 Hi, I am Sam Kern and I'm here to talk to you about the importance of digital trust and decentralized identity. Hopefully this will be an informative session and you'll learn a little bit about identity, trust, decentralization and how they all come together in some great open source projects. I'm glad you're here today. Decentralized identity is a term that's fairly unfamiliar and I want to describe it this way. In the real world, we have relationships with other people and other companies and they are generally direct and there are private and there's nothing in between two people or two organizations or people in an organization that lets you have that relationship with them. Decentralized identity strives to have the same thing, but in a digital way. And I'll describe a little bit about why what we have today and about what we would like to exist and about the tools to get us there. Before we do, let me talk a little bit about identity itself. There's a long discussion that could be had here and we're not talking about how we identify necessarily there's lots of social discussions about this. What I'd like to highlight here is specifically the types of data about us that that relate to how we interact with with other parties online and in person and how that actually works. So a good example here might be my name and my birthday, my address, things like that. Things you might consider to be on my driver's license or on a job application or something of that nature. And again, this is a brief understanding or a brief discussion about this and so I won't get too far into details. There is some good discussions to be had. But for now, let's work with this. That's often you'll notice in the little icon here that there's a person holding up a like a persona. And that's an image that we chose on purpose for this to talk about the types of things that we present to other people online. And this is a lot of it. We also see verifiable credential indicated on the slide here. This information is used within decentralized identity as a verifiable credential and to be able to pass that around. And again, we'll talk a little bit more about that in a minute. So, here's how online or data trust actually works today. Right. We generally present some unferified data to a service, and then they verify that data with some other authority. And then the service can then trust the answers or the response of that data authority. And that's how that works. It's really common. And you have scenarios now where the service and the data authority are talking about me. They're not talking to me. They're talking about me. And that's a pretty big difference. The involvement of the data authority directly in this interaction means that there are there's the interaction leaks what we call digital dust or or information that can about the types of interactions that I have. The data authority, for example, becomes aware of what type of services that I'm interacting with. And that's not great from a privacy perspective. And it certainly isn't the type of interactions that we have in person where we generally go and we can communicate or transact directly with another person or another business without that in the way. So trust is highlighted here in orange. We're going to talk a little bit about trust and what that actually means. Trusted data has three requirements. It's authentic, which means that you know where it came from. It has integrity, which means it has not been tampered with or altered in any way. And the data has to be useful, which means that when I receive the data, I understand the context of the data and how it was arranged so that that that is an actionable thing. Going back to our diagram here, you can see that this data is authentic in the sense that the service is receiving authentic data from the data authority. And because they're contacting them and talking to them directly. It has integrity, because they can tell it came directly from the data authority. And so it has not been tampered with. And then it's useful because of typically a direct relationship between the service and the data authority. And so this does satisfy the requirements for trust the data, but with some pretty significant privacy downsides in ways that are very much less than ideal. So here's an alternative picture on how we can satisfy these requirements for trust. In this case, there's still a data authority, and they provide that that data in the form of a verifiable credential to the person, typically the subject, typically the person that the data is about. They can hold that information and then present it to a service. So we still have the three requirements here. The data needs to be authentic, meaning that the service knows where the data came from. That is solved by the the use of cryptographic keys. Then the data authority signs the data in the preparation of the verifiable credential and before they presented or before they issued that data to the to the individual. And so the service can check to see who that data is actually from and in the same same time they can verify the integrity of that data. They can make sure that the data has not been tampered with or modified in any way since it left the data authority. And third, the governance surrounding the use of that verifiable credential can help them understand the context of it. They can make sure that they understand what the different fields mean and what the processes were behind the issuance of the credential, for example. So this flow here is important because it places people as individuals in the center of this interaction instead of off to the side. And that's a significant advantage over over most of the interactions that we have online or even in person today, but using digital services. Trust still exists here because of the understanding, both contractual and the conceptual understanding between the data authority and the service. But we've changed the picture in a really important way to put people at the center of the of the use of their data, rather than standing off to the side as typically happens. So this is a really quick overview. And there's more to learn on this topic if you're interested, but I want to talk about practical applications of this and and what what really matters here. The main message here is that we do this now and it works. I'll talk a little bit about the tools as well about how it works in the open source projects that are involved. But this is something that we can do today. So what does this look like from your perspective. This is likely going to look like a mobile app where you can collect and receive verifiable credentials from various sources and into the app and you'll be able to interact with that in that useful way. We've got some examples here with maybe a birth certificate a diploma driver's license, and those can be collected into your into the application that you have and then you'll be able to present those to others. So what's it like to get one. Well, so let's look at an example of getting a physical credential and compare that to a verifiable credential. So let's say you need a new copy of your birth certificate for some reason, looking at the bottom of the slide here, you need to contact the authority for your birth certificate which is typically here in the United States, the county where you were born. You need to prove your identity to them, typically with other paper documents as well to prove your identity, and then they'll issue you a paper document they may hand it to you it may come in the mail. And there's lots of paper involved in this process and being physically present often in the in the in the method of doing that sometimes it's possible through the mail, sometimes for some credentials or some records it's a little bit more difficult than that. With verifiable credentials, the same flow exists, but it's substantially easier. When you request a copy of your birth certificate, you can use verifiable credentials that you have to prove your identity. And this is a really useful way for them even in a distance to verify that it is in fact you and that and that they're allowed to issue that credential to you of course they, you