Hello everyone. So my name is Kle. I am an A consultant and my main customer is Belgium Mobile ID where we developed the It's me solution for identity. So it's me is one of the leading digital identities in Europe. We have more than 7 million users, 40 million transactions every month. We are active in 14 countries. In the meantime, we have more than 3000 platforms who have linked up to, it's me in more than 20 sectors. It's me is an app which is available as well in Androids and Google and and iPhone. The solution has been ISO 27,000 certified. We are compatible with GDPR and A ML.
It's me is an insurance level. High electronic identification means notified in Europe and is also a qualified trust service provider. So what I'm talking going to talk about here today is the use of electronic at stations attributes with existing solutions like identity providers and vaults without having to wait for European digital identity to be rolled out.
An identity provider like it's me can play an important role in the uptake of electronic, electronic, sorry, electronic attestations of attributes. In the meantime. So I already mentioned the role of vaults.
That is something which is not, has not been discussed here a lot so far. So what is a vault? A vault is something where a user can store his data, which is compared to wallets, not able to do authentication, authentication of a user or identification of a user. But the data of the user can be securely stored, stored in that vault. This data can be anything today it's mainly unsigned PDFs but it can be also electronic attestations of attributes or any other type of data.
And the reason why vaults are used already for quite some years in Belgium in any case is because it helps for the secure delivery of data. Instead of sending some data via in simple email, which for which the confidentiality might not be secured or where with phishing users are often being abused via a vault.
There's a secure delivery of the data. There is a trust in the origin because the user has to log in on in the system and only the documents that come from a proper origin have can be put into the vault. So the user is always sure that the data in the vault comes from a proper origin.
There is an an a certainty of availability. The user will not lose his data because he will always be able to go back to the vaults to get to it and there's a proper access control. Now there's here a few examples of vaults in Belgium. We've got a number of them. We've got Dole, which is positioning itself as the administrative assistant. So in there typically you find payslips, you find invoices typically documents which companies want to provide to natural persons to citizens. Doel is open for any service provider, but typically the service providers using Doel are in the HR sector.
Either big companies or social se secretariats or utilities or banking users can upload their own files in Doel as well. A second example is, which is the digital vault of the Belgian notaries. Typically you find their notarized documents on properties that you own or if you create a company on on on the the documents on on the creation of your company, the user can also upload his own documents. He can also, and here there is a specific feature which is typical for the notaries user can indicate documents to be transferred, transferred to their heirs after they would pass away.
And then there's to me, which is the data utility company, Tumi setting up digital infrastructure to support as well government as private use cases. It's based on the solid techno technology that has been developed by Tim Burners Lee, which means that the user has complete control over the data in the vault and that he can give, give access to that data via access control mechanisms and the holders can be as well natural or legal persons. And to me is focusing on adding verifiable credentials in those folds. There is the approach of it's me to a data sharing ecosystem.
We want to have the user in control. That means today it's me already has identity data of users. So we read out identity cards and passports for creating its me account. And so that means that today we can already share that identity data with those 3000 and more platforms, but we don't want to add other data from the users to the its me account itself.
We want that the data will will remain stored in the vaults where it's already secured because we don't want to become a data aggregator.
So the purpose is that the user, when he wants to share data with one of those 3000 platforms, can give a consent to its me to collect the data from the vault and then to pass the data to the partners. So for the moment that's with the vaults that we are already integrating with. But in the future that will probably also be with wallets on amongst others. The European digital wallets, there is a small video that will play. It goes very fast. So I'm gonna quickly explain upfront what will be happening.
So Victor or it's me user, is requested by a talent acquisition company to provide some information about himself. They want to know who he is and if he has the correct, if he had done the correct studies to apply for a certain function.
And so at that moment Victor will be able to see the exact information that will be requested and if he agrees to that, if he give consent, then ifs me will look up in his fault. If he has attest stations which can, which are proper for this use case.
If so they will be presented to Victor and Victor will be able to select the proper attestation, the proper diploma in order to provide it to the talent acquisition company. If he then indicates the the diploma and indicates that he wants to share the data, then automatically it's me will be able to collect the data from the vault with consent of the user of course, and will be able to do selective disclosure by reading out the data to only deliver the data in the open. I connect claims to the partner which are required for that use case.
So I'm quickly gonna show the video.
It goes very fast. So I'm quickly gonna explain what what happens. So Victor is at talent acquisition and there he clicks that he wants to share. He is now able to see the details of his identity and the details of the student at the station that are requested. If he clicks on continue, then we will check into the vaults. If he has proper data, he has two student at the stations. So he selects the correct one, which he wants to share. He clicks on share and then automatically the data will be shared and everything is done.
So the movie goes again. So the rest is, is repetition.
So, but that's as easy as it is. So for the user, it's a very convenient way to share data. It's also completely in full trust that he can do it. Why? Because when we were creating this together with the vaults, we have thought of the private receipt principles which would be important. And so we said that the user always has to be in control of the data in the vaults. That the user also always need to be able to give consent to collect the data from the vaults. It's me will not be able to collect any data without that consent.
The user is also in control of the data that will be exchanged and there is selective disclosure possible in case of structured data. The IDP in this case it's me, will not store any of the transferred attributes or documents.
