 is the identity. Yeah. Yeah, that's what. Yeah. So, you know, I said, is the solution marketing take my draft. Okay. So, I know him from long time. And he's, he's, he's always been a great support every time, technically, also, and, you know, in community wise, also very much. Thank you. Thank you. Okay. Yeah. So, then I see a few more people here, Wipin, can you just introduce yourself once? Hello. Yeah. Hi, everyone. So, I will just tell you one thing that yesterday, Wipin have called me and we were doing some discussions and he said that yeah, I know that Johnny, he have your book. He's he's reading your book as well. Hi, ma'am. How are you? Hi, please everyone call me by my first name. I'm the Johnny. So, and, yeah, so we are going to start in a while. So, maybe one minute left. Yeah, we are just about to start in a minute. So, it could happen that you might ask me questions afterwards, or send me questions on LinkedIn. And because it's not always possible to have an immediate answer, but I'll try to answer to all your questions. And in the same process, I learn as well. Hi, everyone. Just to inform you, we have started recording the meeting so that you know, everyone who has joined the meeting knows. So, we have to declare that. So, we have started recording the meeting. And, hi, this is Vikram. So, I'm a senior blockchain architect with IdSeal Technologies. And I'm glad to be here. And thanks, Devjani, ma'am, for hosting such a wonderful session. So, I'm, you know, looking forward to learning a lot today. Okay, should I share my screen now? Yeah, sure, we can begin. Okay, fine. Good. So, hope it's visible. So, sorry, I just, I think I didn't, yeah, let me record it as well. I hope all of you can see my screen now. Yes, yes, I can. Yes, we can. Okay, great. So, good morning. Good afternoon. Good evening, ladies and gentlemen. I mean, from wherever you are joining to this session of Global Identity Solution Deliveraging with Blockchain. Today, we would cover the issues in global identity. And I don't think that I need to do an introduction to Blockchain because all of you are well, you know, educated in Blockchain. So, that's, that's fine. I'll probably I'll introduce SSI ourselves of an identity and a little bit on biometric. And finally, we would explore some global initiatives in identity and certain use cases. So, a brief introduction regarding myself. I'm Devjani Mohanti, Dr. 30 Blockchain Influencers from India, as quoted by Singapore Fintech News. I work as a self-serving identity expert at R30, and I got around two decades of industry experience, and I have authored five books on Blockchain and that you can find on Imagine and my latest work is on SSI. So, today's session is about digital identity. So, let's start with the issue and the need of a global identity for every human and every machine in the world. Probably, I mean, starting with every human, but in future it would be also machines because every person in the modern world might have more than one machines or devices along with them, smart devices, and they also need to have their identity and they also need to you know, share information with each other with at most security and privacy. So, according to a recent report by McKinsey, along with World Bank, around 7.6 billion population in the world, almost 1 billion, there are 7.6 to 7.8 billion people in the world and 1 billion or 1 to 1 billion people globally lack any form of legally recognized identity. So, these people are called the invisible people who are mostly women and children from parts of Asia, Africa and Latin America and officially they do not exist. They live their daily lives without any proof of identity. So, this concludes that 13 percent of the global population do not have any identification document. That means that they do not have their birth certificates, passports, ID cards, any kind of national identity card or any proof of existence beyond their physical presence on the planet. So, there are 3.4 billion who have some type of identity. You can see in the left image that there are 3.4 billion who have some sort of identity but their usage is limited and they are not able to use it appropriately in the digital world and then there are 3.2 billion who have legally recognized identity and they participate in the digital economy but they do not have the capability to use it effectively and efficiently online. So, please note I'm saying online. So, even if you produce your passport to somebody but you know there should be a mechanism that you can use it effectively online. So, that is what we are going to discuss further. So, what the world needs now is a efficient digital identity infrastructure that can help us to reduce fraud, protect rights and increase transparency. So, digital identity also holds the promise of enabling economic value creation for each of these three groups like I told you about three different groups and I just mentioned right here by fostering increased financial health and educational inclusion. So, I don't know how many of you might have heard about this project called ID4D. You can see in the top left image, this is the image by ID4D. This is actually a project by World Bank and they have got a green tag by 2030 every person on earth would have an identity of their own. I mean today if you talk about all the identity projects then maybe Aadhar is the biggest one but in couple of years in 10 years time you'll find that perhaps ID4D would be the biggest project on identity in the world because every person would have their identity. So, let's now get introduced to digital identity. So, I believe that all of you deal with digital identity in some ways or the other. So, digital identity is about personal data that identifies you online. So, what it means is you are using your personal data some form of personal data to identify you who you are online. So, this is required for registration, identity management, authentication and authorization and access to any online data or the registration. In fact, this is needed for initiation of any business relationship online. So, why we need to protect this digital personal data or why we need to protect our digital identity? It's because that out of all the data breaches personal data occupies the number one position. Here you can see the top data breaches of all time and the organizations who got affected. You can see in the left hand side I have marked it with red. The organizations who got affected through some of the biggest data breaches in the world are as big as Adobe, eBay and Anthem and the people who got affected are not in hundreds or thousands in hundreds of millions. The type of data that got leaked are as crucial as bank details, credit card details and passwords of consumers. So, what are the reasons? What are the causes of this kind of data breaches? So, basically the first one is centralized server and the second one is weak password. So, and obviously there are other issues also like phishing attack and setting the data, user's data without permission. Like I'm providing my data to an organization I'm the user in and they are sharing the data without my permission. So, that can always happen with the current model and then also unintentional sharing. That means let's say that you are going to Facebook and you are sharing some pictures of your birthday celebration and you are sharing it even within a group, let's say close group, but they are sharing with somebody else and people are able to know that what is your data bird and then if they know that how old you are then they would come to know that what is your exact date of birth. And that exact date of birth is a private information using Twitch. It is also possible that people can get access to your you know banking website. So, and also there is one issue called identity correlation. So, what it means is let's say that you are using some kind of user ID which is because there are so many apps you might be using then people have got the habit of using the same user ID again and again and I mean many people use their mobile number as their user ID many people use their prime email ID as their user ID. So, let's say that I'm sharing my email ID as my user ID with my bank and also with my hospital and with my employer or with my university where I study. So, everywhere my same email ID goes as a user ID then it is also possible that people can know that if they you know shake their hands if this organization want to deal with you just all data then they can you know refer to that one ID and trace back to me with all my information. So, this is called identity correlation. So, we need to come up with a model where all these issues can be sorted. So, now coming to the evolution of digital identity that means that how we are managing our digital identity and over the so many years. So, people there might be people in this group who are you know old-timers like me who have been in the industry for 20 years or even more. So, people know that the way digital identity started you know the way we handled it the first model is called the centralized identity model. So, here the user might log into different websites or different servers and for each servers the user has to remember a separate set of user ID and password. So, you might be using I mean in the background you might be using the server might be using a database model, rdbms model or LDAP model or active battery model but everywhere they are using a centralized database to store user's user ID and password and all the user's ID and password are in one place. So, this is a this is a siloed model or a centralized identity model. The second model is a federated identity model. So, this is very popular even nowadays many people use this. So, in this model we have a identity provider who is handling your login. So, once you log into this identity provider it actually provides you with the token. Now, you are sharing this token with different third parties and you don't have to log into them again and again just like you know you are let's say you are logging into Google and you don't have to log in again to Gmail or Google Drive. So, there are so many services which you can access just with one login. So, this is a federated identity model but here also so maybe it is easier for the user because user doesn't have to remember so many different sets of user hidden password but then