and welcome. I'd like to just explain something that we are doing for the first time today that may help our speakers and also the audience. This QR code, if you scan this, it will take you through to an AI translation. So I'm delighted to say that some of our panelists today will be presenting in English, but they may want to take questions in Japanese. So by speaking Japanese, you'll be able to get a real-time translation anytime they switch between languages.
I'd also like to share that at this year's AIC, this is the largest representation that we've had from Japan ever at AIC, so konnichiwa, Katryna desu, welcome for those in the audience and those that are watching online and we hope that this will be a really wonderful interactive session. So I would like to keep my part of the introduction as brief as possible because our panel of presenters have some really wonderful content to share with you this morning.
So a little bit of background, I'm very privileged to have been part of this project over the last six months where we have been looking at solving some of the problems around multi-stakeholder cross-border decentralized identity and today we have with us Rintaro Okimoto from DMP, Dima Poznikov from ConnectID in Australia, Jan Verheyken from MECO in Belgium, Alef Gruve from the National Australia Bank in Australia and Takuya Omura from MUFG in Japan.
And for the last six months what we've been looking to do as a working group is to explore the technical, the legal and the commercial possibilities to actually put a trust framework and a technical interchange in between Australia and Japan.
For those of you that may be interested, post-COVID, after New Zealand, Japan is the most searched destination for Australians so we have a great interest not just in culture and food and tourism but also it's a great skiing destination for us and we also have a very strong trade agreement between our countries which means that we have both a steady influx of Japanese visiting Australia for tourism and business and also for international study.
So in that context what we wanted to look at was how could we build trust and our panellists are going to unpack this whole journey of the last six months, how could we build trust and technical interchange between an Australian with a credential issued in Australia into Japan and vice versa. And what we thought we would do instead of talking about it, we would actually build something and we would not tempt the demo gods by filming that technical integration to make sure that it works.
So what I would like to do is kick off the session with a short demo and everything that you're about to see is real. So we built an issuer, we built a verifier and all the technology under the bonnet is real and each of the presenters will take us through that journey from each of the perspectives we've just talked about. So I'd love to kick off with taking you diving into the experience. So Thank you, Katrina. Good morning, everyone. My name is Rintaro Gamoto from DNP. I'm very honored to have this opportunity to speak at EIC.
This is my first time presenting outside of Japan, as well as in English. And to be honest, I am a bit nervous to be speaking at such a prestigious event. But I practiced very hard for today. So I hope that you will bear with me. I hope you enjoyed the video you just saw. But before we dive into the use case, I'd like to talk about our company and how we envisioned cross-border interoperability between Japan and Australia.
DNP, almost approaching 115 years, we are one of the largest printing companies in Japan. Despite being a printing company, our solutions are wide-range, including IoT devices, electronics products, and packaging. DNP has the top shares for IC cards in Japan market and has years of experience in authentication and security solutions, which is one of DNP's core businesses.
Now, DNP is making use of its expertise with physical identity and cultivating businesses in the digital identity domain. Now, I would like to share with you our vision of what we would like to achieve with Japan-Australia cross-border use cases. I would like to start by explaining the situation in Japan. As many of you may be aware, Japan has many tourist attractions, such as Kyoto, Mount Fuji, and home of anime and manga, popular among the world. The number of foreign tourists dropped significantly during COVID-19, but the number has recovered to 60% of what was before the pandemic last year.
The Japanese government is also making efforts to attract overseas tourists, and I believe that cross-border tourism will become increasingly active in the future. Moving on, I would like to touch on the issues in tourism. I presume everyone attending today has had a similar experience, but the waiting line for admission at tourist spots and restaurants is a stressful experience for travelers.
In Japan, there are many situations where visitors are required to show their physical passport and purchase tickets, and many tourists are forced to wait in long lines. Digitizing Japanese services will be necessary to make the traveling experience more comfortable. Apart from deep tourism, I would like to talk about challenges that Japanese retail and service providers are currently facing. Reselling of artist concert tickets and popular trading cards have become a major social problem in Japan.
