Sovereign Container—The Digital Identity Wallet of a Sovereign Nation

豆泥
·
·
IPFS
·
After talking about the landscape of decentralized identity (DID) standards development organizations (SDOs), let’s talk about the current progress of Digital Identity Wallet. When it comes to digital wallets, we have to enter the hot spot - the development of digital identity in "sovereign countries". In the past six months, I have discovered that both the Chinese and English-speaking worlds lack a comprehensive introduction that takes stock of sovereign countries and digital wallets. Therefore, writing a preliminary article may be suitable for writing a doctoral thesis proposal someday (big mistake).

Which countries in the world are launching their own wallet services?

Today, Japan, India, California in the United States, British Columbia in Canada, and Germany are introduced as cases, each of which is representative of different policy directions.

Let's talk about the conclusion first. From the perspective of digital transformation, public services related to digital wallets can be expanded into a "centralized-decentralized" spectrum. Centralized digital identity is often consistent with the context of electronic government. Here, the British and American systems are used Mainly countries, extending all the way to India and some developing countries; while decentralized identity is aligned with the new generation of digital self-sovereignty, represented by the European system, the legendary Brussels Effect has once again exerted its power, and Europe is the "third The second-generation Electronic Identity Authentication and Trust Service (eIDAS) passed the legislative process at the beginning of the month, establishing the legal basis for decentralized identity and digital wallets. From the beginning, it also included wallet services on large platforms such as Apple Wallet, Google Wallet, Samsung Wallet is so limited that it is impossible to dominate, and these are the only three mobile operating system manufacturers that integrate digital payment and digital identity. They are all actively sending personnel to participate in different international standard-setting conferences. I personally believe that this will be the main battlefield in the next five years. , after all, operating financial technology cannot do without touching on digital identity authentication, but this issue will not be discussed here, because the deeper you go, the more you will find that centralized identity solutions may be the inevitable future of this technology tree. Sovereign countries Forming an alliance with a large cross-border manufacturer to solve the digital identity problem will definitely be big news this year. But back to the "centralization-decentralization" spectrum, the distinction between the above two is not so obvious. In fact, there are many international cases of both. It can be said that this framework is the digital identity system framework that I rigidly adhere to. .

Apple launches IDs in Wallet service

However, the above framework does not mean that the historical context is static. National policies will change, and the technical architecture has been renovated several times over the decades. Countries that issued ID cards in the past may not necessarily issue digital ID cards naturally in the future. Taiwan is a good example, which also led to the establishment of the Personal Information Protection Commission. Similarly, countries that did not have ID cards in the past will not be able to issue digital ID cards in the future. It means that there will be no centralized digital identity documents in the future. For example, the U.S. federal and state governments, which in the past only had driver's licenses and social security codes, are moving in this direction step by step, starting from Real ID in the anti-terrorism policy of the 2000s all the way to the present. Although states still maintain a certain degree of independence regarding their mobile driver license standards (mDL), federal agencies and corporate bodies are slowly integrating state standards. We may see Apple and Google officially launch the standard in the near future. It is claimed that the state’s driver’s license or state citizenship certificate can be used to take domestic flights. In fact, this is public information. This is the result of the active operation of the Transportation Security Administration (TSA) in the United States. In fact, if you pass through a U.S. airport, TSA small machines can already be seen near customs, which can not only scan passports, but can also be connected to mobile phones for authentication. A while ago, I was chatting with a retired civil servant in the information grade who had retired for a long time. He probably reached a very high position and now has become an old man. He shared how they used to work in the era of electronic government data. The handwritten household registration data from the Japanese colonial period and the early days of the Republic of China in Taiwan were scanned into CD-ROMs, and later converted into electronic household registration data. What this senior is most proud of is that he unified the electronic work of the province and the country, so that local governments did not have to reinvent the wheel and saved a lot of public service budgets. After listening to his story and returning to emerging technologies, it is difficult not to naturally think about the approach to a smart country in the context of centralized digital identity.

Japan: Mainly centralized, still exploring the feasibility of decentralization

Japan is a good example. I participated in "Henkaku Week" in Japan last month and visited many friends in Japan. Only then did I gradually understand that Japan's approach to policy promotion is very different from Taiwan's. Japan's Digital Agency was established three years earlier than Taiwan's Digital Agency. One of its big policies was the Personal Number Card (My Number Card). Japan did not have an identity card in the past, and proof of identity usually required one page of A4 paper. In view of this, Japan has launched a personal number card with an IC chip card to solve the problem of digital transformation. Currently, more than 90 million people have applied for it. Of course, the Personal Number Card is similar to Taiwan’s Digital Identity Card (eID), and there are also many arguments related to personal data protection and personal privacy. By 2022, Fumio Kishida directly and publicly asked Apple CEO Tim Cook if he could help put the personal number card into Apple Wallet. Cook's response was that he hoped that the Japanese government would first solve the issue of privacy and informed consent. Two more years later, the relevant process is unknown. From this example, we can know that Japan is integrating centralized digital identity services through the power of large platforms, and Japan has chosen the path of convenient citizen services.