It'll just deliver them and then forget about them. Of course all sensitive data including logs are encrypted and from the start of it's me already before we did data sharing, we always have foreseen on linkability because all service providers that are linked with it's me, they get a different user code for the same user.
And so if they would try to put data together on the same user, they will not be able to because they cannot match based on that user code. Of course, if they collect the complete identity of the user, that's something else. But then that does not have anything to do with the way how its me functions.
So going there from the situation of today to the perfect situation where we use qualified electronic attestations of attributes with belief that there's a long way to go there.
Today, as I mentioned in the vaults, it's mainly unstructured PDFs. Users can view those, they know what it is, they know how to open them with electronic attestations of attributes that is different. An electronic attestation of attributes is a file which a user cannot simply open. They cannot send it to someone via an email or something like that. And so we believe that there is a need for a hybrid version of electronic installations of attributes. What is that hybrid version?
In PDF you can attach files and so in it is perfectly possible to attach the electronic attestation attributes in A PDF file, which contains the exact same data in an unstructured format, which is human readable.
If you then seal the PDF including the link between the unstructured data in the PDF with the attached electronic attestation of attributes, then you have a system or a solution which gives you the full tru full trust and that combines all of the properties of an unstructured PDF and electronic attestations of attributes.
So that means that the solution will be able to be used by users that do not have any software that can deal with electronic decisions of attributes and with users, I mean not only the holder but also potentially small companies that have to deal with with the data and et cetera. And so this solution allows a much faster uptake of electronic adaptations of attributes.
It'll allow small companies and others that are not able to deal yet with electronic adaptations of attributes to continue to work with PDFs while if the same document is being sent to a larger organization or an organization which is more more upfront with the new technologies to extract the electronic adaptation of attributes from the PDF and then reads the electronic attestation of attributes and have the full benefit of the properties of of electronic attestations of attributes.
So the key takeaways, first of all, existing identity providers like it's me, can take an intermediate role to enable a data sharing e ecosystem where the user is in control by leveraging the already existing trusted default providers and upcoming European digital wallets. And so that means that Europe existing IDPs can help in the adoption of what we want to achieve with better decentralized attributes.
The hybrid solution of electronic attestations of attributes which are attached within the PDF can also smoothen the transition towards fully structured and automated trusted data processing while still today enabling nor any user and any company to work with the the unstructured way as they are used to. But making sure that in a a way which goes against or or which smooths the resistance to change, we can get to the goal of having qualified electronic decisions of attributes accepted within the community. I see that I have been speaking way too fast, so I still have five minutes to spare.
So if you have questions, there is time enough.
First of all, a big thank you for walking us through this. We do have some questions for the audience, so it's good that we have time to talk
About. Yeah.
Okay, great.
Yeah. The first one is, what will the relationship be between the services that you explained today and E iida two wallet ecosystem?
Yeah, so first of all, of course the ADAS two, the qualified electronic of attributes are also a part of a two. So if those electronics of attributes will be put in the vaults, then the link is already obvious. That's one thing. And the second thing is we are already integrated with more than 3000 service providers. We are planning to integrate also at the other end with the European digital intervals so that we can be an intermediate between the, the European digital intervals and the service providers that already have a link with its me.
This way, for those 3000 plus platforms, it'll be much easier to start working with the European digital intervals then that they would have to create an a new integration with the European digital intervals.
And another question, what are some of the learnings that you have with the Belgian ID ecosystem that other countries and other ecosystems can learn from to get things up and running? What are some of the critical success factors that you could share?
Okay, when we created It's me, there were a number of factors that were very important. So it's me already does electronic signatures, does authentication, does identification. So we provide identity data. We also implemented functionality which is not in the European digital, which we call the confirm, which will give a cryptographic consent to perform a transaction. So all of those combined were important to cater for large use cases.
Also, one of the key factors for the success of its me in Belgium was the collaboration as well with the Belgian banks as the government because those are really the big organization with a lot of transactions. And if you can get those on boards, then that helps a lot. If the banks try to do something on there end and the government does something else on their end, then it's the, the uptake will be much slower.
And then the, we had three principles from the beginning with it's me, one was security, the second was privacy, and the third one was usability.
And so security, it's obvious why it's required. You're dealing with sensitive data and stuff, privacy. Without focusing on privacy then the user might object to using it. And in Belgium we manage to convince people that we indeed treat their data very, very securely and send and, and that we don't sell any data and stuff like that. It's me is a solution which is only focused on this purpose and on nothing else. So we have nothing to gain by selling data.
And so by having a solution which is only doing this and it's only financed by doing the identity parts, that also gives trust to the end users. And then finally, usability. We spend a lot of efforts in making its me as easy to use as possible for the for the end users and also to make it easy for service providers to integrate with it's me. And so tho those were the three criteria that we put up front as very important for the success of it's me. And we are convinced that it works very well.
We often get very positive feedback from end users who say that they use it almost daily and that it's one of the best apps that they have have encountered so far. Which is for me, very inter, very nice because it's my baby. And then if people say it's a lovely baby, that's always nice.
Thank you very much, especially for these really practical observations throughout your presentation and here at the end.
Okay, thank you
Very much. Thank you. Bye.
