KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
So the context for this is why are we doing this? We've been building the mobility blockchain platform. Now for over more, over, more than two years, we've been doing this with players like helix ID severity and Evan network. And it's a transaction platform, a shared cooperative transaction platform for the field of mobility. And it's heavily geared towards executing transactions. And if you think about what a transaction is all about, it involves identifying the party to the transaction. It involves getting their signatures.
And whenever you have a signature, you do need an unbroken chain to the verified identity. And then when it comes to actually conducting the agreement, the consent agreement, the contracting, what you obviously want is you want the signature by the two parties by which they agree to consent to the mutual agreement by which you actually get a legal liable contract. And then in order to fulfill a, to enter an agreement with somebody, you would also need certain credentials, which you would need verified.
For instance, if I would like to fully, automatically operate a shared platform where I want to be able to let my users utilize vehicles such as scooters or cars, then I need to be able to ascertain, to confirm and verify that that user has a valid driving license. So for all of this kind of platform, you obviously need a lot of verification of identities, of signatures and of credentials in order to do one click rental. What do you need? You need the onboarding of your customer once in the ecosystem, where in the case of mobility, it's a highly fragmented market.
And which means you got in one urban space, you got two or three scooter operators, you got two or three car sharing operators, you got two or three ride hailing operators, et cetera, but what the user would like rather than having 10 different apps, as it's now would obviously to be onboarded into this ecosystem once supply their credentials once, which includes for instance, driving license, which includes payment, credentials, et cetera. And then they should be able to roll, like in the mobile communications work, they should be able to Rob from one operator to the other.
And their identity has been taken care of and through their relationship with their home operator, as it were, they are then verified to receive services from other operators who then know the, how to retrieve the money for services rented. So in order to re realize something like one click rental self-service access, and then do the settlement where the distributed ledger technology comes in and where you obviously want to know who owes whom how much money has there been a receipt of service delivered? Has the receipt been confirmed? Has the signature been verified?
So again, you always come back to the idea of this identity triangle as we call it where company, customer, and car need to be identified company, customer and car sign on data in case of the car or sign on transactions in case of company and custom.
So all of this kind of fully automatic transaction orchestration, execution and settlement can be fully based and centered around an identity triangle where you only have three subjects in programming language, three object classes, essentially in your whole ecosystem, which is the human with the, with the identity, the vehicle with the identity and the enterprise with the identity and everything that is done in terms of commerce can basically always be seen as an agreement, a signature, a verified claim being provided or conducted or assigned by any of these three players.
And the whole thing why this is even a challenge is the one thing where the internet and network is weaker than analog. We never have a problem, and it's never a concept which we care about is about identification. If I go into a shop where I talk to you, we never have this concept of, I need to identify you because obviously you stand in front of me, but that's the one part where the internet is really weak because this, most of the audience would know this on the internet. Nobody knows you are a dog and that's truly cl truly true.
You can do a lot of very fast transactions, but you really have a problem in verifying an identity because an identity is essentially a physical concept. And how do you then anchor your digital mechanisms to the actual physical identity of me as a person, Harry company, Dyna mobility or vehicle with the vehicle identification, number X, how do you connect the two? And this is the challenge in building these ecosystems. I'm sure this has been mentioned before, but basically the whole identity world, how it works is you got issuers that issue in your identity.
You got holders that basically hold the identity, and then you got verification that verify either identity or credentials. And now I'll take this specific example of know your customer, but please be aware that this applies one to one to know your device in the sense of a verified identity for a vehicle or a charging station.
And of course know your customer or know your supplier to know that if you get a signature or a, a, a signed proposal from a company, you need to know that not only the content of this proposal, and not only that there's a signature, but that the signature has actually been put there by the company, this signature claims to represent. And this basically is KYC, know your customer. And from the business perspective, now I'm a normal business company. I offer whatever services I'm not in the identity business. I'm most definite enough in the blockchain business.
I just wanna rent out cars for instance. So normally in a business world, you think about things as a process flow. This is a very generalized process flow, where basically at the beginning of an online transaction, and this is generic and applies to everything. You have your identification, you have your verification, that's a major milestone. Then you got the whole offering Cho choice. This is out of band.
So this happens without blockchain involvement and without any of the decentralized identifiers, then possibly you got your internal business and transaction systems handling such, you know, offering proposing, browsing. No, I want this version.
No, I want that version. All of that happens now through the normal digital service delivery. But at the end of it, you always need to come back to now, let's sign this whole thing. So let's get an agreement here, constant agreement, let's sign the contract.
And for that again, you got a signing transaction, a signature, which is always tied directly to an identity and potentially other credentials, such as qualifications, which need to be verified to reach the magic suite moment of content agreement, which constitutes the basis for any and all commercial charging and billing that you wanna do after that, because any in the commercial corporate world, any billing, any accounting will always need to have the verified identities of both parties. As part of my customer data record, that's an important part of the whole world of digital comments.
And for this is these two magic sweet spots here. This is where digital identities or decentralized identities. Plus some of the technology that blockchain brings here, which is essentially applied communication protocols based on cryptography come in extremely handy. So this is now a very specific view on how such a thing would work. So what we're trying to propose here is everybody now, anybody who's been in the digital commerce space would never dream about building your own payment, GA the payment software.
