Key Points

1. identity requirements must fit the use cases
2. their are many digital providers and digital identity solutions
3. a variety of identity standards can apply to different use cases
4. key questions to ask: who should own, control your identity?
5. SSI concept - your identity is separate from the identity providers. They issue an identity credential to your digital identity
6. a holder is someone who "holds" their digital identity and credentials - different than Google, Facebook who hold your identity
7. SSI holders can hold their own digital wallet or use a multi-tenant cloud-based wallet 
8. all digital identity solutions need a reliable useful recovery model

References

Key Concepts

2 definitions of Digital Identity defined here.

Depends on context which is correct.

Digital Identity - Wikipedia.org 

https://en.wikipedia.org/wiki/Digital_identity

A digital identity is information on an entity used by computer systems to represent an external agent. That agent may be a person, organization, application, or device. ISO/IEC 24760-1 defines identity as "set of attributes related to an entity".^[1]

The information contained in a digital identity allows for assessment and authentication of a user interacting with a business system on the web, without the involvement of human operators. Digital identities allow our access to computers and the services they provide to be automated, and make it possible for computers to mediate relationships.

The term "digital identity" also denotes certain aspects of civil and personal identity that have resulted from the widespread use of identity information to represent people in an acceptable trusted digital format in computer systems.

According to Feher's academic approach: digital identity "refers to the digital data corpus being built by users and digital systems" ^[2]

Digital identity is now often used in ways that require data about persons stored in computer systems to be linked to their civil, or national, identities. Furthermore, the use of digital identities are now so widespread that many discussions refer to "digital identity" as the entire collection of information generated by a person’s online activity. This includes usernames and passwords, online search activities, birth date, social security, and purchasing history.^[3] Especially where that information is publicly available and not anonymized, and can be used by others to discover that person's civil identity. In this wider sense, a digital identity is a version, or facet, of a person's social identity. This may also be referred to as an online identity.^[4] With self-sovereign identity (SSI) the user has a means of generating and controlling unique identifiers as well as some facility to store identity data.

The legal and social effects of digital identity are complex and challenging. However, they are simply a consequence of the increasing use of computers, and the need to provide computers with information that can be used to identify external agents.

Digital Identity as a synonym for Self Sovereign Identity 

Modern Identity definitions focus on Digital Identity as an implementation of 2 key concepts:

Self Sovereign identity ( SSI )

Decentralized Identity Documents ( DID ) as a standard to define an SSI implementation

Digital Identity News

Updated SSI inforamtion wiki - indentosphere - Kaliyah

https://newsletter.identosphere.net/. << All things Digital Identity.  <<. https://identosphere.net/

https://newsletter.identosphere.net/p/identosphere-167-retrospectives-eidas2

Everything related to decentralized identity and verifiable credentials including standards and development: updates, walkthroughs, from the enterprise to web3, real world use, policy and research.

Trends in Digital Identity

https://www.thalesgroup.com/en/markets/digital-identity-and-security/government/identity/digital-identity-services/trends

Forces driving digital identity include:

We expect to see:

1. More mobility and access to the Internet
2. Greater demand for security and trust
3. An accelerating shift towards smart cities
4. More calls for public supervision of digital identification systems

5. Even more National ID card and eID programs​, national ID ​​initiatives, and implementations

How Digital Identity Management works - article 

https://www.zdnet.com/article/identity-management-101-how-digital-identity-works/

From the article .. the key to Digital Identity ...

"It comes down to a way to federate identity across lots of different organizations," responded Hank Thomas, CEO of security VC Strategic Cyber Ventures LLC.  "That comes back to people having to work together, and trust each other that, once one person has proven that someone is someone, that other organization is going to have the same level of trust in the same thing. There's ways to do that; it's just that that trust isn't necessarily there yet. Maybe it's for compliance reasons, and for other reasons."

which logically leads to standards on: 

Self-Sovereign Identity ( SSI )

self-sovereign identity requires that users be the rulers of their own identity.

For self-sovereign identity, which can be defined as a lifetime portable digital identity that does not depend on any centralized authority, we need a new class of identifier that fulfills all four requirements: persistence, global resolvability, cryptographic verifiability, and decentralization.

The Path to Self-Sovereign Identity - article

by Christopher Allen

http://www.lifewithalacrity.com/2016/04/the-path-to-self-soverereign-identity.html

Self-sovereign identity is the next step beyond user-centric identity and that means it begins at the same place: the user must be central to the administration of identity. That requires not just the interoperability of a user’s identity across multiple locations, with the user’s consent, but also true user control of that digital identity, creating user autonomy. To accomplish this, a self-sovereign identity must be transportable; it can’t be locked down to one site or locale.

A self-sovereign identity must also allow ordinary users to make claims, which could include personally identifying information or facts about personal capability or group membership¹⁸. It can even contain information about the user that was asserted by other persons or groups.

Decentralized Identity Documents ( DID ) are a standard way to define a Self Sovereign Identity.

