2 posts tagged with "trusted-verifier"

We are announcing the release of the Trusted Verifier on the 24th of September!

Trusted Verifiers marks a crucial step forward in our mission to enhance the security and reliability of digital identity verification within the Yivi ecosystem. It also secures the long term sustainability of the Yivi project.

What is Trusted Verifier?​

Trusted Verifier is a way for relying parties to be verified and trusted by Yivi. This means that verifiers that have been vetted and approved by Yivi will be able to request and receive verifiable credentials from users' Yivi wallets. Users of verifiers that are not trusted by Yivi will receive a warning in their Yivi app, informing them that the verifier is not trusted, and they need to be cautious when sharing their data.

Why Trusted Verifier?​

The introduction of Trusted Verifier is a significant milestone in our journey towards creating a secure and trustworthy digital identity ecosystem. By implementing this feature, we aim to:

1. Enhance Security: Ensure that users are correctly informed about the trustworthiness of the verifiers they interact with. Reducing the risk of fraud, unauthorized access and phishing attacks.
2. Building a sustainable ecosystem: By vetting and approving verifiers, we can create a more reliable and trustworthy ecosystem for digital identity verification, which is essential for the long-term success of the Yivi project.

Issueing verifiable credentials is a responsibility that we take seriously, it also comes with a cost. For instance issuing a mobile phone credential requires an SMS to be sent to the user, which is not free. By implementing Trusted Verifier, we can ensure that the parties that are requesting and receiving verifiable credentials cover the costs associated with issuing these credentials. This will help us to sustain the Yivi project in the long term.

Will Yivi stay free and open source?​

Yes, Yivi will remain free and open source. The introduction of Trusted Verifier is not about monetizing the Yivi app or its core features, but rather about ensuring the sustainability of the project. By implementing Trusted Verifier, we can ensure that the costs associated with issuing verifiable credentials are covered by the parties that are requesting and receiving them, rather than by the users of the Yivi app.

Our commitment to open source and free access to digital identity solutions remains unwavering. We believe that everyone should have access to secure and reliable digital identity solutions, regardless of their financial situation.

How can I become a Trusted Verifier?​

If you are interested in becoming a Trusted Verifier, please visit our Trusted Verifier documentation for more information on the application process and requirements. We welcome applications from a wide range of organizations, including businesses, government agencies, and non-profits.

Yivi Portal is Yivi's new initiative to help with a smooth launch for the Trusted/Pretty verifier. Trusted Verifier is a pivotal part of the roadmap as mentioned in earlier blog posts and serves as part of our commitment to our users, as well as helps with transparency with our verifiers in covering the downstream costs of various verification sessions that our issuers bear.

In this blog post I will dive into what the portal exactly is, and what can you expect from the coming updates.

Yivi Portal​

As part our core values, we want to make Yivi more accessible and easy to use. That also concerns developers and the business facing side of matters. In the portal you can see which organizations play a part and work with Yivi and search between the credentials information that is available.

As a verifier (referred to as relying party to adhere with the most recently used terminologies) you can register as an organization. You will then be able to set up your relying party. In doing so, you will need to specify which attributes (e.g. age, phone number) you will be requesting. You can add a few of these. You will also need to provide some context explaining why the combination of attributes is needed.

For example, an online liquor shop can add age, home and email address with the context of fulfilling orders, sending an email confirmation and posting the package. This helps us ensure legitimacy of these requests and protecting our user's privacy from sharing unnecessary information. You will then be given a DNS challenge, with which we verify your domain ownership.

When accepted, we will get started with publishing your relying party. Another feature now coppled with the portal is the new attribute index service which was previously hosted seperately here. You can also issue demo credentials as you did previously. This can help our consumers find all they need to know about organizations and credentials in one place. Starting 4th of July you can register your organization or request maintainer rights for your existing organization.

First look at the Yivi Portal

Trusted Verifier​

Trusted Verifier is more than anything, rooted in enhancing user privacy through UX. This program is also known as pretty verifier program has been in the works as a way to further help our users stay safe and make informed decisions regarding sharing their information using Yivi. Yivi makes it easy for any party to set up a verification service and ask for user's data.

The decision to share this information then fully relies on the user, who may be uninformed about the source of this request. The goal is to guide the user to consent only when they are sure about it. Yivi already does this to some extent, with the help of the requestors scheme .

Parties have already been able to make themselves known to Yivi, by adding their branding and hostname, which would then be manually verified by our team. The app would read this and present user with the user friendly branding (name and logo). Otherwise users would be encountered with the raw url starting the session, which to most users will seem odd and unsafe.

The new initiative plans to take this a step further, making it an easier and more instantanious decision for the user that what seems trusted party to share information with and what is not. This is done through the use of colors. Green for trusted and red for untrusted. The new update will come out on 1st of September.

The app visually distinguishes trusted (green) and untrusted (red) verifiers, helping users make informed decisions before sharing their data.

Relying parties are expected to have registered themselves and have an agreement with Yivi.

What changes now?​

Now with the portal up and running, we kindly ask relying parties that are interested in providing a good user experience to their users to join by registering at the Yivi Portal, which makes participation easier than before. Want to start by joining to the portal?

This page in our Yivi documention goes through the steps on how to use the portal as a relying party. In the near future, we are adding support for registering as issuers (attestation providers) and providing assistance with key rollovers, verifying and including the new public key in the scheme in efforts to facilitate the process of becoming an issuer.