Can Verifiable Credentials Be The Key To Safely Reopening The Economy?
By Hessie Jones
As of February 18, the global coronavirus cases stood at 110.2 million, with a death toll of 2.42 million. With public health authorities and governments endeavouring to get ahead of the virus, the urgency is now focused on effective and pervasive vaccine distribution. The magnitude and scale to mobilize a global solution have never been more pressing given the rate of the disease’s spread. For COVID-19 Credentials Initiative (CCI), their likely countermeasure using Verifiable Credentials may just prove to be one solution to help safely reopen the economy by enabling speed of information for effective decisions.
I sat down with Kaliya Young and Lucy Yang, directors of CCI, an open community, which brings together more than 300 technologists, academics and healthcare professionals from more than 100 organizations that were exploring the use of privacy-driven Verifiable Credentials to mitigate the spread of COVID-19 and a practical framework that can scale in speed and efficacy. CCI recently joined Linux Foundation Public Health (LFPH) to make a difference in a space that demands technological innovation and efficacy. Brian Behlendorf, Executive Director at LFPH, commends the value of open communities such as CCI. The Linux Foundation favors the intellectual or codebase contributions borne by a community of people from disparate organizations and professions. This framework creates a consolidated output that enterprises could trust enough that they could deploy it with a reduced burden on legal compliance and development teams. This, as Behlendorf, argues is what drives considerable cost savings, an engaged collaboration amongst corporations, and speed to market.
With already 400 different open source projects being managed under the Linux Foundation, a few key people surveyed the landscape to identify the need to organize meaningful solutions to fight the pandemic. As a result, LFPH emerged to help public health authorities combat COVID-19 through open source innovation. Stepping into the vaccination record space, wrought with archaic systems and sensitive health data, Behlendorf notes the importance of an interoperable and trustworthy infrastructure. This idea of self-sovereign identity [defined as an individual right to self-determination when it comes to personal data] enabled by Verifiable Credentials, he explains, should not be about what sits at the other end of a name and password on a server somewhere, but instead lets you hold your data in your personal server or wallet and use it wherever you go to prove your COVID-19 status without revealing no more data than is required. The decision to onboard CCI was a swift one:
“I felt we needed to bring in the work being done by CCI because they are that intellectual base I saw, the connection to the entrepreneurs, and the domain experts who have long been thinking about this.”
Covid-19 Brings Together A Community
Kaliya Young, Ecosystems Director of CCI, remembers when the organization came together early spring of last year. She notes the technology had been in development for over five years, much of which had centered around a conference she led for 15 years called Internet Identity Workshop (IIW).
“Five years ago, the first elements of these technologies were put forward, and now two of them are official standards at the W3C, [an international community, developing open standards to ensure sustainability for the web]. Anybody can adopt and use them… There were many startups and large companies building on this technology prior to COVID-19 to restore trust in the digital world. When the pandemic hit, they were enthusiastic about exploring how this technology could apply to the crisis that was emerging and last March, CCI was formed. We quickly grew in numbers exploring different use cases for Verifiable Credentials. People would take their existing systems to build out prototypes in a COVID-19 use case scenario, or apply the technology to build different applications.”
Through the summer months, the community continued to share their use cases, but the team realized that they would be unable to advance their work unless they started engaging in conversations with public health authorities. CCI was not a legal entity at the time but had amassed considerable credibility. So Lucy Yang, Community Director of CCI, stressed the importance of finding an organizational home to amplify the voices within this virtual community. What’s been unique is the user-centric nature of their framework that puts data control into the hands of each person. Their discussions continued with Dan Kohn, the then-Executive Director of LFPH, who understood the technology, and was, at that time, leading the Identity Blockchain Initiative in the health care sector. Both CCI and LFPH aligned on the principles of interoperability and preserving data privacy.