Decentralized Identity Concepts - Slides

Decentralized Identity Document ( DID )

W3C standards

https://www.w3.org/TR/did-core/

Decentralized identifiers (DIDs) are a new type of identifier that enables verifiable, decentralized digital identity. A DID identifies any subject (e.g., a person, organization, thing, data model, abstract entity, etc.) that the controller of the DID decides that it identifies. In contrast to typical, federated identifiers, DIDs have been designed so that they may be decoupled from centralized registries, identity providers, and certificate authorities. Specifically, while other parties might be used to help enable the discovery of information related to a DID, the design enables the controller of a DID to prove control over it without requiring permission from any other party. DIDs are URLs that associate a DID subject with a DID document allowing trustable interactions associated with that subject. Each DID document can express cryptographic material, verification methods, or service endpoints, which provide a set of mechanisms enabling a DID controller to prove control of the DID. Service endpoints enable trusted interactions associated with the DID subject. A DID document might contain semantics about the subject that it identifies. A DID document might contain the DID subject itself (e.g. a data model).

This document specifies a common data model, a URL format, and a set of operations for DIDs, DID documents, and DID methods.

A DID example 

A DID is a simple text string consisting of three parts, the:

• URI scheme identifier (did)
• Identifier for the DID method
• DID method-specific identifier.

EXAMPLE 1: A simple example of a decentralized identifier (DID)

did:example:123456789abcdefghi

The example DID above resolves to a DID document. A DID document contains information associated with the DID, such as ways to cryptographically authenticate the DID controller, as well as services that can be used to interact with the DID subject.
EXAMPLE 2: Minimal self-managed DID document

{
  "@context": "https://www.w3.org/ns/did/v1",
  "id": "did:example:123456789abcdefghi",
  "authentication": [{
    // used to authenticate as did:...fghi
    "id": "did:example:123456789abcdefghi#keys-1",
    "type": "Ed25519VerificationKey2018",
    "controller": "did:example:123456789abcdefghi",
    "publicKeyBase58": "H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV"
  }],
  "service": [{
    // used to retrieve Verifiable Credentials associated with the DID
    "id":"did:example:123456789abcdefghi#vcs",
    "type": "VerifiableCredentialService",
    "serviceEndpoint": "https://example.com/vc/"
  }]
}

DID Goals

Decentralized Identifiers are a component of larger systems, such as the Verifiable Credentials ecosystem [VC-DATA-MODEL], which drove the design goals for this specification. This section summarizes the primary design goals for this specification.

DID Architecture 

This section provides a basic understanding of the major elements of DID architecture. Formal definitions of terms are provided in § 2. Terminology .

Figure 1 The basic components of DID architecture.

• DIDs and DID URLs
  • A DID, or Decentralized Identifier, is a URI composed of three parts: the scheme "did:", a method identifier, and a unique, method-specific identifier generated by the DID method. DIDs are resolvable to DID documents. A DID URL extends the syntax of a basic DID to incorporate other standard URI components (path, query, fragment) in order to locate a particular resource—for example, a public key inside a DID document, or a resource available external to the DID document.
    
    
• DID Subjects
  • The subject of a DID is, by definition, the entity identified by the DID. The DID subject may also be the DID controller. Anything can be the subject of a DID: person, group, organization, physical thing, logical thing, etc.
    
    
• DID Controllers
  • The controller of a DID is the entity (person, organization, or autonomous software) that has the capability—as defined by a DID method—to make changes to a DID document. This capability is typically asserted by the control of a set of cryptographic keys used by software acting on behalf of the controller, though it may also be asserted via other mechanisms. Note that a DID may have more than one controller, and the controller(s) may include the DID subject.
    
    
• Verifiable Data Registries
  • In order to be resolvable to DID documents, DIDs are typically recorded on an underlying system or network of some kind. Regardless of the specific technology used, any such system that supports recording DIDs and returning data necessary to produce DID documents is called a verifiable data registry. Examples include distributed ledgers, decentralized file systems, databases of any kind, peer-to-peer networks, and other forms of trusted data storage.
    
    
• DID documents
  • DID documents contain metadata associated with a DID. They typically express verification methods (such as public keys) and services relevant to interactions with the DID subject. A DID document is serialized according to a particular syntax (see § 6. Core Representations). The DID itself is the value of the id property. The generic properties supported in a DID document are specified in § 5. Core Properties. The properties present in a DID document may be updated according to the applicable operations outlined in § 7. Methods .
• DID Methods
  • DID methods are the mechanism by which a particular type of DID and its associated DID document are created, resolved, updated, and deactivated using a particular verifiable data registry. DID methods are defined using separate DID method specifications (see § 7. Methods ).
    
    
• DID resolvers and DID resolution
  • A DID resolver is a software and/or hardware component that takes a DID (and associated input metadata) as input and produces a conforming DID document (and associated metadata) as output. This process is called DID resolution. The inputs and outputs of the DID resolution process are defined in § 8. Resolution . The specific steps for resolving a specific type of DID are defined by the relevant DID method specification. Additional considerations for implementing a DID resolver are discussed in [DID-RESOLUTION].
    
    
• DID URL dereferencers and DID URL dereferencing
  • A DID URL dereferencer is a software and/or hardware component that takes a DID URL (and associated input metadata) as input and produces a resource (and associated metadata) as output. This process is called DID URL dereferencing. The inputs and outputs of the DID URL dereferencing process are defined in § 8.2 DID URL Dereferencing . Additional considerations for implementing a DID URL dereferencer are discussed in [DID-RESOLUTION].
• Verifiable Credentials
  • Credentials are a part of our daily lives; driver's licenses are used to assert that we are capable of operating a motor vehicle, university degrees can be used to assert our level of education, and government-issued passports enable us to travel between countries. This specification provides a mechanism to express these sorts of credentials on the Web in a way that is cryptographically secure, privacy respecting, and machine-verifiable.

