Drilling into new potentials for Open Badges — Mozfest session
This is a narrative to the session I presented at Mozfest 2016 in the Open Badges space.
This year I’ve listened to several conversations around the use of Open Badges which have focused on verification of the provenance and granularity of visibility of evidence. At Open Badges in Higher Education there were mutterings for universities as to why they had concerns around putting their brand against more substantial, higher-stakes use of Open Badges. And Doug Belshaw raised the issue of granularity of evidence embedded in a badge, do you really want everyone to be able to see everything? Do these issues raise a barrier for wider adoption of Open Badges? The opening session at Mozfest, from Mark Surman, raised this question about widening acceptance by industry and organisations. So is security a potential addition to some badges to widen participation and acceptance?
We are in a world where there are increasing stories of identity theft, identity fraud and hacking. This makes many wary of the digital world and digital credentialing. After all how do you prove identity at a distance?
Unscrupulous hackers have discovered a lucrative way to garner money. When we sell a house it tends to be a publicly visible thing, after all we need to advertise it! This has raised a growing wave of hacking into emails between solicitors and vendors as the process becomes ever more digital. The hackers create a facsimile of the solicitor’s email and ask for funds to be transferred to a bank account to complete the sale process. By the time anyone realises this account is long gone. So it is no wonder we are becoming increasingly wary of digital identity.
However, the mis-use of identity is not restricted to online. Gloria Hunniford is a well-known and respected presenter, of over 40 years, in the UK, yet someone took on her identity and strolled into a bank and withdrew £120,000 over the counter. If identity can be stolen as blatantly as this how can we ever believe anyone?
In the UK CIFAS holds a national fraud investigation database, there has been a steep rise in CV fraud, with over 60% of fraudulent investigations focussing on this in 2014. If we set up an account as a customer, then we generally have to go through a verification process. If we apply for a job the checking of credentials is not always so rigorous as it is not a straight forward activity.
HR manager in FTSE100 company “It’s very difficult to do the checking at the moment,” she said. “It’s quite a manual job and there’s a lot of administration involved.“
In some jobs it may not matter that you don’t really have that qualification if you can actually do the job. But how would you feel if you were operated on by someone who claimed to be a doctor but hadn’t qualified?
The value of digital credentials as a universal recognition of skills and ability was brought home to me when I had a conversation with an Afghani refugee. This man had been an interpreter with the British army, and so had to flee, with his family, when they pulled out of the country. Despite been an interpreter at that level, his qualifications were not accepted in the UK and he was struggling to gain employment. His case provided me with the perfect example of the need for internationally recognisable credit.
Here in the UK there is the potential to check Higher Education via HEDD (higher education degree datacheck) at a cost per enquiry of £10. Spain and Belgium have a national qualifications register but its only accessible in that country. There is a need for an easy way to validate qualifications and skills, particularly internationally.
Open Badges ‘have baked’ in values, do they provide the potential for identity at a distance and verification of skills? Currently open platforms allow anyone to create a badge, add the evidence required and determine who can award the badge. All evidence is view-able by anyone who clicks on the badge, there is no option for granular permissions of privacy. And concerns that the badge could be faked.
eNetBadges have tackled this problem head on. These badges come with 128 bit encryption built in. They are designed for use in industry, where high-stakes credentialing is vital. Blockchain wasn’t chosen as the technology to underpin this for two reasons; it wasn’t a technology associated with potential for Open Badge security when the solution was developed, and it relies on a two-way trust meaning both parties need the same level of access.
eCom Sotland has been operating high stakes exams for a global assessment body that are responsible for accrediting oil engineers worldwide. A potential was seen to integrate badging into the examination certification process. Assessments need to be re-accredited every two years, and centres providing accreditation need to be re-verified annually to show they are fit for purpose.
Currently assessment takes place on-line in a centre. Following this paper certificates and a wallet card (think photo card diving licence and counterpart paper certificate) are printed. These are distributed to centres via courier, the centres then use couriers to distribute to the individuals. Currently the bill is little short of £1 million per annum.
Operatives are required to provide ID and evidence of their capacity to do the job via the wallet card. This brings multiple problems:
· ID is not always properly checked.
· There is frequently no access to any online connection to help check up on ID and credential.
· These qualifications provide access to a highly paid job so the desire to defraud is high.
· Operation is frequently in countries with added difficulties of conflict, terrorism and corruption.
· There is no direct link between the operating centre’s license to practice and the engineers.
· Not everyone speaks English, or uses a common date format.
The eNetBadges solution offers an integrated issuing of certificates. Once the candidate has sat the exam they are automatically credited with a digital badge. The badge is fully inter-operable with the OBI via an API, but unlike other open badges it has security underlying it. Who can issue the badge is limited, and so is the access to view the underlying evidence of competence. The owner can still share the badge in a digital CV directly from the eNetBadges interface or on social media through a Mozilla backpack.
This is going to bring other advantages to the organisation:
· As it is a digital credential it is easy to build in time limits, or even revoke the badge during its tenure.
· The badge is inextricably linked to the issuing centre’s badge, therefore if that is revoked the badge is instantly revoked too.
· The badge can be linked to identity baked into it so a photo of the owner can become part of the data.
· All badges have an issue number; the badge can be doubly verified directly through this number.
· The total cost of this operation of verification can fall to around £30,000 a year from the current £1m!
Due to the operating restrictions of networks in countries of operations eCom have designed an app to act as a verification conduit. Employers can check validity, engineers can check their certificates, and can find authorised centres for re-validation.
If you would like to find out more about this project please get in touch with connect@ecomscotland.com
