KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
The Accountable Digital Identity (ADI) Association is a nonprofit organization dedicated to advancing an open framework for digital identity that focuses on accountability, privacy, and interoperability. The Association is a global coalition of private and public organizations spanning finance, government, healthcare, and technology parties.
The Accountable Digital Identity (ADI) Association is a nonprofit organization dedicated to advancing an open framework for digital identity that focuses on accountability, privacy, and interoperability. The Association is a global coalition of private and public organizations spanning finance, government, healthcare, and technology parties.
So before we started ADI association, which actually has been operational for about 18 months. Now, we actually went around the globe. We spoke to 60 different individuals, both from public private sector, fortune find companies and also standards, bodies, and different identity initiatives that are happening and trying to understand from ground up and trying to see if we need to really fix this problem. We got to take a, a different kind of approach here. A digital identity is definitely broken. We all have many, many trustable identity sources from various places.
Unfortunately, none of those identities we can take elsewhere and then use them. So when we try to understand the problem, whether it is conventional identity fraud, or it is the latest have that's causing on internet about this information and, you know, fraud information, what is causing this? We try to understand this problem. When we try to understand this problem, the majority of the fraud, whether it is physical world or digital world is directing related to three, three major issues.
One is I theft that is somebody stole your credential and somebody's faking an identity that it doesn't exist. Our third one is post data theft. If somebody knows enough information about me, they'll be able to do a account, take order, be very, very easily.
Our, if one of these data aggregators got breach, then a account take order is going to be very, very easy. What we felt was if we have to take approach for digital identity from outside in see how to fix this problem, we are at a point where we have come a long way in the digital world, treating digital world differently than real world we made.
You know, digital world is different security. Privacy are the main core pillars of internet and digital world. Those things must be the primary, primary fo focal points. What we felt was yes, whether it is digital world of the physical world, security and privacy are no, no doubt that fundamental likes of the user. But if they're not accounted mean, you know, associated with trust and accountability, you, you are not doing any good. Your trust and accountability are equally important for basic, you know, necessities for a function business or society. This is what we felt is required.
If you want to really fix this decided problem, we have come a long way in the digital world where we have been treating the online access as an account oriented infrastructure, where I have an account oriented account within a surveys. And if my son happens to have the same account, my account freely to him, then he becomes me. And we all have multiple accounts. As you know, and these things are only going to get worse and they have already gotten worse. What we felt was we really need to know who is on the other side positively.
We have to create some kind of binding between the human and the account that is created and make sure that is, you know, that is delivered and then created in a right way. That way we will actually change the internet infrastructure from a oriented infrastructure to an identity or entered infrastructure. Then we started thinking, what is the that's in the real world that we haven't been able to replicate in the digital world to actually, you know, achieve a, a level of, you know, functioning and balance in, in the digital world.
If you see our real world instantly, our real world identities are actually not created by us. They are created by a trusted group of people that mostly our parents, when we are born our first name and is given to us by our parents. And we go lost name from a father. Doctor comes out and says that, yes, the me police bond such and such date in this place to this parents, etcetera, etcetera, government comes out and issues a birth certificates. That's where the core identity of B is created that core identity, which says, this is the mesh police. This is the board certificate.
And there is a social security number that is issued to me. They actually make a unique representation of me in the world. Once that unique representation is created, I, my parents will take that elementary school I'm board certificate, take me to elementary school and they'll ask me to create my want my son to jump in elementary school, create my student identity. Then I go to high school. Then I go to college. Then I buy a car, buy a house.
Everything that I did actually then is that particular credential or data is issued to the four identity that was actually given to my somebody else created. For me, that was created once it was created was not my parents. It was not government. It's not doctors. It's mine completely. That identity is mine. If there is something good happens, I get the credit. If something bad happens, I will be held accountable. That is what is missing. That is there in the real world. That is what is missing in the digital world. You need to have a, a, a human binding behind an identity that is created.
So what we felt was we cannot go back and create for, you know, X, billion people start giving birth certificates right now. So how do you actually take what is out there and move it to your new infrastructure, where we actually achieve something very similar to it in the process, make sure you actually address the trust and accountability part here in the ADI specification and ADI work that we have done, what we felt like, what we felt was for every human being.