Currently, cases where identification is required for purchasing popular items at Japanese stores have increased. Japanese service providers are looking for better ways to verify customers to prevent fraudulent resales. I would like to take a moment and talk about the situation around digital identity in the Asia-Pacific region.
In Japan, the Japanese government is strengthening efforts for digitalization of national IDs. Similarly, various digital identity initiatives are in motion in Asian countries.
However, it is important to note that these digital identity initiatives in each country are domestic, and cross-border data connection within the Asia-Pacific has not been realized. So the challenge we choose to tackle is cross-border collaboration between Japan and Australia. The two countries share strong economic ties. There are many international students from Japan to Australia every year, and the number of tourists from Australia to Japan has completely returned to pre-pandemic levels.
Now, on the use case, we envisioned a tourist from Australia coming to Japan for sightseeing. When they come to Japan, tourists will have to fill in forms such as train reservation, museum ticket reservation, and so on. By reusing an identity that has already been verified by a trusted party in Australia, the user can quickly complete the processes. We believe this will be beneficial to not only tourists, but also Japanese service providers as well, as they will be able to reduce the cost of verification.
Finally, looking into our future in Asia. Asia-Pacific is a region of diverse cultures. Working together across different cultures, religions, and languages is a great challenge. While referencing the EU's approach, we believe it's important to find ways to collaborate that are unique to the Asia-Pacific region.
Now, I would like to pass the mic to Dima and Yang, who will explain the technical details on our collaboration. We would very much like to expand our cross-border circle together with everyone in the audience. Thank you very much.
Hi, everyone. Can you hear me? Yes.
Dima, I live in Australia and work for a company called ConnectID. ConnectID is... I'll look after ecosystem architecture at ConnectID. ConnectID is identity verification network, consent-based, or consent-first identity verification network in Australia. We've gone live approximately in October, November last year, and slowly rolling it out across economy, across a number of use cases. I'll briefly describe what ConnectID is, how we operate, and why global interoperability is important to us, as well as what else is happening in global interoperability space.
So, ConnectID is a network operator. We are providing essentially a sandbox for global... a sandbox for Australian reliant parties and Australian identity providers to exchange consumer data with consumer consent. We build this network in a partnership with Australian banks.
So, we've got National Australian Bank and Commonwealth Bank live, and two other large Australian banks are coming live in the next few months. We play the role of the network operator. We provide the scheme governance, we provide the accreditation for the parties, we provide the scheme support, we set the standards for communication between the parties.
We primarily focus, being an Australian network, primarily focused on Australian consumer, given that we have Australian identities, but we also understand that Australian citizens, they travel, they work overseas, they migrate overseas, they love skiing in Japan. That's why global interoperability effort is super important for us. That's why for ConnectID it's important to explore different initiatives with different jurisdictions overseas. The way we build the network is focused on standards.
So, we don't reinvent the standards, we don't create ConnectID-specific standards. The choice that we make is to profile existing global standards, work with international standards bodies, and potentially improve those standards to fit our requirements. The reason why we use standards is apart from access to the skill and expertise, it's also making sure that our implementations are secure, interoperable, it's easy to test, and yes, it's easy to roll it out in a secure and interoperable way. And it also helps us with the global interoperability going forward.
So, now briefly touch on what other things happening with the global interoperability. Many of you have heard about CityHub. CityHub is a relatively new kid on the block. It's an initiative that's been explored since November last year. A bunch of governments and industry bodies got together and asked a question, why can't we have a global interoperability between different jurisdictions? And it's quite a large forum with a lot of different participants. There was a meeting in Berlin on Monday to progress that initiative.
There were a couple of presentations before, and I think you can watch the recording, or there might be other discussions going forward as well, so keep an eye on this one. MDL, mobile driver's license, is being rolled out in the states, across multiple states in Europe and in many states in Australia. There are also global interoperability efforts with the support of ISO community and ISO standardization body to interoperate digital driver's license to make sure that you can present your digital driver's license overseas as well.