again there is a centralization of your distal identity. So, here the centralized area is your identity provider where you know they save the users all the users credentials in one place. So, in these two models I'm not going to user centric identity this is a first approach for decentralization but this is a failure. So, I would directly jump to self sovereign identity but these two models I just discussed about centralized identity model and federated identity model these two with these two models mass hacking is possible because all the data is one place and single point of failure is possible. So, that is why we are you know learning about SSI or self sovereign identity. So, self sovereign identity is a new decentralized model to manage distal identity. Here we have an issuer that issues verified credentials to the user that is set securely on the user's mobile device. It might be a mobile phone or it might be a tab or it might be even your laptop but this has to be the user's own device which the user is not sharing with others. At the same time the issuer is sending a signed reference hash to a public blockchain and the issuer is signing it with their own private key. So, the issuer is an organization and issuer is sending the data the verified credentials to the data it might be the user can store it as it is like the name, date of birth, cost or tax certificate you know address you know these these are verified by the issuer and the issuer is converting this to a hash and signing it with their private key and writing that to the public blockchain. Now, the user can share whole of this data or part of the data as much required to a verified organization and also you know sharing it along with the issuer's public decentralized identity. So, because the verify need to know that who has you know issues this data. So, two things verify a chair needs to know that whether the data is valid and also who has validated this. So, now the verifier can convert the data to a hash and check that if the hash of the data matches with that on the blockchain and if it is valid. The example can be the scenario where the issuer is a passport office and the verify is a visa office and the user is sharing as much data needed the user might not need to share it all like let's say that my passport has got 20 different information but maybe the verify doesn't need all of them. So, I would just share because it is digital I have the I have the capacity to share as much data as needed. So, this at a later point of time if there is a need then the issuer can revoke the hash by altering a small piece of data and the verify would know that the data is no longer valid. So, issuer is changing the hash on the blockchain. So, the verify would check and know that even if the data was valid at some point of time it is not valid anymore. So, this architecture ensures integrity, ownership, privacy, security and validity of the data. So, and please note that in this architecture there is no centralized repository you may say that the issuer can retain the data but actually what we try is the issuer would not retain any data with them and also you know I don't have that much time to explain it all you can read my book where I have explained that for every relationship or every user to a issuer relationship or every user to a verify relationship or different ID is used. This is called a private date. So, there is a public date like which every organization would have a public date with whose reference they would sign with their private key. At the same time there is a private date for every organization to user relationship so that there is no need to have a unique reference number which would be available to all. No, you don't need to share that unique reference number of the user to all. So, that is more complex but all right. So, how the SSI works in real life. In real life there are multiple issuers or certifying bodies or organizations. So, here you can see in the top just I have I try to do it in a chronological order. So, in the top you see the hospital then there is a government and there is a there is an university and finally there is a office. So, let's say that Alice is born in the hospital and the hospital is issuing the first set of certificate which is the birth certificate of the healthcare VC is going to the user. The second then she joins up, she is going to government for her national ID. So, like even in India the children can have that ID. So, this is the second set of certificate. The third set of certificate comes from educational organization and then finally when she is you know old line up she is joining organization to be employed. So, the first set of certificate is coming to the user from four different issuers or that could be even more. Then the user is saving all this information to his mobile device most secretly. So, you can see that there are different set of certificates one coming from the hospital then from the government then from the educational organization the in-city and finally from the employer. And the user then can share whole of the data or part of the data or any kind of combination two different verifiers. So, like let's say that Alice is applying for a loan. So, she needs to provide a certificate of her age and her national identity because she is a citizen she can go for a loan and what is her education level if that is a requirement and also if she is employed and what is her salary up if the salary is more than a particular amount. So, all this data she needs to gather from different organizations and share as much as needed to different verifiers. And then the user can share this data in three different modes. They are known as the traditional mode, the journalist proof and selected disclosure mode or self-adjusted mode. So, in traditional mode like let's say I'm Devjani and I'm sharing my name as it is Devjani Mohandey. So, I have that capability. At the same time if somebody asks me that what is my age you know if the for processing of the loan if they need that I should be older than 25 I just would answer in Boolean. I would just say true or false or yes or no and that is enough. So, in this model we architected in such a model that so the verifier would know that what Alice is saying is true and she is older than 25 and at the same time she is not sharing her data birth. And the third one is the third one is self-adjusted like let's say that I'm applying for a job and the employer wants to know that what is what are my hobbies. So, I don't need any anyone to certify that certain information which doesn't need any certification. So, for that sort of data that is called self-adjusted mode of sharing the user can do that as well. And there would be a publicly available blockchain where the issuer would send their reference passes and the verifier can read and check if this is valid. So, the SSI ecosystem is usually pretty complex where you need to handle so many different standards. So, because you know what I just showed you is basically only the SSI part but we are discussing about digital identity and that too online. So, how this entire ecosystem would fit in a wave world or on internet how can we make this safe enough. So, and of course we are not doing it with the centralized any kind of database or centralized model. So, let's look into that. So, obviously there are so many different standards that we need to look into we have to see to the wave standards and then how to get authenticated to this kind of ecosystem that also we have to see what kind of blockchain we need to use that also we have to see and also what kind how to handle this decentralized identity network. So, the deed creation and the deed deactivation how all these things can be looked into. So, basically in SSI there are different layers that is a public ledger and or a DLT or a blockchain then there is a private identity storage like for each device and each individual or each organization there should be identity stories we have to handle that and also we need to have a agent or hub layer which is responsible for the message communication between different kind of users and also there are client devices we need to handle I was just talking about this device part also. So, this is the system architecture. So, in sales of digital identity is not limited like I said to data sharing how would you get access to such a system. So, where would you save different type of personal data? So, you can see that there are two different users Alice and Bob. So, Alice is storing all her data in her mobile device. So, you can see that she can store the data either in its natural form or maybe in an encrypted manner this is her choice whereas Bob is actually keeping a separate copy on the cloud. So, he is having his data on his mobile device and also in a cloud storage so that if the mobile is lost or if the mobile is stolen broken whatever it is he can get it sorted with another mobile in no time but please note that when it comes to biometrics I will come to the biometrics part little later. So, when it comes to biometrics then all the data is on the mobile device itself it's not going anywhere for the organization it's always the in a cloud storage. Can I please request all of you to be on mute please. Thank you and also there is a public reality where all the decentralized identities of the organizations are created and all the reference has against all the claims are going and also there is a revocation registry mechanism how do you revoke I was just telling about how to revoke a verified credential if there is a need. So, this is handled by the public DLD. All right now let's discuss some of the use cases. So, the first one is the next gen authentication and authorization architecture. So, please note that there could be many different use cases across many different verticals but mostly how SSI is used are in two you know biggest areas one is the authentication or authorization area the other one is verified credential area. So, now first let's talk about the you know authentication and authorization architecture. So, how this can be handled let's see. So, to discuss this first let's think that how what is the best option you know to prove yourself online. How another personal data for digital identity can be proved like let's say I want to prove online that I am Devjani. So, how do you know that I am Devjani Mohanty