 So, hi everyone. This is Puneet Kumar, this site. I'm the consulting partner at Wipro, being a part of the bloggers and I've been keenly watching the space of decentralized identity. I own a charter for decentralized identity platform, which basically enables the implementation of a reputable potential that Wipro is building as well. Also, I have with me today Hitha, who is a base, who basically heads our excellence and also a key contributor in our life. So, without wasting much time, we can get on to the subject now. Though some of us might be aware of a very fab decentralized identity in general, I think production always, right? You know, which basically helps qualify a certain aspect of an individual. It can be a qualification, it can be an achievement, a certain quality or an aspect of his background or identity. Yeah, right. Any identity equation, there are basically three types of factors. One is the issuer of the trust, you might call it an issuer, you might call it a trust anchor. But basically, it's an entity which is having some information on the individual and has the authority of certifying that particular aspect of an individual's identity. Now, in some cases, it might be general attributes like citizenship, age, and so on and so forth, where typical issuers are government-organized. In some cases, it might, if it is related to education, education boards would be the issuer. The second actor in this case is the identity subject or the holder, the entity whose identity is in question. And the third actor is a relying party. Very few of those are interchangeable. But essentially, it destroys a certain individual's identity and before granting access to its services. What you see at the moment is change is proposed to be used for exchange trust in the exchange between these actors. Now, what makes these credentials verifiable is one who issued a credential to the credentials issued. He was presenting it, the fact that they're not really being tampered with and that they're still valid. Now, why all of these become important is because in some cases, even if you look at the typical us getting an access, the verification that happens is if it is a reasonable match between some aspect of the document that I'm presenting is the photograph and granted the entry. In some cases where the verification is a bit more critical, we know that certain authorized issuer have the biometrics. We also see some new development in the sense in the last few years, we see that using our social media lock-ins, we access services of multiple third parties. Now, in terms of being able to use a certain identity places, that gives us vulnerable because all these organizations and Facebooks of the world will have all the information on me and can do a complete profiling based on what services when I'm accessing how often I'm doing it and for what purpose I'm doing it. So challenges. What we're proposing here is that the verification is something that is established through blockchain. Essentially, when the issuance is happening, some aspect of that issuance or a proof of issuance as you might want to call it, something that's recorded on blockchain at the time of verification without having the need to specifically, exclusively reach out to the network itself. Now, from the feature perspective, as you would understand, some of it that we get is unordinated validation and verification. As I said, blockchain is certain aspects of the validation and verification, whether it was issued by the person, by the organization you're claiming, but whether or not it was issued. In fact, it's still valid as well. So those are the aspects that you get. So the potential per se is graphically established and it basically gives the individual complete control of one's identity. So if it's standpoint, if you see one, this emulates the experience that we have in the physical world, whenever we have to prove our identity where we basically prove, basically furnish a document that has been issued to us by someone, everybody's trusting for that identity. I gave the example of airport. So similarly, what the institution basically does is emulates that experience that we have in the physical world in the digital world, wherein like we have physical credentials stored in our wallet, what happens here is there are digital credentials that you are storing in your digital wallet, which is nothing but an application on your mobile phone, some of, you know, a part of which we are going to see today. Now, why it is, as we all understand, there are certain challenges that exist in the identity verification space, in its current shape and form, in the sense impersonation, fraud prevention, user privacy is a big concern. As I gave the example of Google, social media-based lock-ins, we do know that it's a problem. And making this whole thing paper-less is again one of the things that we're achieving. What is it, where all it, for what purposes it can be used? For cases where you need to authorize and authenticate certain individuals, look at ownership of certain documents, certain credentials, in cases of certification as well. It can be applied, I talked about the actors, the identity subject that you see in the middle here, can be individuals, can be organizations, can be devices, individuals, typical cases of proving citizenship, employment, education, health, coming to the fore, any model for permits and licenses that the organizations get from the government authorities, from devices standpoint, quality, safety, maintenance, monitoring, health, condition, all of those come into the picture as well. And from, in terms of the use cases, again, the spread is huge in