Connecting and building Trust Between Organizations and People with uPort Serto
To allow People and Organizations to interact safely, they need to be able to trust each other. The old way of doing this was to have trusted intermediaries.
Today decentralized technologies, like blockchain, help at the technical level, but they rarely correlate with what happens in the real world.
- How does a Token relate to a share offering on the London Stock Exchange?
- Does a particular Ethereum address purchasing the above token represent an EU citizen? Is she on a blacklist?
- Does it represent a Spanish company, and has the purchase been authorized by one of its legal officers?
- How can I use a Smart Contract based used to purchase a new house in Spain? After the sale is complete, how can I automatically sign up for utilities?
- More importantly, what do I do if something goes wrong?
Decentralized Identity systems such as the ones built by us at uPort over the last four years allow us to tie real-world businesses and people to their interactions on blockchains while protecting their privacy.
Rules, Regulations, and Ecosystems
All of the above examples could be solved using a combination of Verifiable Credentials issued to Ethereum based Decentralized Identities. However, just building technology is only one small part of it.
More importantly, though, each of the above cases is firmly anchored to one or more existing ecosystems and legal frameworks. This is where we, as technologists, have a terrible habit of hand waving things away and attempt to code our way out of it.
The last year we at uPort have spent much time meeting people, businesses, and regulators from all over the world. Initially, our goal was to teach the basics of Decentralized Identity; after some time, we realized that when we shut up and listen, we learn much more. The result of this exercise is uPort Serto.
We realized that Verifiable Credentials and Decentralized Identifiers (DIDs) are useless without actually mapping them into existing and emerging ecosystems based on local law, international agreements, and even internal business rules.
There is no way anyone can establish any one set of rules that works worldwide and in any vertical. Attempting to solve this using hip terms such as token mechanics is a fool’s errand.
Our solution is to focus on enabling local and international ecosystems to build and manage rules that, in most ways, map directly to rules that exist today.
Example Ecosystem Rules
- Which organizations are allowed to issue Verifiable Credentials to Legal Entities locally so Financial Institutions and Regulators globally can accept them?
- How does a Legal Entity issue a Verifiable Credential to a legal representative in the EU without violating their GDPR rights?
- How do you verify an individual’s identity and issue them a Verifiable Credentials that satisfies the legal requirements of the local bank regulator to be used by other Financial Institutions?
- How does an Organization issue Verifiable Credentials to its Employees and set rules for how they can be used both internally and externally?
These and many other examples are some of the real use cases from real businesses and organizations that we used to build our Serto range of products.
Real Ecosystems using uPort technology today
Examples of real ecosystems we are working with today are:
- GLEIF the Global Legal Entity Identifier Foundation, which was founded by the G20 nations to improve transparency in Legal Entity ownership globally. Read about the POC with GLEIF, Banque de France, INSEE, and Societe General here.
- Alastria the Spanish National Blockchain Ecosystem
- LACChain a new transnational Blockchain Ecosystem sponsored by the Inter-American Development bank
- The City of Zug who built the first real Identity Ecosystem on their own
- ConsenSys, uPort’s parent company who has made an internal ecosystem using uPort and their https://sobol.io Sobol offering
Ecosystems are not islands.
The great thing about these Ecosystems is that they consist of well-established member organizations and individuals. GLEIF, on its own, has more than 1.4M legal entities in its ecosystem.
These Ecosystems don’t just live on their own. In the real world, GLEIF sets global standards, that work together with local regulations established by national regulators, and finally, each individual regulated entity have their own business rules for managing risk.
uPort Serto allows multiple ecosystems to reference each other and finally makes it easy to connect data and rules from many different sources.
What are we announcing?
The essential part of uPort Serto is not what we are building, but the Ecosystems themselves. That said, to support them, we provide a set of business tools and technologies.
- Serto Constitution Allows EcoSystems to create and map identity-related rules to their real-world counterparts (Available Q2)
- We will work with individual ecosystems to manually create rules before then
- Trust Agent Allows organizations to manage their own identities, receive public or private credentials from other ecosystem members and issue credentials to Individuals and other Ecosystem members (Available Q1, 2020)
- TrustGraph Our new federated private and permissioned graph data platform, which is secured using blockchain security while still compliant with both GDPR and FATF rules (We will have a formal review of this before going into production) (Available Q4 2019 in beta)
- Serto Marketplace Credential discovery platform for service providers and credential issuers (Available Q1, 2020)
- Serto App Our new lightweight yet secure app allowing people to interact with identity ecosystems. The app will also be available for commercial customizations through integration partners (Available Q1/Q2, 2020)
We will do a slow roll-out to business customers of these. Please contact us if you would like to get early beta access to Trust Agent.
In particular, we would very much like to work with you if you are building Identity-related Proof of Concepts or are already a member of GLEIF, Alastria, or a local LACChain consortium.
How does this help real people achieve data sovereignty?
While we are explicitly targeting these tools at businesses and organizations, they are all about enabling people-centric data in the real world. We believe this will allow people to take control of their data together with the organizations they interact with daily.
