 Welcome. Welcome everyone to our session today. Today we're talking about how together CEDA and in DCOTEC utilize type or ledger Aries, URSA, and Indy to create a secure travel credential that can be accepted by airlines, hotels, and hospitality partners without having to share any private health information. In fact last month CEDA announced the successful trial of the Aruba Health Privacy app. It uses blockchain and the app creates a secure travel credential that's exposed with that sharing that information. And so we're going to be talking about that further today. Hello and welcome. Welcome to paving the way to a safer travel experience. I'm Heather Dahl. I'm CEO of IndyCO and I'll be moderating today's discussion. First let's have our two panelists introduce themselves. Adrienne why don't you begin? Sure thank you Heather so welcome everybody. Okay well I'll take over why don't we we take a minute to do some introductions while Heather's rejoining and I'll start since I'm already talking. I work for IndyCO as VP of Operations but I wear a lot of hats and one of the the heaviest hats I wear is that of education so I spend quite a bit of time talking to our clients and customers as they come to us to solve for their various identity and data problems about verifiable credentials and decentralized identity and trying to distill down the the essence of the technology and apply it to a particular use case and so that we can realize some value very quickly. So that was the role that I filled largely in this project was talking with the folks in Aruba more than anything because Adrienne and Sita are intimately familiar with the technology but translating some of the very complicated terms and making them uncomplicated so that they can see see value in a very distanded project. So Adrienne why don't we let you in? Sure thank you Scott so yeah as you mentioned so well I'm Adrienne Sanglier so I'm a program manager at the Sita Lab so the Sita Lab is a research group part of Sita company so Sita is the main IT provider of the air travel industry so we are between airport airlines and governments you might do not well you do not know us because we are mainly behind the scenes when you when you travel but let's say it is the infrastructure behind let's say the inconsistency that makes sure that necessary data is exchanged well between all stakeholders can be from passenger processing to baggage management or air traffic messages or or even electronic travel authorizations so I work mainly in digital identity it is a key area of focus for industry because we are looking at a real seamless passenger journey when you think about the number of times you have to show your passport your data your visa and now your health stages when you travel there is let's say a room for improvement in our industry so it is our focus of our work at Sita because we are also 100% committed to the industry as per our structure and this is why we undertook that the project with with in this year so I see you you could join us back I think I'm here can you hear me as well yes we have a winner we have winner so we've done some introductions Heather for Adrian and myself and yeah so we'll turn it back over to you absolutely thank you for sticking and hanging on there with us as we go through these glitches that we get with the virtual world but soon we'll see each other in person hopefully this fall next to hyper ledger event in Seattle so I'm thinking Adrian a good place to begin is actually with you because this all this all started with the call from Sita very early in the pandemic Adrian why don't you talk to us about the very beginning and explain the problem that you were thinking to solve sure so it was a song some months back and when we think well it was the very well not the beginning but the middle of the pandemic really and and we were thinking at how can the travel industry recover because it was really a tough moment for for the whole activity and well a lot of controls further to border checks where we're in place so many driven by health ministries and quickly realize we need exchange of data of course because we're talking about health data and we seen it from the pandemic we clearly seen the limit of using paper documents paper certificates that can be easily forged or faked and also issues related to efficiencies when when the activity picks up again and the airport won't handle such let's say another security line so how can we do digital in exchanging this data which is extremely sensitive because we're talking about health and how can border can reopen so that was really the main problem and outlining it a little bit deeper it means that we need secure and verifiable data for governance to reopen their borders and but also if you see it from a passenger passenger standpoint for adoption of health data exchange it needs to be privacy preserving of course because you don't want to to give away your your your health data without knowing you know how to control it let's say and without consent and finally part of the problem was also scalability because we are a global industry we need to move all at the same pace so that's really why we looked into this one for decentralized identity models and especially verifiable credentials well I also want to welcome those who are joining us in progress some about how you can pave the way to safer travel we're joined by Scott Harris of the DCO and Adrian over at CEDA for those joining this is an open conversation so you just jump in and put your questions in the chat screen on the right side of your window so I'm going to go to you next and can you talk to us about how DCO approach solving the problem Adrian presented and also mapping it with the overall goal industry using the decentralized identity model and then really how did you model workflow that would solve a problem okay that's that's a lot of questions I'll try to cover everything but but as I mentioned in my intro we really wanted to focus on simplicity in this case because to try to solve for everything at once was not only daunting but time-consuming and there's a great need