GAIN is the initiative that was actually announced two or three years ago at EIC, and it was a result of collaboration of 150 identity professionals from financial industry and other industries, asking the same question, if I have an identity proof in one country, why can't I find a network or a way to present it in the other jurisdiction? There has been quite a lot of work done in OpenID Foundation and in the technical working group to work out how this can be achieved, and also in OIX in terms of how it can be achieved from a policy level.
I'll briefly mention EIDAS2, I'm pretty sure everyone here heard about it, so that's another cross-border interoperability effort that we all hear a lot about at this conference. I think that's all from me. I'll hand over to Jan. Hello everyone, I'm Jan, working for MECO from Belgium, and I'm excited today to tell you more about how our two cloud wallets really underpin this demo that you saw just a few minutes ago. So we have two variations.
We have a holder wallet, which is really aimed towards users or things, and it allows them to manage their cryptographic keys, DITs credentials, and it enables them to receive and present credentials. Second one is an organization wallet, and it's really aimed towards any entity that wants to issue or request and verify credentials. They're both built on an exclusively standard-based approach, so we implement the latest standards so that our customers don't have to. Our vision is to simplify identity and personal data management, and we do that via an integrated API platform which we call SVX.
And SVX has three main capabilities, a secure data vault, credentials, and then wallet capabilities. And with it, we want to enable our partners to build and deploy the trusted personal data ecosystems, and we also want to connect the developers within those networks to the tools that they need to rapidly set up use cases as the one, again, that we saw today. But back to how actually did we bridge those two networks, the one in Australia with ConnectID and then with the other one in Japan led by DNP?
And when we are sort of exploring this, we discovered two, or we really were discussing two possibilities. One is to achieve interoperability at the presentation level, and this is what you've seen today. So the Australian citizen would use their bank application, the Koala Bank. It would get the credential from the bank and would then present that credential to the Sumo Japan verifier.
A variation of this flow is to introduce a third-party wallet into the ConnectID ecosystem, and then, for example, the Koala Bank IDP could provide the attributes to the issuer to then again get the credential into the wallet and present that to the Sumo Japan verifier. The other possibility was to do interoperability at the issuance level.
So here, the Australian citizen could, for example, download a Japanese travel application, and then it could use the bank's issuance infrastructure to get the credential into the Japanese wallet, and then within their own ecosystem, it could then present to the Japanese Sumo Japan website. We decided that for this first iteration, interoperability at the presentation level, so the first option was easier, a little bit less moving parts, so that's what we went for. Dima already gave us some explanation of how important standards are, and yesterday, I was really enjoying the talk of Dr.
Mike Jones, where he says standards are about making choices, but the first choice you have to make is to select the standards that are making the right choices. So with that, we had a few criteria that we set out. So we want standards that are internationally accepted, we want them to be freely available so that they can be easily distributed, and some standards, think of ISO, it's not that easy to distribute them. We want them to be generic enough so that you can implement any use case.
We want them to follow the issuer-holder verifier model, as this really improves user privacy, but it also is the driver, the enabler of these cross-border use cases. Then we also think that having offline capabilities is quite important, as when you go to a country, you might not immediately have access to the internet, or it might be very expensive, so maybe to get that first eSIM card somewhere in the airport, it could be very valuable to have offline capabilities where you can actually prove who you are, and then to get that first use case up and running.
And then, of course, data minimization, very important for privacy, security, and avoid oversharing of information with other parties. So with those criteria, it was actually not really a challenge to select, and we selected the right profile that already made some of those choices for us, and we went with OIDF's high assurance interoperability profile. It's already leaned very closely to what D-Main Connect ID is advocating for. For those that don't know, and sorry, this is a little bit more nerdy, but it uses the SDJOT VC format.
We, as a credential schema, we're using, again, starting from what Connect already have, we're looking to expand it with maybe some elements from EKYC, and we think the work with the EUPIT is also really interesting. For issuance and verification, we've selected OpenID Connect, and then the OpenID for VC set of protocols.
