Category

Blog

Good Health Pass Collaborative Releases Draft Blueprint for Digital Health Passes in Advance of G7 Summit

By Blog, News

In an effort to restore global travel and restart the global economy, the Good Health Pass Collaborative today announced the release of the eagerly-anticipated Good Health Pass Interoperability Blueprint.

The Blueprint – released today in draft form for a three-week period of stakeholder consultations and public comment – is intended to stimulate discussion at the G7 Summit, which will open Friday in Carbis Bay, Cornwall, UK.

This announcement follows on a May 18 letter, sent by the Good Health Pass Collaborative to G7 leaders, urging them to adopt a statement of principles for digital health passes. The letter also called for the formation of a working group – composed of senior ministerial staff from G7, G20, and European Union health and transport ministries – with the task of reaching international consensus on standards by July 16.

Unprecedented global collaboration – between governments, nonprofits, universities, and the private sector – propelled the rapid development and distribution of highly effective COVID vaccines. A similar level of collaboration is urgently needed to ensure that verifiable digital health passes for international travel can be issued and universally accepted worldwide by airlines, border control agencies, and others.

Most governments already require proof of travelers’ COVID status – either through a recent negative test or, increasingly, proof of vaccination– as a precondition of entry. While dozens of solutions have been rushed to market to meet this growing demand, they vary greatly in the extent to which they protect user privacy and security and enable individuals to control access to their personal health information.

The absence of internationally recognized, consensus-based open standards – to which all solutions adhere – could leave individuals uncertain about the security and privacy of their data and even unsure of whether their health pass will be accepted for travel.

“Digital health passes offer our best hope to safely, confidently, and promptly restore global travel and restart the global economy – but only if they are widely trusted and adopted by the public and universally accepted by airlines and border control agencies,” said ID2020 executive director, Dakota Gruener. “The standards proposed in the Good Health Pass Interoperability Blueprint will make it possible for digital health pass systems around the world to be interoperable with one another, thus creating a trusted, convenient, and seamless experience for travelers as well as for airlines, airports, and border control agencies.”

Restoring international travel is vital to restarting the global economy. The World Travel and Tourism Council estimates that 61.6 million tourism-related jobs worldwide have been lost as a result of the pandemic. In 2020, travel and tourism contributions to global GDP decreased by 49.1%, a loss of $4.5 trillion (USD), nearly 18 times the impact experienced during the 2009 global financial crisis.

Under normal circumstances, it would take years to develop standards for digital health passes.

In February, ID2020 launched the Good Health Pass Collaborative, a multi-sector, global initiative to establish guiding principles for digital health passes and dramatically streamline the standards development process. Within weeks, the Collaborative grew from 25 partners to more than 125 companies and organizations from across the health, travel, and technology sectors.

Nine “drafting groups”, bringing together more than 120 experts from the health, travel, and technology sectors were managed through a partnership with the Trust Over IP Foundation the Covid-19 Credentials Initiative and Linux Foundation Public Health – all projects of the Linux Foundation.

The resulting Good Health Pass Interoperability Blueprint addresses – in considerable depth and detail – nine technical and interoperability challenges around which global consensus must be reached:

  • Design principles
  • Creating a consistent user experience
  • Standard data models and elements
  • Credential formats, signatures, and exchange protocols
  • Security, privacy, and data protection
  • Trust registries
  • Rules engines
  • Identity binding (ensuring the authenticity of the holder)
  • Governance

“This draft blueprint is historic, both in its depth and breadth of proposed standards, as well as the number of expert volunteers who contributed their time to its development,” said Gruener. “When we partnered with the Trust Over IP Foundation, we committed to an open and inclusive process. Releasing the draft for public comment today takes that commitment a step further. We felt this was incredibly important, given the range of public and private entities expected to play a role in the issuance and acceptance of digital health passes and the need to build public trust and support their adoption.”

The UK government – in its capacity as president of the G7 – has identified “leading the global recovery from coronavirus, while strengthening our resilience against further pandemic” as the highest policy priority for this 47th G7 Summit. International agreement on principles and standards for digital health passes are critical to achieving this policy priority.

About ID2020

ID2020 is a global public-private partnership that harnesses the collective power of nonprofits, corporations, and governments to promote the adoption and implementation of user-managed, privacy-protecting and portable digital ID solutions.

By developing and applying rigorous technical standards to certify identity solutions, providing advisory services and implementing pilot programs, and advocating for the ethical implementation of digital ID, ID2020 is strengthening social and economic development globally. Alliance partners are committed to a future in which all of the world’s seven billion people can fully exercise their basic human rights, while ensuring data remains private and in the hands of the individual. www.id2020.org

 

Trust over IP and Sovrin sign agreement to strengthen collaboration

By Blog, News

The Sovrin Foundation (“Sovrin”) Board of Trustees and Trust over IP Foundation (“ToIP”) Steering Committee are pleased to announce that they have signed a Letter Agreement (dated March 18, 2021). This agreement signifies the commitment of both organizations to mutual cooperation and recognition for each other’s mandates. Sovrin and ToIP intend to work together toward advancing the infrastructure and governance required for digital trust and digital identity ecosystems. 

“By signing this Letter Agreement, Sovrin and ToIP are excited to take a step further to support the need and importance of our separate but interrelated mandates to benefit people and organizations across all social and economic sectors through secure digital identity ecosystems based on verifiable credentials and SSI,” said Chris Raczkowski, Chairman of Board of Trustees, Sovrin Foundation. 

