User identification is a central component of nearly every type of online transaction, service, and experience. Whether a user’s identity needs to be confirmed for payment or online interaction, it involves sending some physical proof of identification over a digital channel.
This could be a passport, a driver’s license, a password, or some know-your-customer (KYC) process.
User Identification Challenges
The digital identity systems we have in place today are far from perfect. They cause frustrations for users, restrict the delivery of online services, and slow further digital services innovation. While the ability to make global digital transactions seems like it should be relatively straightforward, the current digital identity models we have in place today are preventing that from happening.
Much of this complexity stems from the fact that all existing systems were essentially designed to service face-to-face transactions. So the new digital economy that consumers have come to expect is still reliant on a system created to establish people’s identity via physical records that you might provide over the counter.
Individuals and organizations are often not in control over their identity. Personal information is often shared without awareness.
Security requirements are growing in complexity, with more risks being passed down to unaware end users. Information is out of date and inconsistent due to manual entries.
Multiple copies of credentials are being kept, and it becomes increasingly hard to determine which credentials can be trusted.
Know Your Customer (KYC)
How it Works
Citizens Enrol to KYC Service
As the next step, the consortium members can create identity workflows, defining various identity representations and establishing privacy and confidentiality policies for the network.
People enrol in the service and opt-in for their digital identity representations.
- The flexible and customisable enrolment process
- iOS and Android mobile apps
- People can subscribe through a QR code scan
A Person Opts-in for KYC Service
Identity owner opt-in to KYC service
- The identity owner subscribes to the service.
- The identity owner receives encrypted credentials.
- The device stores the encrypted credentials along with meta data.
KYC Credentials Presented For Verification
Banks and financial institutions can request KYC verification using Verify app.
- Verifier identity shared with identity owner.
- The identity owner provides the digitally signed consent to disclose certain attributes of the credential.
KYC Credential is presented for Verification
Identity owner will receive a notification to provide consent to required attributes.
- Each verification requires the identity owner to provide digital consent.
- The identity owner can verify the identity of the verifier.
- The identity Owner is in full control and chooses the attributes to share.
- The consent is digitally signed and expires in short time and cannot be used for any other servicer or verification.
Frequently Asked Questions
TrustGrid™ is a global subscription-based service available for everyone to use. It can be used by government agencies working on digital identity programs, and private organizations looking forward into establishing their own digital identity ecosystems.
TrustGrid™ supports a distributed consortium model, where multiple member organizations agree on privacy and confidentiality policies attached to digital identities. It is possible to use a single-member consortium for a federated (centralized) model, which can be later extended to a distributed model if needed.
Consortium members can propose changes to the network constitution and initiate a voting protocol for other members to accept or deny the changes. TrustGrid™ facilitates member communication through the SaaS Portal and allows members to track all changes into the network.
TrustGrid ™ relies on the Confidential Compute (Trusted Execution Environment) technology to execute secure transactions in untrusted environments. The technology deploys protected enclaves for identity workflows, and provides strong data protection to all identity transactions.
TrustGrid™ can be deployed as a Lite instance (suitable for pre-production integration) or as an Enterprise instance with full support of Confidential Computing. Please refer to our Pricing page for more details.
TrustGrid™ is available as a SaaS service and can be deployed in a public cloud through our SaaS Portal. The deployment is fully automated, and the system is ready to use once it is deployed.