Heather Dahl

CEO, Indicio

Supernova Award Category: 
Digital Safety, Governance, and Privacy
The Organization: 

Indicio is the market leader in building Trusted Digital Ecosystems using open source and interoperable decentralized identity technologies. These technologies enable companies and organization to authenticate and exchange high-value information in immediately actionable ways, preserve privacy, and develop trusted, secure relationships.

The Problem: 

The global Covid pandemic presented an acute problem for tourism-dependent island economies as travelers could devastate the local economy either by not being able to enter a country safely, or by entering without adequate testing. Additionally, how could this problem be solved in a way that avoided airlines managing private health data, or resorting to third parties managing the data, each of which presented data privacy compliance problems, security risks, and expensive, complex direct integrations with health provider databases.

The Solution: 

Open source decentralized identity technologies provided a way to develop a complete end-to-end solution that achieved all these goals through the use of distributed ledger supported verifiable digital credentials. Cardea managed COVID-19 testing and vaccination requirements for international travel in a way that mitigated the risk of fraud, avoided the need for third-parties to store data or manage verification, and preserved individual privacy and consent while enabling authoritative verification of the source and validity of their data. It was developed by Indicio.tech with SITA, the world’s leading specialist in air transport communications and information technology, and the government of Aruba, as the “Happy Traveler Card.” The open source codebase was donated to Linux Foundation Public Health as a complete privacy preserving system for public health authorities to share health data, optimized for Covid 19 testing and vaccination.

The Results: 

The project had impact in several areas:

We successfully created a complete, open source, privacy preserving way to share health data, optimized for managing Covid testing and vaccination, which could also be applied to numerous situations where verifiable information provided actionable information–event spaces, hospitality.

We successfully showed how to share and verify health data in sectors beyond health care in a privacy-preserving way and without direct integrations.

We successfully developed machine readable governance to automate decisions that would normally be made by humans. Machine readable governance can manage complex, hierarchical information flows, provide offline functionality, and, critically for governments, enables customizable, quickly updatable rules. Machine readable governance is now a critical value proposition to the deployment and scaling of decentralized identity solutions

As a result of this development, SITA is pursuing the goal of seamless door-to-hotel travel through verifiable credentials. The goal is to remove airport queues, airline liability for unverified or fraudulent data, and to radically simplify border control and other pain points for travelers through the entire travel ribbon.

Indicio is working with governments and organizations to develop and implement similar “Trusted Digital Ecosystems” to Cardea.

Metrics: 

Before the project, there wasn’t a way to integrate private health data into pre-approval for air travel and border crossing in a privacy-preserving way and without the need for direct integrations with health providers or third parties. The use of verifiable credential technology to prove any high value data is now moving from the POC and pilot stage in multiple sectors, but it is too soon to have metrics for real world use cases.

The Technology: 

The technology used is built on the open source Hyperledger Indy and Aries codebases to create the network and verifiable credentials that the app relies on to exchange information.

Disruptive Factor: 

Decentralized identity using verifiable credentials will change digital interaction across every sector. The ability to authoritatively prove the source of information without having to check in with the source of that data means that data becomes immediately actionable. The use of distributed ledger technology and cryptography means that the form of the verifiable credential and the content cannot be altered without immediate detection. The content of the credential is held and shared by the entity that the information belongs to, removing the need for third parties to manage data verification. The holder of a verifiable credential is able to consent to sharing the information in their credential, in a specific, privacy-preserving way through selective disclosure and zero-knowledge proofs. The communications protocol for these interactions creates cryptographically unique connections for each interaction, further enhancing privacy. This transformation of identity will have a profound impact on consumer, business, and organizational privacy and security. It’s application to IoT and the spatial web is foundational to the development of digital twins and smart cities, where legacy centralized systems for identity authentication would constitute a terrifying security risk. While decentralized identity is not new, Indicio has driven the completeness of the technology in open source form and is pushing the technology into real world implementation and scale.

Shining Moment: 

We are proud of pushing the open source technology to a point of application completion–so that it can be used to do what it’s supposed to do. We are also proud to be delivering a solution to the problems of data privacy, one that means that anyone can meaningfully consent to share data and do so in privacy preserving ways. This is something that will benefit consumers and businesses alike. We are proud to be changing digital interaction in a way that will benefit everyone.

About Indicio

Indicio provides development and hosting for Trusted Digital Ecosystems. Enterprise, consumer, and mobile applications run on Indicio’s network and use its comprehensive ecosystem of software to issue, verify, and exchange verifiable digital credentials.