And then, as a trust mechanism, we're using OpenID Federation, and it is already something, again, used by Connect ID. It works at scale. I've seen that in Tokyo this year, where Brazil is really leading the charge, and with the work from GAIN, we also know that this is from a technological perspective, and maybe broader than that, already works. So that's why we've chosen that.
And also, because national operators, yeah, they don't really want to be busy with onboarding foreign entities, so this federated approach makes a lot of sense. Now, back to our Australian tourists.
So, they receive the verifiable address credential into the wallet. It's seamlessly integrated between two regions, and I really love this concept from yesterday with the City Hub meetup, where we're talking about this roaming wallet, so I think, yeah, that's the key.
And again, this is also an example of that, where, yeah, using the standards and the protocols that we use, this really makes it possible for the credential to be verifiable across those two regions. And as a closing, before I give the word to Olaf, as a closing, we are really at the start of this journey, and we want to implement this with real banks, and sorry, Koala Bank, you are really cute, but sadly not real, although I still think there is a mischance there in Australia to start a new bank.
We also want to implement real wallets, and, yeah, we're on the journey to connect to more of our partner sandbox environments with the goal to actually move this into production. So, yeah, with that, I thank you. If you'd like to hear more, and especially if you have strong opinions about some of the choices that we have made, then please come and find me. I'll be at AEIC until the end of the week. Thank you. Thank you.
So, Olaf Greve, I work as the head of product digital identity and access for National Australia Bank. We bank about 25% of the retail market and are Australia's largest business bank. Why that will matter, I will talk about in a second, but I want to bring your attention to the two key elements that are really important for the viability of these propositions. One is around customer experience, and the other one is around the value proposition.
So, if we look at the customer experience, then there are sort of four key elements that I want to bring to your attention, which is the familiarity, ubiquity, adequacy, and simplicity of the use cases. And if we start with familiarity, then you all know that familiarity breeds contempt. But from a digital flow perspective, that's probably sort of can't be further from the truth, because what we are finding is that sort of however subtle the differences are in our experiences, customers notice, and it is a drop-off point.
So, if you look at the image on the screen here, it is the standard ConnectID flow and the login element, the little padlock in the middle. For the customer, that looks subtly different to what the regular banking login looks like, and it gives them a moment to pause, and we actually see a few people drop off at that point, which then impacts conversion rates.
So, our learnings from that is we need to stick to as close to what people are familiar with as possible. If we move on to ubiquity, here's where I would like to reference the experience with BankID in Scandinavia, and if you look at the adoption curve, then there's a distinct inflection point at the moment where BankID started to service government use cases.
And again, these propositions are the more successful, the more people actually see them as part of the digital flows that they are part of. Individual, they do work, but sort of the more ubiquitous they are, the more comfortable people are with it. If we move then on to adequacy, what we are also finding is that a significant drop-off point is created when we transfer them between form factors.
So, going from an app to a web view, back to an app, or vice versa, is something that customers really don't take well to. It's a break in the flow, and it's something that we experience as a significant drop-off.
Again, drop-offs impact conversion rates, and it's something that our relying parties don't take kindly to, so something that we are really paying attention to.
Last but not least, from a simplicity perspective, so there are distinctly use cases where you would only do an identity verification, whether it's a sign up, whether it's a I'm not a bot, or similar use cases, that's where it works in a standalone fashion, but if you look at the classical e-commerce flow, where you have a sign up and then sort of a payment along the way, or an age verification and a payment, what actually pays off, no pun intended, is that you actually combine those use cases into a single transaction, and that's something that we are working with.
Chaining transactions generally sort of impacts the customer experience in a way that isn't conducive to people completing that flow. With that, let's talk about the value proposition, and it was mentioned already, but I just wanted to harp on about that point.
