Blockchain creates a permanent, immutable record that is invulnerable to tampering. This is why we use Blockchain technology to store Biometrics data and make your BlockID-powered ecosystem unhackable.
1Kosmos leverages a private Blockchain back-end where user identity information is securely stored, with access controlled by the user (GDPR compliant).
BlockID solutions indeed store each user’s identity information in their own digital identity safe on the highly secure BlockID Blockchain — the same powerful technology used by some of the biggest corporations in the United States like IBM, Walmart, FedEx and Bank of America to store sensitive data in a highly secure and immutable way.
The very nature of the Blockchain prevents any sort of tampering and discourages the kind of attacks that are common on standard centralized identity databases. With BlockID Blockchain, each user’s information is encrypted using their own unique cryptographic key pairs, with their private key stored securely on their own mobile devices. That means there are literally thousands of separate and unique encryption keys and mobile devices protecting the identity data, which makes it impervious to hacking.
The BlockID Blockchain also maintains a complete, immutable history of each identity request and exchange. Beyond its value for auditability, BlockID uses this data and artificial intelligence (AI) to help identify patterns and anomalies to detect and prevent fraudulent activity.
BlockID solutions automatically and seamlessly handle all interactions with the Blockchain — no Blockchain knowledge or expertise is required by anyone on your team to enjoy all of its benefits. It couldn’t be any easier.
1Kosmos is NOT:
The 1Kosmos private Blockchain platform is immune to hacking and data breach. Users' data never gets compromised. Organizations can trust users are who they say they are at all times.
"Blockchain technology provides organizations with a once-in-a-generation opportunity to transform their industry."
Public key cryptography is an encryption technology that uses cryptographic “keys,” which are really just very long, randomly generated numbers that are guaranteed to be unique.
The keys serve as an input for the algorithm that encrypts data. Because the keys are unique, the encrypted file you create using your key will be different than the encrypted file that someone else creates using their key, even if you both use the exact same encryption software and algorithm. This means that the keys also serve as a way to digitally “sign” the file to prove that it came from the person who holds the keys — and only that person.
The keys come in pairs: a public key and a private key. These keys are different but mathematically related. Whatever is encrypted using the private key can be decrypted only by its corresponding public key, and vice versa. You can’t decrypt data using the same key that encrypted it — you must have the other key in the pair.
As its name implies, the public key is typically placed on a publicly accessible server and made available to anyone who wants it. The private key remains securely in the sole possession of the keys’ owner, protected from the outside world.
If someone encrypts something using your public key, only you can decrypt it using your private key — even if the encrypted data file and the public key that encrypted it are publicly available.
BlockID solutions use public key cryptography to protect the user’s identity data by encrypting and digitally signing it. The data is also signed when it’s verified by a trusted third-party certification service using BlockID Verify (so that you know it has been verified and by whom) and when it’s exchanged between you and the user.
Blockchain technology is an essential part of the BlockID solutions.
As its name suggests, a Blockchain is a chain of blocks of data. The blocks are cryptographically linked. Once data has been written to the chain, it can never be modified — doing so breaks or invalidates the chain because the cryptographic signatures that hold the chain together would no longer match. The Blockchain is replicated across many servers, so there’s no centralized database and no single point of failure, which also helps to ensure its integrity.
This makes Blockchain an ideal technology for storing identity data as well as the complete history of its usage — perfect for auditability. All of the data is encrypted with the person’s own public cryptography key, so only they can decrypt it and authorize its use with their corresponding private key.
DECENTRALIZED IDENTIFIERS (DIDs)
The identity data that’s entered by the user, verified by BlockID and trusted third-party certification services, and stored on the Blockchain create what’s known as a decentralized identifier (DID). DIDs are the new standard for identity data that’s enabled by Blockchain technology.
DIDs are not controlled by any single organization — instead, they’re controlled by the owner of the identity information. They — and only they — get to choose what identity information to provide and to whom.
In addition to using the Blockchain to create and store DIDs, BlockID solutions use the Blockchain’s smart contracts feature to broker the request and exchange of information between the user and your authorization systems, seamlessly and automatically.
A smart contract is simply a bit of software logic that describes what identity information will be exchanged, why it’s being exchanged, and with whom. The contract is added to the Blockchain so that it’s secure and can’t be modified, and to provide an audit trail.
When a user wants to log in to your secure network, for example, they use their BlockID mobile app to scan a QR code, click a link or receive an NFC signal that initiates the process. Using the information encoded in the QR code, link or signal, BlockID creates a smart contract that specifies who you (the company) are, what identity information you need from the user, and what you’ll do in return when you receive it, such as granting them access to your corporate network or their online customer account. Your request is displayed on the user’s mobile phone in their BlockID mobile app. Once they authenticate and consent to your request using their biometrics, the smart contract then knows what identity data must be retrieved from the user’s BlockID digital identity safe and sends that data back to the user’s BlockID mobile app, where it’s decrypted using their private key.
That data is then re-encrypted and digitally signed using your public cryptography key, which is also contained in the smart contract — so you, and only you, can decrypt it using your corresponding private key. The smart contract then sends that information to you to complete the authorization process.