The Kriptan Identity Network

Empowering people in developing countries through affordable privacy-preserving regulatory-compliant identity verification powered by strong cryptography

1 billion people in the world are in need for an efficient and affordable identity verification solution that puts them in control of their identity whilst only requiring a basic literacy level and placing no significant managerial burden on them.

Traditional self-sovereign identity (SSI) solutions enable the user to directly store and manage on their mobile phone attestations signed by identity providers. These solutions have at least two problems relevant to developing countries. First, while they provide the user with full control over their identities, traditional SSI are complex to manage and place all the responsibility on the user. This does not seem to be the correct approach when dealing with people with low literacy levels. Second, they do not operate in real-time because the attestations are not generated on demand, but rather weeks, months or even years before they are actually used. This is clearly not reliable enough in unstable situations that unfortunately are common to too many people, including wars, political conflicts, famine or exodus.

The Kriptan Identity Network (KIN) is SSI for the poor. It is a global identity verification network which enables real-time identity verification from trusted identity providers using advanced privacy-preserving technologies. Governments, banks, telcos, utilities and other organisations can confirm facts about an individual. Advanced biometric-based authentications and ground-breaking cryptography enable the individual to link their verified identities to simple easy-to-use user accounts. The individual is in control of their identity, but the KIN manages it for them. Governments and organisations everywhere can rely on identity verifications against identity providers that take place in real-time without any breach of privacy, when they are needed, ensuring the verified information is always up-to-date.

This global standard will reduce costs, improve interoperability, reduce crime and ensure privacy. It will allow millions of people to access a commoditised identity verification service through which they will be able to exercise their basic rights as citizens of this planet.Thanks to the use of advanced Zero-Knowledge Proof cryptography, the KIN is capable of verifying identities without requiring that the user or the identity provider share, expose or send identity information, ensuring full privacy and immunity against any man-in-the-middle attack.

The technology has won awards from British Telecom (BT), Ernst & Young (EY), SwiftScale, PricewaterhouseCoopers (PwC) and BBVA Fintech for the Future 2018 among others. Thanks to this technology Sedicii was also selected as a World Economic Forum Technology Pioneer in 2015.

The ZKP technology spans the domains of cybersecurity, privacy and identity. The underlying architecture has been peer tested and audited by independent security experts. As the ZKP Verification Engine allows a person to view and manage their identity attributes, which are held by different Identity Providers and Relying Parties, the quality of and visibility into their overall identity footprint is significantly improved. In addition, thanks to the Kriptan Token, they now have a method to extract and accumulate value from this virtual asset - their personal data.

The KIN is a global identity verification network which enables real-time identity updates from trusted identity providers and verifies identities using advanced privacy-preserving technologies. Governments, telcos and utilities among others will confirm facts about an individual. Real-time interactions, advanced biometric-based authentications and ground-breaking cryptography will enable governments and organisations everywhere to rely on the information the KIN provides.

This global standard will reduce costs, crime, improve interoperability, and ensure privacy. It will empower citizens from all countries and open up new digital business opportunities that haven't been possible before due to prohibitively high costs and unacceptable levels of business risk.

The technology available through the Kriptan Identity Network, authenticates and/or verifies a user’s identity without storing, transmitting or exposing any part of their underlying personal data or private credential thanks to the Zero Knowledge Proof (ZKP) technology.

ZKP enables a person to prove to an Identity Provider (IdP) such as a Passport Office or a utility company that the information they provide is an exact replica of their records without having to send it. The IdP can then issue a secure token containing the verification result. This token can be consumed by one or several Relying Parties (RPs), such as bank or insurance company. The token has an access policy managed by the person, who controls who can access it and for how long.

Verified identities are linked to an account owned by the person. This account uses Multi-Factor Authentication (MFA) including device information and biometrics as well as ZKP, so that once more no sensitive information leaves the person’s device. The device is typically a mobile phone. The technical solution has already been developed.

The user-facing part of the solution is packed in an SDK that provides authentication, identity verification services and easy-to-use consent management capabilities. This SDK can be embedded in a web application and accessed through any web browser. It can also be integrated into a mobile or tablet application that can be used in any mobile phone or tablet supporting one of the main platforms, including iOS, Android or MS mobile. The solution can also be executed in a desktop, laptop or any other computing device including a Raspberry Pi that can power any digital identification system deployed in the field (e.g. a country border or immigration office).Basic authentication and identity verification using ZKP could also be, in principle, provided through feature phones.

