The 1Kosmos Architectural Advantage
Privacy by Design
Without a centralized administration authority, our private blockchain technology enables individuals sole access and control of all personally identifiable information. This privacy-by-design approach enables end users to view and approve or reject sharing of any and all information requested by online services they wish to access. All personal identifiable information (PII) is encrypted end-to-end so it’s never exposed. Users approve or reject sharing requests directly with the applications to which they connect without any third party intermediary having access to their data - no external public key server, host messaging server, etc. has access to the keys or plaintext messages.
Immutable Audit Trail
Similar to a public blockchain, the private, permissioned ledger in BlockID retains a detailed, immutable audit trail of all events, enabling visibility to all logins, access attempts, information updates, and shared information related to the digital identity. A private ledger acts as a closed network where information from separate organizations or lines of business can be stored separately – each with its own private ledger. This extraordinary level of audit and visibility helps prevent unauthorized access and fraudulent transactions, providing a high level of assurance for the identity behind the device.
Because BlockID follows the W3C specifications and is certified to NIST 800-63-3, UK DIATF, and FIDO2, it uses public-private key cryptography to record and access all information. The private keys or stored in the secure enclave or TPM chip of the endpoint or user’s device, which can be secured to the very highest digital standard of IAL2 / AAL2 supported by NIST. The next highest level of IAL3 / AAL3 that is generally reserved for human verification, but can be achieved via agent-assisted authentication through 1Kosmos partners.
In addition to the public-private key security that is used for encryption, signing, and making relationships with other parties and afforded by certification to NIST, UK DIATF, and FIDO specifications, 1Kosmos LiveID biometrics are certified to iBeta PAD2 specifications (21 CFR 1311.116 test) providing assurance of liveness and achieving a false match rate (FMR) of less than 0.1% at 95% confidence interval. In addition, with a private, permissioned ledger there is no central “honeypot” of user PII for hackers to target, further defeating risk of ransomware and data breach. The implementation of a specific DID scheme on a particular Distributed Ledger Technology or network follows W3C DID specifications. These specifications include defining the precise method(s) for reading, writing, and revoking DIDs and DID Documents.