Distributed Ledger Technology creates a permanent, immutable record that is invulnerable to tampering. This is why we use this technology to store Biometrics data and make your BlockID-powered ecosystem unhackable.
1Kosmos leverages a Distributed Ledger to securely store users' identity information, with access controlled by the user (GDPR compliant) as well as a layer of privacy built around Ethereum to execute smart contracts. This is the BlockID Private Blockchain Ecosystem.
BlockID solutions store each user’s identity information in their own digital identity safe on the highly secure BlockID Blockchain — the same powerful technology used by some of the biggest corporations in the United States like IBM, Walmart, FedEx and Bank of America to store sensitive data in a highly secure and immutable way.
The very nature of the Blockchain prevents any sort of tampering and discourages the kind of attacks that are common on standard centralized identity databases. With BlockID Blockchain, each user’s information is encrypted using their own unique cryptographic key pairs, with their private key stored securely on their own mobile devices. That means there are literally thousands of separate and unique encryption keys and mobile devices protecting the identity data, which makes it impervious to hacking.
The BlockID Blockchain also maintains a complete, immutable history of each identity request and exchange. Beyond its value for auditability, BlockID uses this data and artificial intelligence (AI) to help identify patterns and anomalies to detect and prevent fraudulent activity.
BlockID solutions automatically and seamlessly handle all interactions with the Blockchain — no Blockchain knowledge or expertise is required by anyone on your team to enjoy all of its benefits. It couldn’t be any easier.
The BlockID Blockchain is NOT:
Distributed ledger technology.
The distributed ledger 1Kosmos built is a decentralized database that exists across several locations. Decentralization is key to eliminate the need for a central authority or intermediary to process, validate or authenticate transactions. 1Kosmos uses distributed ledger technology to process, validate and authenticate data exchanges. Proof of Authority is the consensus algorithm that applies to validate and store records in the database. By definition, Proof of Authority distributed ledgers are secured by the validating nodes that are arbitrarily selected as trustworthy entities. As technology provider, 1Kosmos is the trustworthy entity that validates transactions.
1Kosmos leverages the InterPlanetary File System (IPFS), which is a protocol and peer-to-peer network for storing and sharing data in a distributed file system.
The identity data that’s entered by the user, verified by BlockID and trusted third-party certification services, and stored on the Blockchain create what’s known as a decentralized identifier (DID). DIDs are the new standard for identity data that’s enabled by Blockchain technology. DIDs are not controlled by any single organization — instead, they’re controlled by the owner of the identity information. They — and only they — get to choose what identity information to provide and to whom.
All information in the 1Kosmos distributed ledger are timestamped and given a unique cryptographic signature. The data is replicated across locations. Thus, we provide a verifiable and auditable history of all information stored on a particular dataset.
The transactions are grouped in blocks and each new block includes a hash of the previous one, chaining them together. Once data has been written to the distributed ledger, it can never be modified — doing so breaks or invalidates the chain because the cryptographic signatures that hold the chain together would no longer match. The chain of blocks is replicated across many servers, so there’s no centralized database and no single point of failure, which also helps to ensure its integrity.
This makes a distributed ledger an ideal technology for storing identity data as well as the complete history of its usage — perfect for auditability. All of the data is encrypted with the person’s own public cryptography key, so only they can decrypt it and authorize its use with their corresponding private key.
In addition to using a distributed ledger to create and store DIDs, BlockID has built a privacy layer around Ethereum to leverage smart contracts. Smart contracts broker the request and exchange of information between the user and your authorization systems, seamlessly and automatically.
A smart contract is simply a bit of software logic that describes what identity information will be exchanged, why it’s being exchanged, and with whom. The contract is added to the Blockchain so that it’s secure and can’t be modified, and to provide an audit trail.
When a user wants to log in to your secure network, for example, they use their BlockID mobile app to scan a QR code, click a link or receive an NFC signal that initiates the process. Using the information encoded in the QR code, link or signal, BlockID triggers a smart contract that specifies who you (the company) are, what identity information you need from the user, and what you’ll do in return when you receive it, such as granting them access to your corporate network or their online customer account. Your request is displayed on the user’s mobile phone in their BlockID mobile app. Once they authenticate and consent to your request using their biometrics, the smart contract then knows what identity data must be retrieved from the user’s BlockID digital identity safe and sends that data back to the user’s BlockID mobile app, where it’s decrypted using their private key.
That data is then re-encrypted and digitally signed using your public cryptography key, which is also contained in the smart contract — so you, and only you, can decrypt it using your corresponding private key. The smart contract then sends that information to you to complete the authorization process.
The smart contract is an intrinsic piece of the BlockID Blockchain ecosystem that facilitates the delivery of a verifiable credential each time a user leverages his or her BlockID app to request access to a physical location, a system and/or an application.
The 1Kosmos BlockID Blockchain is immune to hacking and data breach. Users' data never gets compromised. Organizations can trust users are who they say they are at all times.
"Blockchain technology provides organizations with a once-in-a-generation opportunity to transform their industry."
Public key cryptography is an encryption technology that uses cryptographic “keys,” which are really just very long, randomly generated numbers that are guaranteed to be unique.
The keys serve as an input for the algorithm that encrypts data. Because the keys are unique, the encrypted file you create using your key will be different than the encrypted file that someone else creates using their key, even if you both use the exact same encryption software and algorithm. This means that the keys also serve as a way to digitally “sign” the file to prove that it came from the person who holds the keys — and only that person.
The keys come in pairs: a public key and a private key. These keys are different but mathematically related. Whatever is encrypted using the private key can be decrypted only by its corresponding public key, and vice versa. You can’t decrypt data using the same key that encrypted it — you must have the other key in the pair.
As its name implies, the public key is typically placed on a publicly accessible server and made available to anyone who wants it. The private key remains securely in the sole possession of the keys’ owner, protected from the outside world.
If someone encrypts something using your public key, only you can decrypt it using your private key — even if the encrypted data file and the public key that encrypted it are publicly available.
BlockID solutions use public key cryptography to protect the user’s identity data by encrypting and digitally signing it. The data is also signed when it’s verified by a trusted third-party certification service using BlockID Verify (so that you know it has been verified and by whom) and when it’s exchanged between you and the user.