DID Use Cases

https://w3c.github.io/did-use-cases/

This document sets out use cases and requirements for a new type of identifier that has 4 essential characteristics:

1. decentralized: there should be no central issuing agency;
2. persistent: the identifier should be inherently persistent, not requiring the continued operation of an underling organization;
3. cryptographically verifiable: it should be possible to prove control of the identifier cryptographically;
4. resolvable: it should be possible to discover metadata about the identifier.

Although existing identifiers may display some of these characteristics, none currently displays all four.

DID Primer - what they are, how to use 

https://w3c-ccg.github.io/did-primer/

A Decentralized Identifier (DID) is a new type of identifier that is globally unique, resolveable with high availability, and cryptographically verifiable. DIDs are typically associated with cryptographic material, such as public keys, and service endpoints, for establishing secure communication channels. DIDs are useful for any application that benefits from self-administered, cryptographically verifiable identifiers such as personal identifiers, organizational identifiers, and identifiers for Internet of Things scenarios. For example, current commercial deployments of W3C Verifiable Credentials heavily utilize Decentralized Identifiers to identify people, organizations, and things and to achieve a number of security and privacy-protecting guarantees. This document is an introduction to the concept of Decentralized Identifiers.

The need for globally unique identifiers that do not require a centralized registration authority is not new. UUIDs (Universally Unique Identifiers, also called GUIDs, Globally Unique Identifiers) were developed for this purpose in the 1980s and standardized first by the Open Software Foundation and then by IETF RFC 4122.

The need for persistent identifiers (identifiers that can be assigned once to an entity and never need to change) is also not new. This class of identifiers was standardized as URNs (Uniform Resource Names) first by IETF RFC 2141 and more recently by RFC 8141.

As a rule, however, UUIDs are not globally resolvable and URNs – if resolvable – require a centralized registration authority. In addition, neither UUIDs or URNs inherently address a third characteristic – the ability to cryptographically verify ownership of the identifier.

For self-sovereign identity, which can be defined as a lifetime portable digital identity that does not depend on any centralized authority, we need a new class of identifier that fulfills all four requirements: persistence, global resolvability, cryptographic verifiability, and decentralization.

DID model: decentralized control, centralized support

SSI model is decentralized IDs and implementation

Full production capabilities require centralized services for support ( recovery etc )

Centralized support can deliver privacy, security and user control using user-defined proxies to the central services

DIDComm Protocol

Verifiable Credentials Standard

https://www.w3.org/TR/vc-data-model/

w3.org-Verifiable Credentials Data Model v11.pdf file

This document provides a solid understanding of what a  VC is, how it's used and the standards in place

EBSI support for VC and VP standards

https://ec.europa.eu/digital-building-blocks/wikis/pages/viewpage.action?pageId=555222155

AnonCreds Project - VC with selective disclosure, ZKP protections

https://www.hyperledger.org/use/anoncreds

https://github.com/hyperledger/anoncreds-rs

a>> see how AnonCreds plans to support W3C VC standards

AnonCreds, the most commonly used Verifiable Credential (VC) format in the world*, is now a Hyperledger project. Ledger agnostic and with a formal open specification, AnonCreds continues to evolve as a mature verifiable credential format with unique privacy-protecting capabilities. 

Hyperledger AnonCreds—short for “Anonymous Credentials”—is a type of VC that adds important privacy-protecting ZKP (zero-knowledge proof) capabilities to the core VC assurances. A core element of the Hyperledger Indy project for more than five years, AnonCreds is a mature, complete model and interactions set, with extensive support across Hyperledger Aries frameworks.

Hyperledger AnonCreds is ledger-agnostic and client-agnostic. It is not tied to Hyperledger Indy or Aries. This makes it usable with other verifiable data registries/ledgers and verifiable credential client stacks. As a result, important  privacy-protecting capabilities become available to a much broader audience, and the underlying cryptography can evolve without affecting the features above it.

Additional benefits of using Hyperledger AnonCreds include:

• Avoidance of identifiers: No correlatable identifiers are required in presenting data to a verifier. Correlatable identifiers may be applied in a use case specific manner.
• Verifier assurances: Credentials are bound to the holder, so verifiers know that credentials presented together were all issued to the holder providing the presentation.
• Minimal data sharing: Data to be shared by a holder to a verifier is minimized through the use of selective disclosure and ZKP predicates

Flexible formatting: Credentials and presentations can be formatted in the W3C VC Data Model standard format.

• The AnonCreds Specification, managed by the Hyperledger AnonCreds Specification Working Group and with the potential of being submitted to an appropriate Standards organization
• Ledger/Verifiable Data Registry-agnostic, open source code implementations of the AnonCreds specification, suitable for use with Hyperledger Aries and non-Aries agents
• Guidance for creating ledger-specific AnonCreds Methods to write and resolve AnonCreds objects for specific ledgers
• Documentation on AnonCreds suitable for all audiences, from business audiences to cryptographers
• A test suite to verify adherence to the AnonCreds specification and the interoperability of AnonCreds implementations.