During the same time period, spring 2020, Apple and Google created a controlled operating system that would enable app builders of exposure notification solutions access to an infrastructure using bluetooth technology, and get it to market much more quickly while mitigating data privacy risks to individuals. The early applications in India, UK and Singapore, revealed less than 20% population adoption, a common consequence that rendered these technologies less effective at tracking the virus through the summer and winter months. The unknown nature of the disease, what it meant for those who were exposed and the lack of trust in the early exposure notification solutions, resulted in poor adoption across many countries.
A System of Truth: Defining the Verifiable Credential
At its core, Lucy Yang explained the notion of improving paper based systems through credentials. A vaccination record is a paper document. Because it is the only record that exists, you safeguard it as proof you have received a vaccine. Your test results, on the other hand, can be received electronically like a PDF version from email. There may also be other versions you can retrieve that are less secure like a URL version that you can click to open, or from a fax machine that may be exposed to prying eyes. In many cases, these results can be retrieved via phone but may not necessarily provide the tangible proof the patient requires. Often, there are cases where paper and electronic versions can be fabricated, thus questioning the authenticity of the documents. These are the use cases where Verifiable Credentials can present the more viable solution.
Verifiable Credentials are used to package and securely communicate assertions about people, that is whether a specific entity is true e.g. Has Jane Doe received a vaccine? CCI is currently focusing on how to package COVID-19 vaccination records and test results. Right now, this means determining what variables should be included in the credentials. As Young notes, it’s important that collaboration is global in a way that is standardized and scalable. In other words, what is the minimum data required for vaccine credential verification that’s acceptable across borders? She explains,
“I meet with experts, who must decide what should be in the standard format for the vaccine credential. With Verifiable Credentials, does it take a standard for a particular type of data test result or vaccine credentials? Does it get digitally signed by the issuer of that test result (issuer = the health authority or the test centre)? The issuer can then hand the patient that data, as well as its digital signature and put it in a digital wallet residing in the patient’s phone. Now patients can present their credentials when they cross borders. What is required are the tools needed to allow issuers (e.g. health authorities) to release those credentials, plus tools for verifiers, to whom the credentials are presented (e.g. the border authorities), to read them.”
Young further explains that the definition of “verifiable” is about cryptography. It’s not about identity proofing. It’s about the encryption and decryption methods to secure the information especially during transmission between an issuer and verifier. Since it is very easy to fabricate digital information, through credentialing, the information in-transit is now tamper-proof and fraud-resistant and therefore, can be trusted.
Ethical Implementation of Vaccine Credentials
With a wider concern of test results and vaccine confirmation being used to determine the right of passage, there is a real concern of stigmatization, discrimination, and wider inequity as countries look at immunity passports to ease reopening. This has created enough public discourse to mandate ethical implementation through policies. Kalia Young poses a reminder that regulations around health status and travel have been in place for over 90 years.
“It’s not new to have concerns about infectious disease spread and have international agreements and norms in place. Who can travel were based on health status, especially when it came to infectious diseases. Right now, for international travel cases, they actually have a yellow card that is used for people to document their Yellow Fever vaccination and to mandate presentation of this card to enter certain countries. And you also have another layer which includes corporations that want to minimize their risk. The way to do that is to show evidence of a negative Covid-19 test.”
The difference today is the mass scale with which authorities in health and transportation have been unable to deal with this rising concern. Lucy Yang agrees that Covid-19 has brought these circumstances to another level. The precedent already exists in policy, however she notes that top public health authorities, government officials and perhaps private sectors, need to convene and address the newer risks of inequity and stigmatization within the current economic policies with the goal of minimizing disruption to existing systems to enable swift response. CCI’s current collaboration with global authorities is just one aspect to address and minimize these stigma concerns. The other depends on each state and sector commitment to prioritize access to vaccinations, especially targeting the most vulnerable populations.
Scaling Efficacy Through Interoperability
Yang emphasizes the importance of creating tools for both issuers and verifiers — different organizations with different systems with a common layer. This means interoperability is key. She explains:
“Think about interoperability like emails. You use Outlook and I use Gmail. Gmail users can communicate with each other. Gmail users can communicate with Outlook users as well. However, my Outlook calendar is not interoperable with my Gmail. Between these two email systems there needs to be a foundation that includes the very basic things that are required to be accepted OR interoperable so they are adding value.”