maybe because I switched on my video and you you saw my picture before and you can relate to that and you know that I'm the same person. So, basically there are three different ways to prove it one is knowledge the second one is position the third one is biometric. So, how you knew that I'm Devjani is through biometric even you know I joined as Devjani Mohanty but anybody can join as Devjani Mohanty. So, you saw my picture on my video and you knew I'm Devjani. So, the first model is knowledge that means you know some kind of password using a username password which is in your knowledge and you are logging into a system. The second one is sorry in the in the knowledge section or itself the second model is OTP that means you are sent a one-time password to your mobile device and you are using that OTP there are time bound OTPs also most of you might have used it and then you are getting access to some kind of services and then nowadays people are also going for a may pair multi-factor authentication where there is a hybrid model you are providing a unknown password and also there is a OTP that is sent to you and using both of them you are logging in but please note that the password can be hacked there are so many different processes I don't need to tell you there's so many different processes made maybe phishing or maybe you know manually there's so many different ways of you know gathering somebody's password and also the OTPs if your mobile is stolen somebody can get access to your OTPs also. So, the knowledge factor can be bypassed. The second one is position so smart cards you know if you have your smart card you just put you know you just showcase it somewhere to get access to your services like you know let's say that you have your it might not be it might not be possible before to do online but nowadays I'll come to that also so in smart card you use your smart card for getting access to your card or maybe your ATM cards you know these are the smart cards used for but then biometric is something that you don't need to know something you don't need to remember your password or something you need to purchase it your biometric is always with you you don't need to remember it right so biometric is one quick solution one easy solution and it is always with you so biometric is considered to be the best possibility and nowadays I don't know how many of you have heard about hybrid models so there are smart cards used for payment using biometric so there are certain some of the biggest banks in the world who have you know have started dispatching this kind of cards to their users where there is a sensor attached sensor and so you can just you know press your thumb against it and then instead of you know asking for a password you can use this kind of card and you know get access to different services you know if you want to go for shopping or something you can carry these cards so no longer they would ask for passwords because password somebody knows your password and if they steal your your card then they can use it so now instead you know these cards are issued and they are becoming very popular so there are many different hybrid models which are coming up so because I'm discussing authentication because I'm discussing exercise so I must discuss biometrics also so all right so all right so how biometrics works I think that most of you might be having some knowledge so so your biometrics like I believe that most of you might have been knowing that biometrics are broadly categorized into two different types one is physiological and one is behavioral so in physiological is something like your face your fingerprint your iris retina your palm head and behavioral is something like your voice the way you walk the way you sign so these are behavioral so in both models what we need is a sensor so there is a sensor and in front of which you know you get your biometrics gets gone so and then then we extract extract some unique features out of it and then we map and save them as biometric templates so if you if you are not aware how a biometric template looks like it looks like this so it's just a binary data like that and then this biometric template gets saved to a template biometric template database so you can see in this image below that the user is the first time you know this is the first time when the user is doing it is very similar to the registration process with the user reading password the user is enrolling with the biometrics and it's getting converted to a biometric database sorry biometric template and goes to a template database the second time is identification or it is very similar to how we do login so here you can do it again and again and again the user is again providing the same biometrics and it's again getting converted to a biometric template and there is a matching so this is a one to and this is called a one to and matching and there is a there is a way to do one to one matching also so if you are matching it with a centralized database then it is called a one to and matching so this matching is not as perfect as you do with the user writing password model so in user writing password model if because there are string comparisons then it would always if you if you provide the right user writing password there would be always a hundred percent match but in case of this that might be a you know small differences so every time you do a biometric login there would be a machine learning based comparison with the the existing template dp and and that would you know the system would come up with a score if the score is more than a threshold value then the system would log you in so this model has been working for some time i i think that most of you i mean many of you might have seen then how the biometrics the fingerprint has been working in many of the offices but wherever we talk about biometrics we must talk about the spoofing part as well so spoofing is a method i believe more might many of you might have heard it is a method of fooling a biometric identity system so where an artificial object like a fingerprint mold made of silicon is presented to the scanner which leads to the hacker to get access to the authorized data and services originally made for the rightful owner so here you can in the right hand side you can see this image so there are when the biometric comparison happens there are so many different stages so so we can broadly define divide this into two different categories one is presentation attack and indirect attack there are two different categories of attack which can happen on a biometric database so part one is presentation attack so in this presentation attack you know people create silicon molds out of you know people you know get your fingerprint by some hookup crook and then they convert it to a silicon mold and use that mold to you know log into the system in personality as you yeah you know if you are using face then they may use 3d mask or photo or a video or even make up for surgery so you know most of the attacks happen in this layer presentation attack which happens in the sensor area but when it comes to the inside like like when you are doing the processing if somebody gets access to your database then that is a different kind of attack that is the indirect attack which can happen in so many different stages but I would call it now if we are using SSI I'll come to that if we are using self-serve identity then that can be also minimized to a great extent so there are many anti-spooping techniques so to avoid the presentation attack because the other part the indirect attacks we can handle through SSI but how to handle this presentation attacks this is through anti-spooping techniques I believe that many of you might have heard about lightness detection test where the system is actually providing you the user with the challenge so if you're using your face then the scanner would ask you to smile or to turn your head if you're using iris then it would ask you perhaps to blink your eyes if you're using your fingerprint the sensor would check the temperature and pressure of your thumb and there is of course machine learning algorithm to study the high quality images just I was just telling you about the this in the previous I think this one so here this this payment cards are coming up with the biometric you know a facility so here on the comparison everything happens on the card itself it's not going anywhere and also this there is a sensor which also checks the the fingerprint and it's also checks the temperature and the pressure of your fingerprint to figure out that whether it's a and the thumb of a real human being or it's a silicon nemold or something so so all these things you have to craft on your on your sensor level now I'm going to discuss my organization are tidies next gen authentication solution with decentralized biometrics so at our 30 we have blending biometrics and self-serving identity for the next gen authentication system so the users biometric would only be saved on the device it won't be shared with third parties again and again so let's see how it how it happens the time is won't allow but actually we are trying to you know abide by the phyto standards so that you know the the biometrics would be saved on the mobile device itself so the issue roots uh saint sorry here first the user user is capturing the biometrics after liveness detection check and converting this to our template which is which is stored in the mobile device itself now the user along with its biometrics um it's also sending some personal data to our issuer so the biometrics could be many different types so like here we are using uh in a thumb the fingerprint uh iris uh face and um and then we are also trying to come up with voice uh gate or the way a person walks and also palm in um and what the issuer is doing if there is a need then there would be a centralized biometric template database against which the user would be matched so this is an optional part so which would be needed only if you are going for a national identity program where there is a need of doing a one to end comparison so otherwise you know this part is not needed so the issuer would um send a reference hash to the blockchain so this reference has is only for the personal data not for the biometric template and then the issuer confirms the certification um to the user now uh the user is trying to log in um