the sense that if you look at government as a vertical, you would think of use cases like asset registry, permits, licenses, granting of permits and licenses, things like those. In the financial world, modeling KYC in the form of verifiable credential is already being explored in certain parts of the world. From the health perspective, if you look at devices, the identity for medical devices, looking at specific aspects like safety certification, etc., coming to the fore, and from individual perspective, electronic health records, practitioner credentials, again, is something that we know even NHS was exploring sometime back for doctors credentials. Manufacturing, again, worker certification, device certification are typical use cases that can be looked at. So the spread of use cases is huge. Now, I'll briefly quickly cover in terms of how this all works. I do understand that most of you would be aware of some of this. But very quickly, the entire process starts from the organization, which is a trusted organization, publicly known registers itself on the network that I am existing on this network with so and so identification. And I will be issuing so and so credentials. So that's the first step of the process. Now, once that organization is on board on the network as a user who's interacting with this organization, think of this as a government organization, I establish a connection with the issuer and say that, yes, I need the credentials that you are showing, this is the information that you have on me. So that's the second step that you see at the top. Then the issuer bases the information it already has, it offers a credential to the individual in this case. There's some back and forth that is involved in the sense that the individual can look at the information. And if he feels that certain information is not up to date, there can be a transaction to update that information and then get another issuance. Or it might be the case if the information is accurate, then I can accept the credential and the issuance will happen. The issuance cycle is complete. So what you see on the left hand side is the issuance cycle. Now, when the issuance happens, there is certain update that goes on to blockchain in the sense that this credential was issued to a person who is existing on the network by so and so details. So what you see, what's on the ledger is basically public DID, which is a way to identify the organization who is issuing those credentials, the metadata of the credential that particular organization is issuing, and there's a registry which basically ascertains that the credential that was issued is still valid. So once the issuance happens, the user is able to store those credentials in his wallet. And this is where the issuance cycle is complete. Now, on the verification side, the third party or a verifier, which you see on the right hand side, creates a certain template that I'll need an entity to verify these certain details before I can grant him or her the access to my services. So on getting that verification template and sharing it with the individual, the individual is able to select those credentials from his wallet and share it with the third party. Once the sharing happens, that is where the proof that was stored on the network for the issuance perspective is something that is verified and the verifier of the third party can take the proceedings from there. Now, one thing to note over here is that at no point the PII information or the user information is being stored on the ledger. What's being stored on the ledger is just the fact that yes, this issuance is valid, it is still valid. It was issued by so-and-so person to so-and-so person, but by so-and-so organization to so-and-so person, that's all that you get to store on the ledger. So this is what is the concept and for enabling this concept, we built a solution which is based on one of the hyperledger variant, the blockchain platform that is underlying the blockchain layer that you see is being enabled or the DID framework that I talked about is being enabled through Hyperledger Indie and on top of Hyperledger Indie, there's a framework that has been developed which is to enable communication between these actors and also make the entire stack blockchain agnostic is Hyperledger Ares. So the solution that we have built uses both components from both of those Hyperledger frameworks. Now moving on to the application of the concept per se. So what you see over here is how we utilize this concept to solve for a potential solution to one of the burning questions which we had six months back in terms of vaccination. Now in India's case the vaccination, as we all know, had to be phased out wherein there were priority groups that were being created by the different state organizations and as for the guidelines issued by the government of India, it was decided that the first priority group is the healthcare workers, the second is the frontline workers, the armed forces and the municipal corporation workers and the people of those profile. The third category was people who are greater years of age and the fourth category was people who are less than 50 years of age but with certain comorbidity. Now so we thought something similar can be modeled using the solution that we are proposing. So here getting back to that equation of the triad of issuer, verifier and the identity subject. In this case the problem statement can be broken down into three aspects. Is my citizenship or my age credential which basically ascertains that how old I am. The second aspect is condition for which the issuers, the first the age credential of the citizen or government body can certify