# Overview of idX

# Universal verified digital identity

There are a lot of social login tools like Facebook Login, Google Login, Twitter Login, etc. These tools are dependent on central databases, which are opaque to end-users and susceptible to privacy abuses. Since Europe has GDPR and California has CCPA, it is clear that the world is heading towards a consumer-centric data paradigm. All companies handling personal data need to prepare for this shift.

Credify is building on the exact same interface (OpenID Connect) as these login portals. However, the key difference is that it is doing so in a way that assures that end-users are sovereign. Even Credify has no visibility over end-users' data; this can only be shared by the relevant user with authorised third parties.

If your service has valuable data that other services are interested in accessing, you can integrate with idX and associate the data that you hold with user accounts. Credify is returning data ownership to users, enabling them to determine whether or not they want to share their data with any given service on the Credify network.

# Supported features

This is the idX overview (click to zoom in).

  • Entity represents a user across the idX system.
  • Identity represents profile information containing verification status.
  • Claim represents a piece of information handled within OpenID Connect, aka OIDC.

image

# Meta entity with multiple identity data

One entity (user) has multiple identities. One identity represents profile information provided by trusted identity providers (Facebook, LinkedIn, national identity cards, etc.). The more identities an entity has, the more trustworthy it will be, leading to fraud prevention.

# Authentication for Single Sign-on

Entities in idX can log into services that have integrated with Credify SDK (or API), which enables Single Sign-on (SSO) capabilities across multiple platforms. End-users will have a single account and log into all the services across the ecosystem through this account.

Each entity in idX generates standard claims (profile, phone, email, address, and ekyc) out of their profile data that is verified through email address, phone number, and eKYC. In addition to this, entities can have ownership over their data managed by external trusted data sources, which is represented as custom claims in idX. The external data sources push fingerprints of the custom claims along with some meta data (entity ID, timestamp, and the custom claim name) with their signature into blockchain.

Provided an OIDC Client asks entities that it wants to access to their claims (both standard claims and custom claims), each entity will be presented with a consent screen during this transaction. In that screen they can make a consent as to which claim (both standard claims and custom claims) to be shared with the OIDC Client. Once this phase is completed, the OIDC Client can securely obtain the claim values, which is e2e encrypted between the data sources and the OIDC Client.

This OIDC transaction is recorded on blockchain along with the entity's signature, which allows thirdparties to easily audit who has made a consent of which data to whom at when.

# Data integrity with blockchain

Since the core of idX uses blockchain, it has an integrity of data across the network. Even if some malicious users try to update other users' data, it will be immediately detected and discarded because the fingerprint of their identities stored on blockchain will not match and updating the values on blockchain requires the subject user's private key that is stored on their device itself, not the Credify system.

The data stored on blockchain is following

  • Entity's public key
  • Identity's fingerprint with Entity's signature
  • Standard claim's fingerprint with Entity's signature
  • Custom claim's fingerprint with Data source's signature
  • OIDC based consent information with Entity's signature

# Smart contract capability

Credify has employed EOSIO that is compatible with smart contract execution with a large scale of transactions per second. This enables idX users to execute whatever transactions without trusting the counterparty. We believe this is the future of digital transactions. As a simple example, idX can handle digital tokens with minimal development for whatever purposes that you want (e.g. loyalty point management).

As of June 2021, idX has supported EOSIO as a smart contract platform. We have designed abstract interfaces to communicate with blockchain in idX, hence we can easily adapt different blockchains as needed. If you are interested, please let us know (email: info@credify.one)!

Last Updated: 6/11/2021, 10:17:25 AM