other ID sources. Yeah, we love that idea. Sort of wallet sources, wallet and verify in the old ways was IDP wallet and then relying parties. We would love to enter into that ID sources ecosystem. Huh.
But the, it's, it's not so easy.
That's the thing because the regulation is far behind. So if you look into teak and the new teak telecommunication law, there's no no word about ID wallets or IDPs. They always talk about you can do video end, you can go face-to-face.
And, and that's, that's why though the relation is behind and and that's why it's so difficult to have a, a wallet running on all specifically old regulations which are not modern. So yeah, that's, that's initial identification and then be stored in the wallet. And the thing is also by regulation, we need to store also the source data files, like the video files. They're the MP3 files from the voice recording during we need to store. When you go to the shop, the photos of the document. So it's quite a lot of old stuff. But by the regulation, the regulation was written 20 years ago.
There are still a lot of paper. Sorry, I'm
Just curious. Is it just Germany, which like drags behind or what
About the rest of the eu?
No, now yeah, EML wise Germany is standard is a little bit higher. So it depends on the different countries. I've heard other countries are easier.
So they, they, they allow that you can store the identity and reuse it again in the, in the easier way. In Germany it's like that. So the IDAs is opening up, IDAs is not here.
So the, the interjection of the ID wallet in the IDAs, I think everyone is talking about it. So architectural reference framework is now off open, but it's still, it's not in the regulation. So ID wallets are not an institution and they don't say what you have to do as in wallet provider to be compliant to the different regulations.
Let's see, let's see. Okay, great. Thank you. That's difficult.
Ah,