When applied to Verifiable Credentials, you can’t mandate a border security official (verifier) to use the same system as a health authority (issuer) because they’re already using different software based on their existing use cases. Regardless of the system disparities, the border security official just needs to know the verification that just occurred does not require them to download a different application to read the information.
Preserving Data Privacy for Citizens
What is the gold standard? How will Verifiable Credentials be leveraged to maximize freedom to citizens? Brian Behlendorf explains:
“Jane Doe has the freedom to get vaccinated locally, at a pharmacy or a health clinic then be able to travel by plane to New Zealand. The border authorities will have the information they need so Jane will not need to quarantine because her credential shows her vaccination history. Jane will also be able to go to that concert in New Zealand and present that credential, all of which requires several hops through various trusted identity systems, but which minimizes the risk that anybody centrally knows where Jane has gone, who she is, or who she’s met. Verifiable Credentials allow Jane to still preserve a sufficient amount of her privacy as she moves through these different sets of circumstances, and yet allows authorities know she’s been vaccinated by a reliable entity. What’s key is enabling the interoperability between these different systems so there is less friction to Jane’s movement within her city, within her country and when she travels outside of her borders.”
Consider a vaccination card that may contain Jane’s name, the current date, the vaccine administered and the administering authority. Jane would keep this information safe and use it to show state border authorities, evidence she received the vaccine. At the border Jane will also be asked for her personal identification like driver’s licence. This information should be presented with the vaccination — together, will be stored as a credential on Jane’s digital wallet within her mobile phone. When Jane goes to the concert, instead of showing her paper vaccination card, she presents a QR code that elicits a decision: Yes (to admit)/No (Denied). The experience is the same as Jane showing her vaccination card and personal identification to the border authority, however, at no point is any personal information seen by the state border authorities.
Kaliya Young emphasizes the importance of a feature called Selective Disclosure which provides optimal presentment of data depending on the use case — a clear advantage over paper documents. For example, Jane can present her driver’s license to be admitted into a bar. This provides the security personnel full view of her date of birth, picture ID and license number. What he requires is the necessary information to make a quick decision about whether to admit Jane. In the digital space, Jane does not need to share all the information that exists on her license to access a space. In Jane’s credential, she could share her photo and an assertion (Y or N) that she is over 21. The rest of the information is not necessary. The security personnel will believe the information because it is signed by the issuer (the DMV). Similarly, when applied to the vaccine scenario, a border security guard may only require that Jane has been vaccinated and is still valid.
The use of assertions to replace actual data subject information [eg.” Yes” replaces the actual vaccination record that includes date, place etc.], plus the use of selective disclosures are key privacy preserving features that provide citizens a level of comfort to share only part of their personal information as required. Lucy Yang adds,
“The CDC may collect a wide range of information about those who have received vaccines including age and ethnicity. However, your paper vaccination card is a smaller subset of information that you receive. This same process is required to determine what goes into a piece of credential, which is also different from what is the minimum information required for verification, because it can vary depending on the use cases. Kaliya was addressing the last mile where you are presenting the information a verifier requires. To achieve interoperability requires a global standard that will define the minimum required information so you can freely move from one destination to the next.”
There is a clear case to be made for opening the economy safely while easing travel.
Recently, LFPH issued the open letter urging the U.S. federal government to lead in the issuance of “W3C-defined Verifiable Credentials, and to lead in the coordination of a trust framework to ensure interoperability within the U.S.” Perhaps the time is ripe for Verifiable Credentials to finally be explored as a solution that will minimize risk of disruption to existing systems, while moving at the speed of the Pandemic. As this technology evolves, it presents an opportunity especially in an environment damaged by the misuse and selling of data. The promise of Verifiable Credentials will demonstrate a measure of trust that for the first time, truly allows all citizens the freedom to move freely to school, to work, to public places, and across borders while alleviating concerns of inequity, access and surveillance.
This post originally appeared on Forbes.
Lucy Yang is also a founding member of MyData Canada