to present something that's usable quickly now it needs to be that the user have usability but also of course have clients and have you know exist in the regulatory environment and make it work for everybody so so so we went back to the very basic four principles of the identity and that is putting the data in the hands of the traveler and as Adrian said that involves giving them control protecting their privacy so they're not having to share health data and and we really look at the very simple trust triangle that you use all the time to go through your education and I know you have a slide for that coming up I don't know I think you can do that while I'm talking that can you see it there not quite yet there we go right so so we the idea here is that the traveler who's central to this operation and this architecture takes control of health data from a source that has issued them a better public vehicle and they're the direct relationship then between those two problems the traveler then establishes a relationship with a verifier or a receiver of the data and there's a direct relationship there so in doing that and using this model this model that's been around for as long as these centralized identity is there's no need to stand up things like third party process rules engines press registries all of that it's really about trust between three parties three states and if we get established that trust with a data source that the verifier will trust the data source used by the credential and and establish that first we could we could build to that so that's how we sort of map that relationship it's a very very quick and easy way to look at it to solve them for a problem and of course as you bring more stakeholders more participants into it you need to consider their interests and their compliance issues and their very regular requirements and things like that but to make this work in ruba it was a matter of talking to the participants that were participating to forgive that grace but try to think it up straight so so this approach mapped well with the government of ruba's idea of what they need because it allowed them to identify data that they could trust protect the privacy of the traveler but still give them the autonomy and control of deciding what what data to take from that and then ultimately what action to to take based upon that so as opposed to some other models where where data goes to a processor or rules engine or a through-it-press framework and the decision may be made on the behalf of a verifier here we give the verifier a complete goal to take what they need don't take what they don't need protect privacy and then get back on those well i think you know it's important to take a moment to focus on one of the key challenges or in fact i think for the decentralized identity benefits um adrian i know that one of the things cita tries to do is deploy technology without totally disrupting existing enterprise or government processes um talk to us a bit about why this decentralized identity model that thought just set out here is actually helpful in this regard especially when it comes to the architecture and we can show a slide um here that might be able to help you explain a bit about it adrian sure so the the the big let's say a characteristic of of the industry it is that well they're like complex ecosystems we do have the aligned the airport and the governments on a border crossing a news case so and i will operate the route airports will provide a typically a shared environment or common news environment especially on international flights and government will well have their own set of rules so we need to properly design an architecture that will fit the purpose of really border crossing and we need to envision all benefits of stakeholders and as i said we need the exchange of data and it's a lot of data to be to be exchanged when you cross the border behind the scene so where the technology or the model really helps it is about removing the need establish point-to-point connections and as i said complex ecosystems make also the that those ecosystems are evolving across time so that that's a major benefit we see from that that model it is it is must it simplifies how to set up those exchanges of data but also how to maintain them across time there is also another great benefit from it is how can you shift liability from from an airline to to the government because right now in the model so airline is is bringing people from A to B but they should also enforce rules set out by governments and they become also a broker of information that can be very sensitive and and also very difficult to handle so if we can enable that conversation between the individual the traveler and the government that's also a major improvement to the industry so we are not changing the way the data is exchanged of course and the same data will flow to the to the government to the airline to the passenger but simplify how ecosystems are created and managed so it is about providing well different kind of pipes for that exchange of information to to to proceed so that's the main help so i'm gonna stick with you adrian you know without in mind can you talk a bit how a sovereign government or a nation or even a commercial enterprise for this case goes about selecting the type of solution they're looking for for the exchange of data without a direct integration of course consent is very important and in this case how did you proceed hyper lecture is a key part to being important in making your decision right so the key that's a principle is when managing ecosystems it should be easy to join the party in a sense you should be able to to just be able to well submit your data receivables and and make sure you know again as everyone should see the benefits that should be done on a scalable way we should also understand how the ecosystem is controlled and the entangling technology too and it should be absolutely open so all those characteristics we found them in in hyper ledger your son a reason and and also the one goal very important the consequence a lot of the above is of course