Swiss Federal Railway Trials Certificate & Identity Pilot on Ethereum

Introduction

Picking up where digital identity left off in Zug, the Swiss Federal Railway SBB has been exploring how to implement its first blockchain use cases, specifically around certifications for its employees that work on railway tracks. Blockchain-based identities in Switzerland initially made headlines a year ago when the City of Zug implemented the first government verified citizen ID on a public blockchain using uPort, supported by ConsenSys. Together with Linum Labs, SBB wanted to explore a solution that provided real business value, while simultaneously venturing into their first blockchain pilot project.

Train accidents can be fatal and are often linked back to malpractice on tracks. Due to this, the Swiss government has enforced security regulations and record-keeping requirements of who has worked on the tracks and if they were certified to do so. However, the record keeping is fairly complex as there are often multiple companies with multiple certifications working on thousands of construction sites across Switzerland. Having multiple parties making entries on a record needed for public safety, ultimately linked to an individual’s identity, made this an ideal fit for a decentralised identity pilot. This would enable simple interoperability between all of the different actors.

Dmitrii Vaccinium © Unsplash
“Having multiple parties making entries on a record needed for public safety, ultimately linked to an individual’s identity, made this an ideal fit for a decentralised identity pilot. This would enable simple interoperability between all of the different actors.”

Pilot Overview

SBB maintains thousands of construction sites with over 30,000 employees across Switzerland.

Each of these sites has a multitude of workers present from different construction companies and they all need to be medically fit and certified, for example in welding, in order to work on the site. In addition, each site needs to record which worker was present and if they were correctly certified to work on that site.

A self-sovereign blockchain based identity is well-suited for this use case because workers should be able to carry over their identity from one company to another and no specific company should own or manage it. In addition, there are multiple companies and parties issuing certificates.

SBB required a simple solution that:

  1. verified the identity of a worker,
  2. verified their credentials,
  3. recorded this in a tamper-proof ledger.

With the success of the identity trials in Zug, Switzerland, there was project confidence to test this on the public Ethereum testnet Rinkeby. As most of the personal identifiable information stays off-chain, using a public ledger is not a disadvantage. It is important to note this here, as it seems that public blockchains are gaining in popularity as it becomes obvious that a single company is not interested to manage or maintain its own chain for a simple pilot implementation. Additionally, the use of an open source blockchain without royalties contributes to trust and lower fees for network users.

Using uPort, railway workers, certification authorities and supervisors are able to have their own unique digital identities linked to their respective uPort ID’s, which is then anchored to an identity on the blockchain. A hash of the worker’s check-in / check-out activities is published to the blockchain so that the internal database can be audited.

The overall design goals of the pilot were to:

  • Ensure a mobile user interface (UI) and good user experience (UX) to achieve real adoption beyond a pilot.
  • Be interoperable with external partners of SBB and to achieve adoption beyond the pilot.
  • Be open-source to achieve network effects and buy-in from the blockchain ecosystem.
  • Be interoperable and in compliance with GDPR and other data privacy laws.

User Flow

To achieve the required project outlines, a dedicated small team worked together over a 5-week period to co-design the application architecture, enhance system features and develop an end-to-end solution. The production ecosystem consisted of hands-on and remote development support.

The end user flow of the pilot application is as follows:

  • After downloading the uPort mobile app, the railway worker “Hans Müller” registers his uPort ID on the Ethereum blockchain. The uPort app is freely available on both iOS and Android, providing users with the advantage of creating an identity at no additional cost. In this PoC, we created a mock identity for the City of Bern that would issue a certificate or credential. This would allow anyone to verify this address. The system could also leverage the existing ID certification system in Zug — the attestations are essentially identical.
The uPort ID home screen after registering to the Ethereum blockchain. Hans scans the QR code with the City of Bern to be issued a certificate proving his digital blockchain credentials.
Once the QR code is scanned, Hans approves the transaction, then accepts the certificate, and finally, the certificate is shown linked to Hans’s uPort ID.
  • Similarly, Hans is issued a certificate by the railway education group proving which training certifications he has attained. In this case, a “welding” certification is issued to Hans’s uPort ID. This is used to easily prove and verify that Hans has the right training qualifications to work on a site.
Similarly to attaining a City of Bern issued ID Certificate, a QR code with the Railway is scanned, Hans approves the transaction, then accepts the certificate, and finally a Railway certificate is shown linked to Hans’s uPort ID.
  • Finally, the certificate is verified by a supervisor on a railway construction site using a mobile check-in / check-out system that firstly verifies if Hans has the correct credential to work here and also measures the working time spent on the location.
  • A log entry or exit made by Hans is generated, hashed and then stored on the blockchain, making it tamper-proof. This is done by Hans scanning a QR code on-site using his uPort app for check-in, and then once again upon check-out. With uPort’s new architecture, identities are generated and secured on the blockchain at no cost, while the ledger entry Gas costs are $0.006 per entry.
For both check-in and check-out, Hans scans a QR code using his uPort app, then approves the credential request. The event logs generated from each entry and exit are hashed and stored on the blockchain, after which they can then be verified.
Upon successful check-in, a screen shows that Hans has been verified. Upon successful check-out, a screen shows Hans’s hours and that check-out has been successfully recorded.

Conclusion

One significant realisation in building this pilot was for SBB to experience how far blockchain implementation has advanced. In a 5 week period, one of the largest and oldest enterprise institutions in public infrastructure in Switzerland built a business-oriented solution with us:

1. On a public blockchain ledger (Rinkeby Ethereum).

2. With an open source product without license fees.

3. Implemented fully functioning GDPR compliant self-sovereign identities.

4. With identities that were generated and secured on a blockchain at no costs thanks to uPort’s new architecture, with our ledger entry Gas costs of $0.006 per entry.

5. In a fully mobile friendly implementation on both Android and iOS devices.

This pilot could be a part of the broader Swiss ID and digital identity discussion in Switzerland and serve as a model use case for issuing and verifying all types of organisational credentials. A striking part was how quickly the pilot was able to be developed and tested in real-world scenarios thanks to a multitude of tools and open systems that are available.

SBB and Linum Labs hope that the various components of this work can be fully open sourced in order to spur exploration of different use cases that build on the same simple interaction design: an authority issues a credential to an individual, which can be easily and securely verified with a tamper-proof log. This could be applied from employees checking into worksites across the world, to the issuance or verification of driver’s licenses or university degrees.

At Linum, we believe that self-sovereign identity will be the cornerstone of a new decentralised infrastructure. This pilot is a first step in the direction for any enterprise wanting to experiment with these systems and has proven that there is business value that can be captured today. For us, the SBB pilot is the beginning of a journey to leverage existing self-sovereign identity solutions effectively to challenge the status quo in a wide range of industries. If you’re interested in enterprise or government implementations in identity, we’d love to talk to you.

If you would like to learn more, have specific questions on this particular use case, or possibly looking into a digital identity pilot, please do not hesitate to reach out to us.

Linum Labs AG is a Swiss-based company that aims to build decentralized systems, with a focus on health and identity.


Contact: Linum Labs, Paul Kohlhaas and Oz Razak (paul@linumlabs.com; oz@linumlabs.com)

Contact: SBB, Dominic Hurni, Simon Erhardt and Vitus Ammann (dominic.hurni@sbb.ch; simon.erhardt@sbb.ch; vitus.ammann@sbb.ch)