But at the same time, we can also find sporadic efforts related to decentralized identity in Japan. Last year at the Ethereum Tokyo Hackathon, a team with the theme of hacking personal number cards won the first prize. They successfully read the personal number card. The key information can be used as a decentralized identity address, which can receive digital certificates and even cryptocurrency. Of course, this is not the first team to do this. The problem is that the Digital Agency will not be able to open the key foundation of the personal number card in the short term. Facility (PKI) permissions to the public. In addition, you can still see the shadow of many other options in the research report of Digital Agency. For example, Japan has been working hard to build a Japanese version of Trusted Web. The research group spent about NT$1,000 this year. Wan Yuan commissioned Toppan Printing and Panasonic to implement the Japanese Digital Wallet Prototype Verification Case (JP-DIW PoC). At the same time, another research group of the Digital Agency, the "web3 Research Group", was also conducting research on decentralized identity and verifiable credentials (DID/ Research on the VCs) system, not to mention the Liberal Democratic Party's web3 2024 white paper released just last week, once again mentioned that decentralized identity is a cornerstone of Japan's digital transformation (Dx). With so many parallel lines, where will Japan's digital identity go? Based on sunk cost considerations, I think centralized services are probably an option that will not be deleted. In fact, I’m not the only one who thinks so. I was chatting with Nat Sakimura, CEO of the OpenID Foundation a few days ago. He is also one of the co-conveners of the Trust Network Group and has a leading role in the field of digital identity in Japan and the world. For friends who can speak Japanese, you can read "Unsolved Problems of Web3" which was published last month. He mainly wrote the "History of Dispersion" and "Concentration", which introduces the historical changes and heat of DID. The latest battle situation, this is the book with the most in-depth views that I currently think can be read in the market. He believes that the direction of Japan’s digital identity will gradually move towards concentration.

India: A leader in centralized identity

In India, India has been promoting the digital identity system Aadhaar for many years. Aahaar is a semi-mandatory digital identity service (it can also be said to be a digital wallet in a broad sense). There have been many disputes in the process, but at the same time, the government One of the highlights of the project, related discussions recommend the book "In Pursuit of Proof: A History of Identification Documents in India". For the Chinese part, I recommend "Anon Aadhaar - Protecting the Privacy of the Largest Digital Identity of Citizens on the Planet" written by my friend Gimmy Chang. ", in addition to analyzing the status of Aadhaar, it also introduced the Annon Aadhaar project of the Ethereum Foundation's Privacy Extension Team (PSE Team), which introduced zero-knowledge proof technology based on Aadhaar so that citizens' privacy can be effectively protected. Because MOSIP is a very early and not a failure case for centralized identity, a spin-off project was born. The "Modular Open Source Identity Platform" (MOSIP) is a project mainly developed by The modular digital identity platform used by the country is derived from India's Aadhaar platform. The reason for the establishment of MOSIP is to solve the problem of rising budgets and inability to use digital identity services due to monopoly in developing countries (mainly countries in the southern hemisphere). The goal is to solve the dilemma of lack of identity public construction in the global South. Through the cooperation of MOSIP service users, MOSIP will eventually establish a federated identity ecosystem. Currently, there are countries such as Morocco, Philippines, Sri Lanka, Guinea, Togo, Niger, Uganda, Ethiopia, and Burkina Faso. , Madagascar and Lion Rock Republic and other countries use related services. Details can be found in "MOSIP, the Unneglectable Force in the Global South" by Kaliya Young at Idenitity Women Business, as well as an in-depth discussion of India's digital identity system. From this case, we can find that some sovereign governments are taking advantage of "latecomers" in the field of "household registration". Instead of conducting house-to-house checks, they are riding the wave of digitalization and smart phones to re-collect and organize citizens' information. As for what is right and wrong behind this, more discussion is needed.