interoperability can be open when it when the technology provides interoperability and as it is open source it is developed by the community we know there will be way to support and talk to any other digital identity mechanism models or the networks or technology that exist today or will exist in the future so that's also a bit in the future when we let's say use hyper ledger as our technology stack and as I said there's no one solution for the global industry so it's very important to be a forward looking and Scott what are your thoughts here as you were applying what we call business logic to the actual technology ecosystem I Heather I think the the important thing here is that as Adrienne has described it's a very complex system of exchanging data and the goal is not to not to supplant that those systems or change them because they're they're well established and and and contain you know long standing agreements between parties about what they need and what they take and how things happen so our goal here is to use the hyper ledger based tools and and verifiable credentials as a way of building additional trust into systems such that data can be shared at a very early stage in the passenger journey and and shared in a trusted manner all the way to the end and thus smooth the system so while we started out here with you know health data and over credentials and things it's always been with an eye on the big picture that there's more there's more to it than than just that it's all going to be immediate problem that was at hand but but there's and for those of you who are joining us in progress welcome we're talking about paving the way to safer travel within DCO and CEDA you can join our conversation just post a message in the chat on the right hand side of your screen and we'll incorporate you into our conversation so Adrienne what I found most interesting about the trial in aruba and actually I found was probably the most exciting part of this that you had a traveler who could share their medical information digitally without a direct database integration between the history laboratory at the hospital and the government of aruba and they were able to do that full consent and transparency to share that information can you talk to us from where you are sitting today about how interoperability and health data work together knowing that you have gone through quite a journey on this last year and thinking about it sure so um the first challenge we had I'm thinking front of our eyes was how do we represent health data what it is I mean health data can be really represented in multiple ways and there are a lot of different data schemes out there and we still need to exchange them and not only the data but in that case also the metadata that would describe how this credential that we look like so this is all another big advantage of decentralized identity you can exchange also metadata so we need to pick a technology to support our use case that enables that that level of standardization to the data so again I think Ari is an indie we're providing this in a very efficient way and in a sense a proprietary standard wouldn't work because as I said it is about organizing ecosystems so that's also the reason why we are looking at open source community and and this is you know in the story and we've seen that how efficient it was it was well in this show helped us to to build the necessary pieces and also raise the voice of Sita into the community and and also the other one we could also understand what it takes to to use well hyper ledger project and technology so it was I think it started with taking a look at what was possible what was not and and building a simple demonstrator out of the code in the in the repose and and created a lot of visuals and socializing with stakeholders so looking back there's a lot of value of course in education also because that's that's a change that's a change of the way the information would be would be shared and as we said it those ecosystems are very fragmented because there are multiple health requirements multiple government and requirements and the online process and the the airport process I think providing that level of standardization both in data processing technology was was absolutely key to the success of our project so it makes me think you know when you started 2020 I don't think you anticipated working as closely with the healthcare industry as you actually did what was the one or two lessons that you learned or that were maybe even surprising to you working so closely with healthcare partner so I would say it was not about the technology how do we have them to integrate I don't know an Aries wallet or Aries development but it was still about providing standard technology that we that they are used to of course in the end of the day it's data that will likely stand on a central database anyway for the matter of processes so it became just a standard IT project so working with healthcare has been it became it became an IT project it was a blue magic I would say in integrating credential it was about defining the specification again or what it is a PCR test to resolve what is a vaccine or even the declaration of significant effects and people were very enthusiastic about let's contribute to the industry recovery also so travel is one but also the economy is in a homeland and and see how can we leverage that privacy perspective of the decentralized identity model for the for the advantages of the interest of privacy of course which is very important for healthcare industry Heather can I add something to that as well I think we've talked we mentioned the the I word interoperability here and I think that's an important piece of this because once we established with the government government of Aruba the you know the value props of privacy protection data control and autonomy and all of the things we we talked about the next question was well you know how do we build from here right and so interoperability is key how do they integrate the next health system in the next health system in the next health system in order to continue