So, Australia is a migrant economy, if you will, and as you can tell from my accent, I'm one of them. So, we take in literally hundreds of thousands of people per year, but we also have significant emigration where Australians choose to live, work and study abroad, and Australians, for better or for worse, likes to travel. I'm sure all of you have met one along the way, and it's something where we certainly want to be where we support them in significant life moments, which then brings me to the value proposition from an identity provider perspective, i.e.
us, and so we really sort of, again, want to show up for our customers, and in doing so, create that customer engagement with our online offerings, and extending digital banking into a digital identity proposition is an ideal way to help and create delightful customer experiences, and it also, and that's sort of my second point in this context, it honours the trust that they place in us, because what we are finding, and there's a study out there by the Bank of International Settlements that shows that in a significant number of geographies, people actually trust their banks more than their government, and it's something that we just want to be really building on in the sense that if they trust us to handle their money safely, they would also trust us to handle their data responsibly and disclose it selectively.
And last but not least, and this is where I come back to us being the largest business bank in Australia, we actually see a significant demand from our business customers who want us to show up in this way for them, because any data that they collect is a potential data breach, and while we, despite recent breaches, assume that larger enterprises usually sort of have their data security practices in place, a lot of smaller businesses certainly expect that, or experience that as a significant impost on them, and they would like us to support them in this way.
If we then turn the page and go over to the relying parties, then certainly there's a lot about the bottom line. So digital identity creates higher conversion rates, which then improves the bottom line. It also improves their operational expenditure in the sense that the data is of higher quality, there's a level of assurance, there's less cleanup effort required later on.
And last but not least, another data point that I wanted to bring to your attention, and I'm indebted to Rod Boothby for bringing that to our attention, Visa has done a study that shows that bank ID in Scandinavia has led to fraud rates in e-commerce of 0.00042%, whereas generally, sort of globally, it's accepted that e-commerce has a fraud rate of about 3%. And if you're working in a low margin business like e-commerce, going from 3% to significantly less than 1% is a massive impact to the bottom line.
There's a last part of the value proposition, which is around how do you create a sustainable ecosystem, and digital identity is nothing that stands still, you bring it to market and then touch it again. It's a continuous evaluation, new use cases, new technologies, new approaches, such as international probability, that ecosystem needs to sustain itself, and that's why in our context we have chosen to work with relying parties to capture some of the value that is generated on their side in order to drive a sustainable ecosystem.
So with that out of the way, you might wonder what is the use case that a bank can actually support in this context, and certainly connect ID is a proposition that is focused on high volume, low risk use cases. No one has a risk appetite to onboard a customer or let someone hop on a plane off the back of a digital identity, that's further into the future, but simple things like opening a bank account and pre-populating the data is something that we experience as really valuable in this context.
We see a lot of migrants struggling with concepts like is it first name, given name, where does it fit, and something that can pre-populate an application form already gets them far into the journey and makes it a much more delightful experience, and it is something that we are looking to go into with, again, on the basis that this would be a high volume, low risk use case. And with that, I leave you to my esteemed colleague from MEFG.
Okay, thank you. Hello everyone, my name is Takuya Omura from MEFG Tokyo, and I believe this is our first presentation as a firm in this, is it? Did you make a presentation last year? No?
You did, so it's the first time for the MEFG Tokyo to make a presentation in this conference, so I would like to touch upon how we view the digital identity area from Tokyo. So to start with this, I'm gonna, it's a very wordy presentation, so I'm gonna explain. So this is to explain where Japan is at in this field. The government of Japan has announced a policy which is called Data Free Flow with Trust, we call it DFFT, in the Davos conference in 2019. Some of you may know. This is the concept to promote free flow of data, ensuring the trust in terms of privacy, security, and the IP rights.
And also in 2020, the cabinet secretariat has established a Trusted Web Promotion Council to improve trust in the digitalized economy and society. We believe that digital ID can be one of the leading solutions for ensuring trust and reliability and play a central role in the implementation of this policy called DFFT. And therefore, this field, digital ID, it aligns seamlessly with the objectives of the Japanese government's initiatives. So next page is about who we are.