to any third party so here the user is doing the login uh to the to the device using the biometrics every time so there is a one to one matching and the user is sharing uh different kind of personal data with the third parties or the um uh the the data that is issued by the issuer and also the issuer details that that means who is the organization who has certified me and then um this verifiers this verifier could be the same issuer or a different issuer that means let's say that the um issuer actually wants you to log in at a later point of date because the issuer is not saving any of the user's personal data so how the issuer would know that whether the person is actually a legitimate user so the issuer would uh even if it's the same issuer or maybe a different issuer who trust the first issuer or sorry or different organization who trust the first issuer organization they would convert that personal data to a hash and search for the data uh on blockchain um and to check that whether it's really issued by the issuer and signed by their private key and if it matches then the user can log in um all right so this is once again ma'am very briefly can you can you revise points from one to nine okay all right so let me do it all over again so uh the user has got a smartphone so the user what it is doing it's capturing the biometrics after liveness detection test and converting to a template which is getting stored to the user's mobile device now the user is sending the the personal data and the biometric template to an issuer so if there is a need then the issuer would do a background verification deduplication and and the template would be stored in a centralized biometric database so this is an optional part like I said uh perhaps now when you are going for adha let's say so in adha they are actually every time they're checking it and then they also need to make sure that um the user is not creating multiple fake identities for them so there is a need for one to end matching in this kind of scenario but not in all scenarios so not um in all scenarios the issuer need to do a do a deduplication part so one to end matching is a optional um optional probability and then the issuer is converting this to a hash and send to the blockchain so the hash is of the personal data this means the biometric template no the issuer is sending a hash to the blockchain this this hash is uh created out of the personal data something like my name my date of birth my all these things not the biometric no no not the biometric and the issuer is conforming the certification to the user now the user next time the user wants to log in so um the user logs in with liveness reduction test and um the user is sharing the personal data with the with some verifier now this verifier could be the same organization or a different organization so like I told you that in this model the issuer is not keeping because this this step three is the optional part so maybe the issuer is not uh keeping the issuer's details so every time there is no one to end match so every time the user logs in the user is not sending their biometric again and again so it is only the personal data that the user is sending and the verifier is converting it to a hash like I said the verifier could have the same same organization or a different organization they're converting to a hash and searching on the blockchain that whether there is a similar has or same has and whether that is certified by a issuer signed by their private key and if all goes well the user is authenticated I hope that it is the use of biometrics to secure personal data biometrics is to log in how do you log into the system okay so because you know we are talking about decentralization why should we again go for the same uh user identity and password model for the logging to this kind of system now people are still doing it you can see that there are many organizations who are using user identity and password to log into SSI but we are not doing it so this biometric login is on the user's personal mobile device that's right that's right thank you yeah I have a question huh so in this model a user needs to share all of his personal data no the hash is made of all of the data right yeah so that is a mechanism to do it if you do not want to share all your data then you can uh you know do it in a encrypted way also so you encrypt the data and share as much that is needed okay so it is up to your you know the business requirement know how you can do it so that you know the verifier would not know the data and they would only know that is required uh hi ma'am uh weapon here so one question uh how our application will support multiple ways of identity right now we have seen uh we can access the application using the mobile using the laptop or so many smart devices also so right now so what I understood is user will share his any data it might be adharkar or uh and any any number based on the country and it would be once it will be approved by the issuer then it will be uh stored in the blockchain then then uh in case if he want he there will be the multiple ways to authenticate it might be otp based it might be the multi-factor authentication or the biometrics so how this will be matched they are the one-to-one mapping how this will be handled uh I could not get your question see the thing is at a user's point of view all the user can have multiple devices where they he can have stored it like let's say I was uh giving you an example now the user can save one copy on a cloud you know cloud storage also you're saying that let's say that the user has got a mobile device from there the user can do and also a laptop where from where you can do correct correct correct so to authenticate any application that they have to take the example of any gemato you can use using the gemato or any google also gmail also so there are multiple ways like the multi-factor authentication or the general passwords from the mobile number also so in a way I believe this will be all the it would be always yeah yeah you are right you are right I mean this is a very novel area and we are researching then in future maybe we can do that also but at the moment most of the use cases of SSI you see um on the net mostly there like this correct and ma'am second question is uh will it be supported by the public blockchain or the private blockchain that's what that's what I'll I'll come to any okay only only 14 minutes late let's be quick now yeah so uh there are a couple of examples I can tell you uh one is uh I mean live use cases which have gone to production the first one is a few ledgers member pass so Q ledger is a credit union and it has got many banks and cooperative societies you know working together so so they have come up with this model so this works pretty much like SSO single sign on so the user wants the user is logged into this credit union of Q ledger then all the banks and all the other organizations who trust the credit union they allow the user with the same access level so this is uh by sovereign and uh uh and this is in production the model this product is called member pass and this is divided by I think uh this is divided by uh everything so you can search on on google on this so this is a product which is live a similar product is also done by um gemalto and thales group and this is a product for you know their banking clients um so that you know the user can log in using them and I think in most of them in both of them they are using fingerprint uh this one the yeah this one is fingerprint and this one is uh face as well uh if I'm not wrong so this also has gone to production pretty recently when I say pretty recently it's just like two three months within within that um now now uh you know I just talked about authentication part now let me talk about you know yeah this one is also authentication here so this is a um this is a use case by the government of Australia and this is still in uh in uh in research page I don't think that they have gone to production but they are working on this project for last uh one or two years so Australia government is delivering a digital identity product a program that will allow government services to be easily available to people and business online at any time so the plan is to cover many services through one national level identity for each citizen of the country also most paper based identity checks would be transferred to digital experience so some of the services you can see here are like taxation welfare uh healthcare business education social services banking uh etc so they're also using biometrics and lightness detection check for authentication users to services just like what I told you so you can go and search for trusted digital identity framework by Australia so this is this project can go online maybe in 2021 because digital projects are you know uh you know everyone is a hurry to deliver the digital identity project sales uh so here also you can see that the government is providing some mechanism or SSO mechanism uh or decentralized SSO mechanism so once the user is logged into the government services then there are many third parties who would let the user log in to their systems so similarly um no this uh government of Singapore so Singapore is authenticating four million of its citizens online with facial verification so they are using facial verification and supplied by this is a product called eye proof you can search for eye proof um and uh no simple facial biometric shake is sorry sorry sorry simple face biometric shake provides Singaporean with secure online access to government services and uh private enterprises also the same model the private enterprises are able to take advantage of this model um of this uh digital identity infrastructure to authenticate customers online so this means that government would be the first issuer so if you ask me that who should be the first issuer because it walks like a chain right I just showed you that if there are multiple issuers um then sometimes you know I've worked in projects so the first issuer is government and then the second issuer would always ask that can you please share me uh your previous data so it would be forced to verify and then the issuer so it it would walk like a chain the first issuer is having them bearing the maximum uh you know um the maximum responsibility and the other ones would just shake and um