to take credentials from a wider set of participants and how do they take these into their you know internal system and create derivative credentials from the data they receive so so making things interoperable is incredibly important and it's a bit even more important to frame that interoperability word in context because we have a very rapidly changing technology sector here and many claims can be made about interoperability you know if you're on a proprietary platform for example you could easily say that that's interoperable but the context is as long as everybody comes and plays for our proprietary system of course it's interoperable so so that's where the hyperlitter tools come into play and the open source ecosystem comes into play where we want to make sure that the stakeholders have the ability as they come to participate as Adrienne said we want to make it easy for people to come to the party that their things can work together or if they want something slightly different it can be built to work together so our philosophy here is not necessarily that to use an analogy of putting together puzzle pieces because there's only one way that a puzzle can fit together but rather than let's let's build the bricks that they can make something let's build Lego blocks that can go together to build the things that everybody needs and make them very universally useful in order to achieve interoperability so that's been a big piece of the the education here to say they seem easy to just write a check and pay and have somebody else do it and there will be people who take that path but in terms of scalability and long-term viability this building block approach seems much more sustainable well and I think when you talk about derivative credentials in the building block approach we're really talking about this ecosystem and sometimes the concept of ecosystem maybe gets lost in the words about exactly what this ecosystem was and that it scaled quite a few parties and the CEDA and a DCO had to meet the interest and also benefit every single stakeholder in this ecosystem no matter what world they play and so what what I'm going to show is actually a video um that we put together with CEDA and the original purpose of this video was to actually teach verifiers on the island for the trial but what we found was the education across the entire ecosystem this animated video turned out to be one of the most valuable education tools that we had and so if everything works the way we wanted to I hope that I can share this so I will play it and see what happens Adrienne from I'm sure this video brings back plenty of memories from where you say what do you think after watching that again here it's been a while since you've watched it so yeah yes yes I mean it's of course lots of emotions yeah because a long way and it was really a windy road to get there not a straight line at all and yeah I mean it reminds me again you know that the time and energy took to really I think on both people and make them understand you know that they are in the center of everything each party is at the center of the fact that well it can work with everyone so one that's I think the key takeaway Scott you haven't seen this for a while what tip what do you think same question now I think the interesting point there in this whole thing is that I'll go back to the original trust triangle is that once data in a way that that it can be trusted as opposed to some of the problems such as passing paper around or scanning and faxing PDFs or emailing jpegs of things so once data enters the system in a way that it can be trusted we see that it has all kinds of uses and and as you mentioned derivative credentials such as this happy traveler card can be issued and then subsequently trusted so it's an ecosystem that builds on itself because you know the initial intake point the KYC that the work that was done to to put trust in the system can be utilized down line to provide value to all sorts of entities that might not have even understood that they could get value from that so that's that's my feeling on it it really really shows the power of all of this and for those of you just joined us we're talking about paving the way to save for travel with the CETA and in DCO you too can be a part of the conversation just join us in the chat on the right hand side of the screen so Scott we saw the video and if participants want to go to CETA's LinkedIn page there's actually a video that shows people participating in the trial using Yoruba Health Privacy app going to a casino so they can see it work in real time and then you have you know the press release but I think sometimes all the you know unveiling and the public relations it obscures the hard work and exactly what this looked like when it started and so I feel it's really important for our audience and for people interested as you said Peter and this was a long and windy road this was not easy and so I want to bring up a blast from the past here and share it I think Scott will especially love this picture um this um is yes I remember that this is actually you saw the you saw the animated video this is what started it all was this sketch um and yeah it's not pretty packaged animated produced but here it is this was the slide that started it all on the architecture does it does it look familiar Scott well well vaguely but you know this was a learning process for all of us I mean not not just around health data but around how to as I mentioned in a mantra that that you weren't here for Heather that the big a big effort is put into educating people who aren't you know hyper ledger aficionados or Aries toolbox users and things so to take something like this which I still have to squint at a little bit make it make it into something understandable and usable and presentable and then turn it into a demonstration product is a long and winding road so um we've learned a lot and and um we're still learning right so I think everybody was learning a year ago about how do we how do we even solve for medical data in a pandemic and and I would argue that it's still not been solved