A smart contract is simply a bit of software logic that describes what identity information will be exchanged, why it’s being exchanged, and with whom. The contract is added to the Blockchain so that it’s secure and can’t be modified, and to provide an audit trail.
When a user wants to log in to your secure network, for example, they use their 1Kosmos mobile app to scan a QR code, click a link or receive an NFC signal that initiates the process. Using the information encoded in the QR code, link or signal, 1Kosmos triggers a smart contract that specifies who you (the company) are, what identity information you need from the user, and what you’ll do in return when you receive it, such as granting them access to your corporate network or their online customer account. Your request is displayed on the user’s mobile phone in their 1Kosmos mobile app. Once they authenticate and consent to your request using their biometrics, the smart contract then knows what identity data must be retrieved from the user’s 1Kosmos digital identity safe and sends that data back to the user’s 1Kosmos mobile app, where it’s decrypted using their private key.
That data is then re-encrypted and digitally signed using your private cryptography key, which is also contained in the smart contract — so the owner (and only the owner) — can decrypt it using the corresponding private key. The smart contract then sends that information to complete the authorization process.
The smart contract is an intrinsic piece of the 1Kosmos Blockchain ecosystem that facilitates the delivery of a verifiable credential each time a user leverages his or her 1Kosmos app to request access to a physical location, a system and/or an application.