you know provide their setup certificate um so then the next one is uh canada so the so in this project um it's a very interesting project this project is called tail us moths um so here um the project is to to reduce the red tape um uh sorry the agent of this project is to is red tape reduction or to get rid of excess administrative burden associated with administration of small business the project is called tail us moths uh we should require any user to upload their data only once the data would be certified by the designated issuers and then the user can share it again and again uh two different service providers so it walks on a very similar model um so also there is a very um uh you know interesting use case um so the government is issuing licenses to organizations especially startups using which they can walk with others so like let's say that uh you know in a supply chain project um i'm a i'm a buyer and i want to buy something from canada let's say so this project is by british columbia you can see over here so um so sorry so uh i will just go and search for all the startups in canada who are supplying that kind of material which i need and they are certified by the government because you know there could be a possible lot of uh you know fake projects fake organizations so the government is providing them certificate and they can share that with third party so it's really um you know a good way for a great way for age of business uh then there is a project called iRespond so this i i really love this project so here um so this is a project uh by a company called uh sorry yeah the name of the this is not a company this is a NGO called iRespond for combating child trafficking and taking care of elderlies so here you can you can see sorry not elderlies only children so here uh you can see that there is an NGO who is issuing certificate uh to the user um and you know what the users retina is a stand and on the basis of that the user is is the child is provided with a date and the child's parents are also um you know linked with the child's date and their their biometrics are also captured and that is registered with the users linked with the user state now um this project is especially for third world countries four countries in Africa and maybe Latin America where there is a lot of child trafficking the children are kidnapped and taken across the border and they get exploited so every time the user uh sorry the the child is trying to cross the border then there would be a border security officers who would ask for the child's verification so they would need the consent of the guardian or the legal guardian so how that would happen they would you know in this country is because this is a poor country so maybe they don't have a smartphone or maybe they have a phone they might might not have a phone at all or even if they have a phone it's not a smartphone so obviously that kind of architecture would not work over here so uh in this case what the parents would do at the time of creation of the registration just like our Aadhar the NGO would print their date and hand it over to them and then if the child is actually trying to cross the border with that legal guardian then that document would be produced to the border security officers so they would just check that whether it's the same child from the date they would get a reference and they would come back the biometrics and see that whether it's the same child and whether it's the same guardian and also their digital consent would be needed to cross the border so this is a project uh which currently is an evade it's still not in production I believe and uh this is this is a um you know NGO iRespond you can search for this and this a very similar use case can be created for elderlies also in the developing developed world where uh like let's say there is a patient who has got dementia and there is a caretaker who has to take the decision on behalf of the elderly so um the power of heart and use cases so those can be handled in a similar way so you can also have more than one guardian in such cases um so digital identity is a hot cake in today's world you can see in this picture how many different countries in the world are doing some research or other and digital identity and especially SSI so you can see so many different digital identity projects not all of them are decentralized but I can tell you like the australia one is decentralized the government uk one is decentralized um and uh singapore one is decentralized um so they are all yeah bit is columbia just i just told you about this use case right so all these use cases are mostly i covered so they are using decentralized identity model for uh for identity for of their citizens or something of that sort sort and um and also there are new privacy laws like gdpa who hasn't heard of gdpa pdpa is a privacy you know you just started related to privacy of you just started in singapore in india pdpb is going to be um you know perhaps it would get the green signal pretty soon this is also regarding identity of individuals and and i mean everybody is trying something or other and by 2023 65 percent of waltz population will have its personal information covered under modern privacy laws um and now coming to the area of research because i told so much under uh on the architecture but i need to tell you that what are the different ssi protocols available in the market because we are in the hyper leisure group so uh you can search um the one which is very popular in the market is hyper leisure indian aries um you can search for them if you are on ethereum then you've got civic and you put please note that indian aries they are platforms whereas civic and you put i think they are they have apps also so you do not have to do any any development you just you can directly use their app um then there is a project called microsoft's iron so microsoft's iron is um printed by microsoft and uh that is still not um online so it would be online pretty soon and then i'm working with art tidy and we are using hashgraph as the public blockchain so please note that if you're using hyper leisure india then your public blockchain would be provided by the india uh you know is available on uh backed by sovereign foundation um so um the success factor of ssi you can see over here how do you make sure that your project is successful um so so the first one is how good your biometrics um integration has happened uh you need to have a very good biometrics with um safety and security scalability is uh scalability and throughput is very crucial because we are talking about a p2p model not a b2p model a regular blockchain might be slower doesn't know nobody cares but um identity platform has to be you know have to be highly scalable and throughput because you have to cater to the need of um not hundreds but not thousands but millions or billions in future cyber security should be strong interoperable it should be interoperable and integrate different identity network should be uh you know integrable with others selective disclosure i just discussed the how how different kind of data sharing can happen and that is that is a um uh area one should invest on and validated notes that because we are not working on proof of work model we are working on something like proof of stake model um which so that it is fast it is um uh a high throughput and scalability so uh who are the validator nodes are who are the uh people who are um you know validating the transactions that is that would conclude that how safe and sick or and how uh successful your ssi model is so we are working with r30 we are using like i said hash grab and we are catering to because hash grab is a very highly scalable one it can cater to 10 000 transactions per second and 1.5 million transactions per day and we are also doing on iot devices so one person can have multiple iot devices in future um and that also we are trying to do and uh yeah our we are doing our first project which should go to production pretty soon so i think i'm just in time uh i thought that i can complete up a little early but um but unfortunately we don't have much time left if you want to ask me any questions you can yeah hi ma'am again uh same question is related to uh as you said there are multiple projects already available so right now they are limited to the scope might be based on the region wise or the country wise in the future how they can intercommunicate that would be the area challenge so that is uh we are trying to do that actually the research is going on um uh and we are trying to make it interoperable it doesn't matter that whether you have used microsoft or whether you have used hash grab whether you have used um i'll give you indy but um maybe in near future because digital identity is moving pretty fast so in near future you can see our day would come when even if you are on a different uh identity model but they would be able to interact with each other so basic idea is to share data right share the data and verify data trust all these data so we can achieve it even if we are on different uh uh different networks okay so how they will intercommunicate i mean might be through the services or it might be possible i'm working on the any uh any any you know um blockchain private blockchain and somebody is working on the public blockchain so how the particular communication whether it will be the web services or the micro services no no i don't think that it would work in a private model because uh you are sharing your data and if it is a private model why there is a need because that means that all of all the um stakeholders have to be in the same network right so here the idea is to share your data with the third party without giving all the details and at the same time use it should be handy right like let's say you are going to the passport you are sharing your data over there so you are not sharing all your data only the data that is needed no there won't be any there won't be any security check-in there won't be any um uh you know regular onboarding process nobody is going to stop you because you know from a distance you would be able to do it so there would be sensors who would see your biometrics and there would be sensors who would know receive your data and see that it is already genuine data so you need to have a public blockchain involved one question is this is my last question