so they will have to exist on the network as an issuer. The second aspect is the health condition for which a certain health either the health ministry or the healthcare centers can basically leave out for that in terms of the comorbidities and the ailments that a particular person is currently having. And the third aspect is the employment, which division or which sector I am working for in the sense of the government sector, all the healthcare sector and things like those. So using these three sets of credentials with these three sets of issuers we thought that because these people would have the information, the information can be obtained or these people can act as an issuer and issue credentials to the identity subject using which the identity subject can basically ascertain his or her eligibility for covid vaccine. The priority group for at the wax on the other side, the vaccine administration side because the verification will need to be done for these three is so they can basically create a verification template saying that these are the information that I need and basis which I'd be ascertaining the eligibility. So that's the role that vaccine administration team would act as an verify or the relying party in this case. Now what this essentially does is rather than go through that entire exercise cumbersome exercise of collecting information at one place and then kind of doing some analysis to figure out which priority group that's a particular person belongs to. This exercise one it will be decentralized and distributed and can basically minimize the time for bringing this whole thing into the or expediting the whole the vaccination process itself and also in some way as I said because it is decentralized the information collection can be expedited and basically bring some efficiency into the process. So before moving going further I'll just quickly switch on to the demo aspect so that you guys are able to understand it a bit better just hold on. I'll just stop sharing the screen and share it again. Hopefully my screen is visible and we can get started. So what you see on the screen is something you can think of when I when I'm trying to ascertain my vaccine eligibility. This is a webpage wherein it is being told to me that this is the priority order and these are the credentials or these this is the information that is needed for you to ascertain which right do I belong to. So moving forward as as as you see it is being just hold on. So if you see I can see that I need my citizenship information I need the employment information and medical information because you know one other place where this solution scores over others and you know this has gained kind of a lot of momentum in the last one one and a half is because paperless we know that you know there were actions of the government in the Middle East which were looking at paperless government issued credentials and things like those because you know the times we are in it becomes even more important to go paperless. So if you see in this page I get to see that I need these three credentials so the issuance cycle wherein you get to understand how the credential issuance is happening. So what you see here is when I go to get my employment today I need to connect with PFO for because this was developed in Indian we talk about the fact that you know EP one of the organizations which can certify for my employment potentials which is where this is a way where I connect with that organization I enter my email here and just move quickly so that yeah so once I click on submit what will happen is I'll get an email with a QR code which is basically nothing but a way for me to establish connection with the organization who's going to issue me the credential that was the first step I showed in the in the flow chart as well so I click on this I get a QR code now this is where you see on the right hand side of the screen a is a mobile application which is nothing but the mobile wallet I talked about you scan this QR code using the application the mobile application the mobile wallet and establish a connection with the issuer organization in this case the flow that we're talking about is is is establishing a connection to get my employment credentials so now when you see when I establish a connection this is the dashboard on the issuer side where you see that a certain representative from the issuer side will will get to see that the credential has been has been sorry the the connection has been established with with a certain individual so now this is where you see the issuance flow so what you see here is the process of offering a credential while what you see on the screen is a manual thing that we're doing here where in the credentials are being that the details are being entered manually however if there is a certain database where this organization who's issuing the credential already has the information what we've also done for some of the other use cases is a stab you know automate this part this is the identifier because we use the email over here and the identifier can be anything so so some some representative from the organization side is is is basically filling in these those details and issuing the credential to the individual now once he clicks and submits what you see on the right hand side the user or the individual in this case has received the credential and pieces his you know the accuracy of the information that is captured here he can decide either to accept or decline it so for for practicality purposes we're just saying that he clicks on accept and the credential is then residing on his mobile wallet so once he clicks on accept the credential is added