Some you may have heard, some you may have not, but MEFG is a financial institution in Japan, both operating in domestic and internationally. When you look at the domestic market, one out of four Japanese individuals and one out of three Japanese corporates are MEFG clients. That being said, MEFG is in a very good position to enhance this digital ID initiative in Japan and create the market. The next page is where we are.
So to be honest, MEFG US, my colleague here, has been a professional in this area for a long time, I guess, but the head office has started the research and exploring this field recently, about a year and a half ago. So we're new to the market, but MEFG is exploring a variety of use cases, and one example here that I have today is the Metaverse space. We believe Metaverse is where you need the most trust, as you would not have any methods to identify who you're talking to, who you're playing to, or who you're paying to.
So we have started the development of ID, identity wallet, to be used in such space last April. So we're hoping that this would be developed within a year to be used in Metaverse. Coming back to this POC, we have chosen a travel sector as a sector for POC. Why travel?
Well, travel sector in Japan is one of the very few growing markets in Japan. The market size has reached approximately over 30 billion in U.S. dollar basis, and it's keeping growing year by year. And from an Australian perspective, the income of Australian tourists that came to Japan in March 2024 has almost doubled the figures in 2019. So this is a big connection that we have between our countries. And that's being said, we believe distributing VCs across the market would provide convenience, security, and accuracy, which the market lacks today.
And by enhancing growth of the travel sector, MEFC hopes it will lead to regional revitalization, which is also a national issue that we have today in Japan. And also, from another point of view, when you travel, you have various touch points across multi-sectors. So you book a hotel, you take the transport, and you go to retailers. So it's a good sector to deep dive to see where is the strongest demand is at for the digitalized identity. This is the last page for the presentation, and this is to show how the POC is to be operated.
So if you look at number one, MEFC aims to serve as an intermediary between Australian trust anchors, which is NAB and CBA, and the Japanese service providers. And our goal is to offer assurance to the Japanese service providers. There is a couple of challenges, to be honest, to realize this service. One point is that the Japanese authority, we do have to have a close conversation with the Japanese authority, who looks over the banking sector, if they would be comfortable for our bank to serve such kind of service. Personally, I am very optimistic, but there is a need of a conversation.
The second point is within the service providers. The car providers, hotels, the retailers, they all have their individual restrictions, regulations that they have to comply. Through this POC, we aim to clarify how this digital ID service could adopt and engage with each and every one of the service providers' needs. And I really hope it will lead to a creation of the trust-provided market in Japan. I believe that's all for today, so should we go on to the Q&A session? Thank you very much. First of all, didn't everyone do such a fantastic job? That was really wonderful.
So what we'd like to do now is to open the floor to questions. It's important to consider that we've been exploring, just over the last six months, the technical, which Jan and Dima addressed, but also MUFG and NAB with ConnectID, looking at the trust screens.
For any of you that saw the presentation yesterday or have been looking at some of the work of OIX to start looking at what could actually be accepted or where you have to align or where you have to adopt policies, so we're very happy to take questions that may be either legal, technical, or commercial, and I can already see a show of hands. But you don't have to ask in Japanese.
No, I don't speak Japanese. I could use Italian if it's okay for you.
Okay, now just two questions, one very small. In the demo that we have seen, there was a ConnectID option, and just below it, there was a My Europe option. What is My Europe? Because I'm from Europe, I've never seen My Europe in my life, so. Maybe the way, I mean, we sort of intentionally put it there because, and I was quite sure, and I had a debate with Katrina that this would maybe lead to some questions, but sort of my thinking behind it is that, first of all, My Europe doesn't exist.
It's more of a concept where there might be different schemes that make different options, and then with my technical brain, I was thinking, okay, maybe we need to inform the wallets that receive that from where the request comes, and that could sort of lead us towards this NASCAR problem for identity, which I know is very, yeah, sort of controversial potentially, but yeah, I'm just struggling to see there only being one button that can do it all. Okay, perfect. Word is particularly fun if it doesn't understand your language, because the kind of translation that it makes, I won't.