Next steps include evolving the existing AnonCreds Rust implementation to be friendlier to VDRs/ledgers other than Indy, wrapping up the v1.0 specification, and gaining compliance with the W3C Verifiable Credentials Data Model Standard.

Identity Blockchains ( Sovrin, Indy, etc )

m Hyperledger Indy

Aries - a Universal Agent for Identity Blockchains

m Hyperledger Aries - identity, data management tools

Trust Over IP ( TOIP )

m TOIP Trust Over IP

Automation of Digital Trust on identity Blockchain Networks

BC Digital Trust Concepts & Use Cases

new BC org book site:

https://digital.gov.bc.ca/digital-trust/

Digital Trust empowers people and businesses with safe and secure ways of identifying themselves online and communicating confidentially with others. 

a>> see this site for great use cases on Digital Identity, Verifiable Credentials and solutions shared

VON - Verifiable Organizations Network - open-source example solution for SSI and credentials

https://vonx.io/getting_started/get-started/

try the sample app solution

try the mobile android interface

VONX questions

1. what versions of indy, Aries required?
2. what is the current wallet standard used for the mobile, enterprise wallets?
3. what else can the wallet hold besides coin, credentials?

Digital Identity Implementation Requirements Concepts

Requirements & Concepts

1. Inclusion 

2. populations not all digital

3. need EID cards when issuing a digital identity

4. EID card can have proxy UID stored and as qr code that can link to consented data share of PII with the option to consent real-time for mor

5. Owner sets the proxy visibility rules on what defaults, where added consent needed
   
   

6. Decentralization

7. decentralized network not as import as decentralized control

8. ownership of your ID, credentials and personal data

9. who sees it

10. who uses it
    
    

11. Recovery

12. Many use cases ( eg prescriptions, medical treatment ) may require immediate recovery of identity and credentials

13. If ID and credentials not accessible digitally how can the owner recover them quickly?

14. Full decentralized distribution model makes owner responsible for their own recovery without other support

15. Decentralized control model allows for centralized support from trusted providers ( Foundations, Governments versus businesses, NGOs )

16. Decentralized control allows owner to control the recovery solution directly

17. Centralized service provides a secure method for owner to establish control over a lost identity ( eg ssa.gov model etc )
    
    

18. Revocations

19. Many use cases do not require real-time revocation verifications

20. Options include renewal token verification ( eg once per hour, once per day )
    
    

21. Governance

22. Proof of governance on the process and the transactions for the owner and the service provider

23. owner access to the governance rules, terms, time limits in force, durability, performance

24. owner consent controls sharing the governance trust for the provider | issuer with others by default or explicitly

Governments Issuing Digital IDs

2020 US States

https://www.nbcnews.com/mach/science/what-new-digital-driver-s-licenses-mean-motorists-police-ncna875576

Colorado, Delaware, Idaho, Maryland, Wyoming and the District of Columbia are carrying out limited trials of digital driver's licenses. Iowa and Louisiana are planning to issue digital licenses to every motorist who wants one beginning this year.

-------------------------------
tokenization of assets, money 


https://www.forbes.com/sites/michaeldelcastillo/2020/10/24/jp-morgan-veteran-daniel-masters-explains-how-blockchain-will-end-commercial-banks/#71867e66bdd9


orgs 

iso     ssi, did
ietf    ssi, did
ieee    ssi, did
w3c     ssi, did
iiw     ssi, did
dif     ssi, did
mobi    vid, cmdm

 Fast IDentity Online (FIDO) Alliance; and Open ID Foundation.


weforum.org 

https://www.weforum.org/projects/global-standards-mapping-initiative


***
world bank did std draft 
http://pubdocs.worldbank.org/en/579151515518705630/ID4D-Technical-Standards-for-Digital-Identity.pdf

key read

ch5 -   stds for eid cards, dig sign, federation prot, 
    29100, 27018, 29190 - pii, 
    https://www.slideshare.net/AntoineVigneron/iso-27014-38500

    eIDAS Electronic identification and trust services
    Regulation for Identification and trust services for the



***
securetechalliance.org
draft on mobile id use cases
https://www.securetechalliance.org/wp-content/uploads/Mobile-Identity-Authentication-WP-FINAL-March-2017.pdf
    has vcrs for each use case !


consensys blog 2019 on bc in govt projects ... 

*** good for use cases - consensys blog
2019 which govts use bc now
https://consensys.net/blog/enterprise-blockchain/which-governments-are-using-blockchain-right-now/?utm_campaign=ConsenSys%20Newsletter&utm_source=hs_email&utm_medium=email&utm_content=80467613&_hsenc=p2ANqtz--zOUwxuYK6daqZLBVjcSvsDfB415GmyrmqQ1XAqQ0DBWsYHR6cYWw7Fnjsuktv-dBE40ojH5MBFbBgDSRn1mh1AV0So0Oxmwv6hGdQVMHowXCOCQY&_hsmi=80467613

Illinois investigated five blockchain projects, including property deed recording, academic credentialing, health provider registries, an energy credit marketplace, and securing vital records.