United States: States have the power to pilot programs, with the central government centralized and local governments decentralized

Back in the United States, in addition to the direction of centralized identity, I have to mention California’s mobile driver’s license, which is a very special case. This is one of the few integrated wallet services that I have seen that is compatible with centralized identity and decentralized identity. The population of California is currently about 39 million, and the number of people holding California driver's licenses is about 31 million, which has a wide coverage. Therefore, California's "Mobile Driver's License Wallet" (CA DMV Wallet, DMV is the abbreviation of the Department of Motor Vehicles) is based on this Publishing digital public services. Currently, states in the United States have many different attempts to put identity certificates in wallets. For example, they directly cooperate with mobile operating system vendors to put mobile driver's licenses into the default wallets of the operating system, such as Google Wallet and Apple Wallet. There are also For example, California develops its own app wallet, cooperates with suppliers, and launches its own services. Currently, Arizona, Colorado, Georgia and Maryland support the use of digital state identification cards or mobile driver's licenses on iPhone and Apple Wallet, while Maryland's digital driver's license can be used on Android and Google Wallet, both of which use ISO 18013- 5 standards. In addition, Hawaii, Louisiana, Mississippi, Ohio and Utah also have digital cards using other services. At present, the U.S. federal government's Department of Homeland Security has launched the digital identity service Real ID for more than ten years. Its coverage is not as wide as that of driver's licenses. The special thing about the California Mobile Driver's License Wallet is that users can choose to be compatible with the Real ID service. There is an option to qualify for a California driver's license only.

California Mobile Driver’s License Wallet App

In addition, due to relevant regulations of the Department of Homeland Security, the digital certificates used in the United States are mainly ISO 18013 (mobile driver license, mDL) issued by the International Standards Organization, but California’s mobile driver’s license wallet is currently also compatible with the W3C The promulgated Verifiable Credential (VC) standard is currently the only government organization credential in the United States that adopts relevant standards. The interesting Fun Fact is that the predecessor of the California Mobile Driver's License pilot program actually used the Tezos blockchain as a verification case and used vehicle NFT as one of the credentials for registered vehicles. Therefore, we can infer that the California mobile driver's license wallet will not only hold driver's licenses, but will also be able to hold vehicle registration information and even insurance certificates in the future, spanning all the certificates required for driving behavior. In addition to mobile driver's licenses, which are specially regulated by the federal government, other Credentials are being developed with verifiable credentials as they are easier to interoperate with in terms of interoperability and industrial ecosystem. In addition, it is worth looking forward to that the California mobile driver's license will soon open source code and become one of the benchmark cases of the American Public Code (Public Code). The California Mobile Driver's License is still in the pilot stage. From the end of 2023 until 2026, it has been used by more than 300,000 citizens. The target pilot maximum capacity is 1.5 million people. The goal of this stage is "the ability to manage the life cycle of digital credentials, such as Mobile driver's license, software audit and professional certification, etc. "The current main applications are retail services that require age verification (such as tobacco, alcohol, etc.), domestic airport customs clearance services, identity verification, etc., using the Transportation Security Administration (Transportation Security). Administration, TSA)-approved verification machine allows mobile driver’s licenses to complete the automated verification service process. California's route has moved towards the third path of compatibility between centralization and decentralization, which helps communicate necessary information to each other across borders, cross-platforms and cross-service levels, avoiding the risk of platform monopoly (Vendor Lock-in).

Canada: British Columbia embraces a decentralized and open source spirit

Next is the case of British Columbia, Canada. The BC Wallet launched by it is one of my favorite cases because it combines government procurement reform, emerging technological innovation and the collaborative integration of the global citizen technology community. It is called the best example of People-First Public Private Partnership. BC Wallet's goal is to provide digitally verifiable certificate services for residents (natural persons) and businesses (legal persons). The advancement process of BC Wallet is very special. First of all, British Columbia already has a public program platform called Code With Us (CWU). CWU centralizes open source government services on the platform. In addition, the government has also designed flexible procurement contracts so that contributors from the citizen technology community can obtain resources for the maintenance of the project. They have solved the procurement mechanism. ) process. In addition, CWU matches "civil servants" and "developers". Civil servants in various agencies can create hero posts based on CWU proposal requirements and the scale does not exceed 70,000 Canadian dollars, while global developers can develop and cooperate with the list. Civil servants from specific agencies discussed and iterated on their own source code, and finally made it available for everyone to use. BC Wallet was born under this framework. In the BC Wallet project, the British Columbia provincial government collaborated with DSR Group (Doing Software Right) to successfully convert AnonCreds into the W3C VC format, and this suite has been officially opened for direct use by the open source community and government units. I think the British Columbia government's model of combining digital governance and digital technology to strengthen public services while simplifying administrative processes is very, very touching. In more detail, it uses Hyperledger Aries (a suite focused on distribution) and Hyperledger AnonCreds (a suite focused on verification and privacy protection, especially zero-knowledge proof-related technologies), and finally makes a BC Wallet to receive and display when successful. Digital voucher. In addition, BC Wallet also implements a truly selective disclosure (SD) function and applies zero-knowledge proof (ZKP) technology. The last government project that used ZKP was the signing process of Singapore's SingID. Currently, the solutions related to verifiable credentials in the industry are not only the open source Annocreds solution, but also many packages that are provided in an open manner for use by issuers with different needs, including Microsoft Entra, Polygon, Spruce, and Google's informal packages. .wait wait wait. In the early stages of the development of the digital wallet global ecosystem, British Columbia’s public solicitation, effective iteration, and modular construction methods were very unique and set the tone for their decentralized identity and the feasibility of industry-side issuance of certificates. Completely different from centralized government digital identity.