But in any case, the most important thing, second question. Usually, this kind of decentralized systems are particularly interesting to consider unless you factor in the costs to manage them, because when you have to exchange attributes, the quality of attributes means that you are incurring a lot of costs.
So, what was not clear for me from this very interesting presentation is, who is going to pay for the service in the long run? Because in Europe, this for a good part would be subsidized in many ways by the governments, but this seems to me more a private-led initiative. I'll probably try to answer that from my side.
So, I think the key here is, and probably didn't come through, so what we're testing here is, how do we connect two existing networks in two different countries? So, there is an existing or a network being built in Japan, there is an existing network in Australia, there could be another existing network somewhere else, like my Europe one day. This is we building on top of the existing functionality. The standards have evolved significantly and harmonized significantly over the last couple of years, and that's still happening.
So, that allows us for that low-cost connectivity, low-cost translation. There's still a little bit of work that needs to be done.
Typically, within these networks, in terms of who pays, the verifier or the reliant party pays for attributes or for verification. So, we're building on top of that. We haven't gone into the exercises, how do we do cross-border charging and what type of subscription.
So, pricing model potentially could be there. That's one of the next steps once we get to the production.
Yeah, hi there. Sebastian from Umbrella Associates. First of all, I'd like to commend our Japanese guests being first-time speakers here. You did outstanding. That was really a great presentation. You did very, very well. Can I have a round of applause?
Yeah, I know that's a stressful situation. So, one question to Olaf, my friend. I hope you don't mind me doing that. In the third step, there was SMS-based authentication in the year 2024. Why is that? We have pass keys. We have biometrics on the device. Why SMS?
Sebastian, there's only so much we can do at any one point in time. And for whatever reason, it's still the way to go. At the moment, is it something that I'm excited about? Probably not. Is it something I'm working on? Absolutely.
So, yes, point taken. But watch this space. Thanks so much. Any more questions?
Oh, right at the back. Oh, wow. Hang on. I think you were first, actually. Thank you. Hi.
So, today, if I go and book something online, I have browser autocomplete and it has my email address, billing information, and so on, and credit card details, all that. Can you speak a bit more about beyond a slightly more seamless user experience, what are the additional benefits, perhaps in terms of security, privacy, and so on?
Well, I can sort of certainly talk to that. So, as I sort of try to elaborate from a consumer perspective, autocomplete and everything works really well. Once you're on the other side, all of that becomes immaterial because you just have data that you cannot rely on. And having an additional signal that says this is actually information that was verified by a bank is tremendously valuable for a relying party in terms of generating operational efficiencies.
So, that's really frequently what's my perspective as a user, but we really need to understand the other side as well. Thanks. One second. Sorry. Bring the mic back up here. I didn't think I'd have to run for this job.
Also, it's important to note that in Japan, as a tourist, there are many things, including in a department store, where you have to actually use your passport to prove that you're eligible. So, many of the experiences that are connected to tourism, buying a rail ticket, so there are many products that are designed for the tourist industry, and you must be able to prove that you're actually a foreigner.
So, this requires you maybe for a day trip to wander around, trip to wander around with your passport, or high assurance valuable information. So, this is a way of not only improving that experience, but also, as Oliver said, increasing the trust, but it also means that somebody can go off to the day to Mount Fuji with their phone in their pocket and not have to be also taking maybe their passport or important documents with them.
So, a big part of it is the way tourism in Japan currently works and the opportunity to extend that trust, but also create convenience, but also not require somebody to be carrying around physical documents that may give a lot more data away than is needed. Thanks, Katrina.
So, there were some questions. Dan.
Oh, right. All in a row. Okay.
So, there you go. Thank you. I'm actually Japanese, so I can ask in Japanese, too. Two questions. The first one is very quick one. How many relying parties and holders were involved in this POC? Because this is cross-border. I just want to see what you're envisioning for the scalability for the future. And the second question.
