Digital Wallets

In this vlog, 1Kosmos CMO, Michael Cichon, and 1Kosmos CTO, Rohan Pinto discuss digital wallets, flexible levels of identity assurance and how to secure your digital wallet.

Michael Cichon:
All right. Great. Well, hello everybody. This is Michael Cichon. I’m chief marketing officer at 1Kosmos. Here today with Rohan Pinto, our chief technology officer to talk about digital wallets. Welcome to the vlog Rohan. How are you today?

Rohan Pinto:
Doing good, Michael. Thank you. Thank you for having me again.

Michael Cichon:
It’s always a pleasure. So Digital Wallets, a little bit of mystery around what this construct is. What is a digital wallet?

Rohan Pinto:
Well, I mean there’s absolutely no mystery about the fact that a wallet can be a digital wallet. I mean, especially in this day and age where we are all used to working online with laptops, with mobile phones, et cetera, having your identity or any form of document available in a digital form that can be presented for verification, regardless of whether it is a software on a computer that stores your identity or your document in some form like your Adobe PDF documents or your airline tickets, or even your credit cards for that matter, regardless of whether it’s stored on a desktop and a computer or in a mobile phone is in some form of digital wallet.

Michael Cichon:
Okay. Okay. Well, when somebody says digital wallet, I think the first construct that comes to my mind is what’s most familiar, which is the Apple Wallet. So, is a Digital Wallet and an Apple Wallet different or are they the same?

Rohan Pinto:
Well, Apple Wallet is a form of digital wallet. However, it’s a wallet that is shipped and controlled by Apple. So, Apple lets you hold certain forms of documents within your wallet. Whereas there are other vendors like us and a lot of other vendors out there who also have digital wallets of their own form. Every airline literally has a digital wallet of their own because that’s where you store your airline tickets that you use when you travel. So yes, Apple’s Digital Wallet are your Apple ID or your Apple Wallet is no different from any other digital wallet that exists out there, except in the form of the capabilities that the digital wallet might provide to its users or consumers.

Michael Cichon:
Got it. Okay, great. So the 1Kosmos Wallet, what’s unique about the 1Kosmos Digital Wallet?

Rohan Pinto:
Yeah. So, before jumping onto the 1Kosmos Digital Wallet, let’s talk about a normal digital wallet. And since you bought up Apple Wallet as an example, let’s talk about Apple Wallet and what can be stored in an Apple Wallet and let’s compare it to what the 1Kosmos digital wallet has and what it brings to the table.

Michael Cichon:
Excellent.

Rohan Pinto:
Now in a normal Apple wallet, I’m sure a lot of you have already booked airline tickets and you download a QR code, you add it to your Apple wallet. And when you travel, you show your QR code to the travel agent and they verify that your ticket is still valid and you’re allowed to board your flight. Now, this particular QR code that exists in your Apple wallet, it’s basically an identifier that says that the travelers is Michael Cichon, he’s flying from New York to San Francisco on flight number A123 on a specific day at a specific time. However, in order to verify the authenticity of that particular ticket that you hold within your wallet, the airline would have to look up in it’s back end system to ensure that the ticket is still valid and correlate that ticket that you have purchased to an actual individual who might be in possession of that ticket.

Rohan Pinto:
And therefore, every time you board an aircraft, apart from just showing your ticket, they also ask you for your ID and you typically show your driver’s license or your passport, depending on whether you’re traveling domestic or international. And that’s what the Apple wallet doesn’t have today, which is a form of identity that is bound to the identity document that you’re presenting for verification. And that’s the major difference between the Apple wallet and what 1Kosmos does because the 1Kosmos wallet, it’s all about identity. It’s about ensuring that the person in possession of a document or an identity document truly is the person that it has been issued to. So, you have an identity that’s bound to the digital document, and that’s what makes a huge difference between presenting a document bound to an identity within the 1Kosmos wallet versus just a document using any other wallet for that matter.

Michael Cichon:
Okay. Well, that was my next question and you kind of beat me to the punch there, which was what was the importance of identity proofing to a digital wallet and I think you just answered that question. Now identity is proof that a variety of levels, right? We talk about flexible levels of identity assurance.

Rohan Pinto:
Absolutely.

Michael Cichon:
So how is that notion of flexible levels of identity assurance related to the digital wallet? Why is that important?

Rohan Pinto:
Absolutely. So let’s go with an example out here, especially in this day and age where at least in Canada, I’m not very sure about the US, but every time you go to a restaurant, we are supposed to show COVID vaccination certificate in order to book a table, especially in events, you’re supposed to show your vaccination certificate. And most of these vaccination certificates are presented in a digital form today. So apart from showing your vaccination certificate, you also need to show some kind of an identity to ensure that the vaccination certificate that has been issued belongs to the person that is entering the premise or is entering the facility, and hence your identity document is also used to ensure that the vaccination certificate correlates to the identity of the user. However, when you’re trying to prove your identity at that point in time, all you’re trying to prove is that you are Michael Cichon or I am Rohan Pinto and this vaccination certificate has been issued to me.

