A smart contract is simply a bit of software logic that describes what identity information will be exchanged, why it’s being exchanged, and with whom. The contract is added to the Blockchain so that it’s secure and can’t be modified, and to provide an audit trail.
When a user wants to log in to your secure network, for example, they use their BlockID mobile app to scan a QR code, click a link or receive an NFC signal that initiates the process. Using the information encoded in the QR code, link or signal, BlockID triggers a smart contract that specifies who you (the company) are, what identity information you need from the user, and what you’ll do in return when you receive it, such as granting them access to your corporate network or their online customer account. Your request is displayed on the user’s mobile phone in their BlockID mobile app. Once they authenticate and consent to your request using their biometrics, the smart contract then knows what identity data must be retrieved from the user’s BlockID digital identity safe and sends that data back to the user’s BlockID mobile app, where it’s decrypted using their private key.
That data is then re-encrypted and digitally signed using your private cryptography key, which is also contained in the smart contract — so the owner (and only the owner) — can decrypt it using the corresponding private key. The smart contract then sends that information to complete the authorization process.
The smart contract is an intrinsic piece of the BlockID Blockchain ecosystem that facilitates the delivery of a verifiable credential each time a user leverages his or her BlockID app to request access to a physical location, a system and/or an application.