You always have a payment gateway in place which abstracts all of the nitty gritty, all the details. And most of all, all the regulatory necessities of handling the payment between you and your customer. There are operators that provide that service. They provide this on a pay per use basis, Stripe being one of them, the now defunct wire wire card used to be another one.
So, and they provide this on transaction protocol level. And then you have a payment gateway, which is completely independent of who actually handles your payment. And it just provides plugs plugable interfaces, where you can basically, depending on the country, depending on the market, depending on the operator, you connect to this payment gateway or to that payment gateway. And in terms of know your customer now, a similar thinking, a similar framework and a similar design is emerging.
And in the way in the world of know your customer, this will be based as at least our projection here will be based on the technology stack of decentralized identifiers and verified credentials. In order to build this in the real world, you will always need to be backwards compatible through what's the basic standard for this now on which all single sign-ons and corporate IM and science systems are based, which is open ID connect. Most people would know it because of their rapid protocol called oof two, which is semantically equivalent more or less to what a verified credential was.
So you would now, how would you go ahead and building this into a modern corporate world? You would basically build a know your customer hub. I know your customer gateway, and you would basically provide plugable protocols where, where you use essentially the D I, the protocols provided by D I D O by D I D connect. If you wanna go very high level, you can go all the way up to Indy, which is probably too complex. For most applications, you will then back provide a back layer where you translate identities and decentralized identifiers and verified claims back into open ID connect tokens.
If you look at how open ID connect, handles access tokens by content, and if you look at the actual adjacent payloads, you will find out that there's a very need and people have done this actually to connect open ID, connect tokens, to verify claims. It's a very relatively easy way, how you can do that. And this is now how you would completely outsource and relieve companies of having to do the full identification, video identification, onboarding, et cetera, etcetera, again and again, and again, as part of their service offering, they can now offload that it leaves their complexity.
They will not need to host this. They will not need to operate this. They will not need to develop it, but it will be part of the digital commerce journey just as payment is. So for the enterprises, there's the huge advantage that your software becomes much leaner because a big part of your software stack is being taken away and is transformed into a paper use transaction based service by operators that provide this as a dedicated service and for the customer. The obvious advantage is simply think about how many times you have onboarded yourself and provided your credentials.
Every hotel, every car rental, every streaming service you again and again and again, and again, provide your master data to companies whose main business is not to deal with your data. Their main business is to provide you streaming hotel or car rental. So they do get hacked. And we've seen this again and again and again, isn't it a much better business model. You have dedicated trust providers. They live when they die by how they preserve and protect your data under you, full control.
And most of all, they are able by such protocols as verified credentials to basically protect you in a way you need to onboard only one time in the whole ecosystem. And then when you go from one provider to the other, you can achieve something. I would like to call service roaming, just like you do roaming in the mobile world. You just present your credentials. Your credentials that have been verified once are now verified. You receive a digital signature, you receive a verified claim and then a scooter company, for instance, can open the scooter to you.
Even though they don't know you, you have never onboarded with that scooter company, but that scooter company can just like a mobile operator can verify the identity that was verified. They know who sold you the ticket, and then know who you are. They can deliver you the scooter. And then they can basically turn to whoever sold you the urban mobility ticket and ask them for charging. Just like in a roaming environment.
When you go to a different country, you have been onboarded once by your home operator, you land in the roaming network, the roaming network picks you up seamlessly, no need for re-identification and delivers you the service. You go back home, all of the billing and the receipt, et cetera, is handled fully automatically. And this is essentially what D I D based claims and D I D based verified credentials can bring to the world of corporate digital commerce. And I'm not sure if I'm running close to time or already overtime. I hope I would be reminded if it's overtime.
And an important part about this ecosystem now is that you can extend this to the kind of obvious identity verification of a company and of a customer to, in the identities of devices. So you bring in the world of O T the world of IOT, the word of industry, as it called in Germany and each device in your network, be it your charging station, or be it your car, or be it, whatever else you can imagine is equipped with the very same level of software, the very same level of protocols, and can now verify transactions or verify data such as a car goes to a charging station.
They exchange credentials, the electricity, the power is delivered. The car signs off on. Indeed.
I, I looking at my internal state of charge. I have just received X, what X, what from this charging station. And this is then used to settle the transaction by the companies that respectively have delivered the service, which would be the charging operator and the company that has received the service, which would be the owner or the fleet operator of the car. And all of this is now part of a protocol layer, which happens outside of your core business systems.
So the companies that are using these technologies, they can focus on what they're actually doing, providing electricity, providing vehicles, providing whatever, and lead this whole identity, know your customer and verification to paper use specialists that deliver it in a very similar way as payment providers provide the business of transacting the cash from a to B as part of standardized protocols, which you just connect to your payment table.
So with that, I basically would like to end this presentation where I try to outline how things like decentralized identifiers and distributed ledger and the verified credentials only being based what combines in this being based on very, very well designed cryptographic protocols, along with the necessary communication mechanisms.
So you can basically exchange completely verified data, where there is no possibility of tampering and therefore no doubt of authenticity and therefore full conf full confidence in when you receive and you store this data, you have everything you need to fully automatically settle them once it comes to the settlement and the payment thereof. Thank you for your attention.
