The need to have a global, robust and universally applicable organizational electronic identity (Org eID) has been known for a long time.
Even today, however, this need is poorly addressed. Moreover, there are only a few systematic attempts at understanding and defining:
- What Org eID is
- Requirements it should satisfy
- Existing and new technologies available for robust implementation
- Applicable regulations
- Interplay with the existing legal system(s)
- Survey of use-cases that would either be made possible or significantly benefit for existence of a global Org eID
Together with GLEIF and Kaiser Odermatt we've conducted a deep dive into all these aspects in a new research paper - "Towards the global Org eID system: defining requirements, reviewing regulations and analyzing technology choices".
One important aspect of the research effort was to make sure that our findings and recommendations are not of theoretical nature only. In fact, most of the findings and evaluations are actionable and should help the policy and decision makers as well as practice leads start projects and define milestones leading to business oriented solutions.
Critically, a robust Org eID ecosystem is only possible if multiple angles are simultaneously considered. In other words, considering just the technical and technology aspects or legal and business aspects is not enough. Only a truly multi-disciplinary effort and continuous, iterative dialog can result in a future-proof, productive and scalable solution.
This is well demonstrated by a dedicated report on applicability of Verifiable Legal Entity Identifiers (vLEI) to a variety of use-cases for "on-chain" application, e.g. securing Smart Contracts, automated compliance for digital assets transfer, etc. This report, co-authored by the Key State Capital, Cardano Foundation and GLEIF, is available here.
Another key practical aspect of our research is in-depth review of, in our opinion, a key emerging technology for decentralised key management and verifiable data (credentials) exchange. Key Event Receipt Infrastructure (KERI) and related Authentic Chained Data Container (ACDC) represent a new, systems-based based approach to a secure, scalable and future-proof system that actually stands a chance to be the technical foundation for a truly global Org eID solution. More than 5 years in the making, and still evolving, this technology is very promising but is notoriously difficult to wrap one's mind around due to a number of novel, out of the box design choices such as usage of persinstent self-certifying identifiers, micro-ledgers, asynchronous communications, pre-rotated keys and multi-signature, rules based signature groups, etc.
We've made a significant effort to describe the key underlying mechanisms in an easy-to-understand but still technically accurate way.
Please feel free to download the document here and don't hesitate to get in touch.