*** 
eublockchainforum.eu/initiative-map

https://www.eublockchainforum.eu/initiative-map
best global graph


***
SSI book - Drummond
good for FAQS on how did, wallets, agents work
https://freecontent.manning.com/the-basic-building-blocks-of-ssi/


***
gbbc map on blockchain

https://gbbcouncil.org/gsmi/

global standards mapping initiative

misses many blockchain projects and solutions ( eg bc.gov etc )


https://www.weforum.org/projects/global-standards-mapping-initiative


countries
https://gbbcouncil.org/gsmi/


usa by state
https://gbbcouncil.org/gsmi-usa/


gsmi key insights
http://www3.weforum.org/docs/WEF_GSMI_Key_Insights_2020.pdf

    misses DID stds on SSI as support for GDPR etc


legal regulatory report pdf
https://gbbcouncil.org/wp-content/uploads/2020/10/GSMI-Legal-Regulatory-Report.pdf


gbbc bc techicanl standards
https://www.weforum.org/whitepapers/global-standards-mapping-initiative-an-overview-of-blockchain-technical-standards

missed the DID, DID-COMM stds at v1.0 that relevant to this initiative


gsma    mobile identity article report
https://www.gsma.com/idx/wp-content/uploads/2020/05/Mobile-Identity-enabling-the-digital-world-report-Final-1.pdf


https://fidoalliance.org/
online authentication stds
    biometrics


apple pay at 5 years -- rollout successful and slow
https://www.pymnts.com/news/mobile-payments/2019/report-what-apple-pay-at-five-says-about-the-future-of-mobile-pos-payments/



------------
------------
USA regulations 
------------


estonia, bc.gov do did for firms, individuals

no state has did for dbr yet 


 Some important organizations include the American National Standard Institute (ANSI); the U.S. National Institute
of Standards and Technology (NIST); the U.S.-based International Committee for Information Technology Standards (INCITS), the U.S. Department of Homeland Security (DHS); the U.S. Department
of Defense (DoD)


see DG initiatives




------------
digital drivers license 
------------

https://legiscan.com/gaits/search?state=ALL&keyword=digital+drivers+license


https://www.wfla.com/news/national/several-states-introduce-digital-drivers-licenses-government-ids/#:~:text=Mobile%20IDs%20are%20rolling%20out,wants%20one%20beginning%20this%20year.


https://www.nbcnews.com/mach/science/what-new-digital-driver-s-licenses-mean-motorists-police-ncna875576

Colorado, Delaware, Idaho, Maryland, Wyoming and the District of Columbia are carrying out limited trials of digital driver's licenses. Iowa and Louisiana are planning to issue digital licenses to every motorist who wants one beginning this year.


iowa ddl test pgm
https://www.nbcnews.com/video/iowa-starts-testing-digital-drivers-licenses-520545347705




https://www.techrepublic.com/article/mobile-drivers-license-would-replace-the-physical-card-with-a-digital-identity/

Eleven states are already testing mobile driver's licenses (mDL) or planning pilot projects, including Colorado, Oklahoma, Louisiana, and Iowa. A digital driver's license would come in the form of a phone app protected by biometrics or a PIN. Instead of handing over a physical license to a police officer or store clerk, an individual could display the relevant information or send it electronically.




------------
digital identity 
------------


iowa in production in 2020

https://iowadot.gov/mvd/Mobile-ID


Thales selling did mobile

https://www.thalesgroup.com/en/markets/digital-identity-and-security/government/driving-licence/digital-driver-license

    https://youtu.be/Gv3eZIMOtZA





------------
blockchain 
------------





EU digital finance proposal
https://ec.europa.eu/info/publications/200924-digital-finance-proposals_en


Liechtenstein Innovation Framework
https://ceo-insight.com/finance/the-liechtenstein-innovation-framework-balancing-innovative-agility-and-legal-certainty/




estonia claims review
https://davidgerard.co.uk/blockchain/2017/09/06/estonias-smartcard-security-problem-is-probably-not-blockchain-related-but-what-is-estonias-blockchain/



KSI - Guardtime 
hash vs bc
https://www.digitalinsuranceagenda.com/96/guardtime-the-worlds-largest-blockchain-company/

https://cred-c.org/sites/default/files/slides/PNW-IW17_7.2_Bishop_Panel2_Emerging-Tech_Keyless-Signature.pdf

https://www.youtube.com/watch?v=cXKnoQoUrcQ






------------
Texas


Thales group


digital drivers license     bill died

https://legiscan.com/RI/bill/H5278/2019

Texas legislation for digital drivers license, digital identity 
not passed yet

https://capitol.texas.gov/tlodocs/86R/billtext/html/SB00991I.htm

a>> print
relating to the establishment of a pilot program for the issuance of
    digital identification.

video
https://www.thalesgroup.com/en/markets/digital-identity-and-security/government/driving-licence/digital-driver-license

    https://youtu.be/Gv3eZIMOtZA



blockchain

https://legiscan.com/gaits/search?state=TX&keyword=blockchain


blockchain work group  bill - died
https://legiscan.com/TX/bill/HB4517/2019

Relating to the creation of a work group on blockchain matters concerning this state

a>> print
https://capitol.texas.gov/tlodocs/86R/billtext/html/HB04517H.htm


------------
California



CA blockchain report 2020
https://www.govops.ca.gov/wp-content/uploads/sites/11/2020/07/BWG-Final-Report-2020-July1.pdf
    p25     when to use DLT
    P27     ethical framework