countries like aruba are probably far ahead of other countries you know I know what I know what's going on in the U.S. and there's no you know there's very little way of digital initiatives to handle this sort of stuff so it's still a learning process for everyone um but but yeah what I learned was um was taking this this little diagram and breaking it down even further is is what worked so that that's grassroots building block approach because when you look at something like this you can easily let your mind wander to okay I see one provider there what happens when I have 50 providers what happens when I have a thousand providers what happens when I have a hundred thousand individuals and and and all these verifiers and how do we get them all to agree on governance how do we get them to agree on what's trusted and what's not how do we get it can in pretty easily you know devolve into a mud pit where nobody can get out right you just get trapped and I think we've seen some of that happening um with some of the initiatives that that it can get overly complicated so what what I learned um you know what we still try to do it in DCO is take that grassroots approach and go let's just let's use these great hyper ledger based tools that we have and these open source agents that are based on those tools to make some bricks and use those bricks to build a building and then we can open the door and let people come in and if they want to build an addition on our building that looks architecturally different but it but the two still connect and we can go back and forth then then we've had a big win right so so that's what we've learned is to just break it down and um and start small I know I can talk quite a bit more about the journey because it has been a fun and interesting road but I'll turn it back over to you Heather. Yeah Adrienne I know when I showed this blast from the past that you uh checkaled a little bit because this probably brought back even earlier memories um but maybe you can use this uh very I would say maybe even first iteration of a slide to start talking about the challenges um that you overcame along the way to deploying a successful trial. Sure absolutely and maybe I'll start with a question from Guillermo I see on the Q&A because that's that's really one of the the challenge we have also is how do you incentivize people to use the app and and that's a that's a very good point you know how Sita has been encouraging you know participants to use mobile apps because there are mobile apps everywhere and most of them can be standalone so um first well for for airlines clearly um it is the ability to just to do a simple check and it's uh of course uh much faster than reviewing paper documents and and going through the details of for this destination do I have to do I have to check you know this questionnaire or the PCR test results which kind of requirements um and really eliminate all of this but just a pass that has been issued by the government so now of course it's going to be a standalone app um it's not it's not perfect yet the the idea is also to provide now SDKs or even even better um so SDKs so that it can be integrated into an existing app used by the airline agent at boarding or check-in but what we are looking at now is how do we incorporate those verification requirements into an automated boarding gate or a checking kiosk and and this is this is being done so um we also need to move away from standalone mobile apps and and provide automation so that's for airline now government well um they won't be using a mobile app as such but uh a dedicated interface because I think government also need to uh to have a view on how many credentials do we can I did I issue um to to allow my my my residents or visitors to allow them in in the country um so there are also um a set of reporting uh requirements that we need to fulfill so uh the case of web application is clearly more almost suited for that and and users um so um as I said for for for this project it was standalone but the the incentive is is quite easy um is is about well cut the lines on arrival um and um we are also looking at technologies that um that enable us to integrate to any existing app and only provide the wallet on a very transparent way so I think that's also a way to encourage adoption when it comes to really uh mobile applications and it's a real problem of today um so let's back to those challenges that we we we we have well clearly and we we said it is is how do we uh provide inclusion you know how do we uh include everyone into the conversation about um about setting up the ecosystem uh because every voice has the core importance uh it's like a UN session uh you need to be uh uh to include everyone and the outcome will will happen only when everyone will agree uh based off of consensus so um for example I mean um as a as a lab uh testing a clinical lab if you can issue a credential or government health pass but if no one is able to verify it it's quite pretty useless so um but also if you can you can issue a PCR test result but if no government is going to back it or vet it it's going to be worthless so um so I'm insisting a bit it is about um putting everyone at the table and and investing in this time uh front of course before the iQ project really happens uh to onboard everyone and and how did we do that well uh open source open standard uh like uh hyper ledger is of course was was key uh really on the on the dialogue um and but also the collaboration a very strong collaboration with healthcare state sector um so how to best describe a PCR test a vaccine um is is what we need to make sure you know everyone can can can seem interest uh in providing you know uh uh effort to it and having that standard that everyone needs uh to streamline the process so we took really the most open data schema and uh and again you know collaborating with um with healthcare sector pharmaceutical of different sizes different culture different maturity levels was was I think um a very good lesson and was was a was a clear advantage to us uh in that in that process so Scott every mile every marathon