can also receive the credential in a digital form, which means it happens fast. There's something to happen in the mail. And then of course because it's in a digital form, you can use it in all of the manners that we've talked about in order to to provide that information elsewhere into other streamlined processes. So there's several different players in this interaction we're talking about. And so this diagram shows a little bit about how this works. There is an issuer of the credential. There is the holder of the credential and there is a verifier of the credential. Now, in reality, each organization or person ends up playing at times all three of these roles. But in a single interaction, these are the labels that we apply to the parties that are involved in the combination of credential issuers credential holders and credential verifiers turns it into a trusted digital ecosystem that can enable these these things to occur in a really streamlined and an efficient manner. So in reality, like what's this look like we have that diagram but let's apply this to real life here. You can receive credentials from authorities. Often these are governments, not always, but the governments have a lot of records about us like our birth certificate or or marriage licenses for example, that that they record. And so they're often the source of some of these digital certificates, we can receive those, and then we can present them to other institutions or people that they need to verify some of the information on there. You might, for example, use a credential that you receive from the government to qualify for a student loan going to college or or to register for some particular health benefit or maybe on a job application. And that's a way of providing that information into the real world. The neat part about the data that's actually passes through us now instead of directly between other parties is that data can be really useful and valuable. And because we hold that data, it places us in a position of control as it relates to where that data goes and what it's used for. And so there's there's all sorts of things that we can do with that. So in this example, there's a there's a verifiable credential containing a digital travel credential. Think of it like a passport, right? And it's obviously really useful when you travel, you can present that to to border control agencies who can verify the information instead of having a physical passport that could be lost or stolen. And it's also useful to other participants in the ecosystem, and often in a more limited way verifiable credentials often contain the privacy features that allow you to selectively disclose different pieces of the information to other parties. For example, some of that information can be made available to the airline, the hotel or car rental agency in order to streamline the process of checking in or or enjoying your vacation. And then in the neat part about this is that there's a substantially reduced cost of integration because the rental car agency, the hotel and the airline and the border patrol agency don't have to create direct database integrations between to the source of the data in order to gain this information, and they can still have all of the necessary elements of trust that they need in order to to to act on that data and use it in effective ways. So this is not a hypothetical scenario. We have seen examples of digital travel, digital travel credentials being used in real life in order to streamline access through the through a travel process. There's a couple of components here that I'd like to call out that makes it really, really helpful. One is the airline airlines are responsible if they deliver a passenger to a country that they cannot be accepted in. For a reason that should have been known to the airline they're responsible to actually transport you back away from that. So this is a good place if you're not able to enter a place that you that you that you arrive, which means that they really want to know that you're going to be able to check in or to arrive at a country. And there's a using credentials like this removes that risk that they would be subject to additional expense for returning you to the place that you're coming from. It's really useful for for both Border Patrol and travelers when they arrive at a destination, the process of digging out your documents making sure you have them, and that you can efficiently, you know, place them on a scanner or, you know, some other sort of paper process you passing them to someone for review. And that can takes a lot of time and can be tedious with with privacy preserving features. It's possible to pass through checkpoints in a secure manner that solves the needs of Border Patrol. But in a way that that is more streamlined and faster for you. You're interested typically at the end of travel at either getting some food or going to dress somewhere or to travel to someplace that is the purpose for your visit and spending time waiting in Border Patrol lines is something that no one really enjoys, not even the Border Patrol agents so speeding this up and making it keeping it secure will improve the experience for absolutely everyone. Now, here we are we're at an open source conference, I would be remiss to not talk about the open source projects behind the technology that allows for for these. So I'd like to talk about three of the of the many open source projects that are involved in decentralized identity. These are projects that we have experience with hyper ledger is an organization within the Linux foundation. That is focused on on ledger based technologies. And these fit into that role because of the role of a ledger and decentralized identity. So hyper ledger areas is a project focused on the on the agents that enable the interactions to happen. So agents for for credential issuers and verifiers, as well as credential holders a typically in the form of a mobile app are all projects within hyper ledger areas. And there's code bases there that already contain, you know, the features necessary to to make these interactions happen. And so that's the sort of the forefront project that makes all this work. Hyper ledger indie is a identity focused ledger that doesn't have some of the downsides of different ledgers that you can use to to support things or anchor dids which is another technology that's used. And so it's very focused on that, and has been successful as an underpinnings for the credential technologies that we're using hyper ledger ursa is a cryptography focused library that's used by both Indian areas. In order to serve the cryptographic needs of those projects. And so these three can enable this stuff to happen. And they're usable now they've been used in all sorts of different scenarios including the travel ones that I mentioned. And there's lots of, there's lots of deployments and different examples, not just here in the United States but by foreign governments in Europe, and Canada, and, and all sorts of participants in these projects that make it work. There's, there's other projects of course, but these are the ones that we're familiar with all open source projects of course you can get involved in. If you're interested in being involved in the in the technologies and the projects form a usage perspective, or from getting involved in possibly contributing perspective these projects are open and available and highly recommend getting involved with these with these excellent communities to to build the solutions that you need for your business. This was a really quick path through all of the things that we're talking about today. But I want to highlight the fact that this is technology that we can use now it's not something something that we're waiting for, or ideas that we have, but you can use these technologies now to make stuff happen. And we encourage you to do so and to get involved in DCO is a company. I work for DCO and we as a company are experienced in helping people adopt open source technologies. And if we can be of assistance, we'd be happy to to talk with you or guide you or even just help you get involved in the open source communities that exist. Thank you for coming today.