IBM Verify Credentials is an offering suite for the lifecycle management of digital credentials within a decentralized identity ecosystem.

assets

Cloud Agents

IBM Verify Credentials Agency (Public)

IBM publicly offers the IBM Verify Credentials Public Agency. This offering allows Issuers, Verifiers and Holders (Owners) to begin their journey into Self Sovereign identity. Establish an account here to create an agent in the cloud, which can hold your digital credentials and manage the synchronization of these credentials between your many edge devices.

IBM Verify Credentials Agency (Dedicated)

A dedicated Agency offering that IBM provides to institutions desiring to have a private hosting environment for their users' Cloud Agents.

Edge Agents

IBM Verify Credentials - Mobile App

A mobile app used by Issuers to self-attest, by Holders to store and present credentials, and by Verifiers to challenge and validate credentials and by all to establish connections between agents. When Holders present credentials for peer to peer verification using the mobile app, they can be used with existing identity readers as well as new digital readers. This mobile app is an edge agent that is bound to a cloud agent.

IBM Verify Credentials - Chrome Browser Extension

A web browser extension for Chrome that allows Holders to establish connections and store and present credentials. This browser extension is an edge agent that is bound to a cloud agent.

Tools

SSI Web SDK

IBM is a participant in the SSI ecosystem and has built IBM Verify Credentials components on Hyperledger Indy ("Indy"). In an attempt to help developers build SSI solutions without needing to learn the complexities of Indy, IBM has contributed the SSI Web SDK code repo that provides APIs that abstract Indy workflow. The intent here is to improve application developer time to value when creating issuer and verifier web applications. The initial contribution includes a NPM Package for use with NodeJS development.

Live Demo Environment

You need not be a developer to get acquainted with the concepts of decentralized identities. IBM has created a live demonstration environment that is a working deployment of the code samples that we mention below. Please refer to our Interactive Demo Guide for more details.

Sample Code

In an SSI ecosystem, individuals can establish relationships (connections) with institutions who issue trusted digital credentials. The individuals can then use one or more of these digital credentials that they have been issued to satisfy proof requests from other institutions who need to verify the individual's credentials. To demonstrate this iterative lifecycle model of issue, store, verify, IBM Verify Credentials includes an end-to-end demonstration for how digital credentials can be used in association with a pervasive real world business pattern known as Password-less Authentication.

Our end-to-end demonstration is based on the digital lifecycle activities of Alice as she builds her digital reputation based on connections and credentials. Alice desires to avoid the use of a password to login to her Big Blue Credit Union (BBCU) account. In order to be granted such a privilege, Alice must prove to the credit union that she holds the necessary credentials as outlined by credit union policies. In this scenario, Alice will require credentials from her local government and her employer. Alice satisfies these requirements by presenting her digital driver license and digital certificate of employment. Upon successful validation of Alice's credentials, the credit union issues Alice a BBCU Membership credential that she can use in place of her password for authentication interactions.

The identity interactions in an SSI ecosystem can be performed Consumer-to-Business (C2B), Business-to-Business (B2B) and Consumer-to-Consumer (C2C). Our end-to-end demonstration is primarily focused on how Alice can interact in a C2B manner using two different types of credential managers: Mobile App and Browser Extension.

Password-less Auth Demo

An end-to-end demonstration of verifiable credentials being used for a password-less authentication scenario. Password-less authentication is a type of authentication where web application users can login without a password. Passwords are hard to remember, manage and are not very secure. Password-less authentication is an emerging authentication pattern that can eventually eliminate passwords. With the advent of self-sovereign identity, digital credentials can be used as a secure and trusted alternative to passwords. The benefits of this approach include:

  • Improve User Experience
  • Increase Security

The Password-less Auth demonstration serves as a tutorial for developers to learn how to build issuer and verifier applications in support of a password-less authentication solution.

P2P Verification Demo

The IBM Verify Credentials offering suite includes the capability of allowing a user armed with the IBM Verify Credentials Mobile App to dynamically create on-demand identity proof requests and send them to a Holder. The P2P Verification Demo allows a developer for learn by example how a mobile verifier can create and use proof requests.

Consulting Services

The IBM Verify Credentials offering suite includes IBM Garage services. Contact IBM if you are interested.