This document summarizes a webinar on safe digital credentials. It introduces the concept of safe credentials and outlines five tests to determine if credentials are safe: 1) preventing correlation by decoupling issuers and verifiers, 2) using safe signatures to prevent correlation, 3) ensuring portability and interoperability, 4) enabling flexibility and data minimization, and 5) ensuring trust goes both ways between individuals and organizations. The webinar featured a panel discussion between experts from Mastercard, CULedger, and Evernym on architecting credentials to maximize security, privacy, flexibility and interoperability.
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
An Expert Panel on Safe Credentials
1. @evernym | May 2020
A Conversation On
Safe Credentials
Architecting digital credentials to maximize security,
privacy, flexibility, portability, and interoperability.
2. On the agenda
What are safe credentials?
How can we determine whether credentials are safe?
Fireside chat with experts from Mastercard, CULedger, and
Evernym
Audience Q&A
3. MODERATOR
Andrew Tobin
Managing Director, EMEA,
Evernym
Today’s panel
PANELIST
Julie Esser
SVP, Marketing & Comms,
CULedger
PANELIST
Bryn Robinson-Morgan
VP, Digital Identity,
Mastercard
PANELIST
Daniel Hardman
Chief Architect,
Evernym
4. If you have questions….
Please enter them in the Zoom Q&A, and
we’ll cover them after the presentation.
Please note, this webinar is being recorded and will be
available at www.evernym.com/webinars.
6. Digital credentials in a nutshell
For more, see Evernym’s previous webinar,
‘An Introduction to Verifiable Credentials,’
at www.evernym.com/webinars.
10. 1. Are you preventing
correlation by decoupling
issuers and verifiers?
If the verifier has to “phone home” and contact
the issuer, they are not decoupled. The issuer
can track what you do online.
With safe credentials, verifiers can check a
credential’s authenticity, validity, and
revocation status without ever having to contact
the credential issuer.
E.T., Universal Pictures
11. 2. Are you using safe
signatures to prevent
correlation?
If your implementation reveals the issuer’s
signature to every verifier, that signature
becomes a correlation super-cookie.
With safe credentials, you only share a proof
that the issuer has signed the credential. You
don’t share the issuer’s correlatable signature.
12. 3. Are you ensuring
portability and
interoperability?
If proprietary solutions keep our data locked up
and siloed, user experiences will suffer.
With safe credentials, individuals will be able to
use credentials anywhere (just like they do with
their paper equivalents) and organizations will
be able to realize the full benefits of portability.
13. 4. Are you enabling
flexibility and data
minimization?
If you have to reveal every data attribute when
you use a credential, you are sharing too much.
With safe credentials, holders can extract and
selectively share individual attributes from a
credential, or even just share proof about an
attribute without sharing its actual value.
They can also combine individual data attributes
from different credentials and different issuers
into a single proof.
Stephen Edmonds, Flickr, CC-BY 2.0
14. 5. Are you ensuring trust
goes both ways?
If only enterprises can verify credentials, then
individuals will be left at a disadvantage.
With safe credentials, anyone can issue
credentials, and anyone can verify credentials.
Establishing mutual trust means that an
individual can verify the authenticity of an
organization, and vice versa.
15. For more on safe credentials and the
five tests:
https://www.evernym.com/blog/verifiable-credentials-minus-
choice-equals-train-wreck/
https://www.evernym.com/blog/introducing-safe-credentials/
16. Now on to our main event...
If you have questions for our panelists, please drop them into the Q&A facility.
MODERATOR
Andrew Tobin
Managing Director, EMEA,
Evernym
PANELIST
Julie Esser
SVP, Marketing & Comms,
CULedger
PANELIST
Bryn Robinson-Morgan
VP, Digital Identity,
Mastercard
PANELIST
Daniel Hardman
Chief Architect,
Evernym