uh if it is a public blockchain so how we will uh live it or validate our issues i could not get your question means there will be so there will be a few issues also with the part of our blockchain network and similarly the validator also so how we will limit means how we will identify whether it's uh whether request it's came from the any uh issuer or it is came from the how we will manage those document which is shared by they are all with the part of the same network right it might be one so there is nothing like an issuer or a verifier one organization can be an issuer at a time and can be a verifier later on or can be a verifier like i told you now it walks in a chain like the government is mostly in most of the cases government should be the first issuer and the other uh organizations can be first verifiers and then issuers okay okay it's like similar like we have correct but it will be kind of a different kind of modules through which they will for the issuer they will be very different the screen will be the year they will come like in normal application i'm asking in normal if issuer they will just can see the list of the pending document they can approve it and once it got approved then if you said to the blockchain yeah yeah of course i mean uh you can do it my my question is how the our system will identify whether this particular digital identity belongs to any issuer or any customer or is it kind of a role or similar kind of a role no it is a role let's say you were the website now you are saying that you can apply for your certificates here now like let's say you are applying for your passport so that is a website so similarly you are you are sending your data to that website now that website there would be of course there would be a background verification people might come to your place and obviously i mean the same that same process would happen for the issuers because they're doing a background verification they are doing a deduplication there would be um capturing of your biometrics so those things would happen and then they would issue a certificate to you as well as they would send a hash copy to a public blockchain now you are visiting another website and they're saying that can you share all this verified data with me now they would all that should be either from this issuer or from this issuer or like you know in certain cases they said that we will we would approve only your plan or your passport or three four things right so they know who are the issuers are so you are sharing all the information with them and we're also sharing that who are the issuers so they can just go and check on the blockchain that what i'm saying is true or not thank you mom thank you um hi ma'am this is Rinovast here um i have two questions um you are presented multiple systems under development or whatever in the production what are the limitations from all these systems that you have identified this is the first question and second question is uh since this is digital identity users must be stored somewhere in the digital device what if that device got lost uh is there any retaining retaining mechanisms available yeah so even if i'll answer the first second question first so even if the device is lost or stolen or broken nobody can use it right because you need biometrics for logging so that is liveness detection test and that even if it is stolen nobody can impersonate you right that user how to retain that his identity into that i mean we are working in that area uh perhaps we can use like a user can keep one copy on ipfs um but when it comes to biometrics the entire process have to be done again okay okay and sorry what was the first question can you please one question is that we we have gone through we discussed multiple systems all over the world right yeah what are the limitations um well i mean what i'm talking about is very recent two three months back so obviously we have to work in words that what are the what are the issues i think that scalability might be a issue because you know it we you have to start with a solution which can cater to um you know millions and billions so maybe when organizations are starting with solutions they won't be able to make out that this might happen uh but which time when more and more users join and maybe in future like i said one user might be having multiple devices so we have to come up with a solution where which is highly scalable and you know through footwork should be good no those things um we are yet to see so that is why we are going for hash drive but we can also try with hyperlegia indy so you have to see what kind of what kind of users you are catering to like what what is your user base so if it is very very big like you are going for a national identity program so obviously your number of users will be very high so what kind of solution would work there you have to do a lot of testing all right thank you hello ma'am this is bala here i have two questions uh the first question is like when we talk about like chatting the identity so it may vary based on like the uh i mean very fine for example if i'm presenting my data to an educational institution for back down check i may probably have to share my like mark certificates okay data of birth and other thing but the same thing may vary when i'm going for a bank uh i mean loan approval so how how how is that like okay the set of data or the information that i need to share gets managed when we are treating uh this personal data in the blockchain so will there be and uh capability of to share subset of the information yeah yeah of course like i told you know let's say that you are applying for a loan in a bank now the um uh bank officer is asking for data in different data and they are subsets of four different issuers so you can share like that also so okay so in that process um the very first job would be to check four different assets okay yeah that clarifies on this next question is like how this whole solution works from a commercial model right so i mean as an user should i need to pay for uh each and every time like yeah yeah so that is a very interesting question in fact you know many many hope my clients ask me this question but the answer varies from scenario to scenario like let's say um you are i mean who is paying for it it could be the issuer it could be the user or it could be the verifier depending upon the use case there is no one solution that fails fits all like let's say that the organization is creating an authentication model for all its uh all its users or all its employees in that case the organization is the issuer and the organization would pay for this model now let's say that um let's say that is a okay there is a matrimonial site then the matrimonial monial site you would need to figure out whether the person is saying that um i have passed from this organization i i am working with this for salary then who is paying for that maybe maybe the the person who is purchasing it right so it varies varies from scenario to scenario yeah that helps thanks man oh hi ma'am this is ararain hello yeah so ma'am uh you're talking about identity of a person or an individual right so what do you think regarding the corporate identities in the b2b context that is one uh and second thing if you look at identity probably the next thing which is going to happen is matching i mean mapping the identity with the reputation right so what do you think uh the possibilities which happen in that direction down the line right so first of all uh you're asking about the organization's identity see yeah when you are talking about the organization identity that is a b2b use case that is different from here okay so like uh we are currently trying to um uh you know so there i believe that most of you might be aware that there are different kind of blockchains so there is a b2b model uh there is a b2b model like ethereum works very differently from uh hyper leisure fabric or korda yeah right so in that kind of model the what we need is different but in most of the cases in hyper leisure fabric or in korda uh so it is a b2b space and we log into that kind of system through username and password don't we like let's say that is that is korda right so in korda or in fabric we have different organizations you know and there are there are nodes representing different organization now each organization might be having 1000 employees right who have access to that node right so how do you give them access through username and password right correct yes right so we want to we want to replace that model with decentralized identity so our work is not a competitor of b2b blockchain our work is a complement to b2b blockchain so we can work together we are not we are not competitors okay okay so that means that let's say that you got a korda node or a hyper leisure fabric node now you want 1000 you have 1000 employees in your organization and one node you just you just show one node on the on your network on your b2b network now those 1000 employees might be having different kind of labels correct so they should not get access to all the different flows right so there are there might be 20 different flows and some people have got access to this flow some have that flow so that kind of authentication and that kind of authorization you can do through a decentralized identity and that can be entirely decoupled from the b2b model b2b blockchain okay okay and regarding the reputation so probably tomorrow once I get an air tidy with which anyone can identify me as an individual on any platform probably on any digital platform so so what if someone again keep tracks of where this ID identity has been used across across the digital world or digital applications that is not as simple see I won't say that a biometrics cannot be hacked biometrics can be hacked but it's very difficult if in comparison to use your written password so it's likely to say if my husband tries then he can definitely know my password right if my children know try then they would definitely they would just my daughter just keeps an eye on my my finger another way I use my fingers and seek tells me what my password is right but it's not that simple to do with biometrics yeah you can still do it and also because like blockchain strongly believes like down the line without trusting the person with whom I'm interacting I should be able to do something okay