The Global Legal Entity Identifier Foundation (GLEIF) and self-sovereign identity specialist Evernym this month piloted a new solution allowing organizations to create and manage ‘organization wallets’ containing digital portable credentials to confirm an organization’s identity and verify the authority of employees and other company representatives.
‘Self-sovereign’ means that the individual identity holder controls their credentials, using them whenever and however they please, without being forced to request permission from an intermediary.
The wallets are designed to speed up and secure digital business activities such as approving business transactions and contracts, including client onboarding, transacting within import/export and supply chain business networks and submitting regulatory filings and reports. The wallets and the credentials they contain are secured by a blockchain-based ‘chain of trust’ which connects a person’s name and job role to the organization’s legal entity identifier (LEI), using a decentralized identity management model that secures both the content of the information exchanged and the interaction between the actors in a transparent trust chain.
“This provides a valuable point of differentiation from centralized identity management schemes based on information in databases,” notes a spokesperson for the partnership. “In addition, leveraging the LEI allows clear identification of the legal entity, using a global, consistent and open identifier.”
The two players recently executed a proof-of-concept simulating a regulatory filing, secured by a verifiable credential rooted on the Sovrin Network, an open source project for a global public utility for self-sovereign identity. The workflow begins with GLEIF registering its own public Decentralized Identifier (DID) on the Sovrin public ledger, after which it then accredits each of its authorized LEI Issuers with the capability to issue verifiable credentials to legal entities. The legal entity is validated by the LEI Issuer and receives an LEI, following which it requests a verifiable credential, alongside its LEI, to establish its digital identity. The LEI Issuer issues the verifiable credential to the legal entity, which uses this credential to issue verifiable credentials to its employees, which identify the official roles they play in the legal entity. These credentials are then stored in the ‘organization wallet’ of the legal entity.
The concept of leveraging the LEI in organization wallets could potentially deliver an unprecedented level of transparency on key organizational roles, with verifiable credentials issued by legal entities incorporated into the Global LEI Index, without the inclusion of personally identifiable information. Open access to the list of digital role credentials registered by legal entities in the Global LEI System could be of significant value for LEI data users worldwide, who could look up the published list of official roles that have been issued by a legal entity.
“There is no precedent for the concept of organization wallets,” stresses GLEIF CEO Stephan Wolf. “This pilot was driven by the increasing digitalization of business activities and the need for enhanced transparency and trust to verify someone acting on an organization’s behalf. By partnering with Evernym, we have extended the idea of self-sovereign identity beyond individuals to legal entities for the first time. The process of cryptographically recording credentials, linked to an organization’s LEI in a chain of trust rooted on distributed ledger technology, gives organizations full control over the issuance and management of their own employee’s digital credentials. These credentials are not only strongly verifiable and transparent, but they can be updated or revoked at any time. Trust is delivered by the decentralized identity management process that eliminates a single point of failure while at the same time ensuring data privacy.”