The Kriptan Identity Network (KIN) is suitable for operating in low-bandwidth situations because the underlying ZKP technology developed by Sedicii only consumes a few KB of bandwidth and it is carefully implemented to be resilient against short-lived connectivity losses.

The KIN operates in real-time. However, in no-connectivity situations it can store identity verifications for a few hours, minutes or days. The lifespan of the verification can be adjusted depending on the particular use case.

The user interaction with the app is mainly needed when the user registers, when they need to consent to sharing identity verifications or when their identity attributes change and they have to refresh their consent. In all these cases, the ZKP technology runs transparently in the background, so users just need to confirm these actions by entering their password, PIN, fingerprint or similar method. Additionally, the user interface is designed based on universal design principles so that users with low literacy level can make use of the app.

All the software can be accessed through Open API’s. To ensure interoperability a different native SDK will be provided for the main mobile platforms and an SDK in the main programming languages will be made available for the web and desktop integration.

The Kriptan Identity Network is powered by one or several nodes called Zero Knowledge Verification Engines (ZVEs). Any organisation will be able to deploy one of these nodes that connects end-users, Relying Parties and Identity Providers.  

Our mobile app user interface will be designed based on accessibility, usability and inclusion design principles as described by the Web Accessibility Initiative. We will also take into account previous studies in mobile interface design for low literacy populations and best practices to design mobile applications for low connectivity environments, assuming as well that phone resources are limited.

Alternatively, ZKP could in principle be executed on feature phones by developing a minimal user application that resides on the SIM card, using the SIM Toolkit and the Java Card programming language, although more work is required to evaluate its feasibility.

The Sedicii vision is centred around a new, global standard for identity and KYC, that will reduce costs, improve interoperability, reduce financial crime and ensure privacy. This set of capabilities will commoditise identity verification and make it available to the population.

The Kriptan Identity Network will grow through partnerships with Relying Parties, including financial institutions, Governments and non-profit organisations which will bring their customers into the network.

We are working in pilots with ESB Networks, the Irish electricity company and two banks, Waterford Credit Union and Savvi Credit Union. Trustme and Leva, two companies offering fractional ownership of real estate and private equity, respectively, are about to use our product in the next few weeks. We are also working with a tier-1 global bank on a pilot targeting AML transaction monitoring.

Our team gathers experienced entrepreneurs and identity experts from different countries. Rob Leslie (CEO) founded Kyckr a leading KYC company listed on ASX and was a launch team member of Dell Japan, growing to $300M and 300 employees. Patrick Curry (Director of Innovation & Strategy) is also CEO of British Business Federation Authority working closely with EU, British Government, NATO and Interpol and an expert in federated identity. Miguel de Vega (CTO, Ph. D. in maths from the Université Libre de Bruxelles, Masters in Engineering from the Madrid Polytechnic University) has authored 27 patents and been published in international journals.

Our revenue model is based on (a) annual subscriptions or (b) transaction fees. The paying customers are the relying parties (RPs) requiring identity verification services, such as governments, banks, insurance companies or non-profit organisations.

A ZVE connects RPs to IdPs. The IdPs are the organisations which have the identity information, such as governments, telcos and utilities. The largest percentage of the RP fee goes to the IdPs and the ZVEs. The smallest percentage goes to the end user and to Sedicii.

Sedicii will run the first ZVEs. This will require contacting the RPs and IdPs and inviting them to be part of the KIN. After this initial phase, companies such as IBM or Oracle will be invited to run the ZVEs, bringing in RPs and IdPs. This constitutes a sustainable growth mechanism for Sedicii. Companies will be interested in running ZVEs not only for the fees, but also because of the value of the metadata. The ZVEs see no personal information, but they see flows of verifications between RPs and IdPs which can be extremely valuable to the companies given the fact that more and more services in our economy are going to require the verification of identities.

Having an identity is a prerequisite to access basic human rights and to access the financial system. One of the main elements in our vision is to be able to make identity verification affordable, ubiquitous and available to everyone on this planet. We think the Mission Billion Challenge would be a significant step towards turning that vision into a reality.

The main key barrier is how to grow the Kriptan Identity Network (KIN). This involves finding Relying Parties (RP) and Identity Providers (IdPs). We are seeing a lot of interest from RPs to consume cheaper identity verification services, as well as from IdPs to monetize their personal information while adhering to the most stringent data protection regulations. Our current approach is to begin with specific use cases in specific geos. Such is the case of our pilot with the Irish electricity company and a few banks around proof of address in the south of Ireland.