There needs to be a, a cryptographic representation, which we call in, in a friendlier name that he can remember called digital address for every user. This digital address is actually not something that user will actually enroll himself, but it'll be created by a trusted issue. And the way that is created that cryptographic representation is created from the human attributes. That human attributes are. That makes me unique. First name, last name, middle name, data birth, and the social security number. If it is somewhere else in India, that identity is Japan.
My number, take the unique attributes and create a cryptographic representation, right? That was initiated at the issuer without actually transmitting any personal information. Anywhere. Issuer knows all enough information about you and the issuer will request the creation of a digital address using the attributes, which he hashes and then sends it to the surveys to create digital address. And once a digital address is created, you actually bind that digital address with a final credential. And once you do that, you have a very strong human binding.
The cryptographic representation that is created is created for a specific attributes only for those attributes, that particular cryptographic presentation can be created. And that is delivered to the user and user binds it using Fido.
That way, there is nothing like a password or everything. The actual format of digital interest very, very is very, very simple, which is in a very normal email, kind of a format where at the DTX that you see is a service name, but the first one is a user which user will be able to call whatever he wants to call. If you take this approach, now, you know, you won't be treating the symptoms of the problems that we are trying to do.
We will be actually fixing the root cause if we take approach and we actually have put out the specification just last month, all the stuff eight, and these are the founding members of ADA association, the specification with the governance has been published just a month ago. When we, when we came up with this architecture, we have taken whoever implements that service and then offers that they have to sort follow certain principles. The core principles that we have taken the ADA specification is whoever is going to offer this digital service.
They should not be owning anybody's personal data or personal information stored in their servers are holding anywhere in data service. Anytime the user data is disclosed. There has to be a user constant in the middle, without that nothing will happen. Personal identity data or personal information data should actually stay with issuers. Only if I went to a particular university, the diploma that where search of the diploma should stay with the issuer and it should not be replicated anywhere and it should not be sent anywhere.
Fourth principle we have is let's bring the issuers into the value chain, issue us into the value chain. If somebody assess something. And if that is verified, let them be part of the value chain where they are actually rewarded for actually providing the verification. Last principle that we saw was every initiative that we saw in the market heavily focused towards people who have smartphones and people who are technology savvy.
What we said was our architecture should include not only the people who are smartphone savvy, they should also be the people who do not have a smartphone where we can actually create this digital address, which we call digital identity, which is a digital birth certificate in a way. And even on a smart piece of card, it is fingerprint protected. That card can actually be an identity that is given to the user that can be given to people who are not technologically savvy.
If somebody wants to actually a refugee wants to come in where he doesn't have anything, doesn't have phone, you can actually create an identity for him and then put it in a plastic card and give it to him. So with those principles, what we have done is we actually, you know, this is the architecture I'm going to go quickly because it's the sharp presentation and the way that it's going to happen, we wanted to make sure we want to make sure that digital identity creation can actually be done from any of the existing places where there are already trusted issues.
We all have multiple trusted identities today. The company that I'm working for knows who exactly I am. I have an identity there bank. I'm where I'm banking with. They know me. They have a trusted identity about me university. I went to DMV passport office, all the medical institutions, my pharmacy, my diagnostics lab, my physician, every one of them know me. They have done identity verification on me. They actually have, are providing information to me, reports to me, all these places are trusted issues.
Now, how do I bring them? How do I boots stamp those things to actually bring it to 80 infrastructure? It could be a place of employment. It could be educational institution. It could be financial institution, the left hand side. What you're seeing any one of them can be the people who actually initiate that first way of creating a digital address for you. A cryptographic representation once that is created, that can be used everywhere else that you want to do.
Now, the way it works is we wanted to make sure any issue who wants to be part of the ecosystem is extremely easy for them to embrace the system where they don't need to rewrite any of the applications they need to. They don't need to change any of the infrastructure that they have. All they need to do is to deploy this a issue agent that issue agent will just give them two APIs. One API is create digital address. Second API is published to publish to digital address the, the data connector that is within the issue agent.
When the issuer wants to create a digital address, the connector will go to the right places and get the information of first name, last name, the attributes that are defined in the ADA spec creates a one time, one way unique hash. And that hash is what gets sent to the digital address survey. And by the way, the digital address service that you're seeing in the cloud, there will be multiple digital services from competing companies everywhere in the world. It's not one. They are all the people. These individual invest issues and service providers actually get onboarded too.