Contactless identification document system
    https://leginfo.legislature.ca.gov/faces/codes_displaySection.xhtml?lawCode=CIV§ionNum=1798.795


search CA legislation
https://leginfo.legislature.ca.gov/faces/codes_displaySection.xhtml

sb-373  vital records on blockchain 
pending

http://leginfo.legislature.ca.gov/faces/billStatusClient.xhtml?bill_id=201920200SB373

http://leginfo.legislature.ca.gov/faces/billCompareClient.xhtml?bill_id=201920200SB373&showamends=false



ab-3119     minimize consumer data protection act

http://leginfo.legislature.ca.gov/faces/billCompareClient.xhtml?bill_id=201920200AB3119&showamends=false




ab-1782     contact tracing
pending

https://legiscan.com/CA/bill/AB1782/2019




AB-499 Personal information: social security numbers: state agencies
passed

pii management



------------
Louisiana


la wallet




------------
Colorado

#ddl

https://www.colorado.gov/pacific/dmv/mycolorado-and-colorado-digital-id

    video
    https://youtu.be/Wtu_E7Sh-ls


    scan normal license 
    wallet has image
    test recognition captures data in wallet
    hologram for authenticity

    use for govt services

    protect information is manual, not based on verifier proof request
        no did-comm etc

    no stds for interop etc
    no did


#faqs model 
    https://www.colorado.gov/pacific/dmv/mycolorado-and-colorado-digital-id


MDL  std 
https://www.iso.org/standard/69084.html

interop for mdl 
https://ims.ul.com/interoperability-mobile-driver-license-mdl-application#:~:text=The%20ISO%2FIEC%2018013%2D5,JTC1%2FSC17%2FWG10).



------------
Florida


FDS - Florida Digital Services bill

https://legiscan.com/FL/bill/S1870/2020

https://www.flsenate.gov/Session/Bill/2020/1870/BillText/Filed/HTML

https://legiscan.com/FL/bill/H1391/2020
passed


develop an enterprise
   15         architecture for all state departments and agencies;
   16         providing requirements for such enterprise
   17         architecture; providing duties of the Florida Digital
   18         Service under certain circumstances; authorizing the
   19         Florida Digital Service to enforce the enterprise
   20         architecture by specified means;


states are passing bills to reduce fraud 
    did and bc can support that

    pending
    https://legiscan.com/FL/bill/H1077/2020

    https://www.flsenate.gov/Session/Bill/2020/1077/BillText/c1/PDF




------------
Maryland 



DDL

3 buttons - tsa, police, ??



Thales

https://www.thalesgroup.com/en/markets/digital-identity-and-security/government/driving-licence/digital-driver-license

maryland pilot
https://youtu.be/Gv3eZIMOtZA




------------
North Carolina



------------
New York



------------
Delaware


blockchain on corp actions revisions

https://legiscan.com/gaits/search?state=DE&keyword=blockchain

https://legiscan.com/DE/bill/SB90/2019
pass

This bill continues the practice of amending periodically the Delaware Revised Uniform Partnership Act (the Act) to keep it current and to maintain its national preeminence.

REGULATION, OPERATION AND DISSOLUTION OF DOMESTIC PARTNERSHIPS AND THE REGISTRATION AND REGULATION OF FOREIGN LIMITED LIABILITY PARTNERSHIPS.




https://legiscan.com/DE/bill/SB244/2019

Delaware Statutory Trust Act (the Act) to keep it current and to maintain its national preeminence




------------
iowa ****

#ddl

mobile did in production 

https://iowadot.gov/mvd/Mobile-ID

video
https://youtu.be/2A1IUmEt89s


iso ?
mobile identity standards

pgm to rollout to agencies, organizations

stds for acceptance across states

4 cs - convenience, choice, control, confidence


faqs - mobile id for business
https://iowadot.gov/mvd/MID-businesses




------------
Wyoming




------------
Oklahoma ****


#ddl

p2p car sharing law     proposed
http://webserver1.lsb.state.ok.us/cf_pdf/2019-20%20INT/SB/SB1650%20INT.PDF



mobile id app on apple
https://apps.apple.com/us/app/oklahoma-mobile-id/id1461045650


https://www.idemia.com/press-release/idemia-and-oklahoma-create-drivers-license-your-mobile-phone-2019-11-08

We are pleased to be one of the states leading the movement to offer secure, state issued identification on a smart phone. Oklahoma Mobile ID offers individuals more control of their personal information and offers businesses and organization that transact with IDs additional measures to reduce fraud. Oklahoma Mobile ID is a major step in the State’s initiative to swiftly bring technology innovation to its citizens in a way that has real-world, immediate benefits.
David Ostrowe, Secretary of Digital Transformation and Administration for the State of Oklahoma

Oklahoma Mobile ID allows consumers to be in control. Privacy options allow individuals to show only the amount of information needed to conduct a transaction. For example, those who show an ID to purchase alcohol can set the Mobile ID to a privacy mode that shows only a photo and verification that the user is over 21 – the amount of information needed for such a transaction.


eid- online id
https://apps.apple.com/us/app/idemia-eid-trusted-online-id/id1220582616




------------

eidas - European Digital ID card standard

Oklahoma Mobile DID app

https://apps.apple.com/us/app/oklahoma-mobile-id/id1461045650

Oklahoma Mobile ID is a secure, digital version of your driver’s license/state ID. Use it to verify your identity anytime you would use your physical driver’s license or state-issued ID, wherever Mobile ID is accepted.