Rohan Pinto:
There is absolutely no need for that establishment to know how old I am. There’s no need for them to know whether I’m still valid to drive or travel. There’s no need for them to know my actual address, where I live at. However, if I was accessing some other service online, for example, I’m trying to download medication based on an online prescription that I might have subscribed to. It is very important for the subscriber to ensure that the medicine that has been prescribed is also prescribed is somebody who’s over 18 or the prescription that needs to be shipped is shipped to the actual address that the individual lives at rather than any random address. So that’s what makes various forms of assurance associated with an identity play a role in ensuring that it’s not just about identity, it’s also about the various levels of identity, depending on the kind of service that are trying to access or interface with. That makes a whole

Michael Cichon:
That’s very interesting. So, the analogy of a wallet is somewhat of just an internet storage location. There’s a little bit more to it on the digital side, at least with the 1Kosmos wallet.

Rohan Pinto:
Absolutely. It’s not just about data storage, it’s also about proving the authenticity of that individual. For example, if I had a phone and I took a picture of my driver’s license and just walk over to an establishment and show them a picture of my ID on the phone, there is absolutely no assurance that that ID is actually mine, it has not been tampered with or it has not been stolen. Whereas in the digital wallet world, it’s not about just storing the picture of a document. It’s also about ensuring that that document is valid and you have certain authenticity signatures tied to that digital document that gives the establishment the assurance that that document is actually valid and has been issued by a verified source.

Michael Cichon:
I see. Okay. All right. Now a wallet of all sorts can contain some very personal information.

Rohan Pinto:
Absolutely.

Michael Cichon:
So, security has got to be an important construct here for a digital wallet, 1Kosmos wallet.

Rohan Pinto:
Absolutely.

Michael Cichon:
Can you talk about our approach to securing the digital wallet?

Rohan Pinto:
Absolutely. So when we create a digital identity for a user within the wallet, it’s not a blanket term saying Rohan, living at an address with a certain date of birth has a digital ID. We verify and vet every attribute that’s associated with that person’s identity within the wallet, which means that my date of birth is attested. My address is attested and verified. My name has also been attested and verified.

Rohan Pinto:
So when I try to access a service, depending on the kind of service that I’m interacting with, I can choose to present certain facets of my identity data to the service that I’m interacting with. For example, if I go to a liquor store and I’m trying to buy a bottle of beer, all the person needs to know at that point in time when that transaction occurs is if I am of the legal age of buying alcohol. They don’t need to know what my address is, and they don’t need to know my exact date of birth. They need to know whether I’m over 18 or under 18.

Michael Cichon:
Okay.

Rohan Pinto:
So that’s what makes a big difference between storing all identity attributes encapsulated together as one versus user having control over each identity attribute associated with this digital wallet and presenting it to a consumer or a service on a as-needed basis.

Michael Cichon:
I see. So, do we as consumers, as the end user need to be worrying about our digital wallets getting hacked?

Rohan Pinto:
Yes, you do. I mean, it would be so nice and wonderful if I could say, “No, you don’t have to worry about it getting hacked at all.” Yes, you do have to be concerned about it being hacked and therefore it is really important for a consumer per se, to understand the kind of wallet that he’s using in order to store and present his identity data, rather than download any wallet off the app store and use that as an identifier of sorts.

Michael Cichon:
Okay. And are there specific safeguards that we’ve implemented at 1Kosmos to prevent the wallet from being hacked?

Rohan Pinto:
Absolutely. Apart from us following certain protocols and standards and ensuring that the wallet cannot be hacked, we have also gone through a series of certifications that gives consumers the assurance that the wallet is actually certified by FIDO, it is certified by NIST. It has been attested and verified to be a wallet that complies with a NIST identity assurance levels. It is a wallet that complies with the specifications of how signatures are validated and vetted. So, while it might not be possible for every consumer to understand the technical aspects of how a wallet is built or how a wallet would work, at least knowing that the wallet that they use has been certified by known entities like FIDO or Kantara, or the ISO 2007 specs. It gives consumers assurance that the wallet that they’re using is a wallet that has been provided by a vendor who has gone through that rigorous process of ensuring that the wallet cannot be hacked or complies with regulations.

Michael Cichon:
Got it. Excellent. All right. Well, I mean, it would appear that digital wallets are here to stay, that I as an individual will be using one in my workplace, I’ll be using one as a buyer consumer and probably in my role as a citizen. Would I need different wallets to support these or is one wallet going to suffice?

Rohan Pinto:
Well, it would be a wonderful world if one wallet would suffice. And therefore we also work with organizations like the Identity Foundation to ensure that all our wallets are interoperable with each other, which gives consumers a choice of using any wallet that they want, as long as the identity document that’s stored within that wallet can be shared and verified by entities outside of that particular vendor that they have procured the wallet from, therefore ensuring that the wallet that a user uses or a consumer users is also interoperable with other services out there is pretty crucial so that you don’t find yourself to be in a situation where you have 10 digital wallets right now, one to use for travel and another one to use to buy alcohol.

Michael Cichon:
Excellent. Excellent. Well, I realize this is probably a 40 thousand foot fly through. We could probably spend the next hour on this, but I very much appreciate you taking a few minutes with us today.

Rohan Pinto:
Excellent. Thank you so much, Michael.

Michael Cichon:
Thank you, Rohan.

Overcoming Resistance to Change on the Journey to Passwordless MFA

Read More