Mobile Identity Management Mobile Payments Mobile Signatures © Copyright Valimo Wireless Ltd, 2006.
Identity for a Mobile World
Transcript of Identity for a Mobile World
Identity for a Mobile World
ShoCard Confidential and Proprietary
ShoCard Confidential and Proprietary 2
Our Vision of Tomorrow
ShoCard is designed to be the single
digital identity card that enables this
…securely and with user-privacy
People will expect access to what matters to
them by simply proving who they are
…
They expect it to be fast, simple & secure;
And they expect it to work in both the digital
and physical world
ShoCard Confidential and Proprietary
On average, there are as
much as 88,000 daily flights
Sources: Airline Aliance (Quora.com), New York times, PCWorld
Over 8Million passengers
fly daily
On average, we have 25
username and passwords We type 8 passwords/day On Average, we know
about 600 people Average degree of
separation is 4.7
ShoCard Confidential and Proprietary
These IDs are all an “Abstract” of who
we are, but in different forms and
different places
ShoCard Confidential and Proprietary
ShoCard Confidential and Proprietary
Web of Trust
ShoCard Confidential and Proprietary 7
Airline Travel Requirements
• User private data is always kept with the user and not necessary to store in any central location – governments won’t share information
• User voluntarily provides personal data (e.g., fingerprint or ShoCard credentials) to another agent for verification
• A 3rd party (e.g., another airline or security agent) should be able to verify user’s personal data without requiring access to another government or airline’s private database
• Actual user must be verifiable with true biometrics – once verified, they can be given a token that’s valid for a pre-specified time
• Presentation of the token must be unique and only possible with the user who received the token (i.e., token verified with their private key)
Secure, Consumer-Friendly Identity Verification
The Passenger Experience
1. Present ShoCard with
QR Code
2. Provide biometric
(fingerprint or facial)
3. Have agent verify Passport
Id versus the individual &
Issues a time-token
Registration (passenger experience) – Country of Origin
4. Receive digital Certification
1. Present ShoCard with
QR Code
2. Provide biometric
(fingerprint or facial)
3. Have agent verify ShoCard
Id and new biometrics &
time-token
Entrance into New Country (passenger experience)
4. Receive green-light to
proceed
Let’s Step Back to View the Technology
Blockchain
ShoCard Identity Service
Enterprise
Adapter
Mobile
App
• Most commonly referenced with Bitcoin. The Blockchain is the
infrastructure that allows for Bitcoin, the virtual currency.
• A blockchain is permanent ledger where records are written to,
and once confirmed, they cannot be deleted or modified.
• Records can only be written by the owner of the record using
their private key.
• Everyone can view the record using the owner’s public key
• If data is stored on the record, it can be protected with further
encryption and hashing to avoid spoofing, but still prove
ownership.
• The blockchain is a highly distributed database-ledger with
thousands of copies of the ledger throughout the world.
• The hashing algorithm used to connect the blocks of data
together, creating the chain, are virtually impossible to break.
The Blockchain
The Blockchain
Hash of prior block
New record
New record
New record
…
Hash of this block
Block A
Block B
Block C
Blockchain
minor
Block D
Block D
ShoCard Identity Platform
Scan ID Private data kept on device
ShoCard
Identity
Services
- Each field is hashed
- Then digitally signed while on device
- Result sent to ShoCard Service
- Split private-key used to write
hashed record to the Blockchain
Blockchain…
Note: Data is never exchanged in clear text
Details of The Process
ShoCard Confidential and Proprietary 16
User creates and presents
her ShoCard via a QRCode
Registration – Country of Origin
1. Authorized agent
scans the ShoCard
Certification record
by authorized Agent
on the Blockchain
2. Captures biometrics
4. Agent certifies user’s ShoCard,
by saving it on the cloud, including
an encrypted biometrics
3. Gives bitometrics data
back to user’s ShoCard
ShoCard Confidential and Proprietary 17
User presents ShoCard
Via QR Code
Entrance into New Country
1. New agent scans QR Code including
original biometric data
3. New agent captures new biometric
2. The ShoCard data, including original
Biometrics are compared with certified
records on the cloud
4. If certifications matches, original and
new biometrics are compared
Certification record
by authorized Agent
on the Blockchain
5. If all matches, user is verified!