to his mobile wallet and and he he's he's getting to he gets to see the credential in the credentials tab in the mobile wallet what you see on the screen right now so citizenship credential has already been issued to him now i demonstrated the flow for citizenship credential similarly you will have the flow for both the both the and the employment and the health credentials as well so once i have all the three credentials so what you see here is again the employment credentials being being issued so i'll skip this part quickly and just show the verification flow to you so we back to the verification page now and when i click on click check covid eligibility there's again a qr code that appears which basically encapsulates the information that is required on the verification side and if you if you get to see this some of the attributes bottom of the qr code in terms of what is the name and then things like those so as an individual what i need to do is i need to scan this qr code and what is is as soon as i scan the qr code the the information is required as per the potential is directly obtained from my mobile wallet because that's the application so so you see here the first name last name and there are other information that are also needed here so once i scan this from my mobile phone or the wallet app in my mobile phone what it will do it will basically select those credentials automatically and attributes automatically now the power in the sense of citizen control that i talked about or the individual's control over one identity i have the ability to what modify deselect if you not modify because that cannot happen because that will fall under tampering but if i don't want to share certain aspect in the sense that for my employment credential for for vaccination they don't need to know my employee code so i can just deselect that information all they need to know whether which sector i am in so i can deselect some of the information and i have the control over how much i want to share what will happen is as soon as i scan that i clicked on accept made the changes if i wanted to deselect some information and what you'll see here is i'll get to see that okay this is as i showed the entire flow the issuance and the verification together sometimes you know that that creates some sort of a confusion but think of it like you know if you already knew that in an ideal world you had these credentials like you have certain physical credentials in your wallet but the thing is that in physical you need to go to a person he'll do the verification and all of that you need to be done but if you had digital credentials pertaining to those exact that exact information that that is there in the physical physical credential documents that you have this thing could have been achieved in in in much lesser time is is what the message is now the qr code would be easy something so if unfortunately in due to lack of time i'd not be able to show but anybody who has all these three credentials would be able to scan and the moment he clicks on accept a present specific to the person who's presenting his credentials the information will appear over here so this is what we had modeled using hyper ledger areas and indeed on on on our platform and i think we are just in time two minutes to take any questions if there are any happening in the q&a tab there are a few questions okay i'll just check yeah so uh i see a question by david where verifier does not appear to conform to gdpr by requesting more attributes yes you're right in in some cases we do understand that that is something that need to be moderated uh by by certain organizations that we might want to call trust anchors in terms of how do we limit as an organization what information you are uh you you're you're uh you're asking for in your verification template whether or not that is valid or or you're authorized to get that information so as you said in certain context like if you look at gdpr that aspect will need to be looked at from the governance of the network per se that whosoever the issuers tomorrow some other some random organization cannot join the network and say i'll i'll issue a driving license to citizens of india or us now so some bit of governance is something which should be required at that level is where these aspects of geography specific rules and regulations we need to look at okay can you elaborate more on step to do okay okay how to ensure that the connection is made with the correct person there is to uh look at this in in some cases depending on the criticality of the of the issuance that you're doing in some cases it can be tied with with a in-person verification that can be just first time where you know that like it happens in the issuance of her uh in the issuance of her physical credential that first time i might need to go and register some attributes and i and i and i get a digital credential like i get a physical credential the only difference is the digital credential i can use at empty number of places cases where the physical issuance of a certain credential has happened beforehand there will need to be a mechanism as i said either based on otp or some information that they'll already have uh we can issue measures and some other methods as well wherein the issuance of the digital credential there might be an extra step or two just to ensure that that it is being issued to the right person uh am i correct in assuming that every issuer in the blockchain is automatically trusted and an every user right so as i said uh there would be some uh there need to be some uh for establishing or ensuring that the governance is uh is being handled on how open or closed