Intuitive and easy-to-use, Mobile ID is unlocked by a selfie match to verify identity, or by using a self-selected pin or TouchID/FaceID. Mobile ID allows you to control your identity by allowing you to share only the information needed for a transaction. For example, if you need to prove that you’re old enough to buy alcohol, you can select a privacy view that only shows your name, photo, and that you are older than 21. No other personal information, like date of birth and address is shown to the person checking your ID.

In three simple steps, you can register for your Mobile ID:

1. Download this app to your smartphone
2. Use the app to capture your state-issued driver’s license or ID card
3. Follow the app’s registration steps to take your selfie and verify you are you

Please note: Oklahoma Mobile ID by IDEMIA is considered an official state-issued ID, serving as a companion to your physical ID rather than as a replacement.

The Oklahoma Mobile ID is available at no charge to citizens until November 2020. After this, a yearly subscription will be required.

This app requires an iPhone 5s or newer device.

https://www.idemia.com/press-release/idemia-and-oklahoma-create-drivers-license-your-mobile-phone-2019-11-08

We are pleased to be one of the states leading the movement to offer secure, state issued identification on a smart phone. Oklahoma Mobile ID offers individuals more control of their personal information and offers businesses and organization that transact with IDs additional measures to reduce fraud. Oklahoma Mobile ID is a major step in the State’s initiative to swiftly bring technology innovation to its citizens in a way that has real-world, immediate benefits.
David Ostrowe, Secretary of Digital Transformation and Administration for the State of Oklahoma

Oklahoma Mobile ID allows consumers to be in control. Privacy options allow individuals to show only the amount of information needed to conduct a transaction. For example, those who show an ID to purchase alcohol can set the Mobile ID to a privacy mode that shows only a photo and verification that the user is over 21 – the amount of information needed for such a transaction.

IDEMIA mobile app for  EIDAS card

https://apps.apple.com/us/app/idemia-eid-trusted-online-id/id1220582616

Your free, secure digital ID to safely access online government and commercial services while protecting your identity.

The eID is the first, and only app in the U.S., that creates a digital ID leveraging your state driver’s license or ID card. Use the eID to prove your identity for various digital transactions on participating websites, mobile apps, and more.

It empowers you to apply online for benefits, transfer a vehicle title, open online accounts, protect sensitive transactions, secure your tax refunds, and more, leveraging the power of your identity and your smartphone.

The eID:

• Empowers you to be in total control of your identity information

• Provides peace of mind knowing there is less chance of identity fraud

• Saves you time & money with streamlined access to online resources, services and benefits

• Eliminates usernames and passwords

In three simple steps, you can register for, and activate, your eID:

1. Download the IDEMIA eID to your smartphone

2. Use the app to photograph your state-issued driver’s license or ID card

3. Take your selfie with the app

Once registration is complete, the eID offers a frictionless user experience. Through the app’s QR code scanning feature you can safely, and securely, verify your identity and share specific required identity details needed for the particular transaction. Push notification alerts inside the eID app give you the control to approve transactions and identity information requests directly from your smartphone. This gives you the control you desire over your accounts and your identity.

Download the IDEMIA eID and start your journey to a safer and more secure online world.

This app requires an iPhone 5s or newer device, because it leverages Secure Enclave, only available on A7 processors and up.

KYC and related legislation 

KYC and AML laws apply in many jurisdictions to financial services

https://en.wikipedia.org/wiki/Know_your_customer#:~:text=The%20know%20your%20customer%20or,Money%20Laundering%20(AML)%20policy.

The know your customer or know your client (KYC) guidelines in financial services requires that professionals make an effort to verify the identity, suitability, and risks involved with maintaining a business relationship. The procedures fit within the broader scope of a bank's Anti-Money Laundering (AML) policy.

ID2020 - Digital identity for all NGO

https://id2020.org/digital-identity#approach

ID2020 partners believe that ethically implemented, privacy-protecting, user-managed, and portable digital ID solutions offer an opportunity to put the ownership of personal data back in the hands of the individual. But achieving this vision will require a sustained commitment to serving the needs of society’s most marginalized and ensuring that they are not left behind.

Digital identity should be:

1. private - you control the information you share and consent is tracked, revocable
2. portable - accessible and recoverable from anywhere at anytime
3. persistent - lives with you 
4. personal - unique to you

Identity and Voting

2020 US Voting experience

2020-election-analysis-PP_2021.01.15_biden-trump-views_REPORT.pdf

does vote-by-mail work and does it increase election fraud?

If candidates believe there has been voter fraud, they can present evidence regarding a particular race to the election board or file a lawsuit in a local court. Authorities review the evidence and decide if there has been actual fraud. If there is sufficient evidence, local prosecutors can indict the relevant people for mail ballot fraud. It is a criminal offense to forge a name on a mail ballot, impersonate someone else, steal ballots, or deceive someone about their mail ballot.

According to the Brennan Center for Justice at New York University, there is no evidence that mail balloting increases electoral fraud as there are several anti-fraud protections built into the process designed to make it difficult to impersonate voters or steal ballots. These provisions include requiring people requesting absentee ballots to be registered voters, mailing ballots to the official address listed on voter registration rolls, requiring voter signatures on the external envelope, and having election authorities make sure the ballot came from the address of an actual voter. If a ballot appears questionable, some states use a signature matching technique to verify the signature of the voter.