whether it is tracking or anything okay so now if we are bringing this what to say mapping the biometrics or any what to say any government ID so are we not trying to interfere with the general public blockchain vision here I'm talking about only the authentication and authorization part now where those data are used are something different and also perhaps I do not discuss a lot about private dates so what a private date is that let's say I have a issuer and one I have a verifier now my data when I'm sharing with my issuer and I'm creating a separate date for that that is a private date and that is known only to me and my issuer I'm sharing my data with my verifier that is a different date so it is not that simple to correlate I was I was talking about correlation remember one of the issues is correlation so this model SSI is correlation proof so okay yeah so even if you are able to see that is an identifier but that identifier would be different so it's not that easy I mean if you go to the standards it says that it is not completely correlation proof but at least if earlier it was like 100% correlation was possible now maybe you know 5% correlation would still be possible but it would be I mean we are trying to make it correlation proof okay okay so so does it make okay probably only with the one who I'm interacting their identity is revealed for all others it is completely anonymous that is what you mean yeah yeah ma'am I have a question in this solution yeah yeah Arvind you still have question no no I'm done I'm done my last point is like so with whom you are interacting it is visible but for all others it is completely anonymous that is what you mean yeah yeah yeah if it is correlation proof yeah that is what ma'am thank you ma'am thank you yeah and at the ID solution who will be there are multiple stakeholders involving in this ecosystem that who will be the maintainers of the nodes who should maintain the nodes in this decentralized system yeah I mean these questions are asked to be again and again so we are actually trying to follow a standard when you say node so that means that the node is in this model the user is not interacting with the blockchain it is only the organization user is only reading it right right that you that you work yes yes yeah so if you are creating a node if you are organization in and you approach R3D to create a node on your behalf then we'll do that for you so we are working in two different levels we are working on platform level also and we are working in app level also so if you want to purchase our I mean platform level then it's entirely up to you if you want to create a node on your own that also you can do as a user you know let's say that you have 1000 employees and you want to authenticate our app that also is possible so because we are you know working in two different levels so is my voice lost uh yes uh it was frozen for a while okay so I'm saying that we you you can work with this platform on a platform level also and an app level also so depending on the requirement of the client we can create a node for them or they can create a node for themselves without without a set of you know the way we work we just we can just advise them okay okay and this solution code base and all is a proprietary based or open source based how many code governance happened and rule rule sets will happen how to align with the government rules and all uh see there won't be any government rule as such uh at the yeah like pdpb is going to be online I mean it would be approved pretty soon um so that is also area that we are trying to see that how uh you're working in you then those things ma'am I think to be last entire your answer completely yeah I'm also unable to I think ma'am got disconnected yeah let us wait for some time if she can read anything yes yes ma'am uh we lost your answer completely okay okay so sorry what was the question yeah about the data loss right yeah so as I said this is a new area very new area so uh if you go for any SSI network they would say the same thing they're researching in this area but actually we are trying to work on different data loss like in India we got pdpb it is still not approved but I believe that it would be uh approved in 2021 itself uh gdpb please can you on mute please yeah yeah so um yeah so there are different data loss privacy protection data loss like I said in Europe gdpb is already online uh perhaps in Singapore pdpa is already online um in India pdpb would be approved uh it is a still available but it would be approved pretty soon maybe in 2021 um and there are different consumer laws anyway so depending up on the area that you are working we can study that and make it 100 compatible to that data that no personal data law um so I mean that is why SSI is formulated right so yeah yes thank you ma'am I remember this is Rishwas um I have got two questions first like uh as you said that public blockchain will be used for this society so if uh as we all know that public blockchains are all about something incentivized model so like uh if we are going to bring people everyone we are going to kind of give uh sovereign identity to everyone so uh in public model they have to kind of pay for every transaction they are doing no no no so let me let me come back to this uh slide again so uh we are not using public blockchain here we are using uh sorry sorry we are using public blockchain but not with proof of work uh consensus model we are working on proof of authority uh which is a hybrid you know which is a um model like proof of stake in proof of stake you got your stake or your money involved but here all the validated nodes they are not individuals they're not something like in a bitcoin in bitcoin everyone every user is a is a decision maker no but here only the the transactions would be only validated by certain organizations and they work on a proof of authority model and these organizations are actually the ones whom people trust like um in hashgraph we got because we are relying on hashgraph for um for the validation hashgraph is our dlt which works in a very different model than um uh than uh bitcoin so this is not even proof of stake this is proof of authority so who are our validated nodes they are industry leaders like uh google ipm you can see in the in the middle you can see their google uh idm wepro dash telegram fis starter telecom wepro um so some of the biggest names and they are the biggest name in each of the verticals whom people trust so this model is very different from proof of park and that is why hashgraph is super fast like uh uh hashgraph can cater to 10 000 transactions per second and 1.5 million transactions per day and it is still counting i mean they have tested till that but in 2021 they would test and come up with higher higher numbers so um uh be it hyperlegia indy be it uh microsoft uh i and i think i i talked about three four different uh three four different yeah so uh not ethereum ethereum is slow but maybe with the proof of stake model it would be fast but all this uh decentralized identity in a public blockchain networks should be extremely fast and should be scalable so that they can cater to the need of our millions so that is why the consensus model is different it's like public permission thing like just like sovereign with their eyes towards over there so so these uh trusted uh if i say it's towards they will keep increasing if they will keep adding up in future like sovereign or they are fixed yeah they would they would keep adding more but then they would also make sure that because the more the number uh it would be also slower so that is why they have to make sure that uh not at the expense of scalability and performance also one question like about d i d is if you would like to kind of speak about it like overview and working of d i d is if you can give a brief yeah d i d is uh um you can you can go to that is a website called w3c uh well i can i think i can share it over here sure w3c uh did go right yeah let me share it over here i'm sharing to everyone you can click on this so there is a um there is a way to create leads and there are so yeah you can you can read it in your free time so there is a way to and we are following two different models one is our w3c for did creation and also fido model for handling the biometrics so here they tell you that how to create the uh how to create the uh decentralized identity how it looks like you know it starts with d i d then hype then colon and then the name of the um the organization and then colon and alphanumeric like that and this date can be of two different types it could be a public date or a private date so the public date are created by organizations so let's say that you visit passport office tomorrow let's say uh in a future day you visit passport authority of india so they would say this is my public date so it would be mentioned on their website now whenever a user is sharing some data with any organization be it a issuer or be it a verifier then they would create a private date and all the user's data would be stored against that private date so that private date is not visible to other organizations so that would be visible only to that organization so that means if let's say i i have collected data from five different issuers then all these issuers would be the data would be saved with the different date names so i mean then the private date and the public date they look alike but their usage is different similarly with the verifier or different private date would be created so the verifier would never be able to know that you know uh even if they're sharing the two different verifiers are sharing the data with each other to know that because you cannot stop a verifier or issuer to retain your data right i mean we can do it that way but you know they can they can overlap that model but even if they have your private data and even if they share it with another another organization to check that who is the user their date should be that private date should be different so that is why um it would be coordination proof okay thank you um one question ma'am um so far we have discussed on i mean human identity and how about or what's your thoughts on identity for the devices especially iota devices iota devices yeah that is because i believe that you have seen that in our solution architecture diagram we have also showed some iota devices