Use cases for digital, decentralized trust services
Part 3 — Decentralized Compliance
The first part of the series “Digital Identities — Trust Infrastructure for Digital Business Models” introduced the basic principles of a trust infrastructure. The second article presented the first use cases in supply chain management, where companies can easily benefit from decentralized trust technologies. This third part will present two more use cases that allow companies to generate benefits in the area of risk avoidance and compliance management.
Use Case 4 — Digital Certificate Management
Certificates are important for many supplier relationships, especially to ensure corporate compliance requirements. Similar to master data, certificates are mostly exchanged analogously and manually nowadays. In particular, in regulated industries, the effort of proving which supplier has a certain certificate at what time implies a high effort for both suppliers and customers.
Certificates can also be exchanged digitally and automatically as Verifiable Credentials. In contrast to master data, certificates are not issued by the company itself, but by third parties. For this purpose, the verification chains of the evan.network Verification Service can be used.
Independent certifiers are trusted bodies that issue certificates to companies, for example, to ensure compliance with quality, environmental and corporate compliance standards. If this is done in the form of Verifiable Credentials, these digital certificates can be used as a trust seal in business relationships. A supplier can, for example, provide their customers with certificate proof digitally, whereby the customer can verify the authenticity of the certificate and the certifier with the Verification Service. In this form of digital cooperation, certificates can also be updated or revoked by the the certifier as a trust issuer at any time. I’ve just uploaded the exercises for our session on Friday. If you want, you can take a look at it by the certifier as a trust issuer.
Advantages:
- Customers always have an overview of their suppliers’ certificates
- Auditing security via proof of the past certification status
- The supplier only has to maintain certificates at one place
- Master data is always up-to-date for all users
- The certifier can create and revoke certificates digitally
Use Case 5 — Decentralized Compliance Management
As certificate management extension, multi-level supply chains can be made transparent concerning the observance of certain compliance requirements. Particular use cases, for example, exist to proof compliance with a certain quality, environmental or social standards of all suppliers involved in the product manufacture. In practice, this problem remains almost unsolved as apart from individual industry solutions, cross-company compliance management does not exist. In addition to the previously described problems of digital certificate management, another difficulty in cross-company compliance management arises: A digital end-to-end compliance proof is almost impossible due to the fact that suppliers do not want to disclose their sub-contractor relationships to their customers.
Verifiable credentials and verification chains can also be used here. Thus, a digital compliance proof is generated for each production order as a blockchain-based Smart Contract. This compliance proof is given to the digital identity of the supplier, who files a reference to his Verifiable Credentials of the required certificates valid at the time. The supplier then passes on the digital compliance proof to his sub-suppliers along the supply chain, so that step by step, parallel to the creation of the product, a continuous compliance proof is created.
If a verification of the certificates is required, for example within an audit, the certification status at the time of the product manufacture can be proven via the product- or batch-specific digital compliance proof. The Verification Service checks the certificates and the authenticity of the certificate issuer (Trust Issuer).
To ensure anonymity, a pseudonymisation procedure can be used for the storage of certificates. This way, the suppliers store the reference to their certificates in the digital compliance proof, but do this under a unique and therefore untraceable pseudonym of their actual digital identity. This means that the customer or auditor can only trace the certificate status along the supply chain, but cannot view the identity of the suppliers involved.
Advantages:
- Manufacturers can provide proof of compliance for a supply chain
- Suppliers can prove compliance without disclosing the supply chain
- Audit security through trust in the certifier(Trust Issuer)
- Certifier can create and revoke certificates digitally
Conclusion
Trust is the most important asset for all business relationships. Especially in multi-stage supply chains, where lack of transparency is already present, it becomes difficult for companies and end customers to have confidence in products and services. Digital trust technology can help to act more transparently. However, this transparency often goes hand in hand with the need for central data aggregation, which creates dependencies and can hinder fair competition in the long-term. This problem can be solved with decentralized trust technologies so that transparency is created while the data sovereignty remains with the respective autonomous parties involved.
The evan.network is a manufacturer-neutral digital infrastructure based on the blockchain technology, which creates a trustworthy cooperation environment where business partners can work together.
Do you want to stay up-to-date? Then follow us on Twitter, GitHub or LinkedIn!
Did you like the article? Then we thank you for the applause!