US election 2020: Do postal ballots lead to voting fraud?

There have been a few, well-publicized cases, such as in the 2018 North Carolina primary, which was re-run after a consultant for the Republican candidate tampered with voting papers.

US States support for Voter ID laws

https://www.politifact.com/factchecks/2022/jan/11/donald-trump/trump-says-democrats-are-trying-ban-voter-id-s-mis/

US States Voting ID Laws - 2022 -Trump says Democrats are trying to ban voter ID Thats misleading.pdf

John Lewis Voting Rights Act

US Draft Legislation on Privacy Bill

New draft US bill on data privacy

https://www.cov.com/en/news-and-insights/insights/2022/06/draft-released-of-the-bipartisan-american-data-privacy-and-protection-act#layout=card

overview

https://republicans-energycommerce.house.gov/wp-content/uploads/2022/06/Bipartisan_Privacy_Discussion_Draft_Bill_Text54.pdf

To provide consumers with foundational data privacy rights, create strong oversight mechanisms, and establish meaningful enforcement.

Potential Value Opportunities

Potential Challenges

The different views of Digital Identities

https://www.linkedin.com/posts/lockstep_digital-ids-biggest-challenge-may-be-explaining-activity-7131372267485229057-qJv0?utm_source=share&utm_medium=member_desktop

https://www.linkedin.com/posts/11dot2_digital-ids-biggest-challenge-may-be-explaining-activity-7131140377121615872-rsbV?utm_source=share&utm_medium=member_desktop

Stephen Wilson well said. Yes, many entities will often have multiple identifiers assigned to them by different issuers ( I have a bank account, a gmail id etc). Agree with the concept that SSI does have political concepts behind it. We do use identities assigned by state authorities ( eg Passport, Driver's license etc ) as a legal proof of our identity in a specific context. In an increaslingly automated, digital world, we do need to find secure methods to effectively use our identities in many different use cases meeting specific trust and control requirments. Trust engineering goes beyond the boundaries of security for different multi-party use cases.

Identity Theft

things hackers can do with your cell phone number

think twice before sharing your phone number

 The information found through these sites includes your address, bankruptcies, criminal records, and family members’ names and addresses. All of this can be used for blackmail, stalking, doxxing, social media hacking, or identity theft.

reroute your mobile number to someone else's cell phone through the carrier

Another tactic is to contact your mobile carrier provider claiming to be you, says Veronica Miller, cybersecurity expert at VPN overview. Then, the hacker can make it so your number routes to their phone. From there, the hacker will log into your email account. Of course, they don’t have your password, but they don’t need it. They just click “Forgot password” and get the reset link sent to their phone that now uses your phone number. Once the hacker has access to your email account, it’s easy to gain access to any of your accounts.

Control Phone Hacking with these tips

https://www.zeebiz.com/technology/news-how-to-find-who-is-tracking-your-phone-with-ussd-codes-who-has-hacked-tapped-your-mobile-90270

##002# - If your voice call or data call, or SMS call has been forwarded, dialling this USSD code will erase them. 

*#21# - By dialling this USSD code, you would get to know if your calls have been diverted somewhere else or not. 

*#62# - With this, you can know if any of your calls - voice, data, fax, SMS etc, has been forwarded or diverted without your knowledge. 

Microsoft Entra Support for identity standards

https://learn.microsoft.com/en-us/azure/active-directory/verifiable-credentials/verifiable-credentials-standards

Candidate Solutions

Akif Kahn - Gartner - 2023 - Digital Identity Splutions Update on Linkedin

https://www.linkedin.com/posts/akifk_iam-identity-identityverification-activity-7137810351860912131-ow6K/?utm_source=share&utm_medium=member_desktop

Portable digital identity. That's the future. Untethered, under your control, allowing you to metaphorically float away and assert your identity wherever you choose to land - both in the digital and physical world.



At Gartner we just published "Portable Digital Identity: Definition and Approaches" which explains the different possible paths towards portable digital identity, looking across the 2x2 matrix of centralised data vs decentralised data and centralised execution vs decentralised execution.

....

But more broadly, we see governments implementing digital identity schemes for citizens. The EU Digital Identity Wallet initiative is probably the biggest and most exciting digital identity project in the world. The US is making steps forward with mobile driver licences - and this is then enabling the likes of Apple and Google to get into the game and allow people in some states to add their mDL into their native phone wallet. Microsoft has also made big strides with Entra Verified ID.

....

Thank you to Mike Kelley as lead author and to Arthur M. as co-author - as always, it was a pleasure co-authoring with you.



https://lnkd.in/e8AcDkgv

Jim >>>

Thanks for the updates on portable digital identity. I agree the EU Digital Identity initiative ( https://tinyurl.com/eu-digital-wallet ) will be a big leap forward. In the US, Liz Tanner, RI Secretary of Commerce, has led Rhode Island's roll out of the first US State Digital Identity solution based on Self-Sovereign Identities using Hyperledger software ( https://www.youtube.com/watch?v=0W5rMRU3714 ). The RI solution was tested with individual and corporate identities and verifiable credentials. That's a big step forward over the basic digital drivers licenses that are becoming more common today in the US.

Step-by-step guide for Example

sample code block

Recommended Next Steps

Related articles