Oh, yeah. Go ahead. Okay. I'll go. You're okay. You have a mic. Yeah. The numbers are not defined yet at this moment. We are seeking to expand the numbers. They are the first few companies, maybe four, five, six is already defined, but within the progress, we seek to increase the numbers. How about the holders? The POC. Holders. You mean the holders? The holders. The VC holders. Yeah. At this moment, this POC, we do not use the actual individual information.
So, it's we don't have actual numbers. We just test it. Thank you. The second question is, this is interesting because the credential is issued by banks.
So, for future, do you envision any payment integration or unique benefit by utilizing the bank-issued credentials? Okay. Thank you very much. I understand that this authentication or the authentication and payment is very close. And the example that I showed in Metaverse, the service that we seek to imply in that area is the payment and authentication two in one service together. In this POC, we're not there yet, but we understand that the payment is fundamentally very close to the service. Thank you. Next question.
Hi, my name is Deborah. Sorry, I have not much voice today.
So, I'm from Thales. Thank you very much. It's a super interesting presentation. My question is around trust.
So, how do relying parties or verifiers trust the credential that they receive? So, do you also exchange policy metadata or is there some legal agreement underpinning trust in this cross-border exchange? I'm happy to start answering that question.
So, trust is a concept at many different layers, right? So, we do have, at the moment, exercise within the working group where we map proofing policies in one jurisdiction against proofing policies in another jurisdiction to understand how the trust can be established. It's not automated. I think at the moment it's at the mapping level, at discussion level. In general, we would encapsulate the trust within each of the networks.
So, we would expose this network has these levels of assurance supported and these levels of assurance will be transmitted during the data transfer. But in terms of governance of those levels of assurance, that will be done within each network.
So, we're trying to encapsulate it. But it's early days in terms of the actual automation process of that, like smart wallet concept and other things have been discussed in OIX. That's probably the future. At this stage, we just want to make it visible and understood.
So, reliant party from Japan understands that in order for identity to be approved in Australia, these are the steps that have been performed. And they can make a decision at the moment, their own decision, whether they trust it or not and how much they trust it.
Okay, one final question at the front here and then we'll wrap it up. Alex from Three Edges. Just maybe a quick question. I wonder what your respective governments think of this or are they going to issue credentials at some point or are they looking at what you're doing? How would that play out in that case?
So, I can start on that one. We have run a series of what we call design sprints across academia, government and private sector to address exactly that question. And that initiative has been very much welcomed by the Australian government. We have also been heavily involved in consultations around the recently passed digital identity legislation that explicitly foresees a combination of public-private sector identity providers.
So, in that sense, it is something that, from what we've heard, is certainly welcomed by the Australian government, both at the federal as well as at the state level. Well, in Japan, like I said, the Japanese government's direction and our direction is fully aligned. And when you talk about the banking authorities, they are aligned as well. At this moment today, we have a similar service. We distribute client's information with client's consent, of course, to the third party. This service has been already implied and is in service now.
So, this is something that is in the same direction. So, that's why I'm personally optimistic that the government and the authority will be happy to have this in service.
Okay, thanks. I'm going to hand over back to Katrina now to wrap things up. Thank you very much. And I think DMP, if you get a chance to speak to Rintaro after this, has done some really interesting work with the Japanese government on the Trusted Web as well.
So, I think there's a very strong collaboration happening in Japan. So, I'd like to thank everyone. This has been an extraordinary journey over the last six months, even just getting everyone to agree on a non-disclosure agreement, how we could share logos.
I mean, you can't imagine what a collaborative process this has been to have this unified experience, but it gives me so much hope and inspiration that we're moving in the right direction. And I would love to think that we could be back here next year with some results of actual holders, some outcomes and updates on these three streams of work around the technical, the legal and the commercial.
So, thank you so much for attending. Thank you for those that are watching online and a round of applause for our wonderful presenters.