comes down to the last mile what was one of the challenges that you had to overcome in the last mile of this project heading into the trial just you want me to pick just one um there were there were many heading into the trial I think the um the challenges still centered around um education for me on my side of the the equation uh meaning as more and more people began to participate to actually make this happen and I mean uh people outside of outside of indicio and outside of sida you know for our actual passengers for our actual you know government officials and things going and demonstrating this this capability for them and then then being able being able to explain it again in a way that that allowed them to see the value of it so because it doesn't present itself as a traditional um solution right it doesn't it's as I said it's not a you know buy this software and install it and then everything runs it's you you know you does require participation from all of the different stakeholders in order to make it work for them and sometimes that's a that's a harder thing to communicate the value of and I then I think the other piece of it was um trying to understand the next steps right and communicate that to everyone and I was I apologize for stepping on Adrienne earlier I wanted to to mention on the topic of um wallets and apps and incentivizing and things like that I think the standalone app is one way to go and and it certainly in this case to to start simple and build simple and demonstrate value but term long-term use it needs to be more than that right it needs to be more than just a single point solver it needs to be integrated and live somewhere else so Aruba has a really nice app they built for their for their residents and travelers and our goal was to you know mimic that and allow them to see that this could just be part of what they already have in existence so for any other enterprise type of implementation the idea is not necessarily this you know Aries based credential wallet exists on its own and we have to tell somebody to go use this one or that one the idea is that it should be interoperable with others and and if it exists inside their their existing app environment it can work that way so so to me that was the big part of the challenge because if we were asked or I was asked repeatedly you know do we have to use do our people have to use this app all the time right and and that's a long-winded answer to that question but but the answer is no and probably in my mind they shouldn't they should be using you know whatever app you're already using and this capability should be wrapped up into it well I think education is a really important part both CEDA and a DCO are committed to education around decentralized identity and that's why we're having this conversation today at Hyperledger and we're being open about our experiences because we want to help educate and let others who may be considering similar projects for maybe different use cases understand some of the challenges in the road that we went down to help inform what they're developing. I want to take a couple minutes to talk around governance Adrienne and the role governance played with this and also the introduction in this case we introduced machine readable governance as well to help facilitate the exchange and acceptance of those credentials Adrienne what was the approach that CEDA took around governance for the trial in Aruba? Right so you're right I mean the governance is extremely important when you look at organizing those ecosystems and our approach was to to focus on separating what we call the trust and the data and we we've seen that it is consistent with recent discussions also on other health passes and what we hear also on more global initiatives so what I mean is the health pass is derived from health data the F data is so you can vaccinate your maybe your secondary effect your questions or your PCR test results and from this an authority party will will issue the pass and the pass would not contain any private data and this is what you would present to different verifiers such as a restaurant or shop or hotel or or even a touristic venue so that's that's that's really important because when we presented our approach and the technology the model of decentralized identity model that question was raised immediately by Aruba is how do I control that pass and because well as Aruba I need to be as a government I need to be in control of the situation we see in the COVID situation is quite fluid you requirements may change anytime you might want to revoke also a status but at the same time a government don't want to see doesn't want to see to be seen as a poly state there is a change also in our societies about where do I to who I give my my my private data what are they doing with so to overcome this we position the government as a certifier of the data so it means that the passenger would supply private information about what health data to this recognized body who will then give something back and that's the health pass we are talking about so that's a change of paradigm it's I'm not moving with my PCL test result in hand and and disclosing my birth date or my any sensitive information to anyone I'm disclosing just the fact that I am approved by that government and I think that that was what really helped convincing the the government who we absolutely needed also the government in the in the equation because they are the certifier they are the the approver and and and this is also with the government that ecosystem is well balanced so that change of paradigm paradigm is is the fact that I supply information to an authority and I got something back and that's a big change from typical electronic travel authorization when you when you submit you know in advance of your of your flight data and you don't really know what's what's going on you you will know who will happen when you actually cross the border after your flight and something is wrong and you realize well something was wrong and you have that stressful moment until you see an agent that okay might be some something