On February 8, Privacy by Design (PbD) officially became an international privacy standard—but the architecture you use to operationalize its principles may matter as much as the standard itself.
...
The Business Challenge
Privacy and security of user biometrics and other personally identifiable information (PII) are critical to comply with GDPR and for more than 230 GDPR-like regulations around the world. It’s also important to give users the assurance they need that their information is not accessible without their explicit consent.
Via a portable identity wallet, an architectural advantage Our platform empowers individuals to access and share credentials securely. Learn More , 1Kosmos places users in sole control of their own information by securing information via a cryptographically paired public-private key architecture. For added security, 1Kosmos BlockID utilizes a private blockchain to decentralize data, eliminating administrative access to a centralized “honeypot” of information that hackers often target in data breach or ransomware attacks.
All data is encrypted and written to the permissioned blockchain according to W3C DID standards, ensuring privacy, security, and complete auditability. Only the enrolled user can access the private key required to access and share their information at any time and with any online service.
The BlockID Advantage
Secure Personal Information Through Privacy by Design
A decentralized identifier, along with the cryptographic public-private key pair constitutes the identity wallet. Personal information about the user and their credentials are stored within the wallet and require the user’s private key and biometrics to read data from the wallet. Since the private key never leaves the Secure Enclave (ie, Trusted Platform Module) of the device and the biometric can be authenticated to the highest digital standards available, this approach vastly exceeds the security achievable via passwords, traditional multi-factor authentication and unverified device-level biometrics. This reduces cyber threats related to account credential compromise, such as phishing, data breach, and compromised account credentials.
Empower Users to Control Their Personal Information
Verifiable credentials are a standardized method for issuing and presenting claims about a person’s identity (e.g., driver’s license, university qualifications, passport, gym membership, etc.) online. Other types of information, such as educational certificates and vaccination records, can also be added to the identity wallet to make the user’s ID proofing process indisputable to support a variety of use cases. An identity wallet can make assertions (without revealing the data itself) which are cryptographically verifiable by the receiving party. The major cryptographic element used by decentralized identities to request and validate verifiable credential assertions is known as a zero knowledge proof (ZKP). Zero knowledge proof satisfies an information request while protecting user privacy.
Eliminate the Centralized PII Data "Honeypot"
Distributed ledger technology goes beyond the public-private key security that comes with a FIDO2 and NIST certified solution to provide additional security by eliminating administrative access to centralized “honeypots” of user personal information. In this architectural advantage Our immutable distributed ledger eliminates centralized PII honeypots. Learn More , information is sharded, encrypted and then stored in a private blockchain. The locations of those blocks of information are then encrypted and stored to provide an additional security layer protecting the integrity of any digital assets, in this case a decentralized digital identity.
The 1Kosmos blockchain creates an immutable audit trail, meaning events are logged in perpetuity and cannot be manipulated, giving IT a detailed and indisputable picture of all changes to identity and access attempts.
Deploy with Confidence
NIST 800-63-3, FIDO2, ISO27001, and iBeta DEA EPCS are technical standards designed to ensure security and interoperability for biometric authentication and passwordless access. Certification to these standards indicates that the solution has passed rigorous testing to validate that they are developed to the highest quality standards.
Certification helps prevent security loopholes and vendor locks from proprietary or otherwise closed technologies that can tie organizations to expensive renewal and maintenance contracts. Adopting technologies that have out-of-the-box connectors, open APIs, and a robust SDK can ensure long-term interoperable solution viability and improve return on investment by reducing OPEX.
Insights
Learn how Indisputable Digital Identities are Created with Biometrics and a Blockchain
RSA Conference Survival Guide
Join Robert MacDonald and special guest, Mike Engle, for IBA Friday. In this week's episode, they discuss remote caller identity verification.
Remote Caller Identity Verification
Our Advantage
The 1Kosmos Credential Service Provider Advantage
The 1Kosmos privacy by design credential service modernizes identity enrollment and authentication, empowering government age...