BC Wallet proposed by British Columbia, Canada

Europe: Germany creates digital wallet innovation competition

Finally, there is the German Federal Agency for Disruptive Innovation (SPRIND). Europe has carried out many large-scale pilot projects before and after the adoption of eIDAS2.0. Currently, there are four officially recognized pilot projects covering the entire EU. The core spirit is to provide diversified wallet services, accept diversified credentials, and provide a wide range of services. Verified by a specific verifier. In addition, Italy has open sourced its own digital wallet, which can be found on their Github. But the most noteworthy case is the German case. They launched the "Innovation Competition Funke EUDI Wallet Prototypes" this year. This competition is implemented by the German Federal Agency for Disruption and Innovation. The purpose of the competition is "to create a digital wallet that will allow citizens and organizations in the future to verify their digital identity and store, manage and display their personal data and official documents in electronic form." According to Nancy Faeser, Minister of the Interior: "Transparent With the EU Digital Wallet, we are building the foundations for a digital future for the German and European countries and economies. The launch of the innovation competition is an important milestone in the development of the public construction of digital identity in Germany. The competition format designed by the Federal Agency for Disruptive Innovation ensures that it will be the future. Developing user-friendly and trustworthy solutions will not only make it easier for citizens to connect with government agencies, but will also bring significant improvements in daily life - from online banking to job applications to electronic prescription signatures. Wait." The total prize money for this competition is 950,000 euros (equivalent to about NT$32 million). Different teams can validate their solutions, and if the pros and cons are recognized, the best two teams will assist the large-scale digital wallet pilot project POTENTIAL in conducting EU-wide wallet testing. Up to six teams will build prototype services based on the architectural concepts of the wallet application. Each team will develop at least one Android or iOS app. The goal of the innovation competition is to create a safe and reliable digital wallet that is easy to use and supports various mobile phones. The innovation competition is divided into three phases. In the first phase, at least one identity proof design based on a digital wallet, similar to the ID card issued in Germany, will be adopted. The team can refer to the current architecture reference framework published by the European Union for design, or they can put forward their own ideas, as long as they meet the requirements of security, personal data protection and interoperability; the second phase is mainly easy to use and universal services. For example, the digital certificate used for management aims to provide full compatibility with all types of digital documents (such as driver's license, residence permit, teacher certificate or membership card). The goal of the second phase is to digitize paper documents as a The basic service for the country’s digital transformation; in the final and third phase, the wallet prototype service will be expanded to include login functionality and allow users to log in anonymously to websites and applications. From the cases of Germany and British Columbia, we can see that sovereign governments, which usually develop towards decentralized identities, usually embrace open-source innovative teams and use different subsidy and procurement models. This is in line with the direction of the United States, Japan and India. Not quite the same.

The above brief discussion of digital wallets in four countries as a case study analyzes the spectrum of "centralized-decentralized" identity, which affects the spectrum of "large-scale platform-innovation community" collaboration. I believe we can draw a strong and positive picture. related lines. Finally, I would like to recommend two books to friends who are interested in the issue of "identity", namely "Counting Everyone - Classification, Labeling and Identity, How the Census Defines the Country and Your Identity" and "The Domains of" by Kaliya Young. Identity — A Framework for Understanding Identity Systems in Contemporary Society". I hope you will like the above analysis. All the above information is public information and is only my personal opinion. You are welcome to give me advice.

CC BY-NC-ND 4.0

Like my work? Don't forget to support and clap, let me know that you are with me on the road of creation. Keep this enthusiasm together!

logbook icon
豆泥由於沈迷網際網路與社會網絡的深層結構,自醫師工作離職,現於公部門服務,並於分散式組織間做一名快樂的貢獻者。現專注分散式科技與數位自主權。 在民國的心臟,設計去中心制度; 在帝國的邊緣,研究自主的科技。
  • Author
  • More

分散式身分會被資本市場的鐵拳制裁嗎?

「共同在場」是什麼感覺?中山女高演講隨筆

DID 分散式身分與數位皮夾
7 articles