The unique hash is actually sent to the digital address service, which then looks up in the directory survey and see, have you seen this hash before? If this hash is seen before then directory service comes back and says, yes, this user has created this particular interchange and the issuer can publish the credential to that particular interchange. If there is no hash that that service has seen directory service then will create a unique key for that particular hash and returns back to the insurer.
Surer will then be able to deliver it to the user through a trusted channel and user then will bind it with the directory service, with the digital service through fiber credential. The only two things that the issue needs to worry, he will simply ask, Hey, do you have a dis address? If you already have, you can simply say, what's your dis is sure it will be able to issue credentials to that on the middle that you see, you have the DLT, the blockchain, where the data, once a credential is created is converted into verifiable plan format.
And it is published to the insured agent and it still stays to the insurer. Anytime a service provider wants to verify user will provide a one time date. That way there is a privacy protection and there is no personal information, necessarily transmitted and service provider will be able to ask digital address and say, Hey, this user, can you prove that this user actually went to this university? Or he actually has a bank account here.
And when the service provider ask user gets the notification from when user constant, it goes from assure storage, where there is a verifiable claim, which we actually use W3C standards there. And the metadata where the surveys that that is there, the DLT will just hold the metadata and decentralized identifier to each of those identities that user owns this simplifies the, the entire architecture and will provide a nice transition part from where the infrastructure today is the existing identity sources they are without changing much.
They'll be able to transition to this, this new digital identity format, where there is an accountability, the way this accountability for every participant, whether it is user or assure our service provider is brought into the ecosystem because there is a governance framework that is defined here. Interchanges are brought into the ecosystem by registering themselves into the director services through ADI issuers and providers are onboarded onto the ecosystem.
Through interchanges registering to the ADI users are onboarded onto the ecosystem by the trusted issuers, making sure they have unique identity. So once these are established, everybody will have a digital address. Once there is a digital address through the digital address, if there is a fraud that is committed, you can easily trace back. For instance, the current problem that we have with the digital certificates of vaccine certificates that are going on in the world, how do you trust the issue that a, the right issue has actually issued the, the digital vaccine certificate?
How do you make sure that it is issued to the right person? How do you make sure the right person actually acquired it? How do you make sure when the digital certificate is presented somewhere, it is actually being presented by the rightful owner. How do you make sure these things are all trustable? This particular architecture addresses, all those issues, brings the human binding, produces the accountability and trustability of the insurer and, and different institutions and different market segments who actually become part of this.
This letters can easily exchange and interchange the digital credentials from one side to the other side, without any problem. The specification is out governance framework is out. We help a commercial implementation of this ADA of infrastructure as we speak. And we have CVS, which is piloting this infrastructure as we speak, we just announced this first week of August. And this is what brings the accountability, which is missing in the digital world that we have in the real world.
If something happens, I mean, people don't stand in front of a street corner and start shouting up some days because first guy may no second guy may ignore. Third guy will definitely call a cop and say, this guy is creating nonsense. He will be held accountable in this infrastructure. If somebody puts something online, if there is not a accessible tag on top of that, then you know that some anonymous guy is creating something there. If the tag has, is there, then you know, the person can be traceable.
That will actually, you know, deter a lot of people putting in information that is, that is wrong or online fraud there because there are no use user and passports here. And the definite trustability there and different accountability is there. There is a transaction. This actually promotes an environment where you have a stronger digital identity globally. I can have an identity created in India. Now can be verified from United States. A digital vaccine certificate that is issued in India, United States.
I can travel to Korea and Korean airport can easily verify just by talking to their local interchange. This actually comes, brings up the digital identity infrastructure, almost like a California infrastructure, not almost, it's actually like a telephone infrastructure where you know, different people in different regions will be on their digital address. Providers data does not cross the borders.
Every data piece of information that is actually disclosed is actually happening at the content of the user that will address the regulation issues, privacy issues, and the local identity frameworks that are required in the market so that this is where we are. And if you guys have any questions, feel free to reach out to me. And area association is opening up. Our members. First version of the specification is done. We're embarking into the second Washington development right now. I welcome anybody interested in coming and joining. Please do so. Thank you so much. Great. Thank you.
Ramish for your press.