with my application so in this model the government replies back with a tangible credential it shows that you are approved and the liability is also on the government so that's that's a reward in a sense to the to the passenger and well that makes the architecture a bit more difficult to set up of course that was interesting to to go through the journey but it is a way to take into consideration everyone's needs and and and that was the reward for us in the end I think Scott you felt how per you felt in your role exactly how the governance made the architecture more interesting maybe you can talk to us a bit about how governance impacted applying business logic to the ecosystem but also the other way around how the ecosystem and what we could do with machine readable governance inform the government yeah I think that that's a great point and and to to start with what Adrian was talking about the idea of a the the aruba government certifying that the health results and then using a derived credential down line to to still allow the movement of people and and and that could be done because there's trust in the certifying authority and while that sounds a bit centralized it's it's really not because it's just about governance it's about managing those relationships between entities so if I'm a restaurant in aruba and I'm going to accept the government stamp if you will the government credential saying that they've checked this person's results then that's a relationship that already exists right between the government and the and the restaurant so there we're simply allowing them to exercise you know an exchange of information that the between parties who already have an existing relationship but to to go to your question Heather so it's definitely not a one-way street that governance where you you establish it lay it down and it's done as we started building the ecosystem we started to realize there were some requirements that you know that we weren't quite aware of and that's been part of the learning process our audience at ruba is very and but not deeply entrenched in decentralized identity right as I said they they stood up some really nice digital tools to help manage their problem down there and our goal is to help them make those slightly better quite a bit more trustworthy and and more efficient and scalable than it already was so so for me it came down to the the idea of putting data in the hands of the credential holder which allowed them to let me backtrack putting data in the hands of the credential holder helped them with their compliance meaning that they had requirements from you know internal regulations external influences from from Holland that said here's the kind of data you need to keep here's the kind of data you you may want to keep here are the things you need to check here are the GDPR requirements that need to be met and so we were able to take take all of those different things as they changed and turn them into machine readable governance right so that they had that autonomous control of what was going on and for me that was eye-opening it was the idea that we kind of went into it thinking here are the rules and you can play by them and they said well we have all these other rules that need to apply and and what was eye-opening to me was the idea was was really the ease with which we can take machine readable governance and change it at a minute's notice and so that not only helped them with with some of their data control issues but it also helped them adapt to the actual pandemic problem of saying today we want a PCR test that's done within 72 hours and perhaps next week the science changes and we need to change our our rules on what's acceptable and what's not and they can execute that very quickly and easily on their own without having to rely on you know on other other authorities or other call it non-interested parties having to execute that. So in our last three minutes here one of the surprising things that happened while we're actually conducting the trial in Ereba was Cardia with Linux Foundation Public Health and so maybe Adrienne in our last couple minutes you can talk a bit about the role of Cardia and how that how that happens. Sure yeah so that was really interesting because we we suddenly realized well we do have what we call the reference implementation because it uses the open source the code and it solves the problem so let's encourage everyone to continue to build on top of this of this implementation on this standard so the the idea is now that we need well the snowball effect to ensure you know data is exchanged for the travel industry it is absolutely absolutely detailed that we see more and more use cases and data exchange on health to so that borders can reopen and we've seen the immense value of decentralized entity in this. We hope we contribute to the trust framework also determination and we encourage everyone to join Cardia and improve it of course the code is open to be improved and everyone can raise their own suggestions I mean we do have a weekly call and we hope that it will well boost what we need the the organization of those ecosystems and build a future-proof governance also so well that's what Cardia is about is is providing an example of what we what can be done to solve that real industry problem and the code is open source too so well again it's not a new thing for the travel industry it's complex complex ecosystems but now I think technology has a real well a bigger role to play. For those who are interested in joining and participating in the working group for Cardia it meets noon eastern time on thursdays you can go to cardia.app so that's c-a-r-d-e-a dot a-p-p to learn more information and as Adrienne said we welcome you all in DCO, CEDA and several other organizations are leading the effort on Cardia. We're out of time here I want to thank you Adrienne and you Scott for having this conversation I want to thank everyone who has joined us if you'd like to connect with any of us we're all on LinkedIn and with that I want to say thank you and enjoy the rest of your event thank you thank you