remember do i need to show show it again one moment i believe that you all saw this website w3c sorry w3c okay fine so all right so yeah so here you can see that we are also trying to do it on iota devices so um this is a research study i i don't think that anybody has gone to production or even you ate um using this model so far so we are also researching so in that case what's gonna happen that the user can have five different devices and for each of them there would be a different private key and public key of course and that would be also associated with your identity so like um if if you've got a car which what do you call it um auto auto self-driving car and there is an accident then there should be a somebody who is responsible right so so that is why i know that would be associated obviously that would be associated with uh uh with the individual's identity and that that should be somebody who is the owner who is responsible for handling them um so obviously that we would be using that public key infrastructure over here um but that there is some time to it so more research needed to be done and perhaps in future in uh two months time i'll come up with another session where i can share how the iota devices can work so this would be very helpful in many different verticals like let's say um you can do it not only for machines you can also do it for uh for animals like you know um harding you know harding and tracking animals or uh you know every animal i think i i i just shared a picture a couple of days back i just created it and shared it on on linkedin so there are different animals in in a farm and each animal is having a they have a what do you call tag on the on the ear and what icon iota device so that that iota device would tell that location and at the same time they could have information on their vaccination and maybe if it is a milking cow then the milk the time of the milking has uh has approached there's so many different information that it can share with their owner or um or the person nearby who is responsible for doing that so that kind of that kind of things happen but obviously that would work on a public key infrastructure the same infrastructure i hope i'll come up with more uh in a months or two months time sure sure that that will be great you can see that many of people are still interested to see you back yeah thank you yeah i mean um with your questions i also try to learn um because these are the questions which get repeated again and again so and we research on those areas any more questions just last one as you said that biometrics will be stored on blockchain on mobile devices only and it will be used only for login purpose so it's just like biometric which we use to do which we which we use to log in into mobile or something like that it's just a normal use of biometrics right it's nothing more than just yeah but then in current model i'm not very sure many people are sending it over the net for every login people are sending it over the net that's not something we are going to do we would be it would be matched on the device so i don't know how many of you have heard of the payment cards the new payment the smart cards which has got a sensor so you you log in within that device and you are doing a one-to-one matching not one-to-one you cannot do one-to-one on your on your device or on your card smart card so that entire matching process happens on your device that is a one-to-one matching if there is a need of one to end for the first time when you're doing the registration at the time you can do it against your database but here everything would be on device so you made to say that mapping of biometrics and the keys uh identity keys would be stored in the device itself yeah yeah so till the device you go with the biometrics from their device uh go uh puts the request using the keys and all that's right yeah hi man this is ajna so as you discussed like there are different SSL protocols available like hyperlature in the ethereum microsoft in the hedera hash drive so what is the motive or reason behind choosing hedera hash drive as i told you hedera is known for its high scalability and throughput number one so i mean you tell me any other network which can cater to 10 000 transactions per second and 1.5 million transactions per day i mean there can be more but hedera is very famous and also who are the validator nodes it's working on a proof of authority model right so if you if you see that who are the validator nodes they are the industry leaders in each and every vertical right so that is why that would that would bring trust to the user like tomorrow i mean let's say that you are sharing your identity with me okay so you are sharing from five different sources okay i would trust the one which is issued by government right because government is somebody everyone trusts so that is why we trust the pan we trust the passport right because the government is doing that right you can show me um your you know certificate maybe i mean people's people have got fake certificates from organizations from universities and they're fake universities they're fake organizations we who can certify that this person has worked with my organization for five years right so people trust uh different organizations to different levels so that is why one of the success factors of our ssi network is your validated nodes if you remember i was showing you in the circle right yeah one of the success factors definitely is i mean it can be very scalable it can be you know good in throughput um security features should be good but then who are the validator nodes if the validator nodes are big companies like let's say facebook libra facebook libra i believe most of you have heard of it facebook libra actually got the idea of this kind of uh architecture from hash trap itself because you know today facebook libra is having top 100 fortune 500 companies as their validator nodes so that is why that is bringing that trust level to this network right i mean i want to have half of my money on uh facebook libra let's say then uh how can i trust that i trust let's say a couple of bands because they've got good name and fame in the market so similarly in order to bring that kind of trust for money or for your identity because you know if you ask me today what is your most valuable possession and i would say it is my identity right so i cannot trust my identity with each and every organization that is why i i um i need to know that who are the validator nodes who are looking after all the transactions i think in each network so here in in hash trap we got as big big names like google wipro um adosh telecom if is um you know ibm so big names are there as my little nodes got it thank you anything else yeah there is no end to questions and interactions i i see uh so if there are any questions maybe you can give your uh linkedin id for some offline questions or they can yeah sure you can always send it across to me uh at my linkedin id the gentleman yeah and for those who are not in our whatsapp group uh they can send they can just give you a number in the chat box i'll i'll i'll add you all to that to our hyper legion about uh whatsapp group and yeah i think yeah one question and even i have have the same question maybe you have answered but still i'm i want to know uh there's this guy rishi case he's also a solution architect in what is he have written this question in chat you can just see uh when it comes to enterprise adoption how would enterprise marry that means interpret interpretability their existing infrastructure if there is an existing infrastructure and this is the new adoption that this is a new thing then how will this order and the newer infrastructure will interact and what are the some of the things that exist and uh what yeah what are the approach yeah i think uh first thing first is that you need to update your um authentication models so the uh the username password you know modification from you know moving away from username password to a decentralized authentication system is something that would fit into any existing applications so for any existing application wherever you are using username password you can adopt this kind of uh architecture and just replace it so that would work so this would fit in any vertical in or in any application especially whenever there is a you know a banking website so wherever high security high security and high privacy is needed so i would say that they should be the first one to go for this so obviously i mean the industry which is showing maximum interest is something like the fintechs the banks um payment providers yeah so i just did a talk at pay you one of the one of the biggest payment providers yeah so they like they're doing this i mean all the payment providers because they are losing money right wherever there is a chance of fraud and whatever that is cost you know costing the whatever that is hitting the pocket then you know they would definitely do this so one small doubt like uh from a developer's point of view how how this is and i'm not sure how high data has got work but i'm just thinking about how do you map all data like how many smart contracts are different different smart contracts uh we have to write for different organizations you know see uh smart contracts are not used in identity network so you can smart contracts are what the smart contracts are needed smart smart contracts are contracts like logics so here is there is no logical search you are giving access or you are not giving access that's it for different organizations for authentication yeah for authentication is just requires your it's it's it's apple level or not yeah just the matching yeah so smart contracts are not a not a work in any decent religion it's not a requirement okay yeah yeah i think that that's that's all um today's session if if if you have any questions already 40 minutes ahead of this time yeah so you can read you can read my book on SSI you can get a very good idea like because you know learning with one hour session is not enough so you can read that uh where i have also given a comparison between different protocols so you have a good idea so thanks so much i believe that we are done great thank you so much ma'am thank you very much ma'am thanks for coming and thank you okay one time on weekend thank you thank you ma'am thank you so much thank you