the network is the governance protocol will need to be established now in this particular context uh there need to be some guidelines that yes employment organizations uh you know i am i'm i'm i'm accepting employment credentials from so-and-so organization for that matter even the health information i'm only accepting it through government authorized healthcare centers so either through the way of regulation or you know some some governance mechanism in terms of who the issuers and verifiers and what they get access to and what what they can issue is something that will need to be established between the network like it happens in any blockchain network where uh through set up protocols you and you need to find a way where in the governance uh there's a robust governance mechanism to handle cases like these i think i've already overshot the time by two minutes so i'm not sure if i can take more questions right i think we'll have to conclude yeah one minute offline yeah one small question which i see again is our issuers operators of indie nodes yes and no uh in all that is needed for you to uh be an issuer on the network is you need a uh basically a d i d away for you to identify yourself on the network now there the the the d i d to node mapping can be one is to one or in some cases if you don't want to host node there can be mechanism where the multiple d i d's are outed through one single node however there again some mechanism to ensure all of the d i d remains with the organization who's who's uh who's basically uh who who that d i d but basically represents so both ways are possible multiple d i d's through one node however as we know the ideal scenario or the two um you know two sense of private privacy preserving scenario would be one one is to one mapping between the id and uh and the nodes but that will come at a cost as well i think we can answer a few more seo says that we can few minutes okay are you monetizing the application what is the approach you plan and that okay so in terms of monetizing again there are multiple ways in which we are looking at this uh in in typical cases uh the organization is acting as an issuer needs to be incentivized in a way uh for how often that that verification is being done like if if you and and again that that might or might not depend on the use case if you look at a kyc uh typical kyc uh use case here uh we we know in in in in India typical kyc if a bank has to do would cost uh say six to eight dollars uh per person the uh so so if if uh if as an issuer if as a bank i'm accepting the credentials which has been issued by another bank this is the accuracy of the information that i get from a certain bank uh that can be devised to compensate the issuer how often those credentials are being used uh they'll the of course the issuer will not get to know who's who's uh verifying but the number of times a certain uh issued credential has been used the issuer can be compensated uh basis with the accuracy of the information as well so every time i get to use some information and i do a verification of my own as well uh i can uh you know we are also looking at uh at a feedback mechanism where in the verifier if if he can certify okay the the information that i got from so and so he seems to be more accurate so that way is the issuer status or the issuer score goes high and he can charge a premium to the information that he's providing so that is one model that that that we are looking at as well so as you said uh for the issuer the the motivation or the incentive should be that he should be able to monetize uh for the information uh that it is providing right for the verifier uh the incentive is that he gets the cost and he otherwise would have so so somewhere midway the whole uh the whole incentive the monetizing bit needs to happen uh okay i think our issuers of i think are pretty much answered most of the questions uh one other question that uh is there is that if the demo application uh had been real application somewhere so as i said we build the platform multiple use cases can be modeled on the platform as talking with the with one of the leading banks uh based out of any uh to to look at uh you know because banks naturally there's there's been a as identity providers and that that topic has been dealt on different different independent and has kind of come or or has manifested in certain initiatives as well but so so as i said banks based out of the media is looking at setting up setting up a network where it can act as an identity provider so we are in talks with this platform that we built here at the pro uh for for basically helping them achieve the vision and there are a couple of other conversations we are having it is uh this particular demo what you see is was built just you know from the perspective to show agility that yes if we had uh you know if we have certain organizations uh who already have that information uh the whole process it uh you know like quite significantly and and that's that was the intent of us building this almost in like two weeks three weeks time this is the platform that we built and then there are a couple of other use cases also built using the the platform uh that that we have here in the pro i think i did cover most of the questions unless there are any more and any which ways if there are any further questions feel free to write to us as well uh i will provide a version of this deck that we presented with our uh with our contact details feel free to reach out to either with arshi and we'll be happy to take any further questions we can wrap up yeah we can do that thank you all for attending thank you all see us have a good day and stay safe