Under the agreement, each organization will assign one member to act as a liaison to coordinate and maintain lines of communication, attend plenary sessions, and provide periodic updates to the Sovrin Board of Trustees and ToIP Steering Committee. They will also seek opportunities proactively to exchange information, participate in discussions of shared interest, promote the value of each other’s work through joint announcements and media products, as well as collaborate to achieve their respective mandates.

Sovrin and ToIP both operate in a manner that respects open licensing, open source code and open standards. The organizations agree that their open, public materials will be available for reference (with attribution) by the other.

“ToIP and Sovrin each offer something unique to the market. Our members already collaborate together informally on many topics. Signing this agreement makes our work together more visible and open. It will create new opportunities to collaborate on challenges that affect every layer of our trust model,”  said John Jordan, Executive Director of Trust over IP Foundation. “By working together, we want to help solve interoperability problems more quickly and support the adoption of digital trust ecosystems more widely.”” 

If you have any questions or suggestions, please contact info@sovrin.com or operations@trustoverip.org  

To view the text of the agreement, please find it here.

About Sovrin Foundation

The Sovrin Foundation is a non-profit social enterprise which acts as the administrator and governance authority for public available SSI infrastructure, as well as supporting interoperability digital identity ecosystems that adhere to the Principles of SSI. Sovrin’s activities aim to serve the common good of providing secure, privacy-respecting digital identity for all, including individuals, organizations and things.      

About Trust over IP Foundation

Launched in 2020, the Trust over IP Foundation is an independent project hosted by the Linux Foundation. Its members include over 200 leading companies, organizations and individual contributors sharing expertise and collaborating to define standard specifications to advance a secure trust layer for the digital world. Through this collaborative effort, the Trust over IP Foundation aims to define a complete architecture for Internet-scale digital trust that combines cryptographic trust at the machine layer with human trust at the business, legal, and social layers. For more information, please visit us at trustoverip.org

ToIP Foundation Hosts the Interoperability Working Group for Good Health Pass

By Blog, News

Digital health passes — often mischaracterized as “vaccine passports” in the popular press — are making headlines as a key component in the drive to restore global travel and restart the global economy after the massive impact of the COVID-19 pandemic.

Enabling individuals to receive and selectively share proof-of-test, proof-of-vaccination, and proof-of-recovery with the highest standards for security, privacy and data protection will allow destination countries and travel systems worldwide to accept credentials from multiple market vendors. But concerns related to equity and access can only be addressed if these health pass implementations are designed to be interoperable.

As the leading global consortium for interoperable digital trust infrastructure, the ToIP Foundation has partnered with the Good Health Pass Collaborative – a project of ID2020 – to host a new Working Group focused on the core issues of interoperability, privacy, and equity for digital health passes. The Interoperability Working Group for Good Health Pass consists of nine drafting groups, each focused on a specific interoperability challenge as defined in the Interoperability Blueprint Outline.

“The Good Health Pass Collaborative is bringing people together to solve a set of problems that affect the entire world,” said John Jordan, executive director of the ToIP Foundation. “This ambitious effort uniquely aligns with the mission of ToIP because it requires interoperable digital credentials that can be accepted and verified anywhere they are needed. Getting this right, and doing so now, will not only make it safe for people to travel again, it will open the door for new tools and services that can solve other challenging problems that also require global-scale digital trust. For these reasons, ToIP is honored to contribute to this urgent global mission by hosting the Interoperability Working Group on behalf of the Good Health Pass Collaborative.”

Each drafting group, consisting of volunteer representatives from around the world representing the health, travel, technology, and policy sectors, will first conduct an intensive 30-day sprint to develop an initial set of draft recommendations. This will be followed by a second 30 day community and public review process to develop a final set of recommendations.

“Digital health passes – If properly designed and implemented – could offer a path to safely restore domestic and international travel, resume certain aspects of public life, and restart the global economy,“ said ID2020 executive director, Dakota Gruener. “Collaboration is critical at this juncture. Our organizations share a commitment to ensuring that digital health passes are designed and implemented in ways that serve the needs of the individuals and institutions that rely on them, while simultaneously protecting core values like privacy, civil liberties, and equity. ToIP has developed a powerful set of tools and models for digital trust frameworks, and we are delighted to be partnering with them in this critically important effort.”

The nine drafting groups collaborating within the new Working Group are:

  1. Paper Based Credentials will define how a paper-based alternative can be created for any digital health pass so access will be available to all.
  2. Consistent User Experience will specify the common elements required so that individuals can easily, intuitively, and safely use digital health pass implementations.
  3. Standard Data Models and Elements will determine the core data items needed across all digital health pass implementations for both COVID-19 testing and vaccinations.
  4. Credential Formats, Signatures, and Exchange Protocols will specify the requirements for technical interoperability of Good Health Pass implementations.
  5. Security, Privacy, and Data Protection will define the safety requirements for Good Health Pass compliant implementations.
  6. Trust Registries will specify how verifiers can confirm that a digital health pass has been issued by an authorized issuer.
  7. Rules Engines will define how digital health pass apps can access different sources of policy information to determine what test or vaccination status is needed for a specific usage scenario.
  8. Identity Binding will specify the options for verifying that the holder of a digital health pass is the individual who received the test or vaccination credential.
  9. Governance Framework will define the overall set of policies that must be followed for an implementation to qualify as Good Health Pass compliant.

By adhering to the Good Health Pass Interoperability Blueprint that will be synthesized from the outputs of these nine drafting groups, airlines, airports, hospitality industries, international customs officials and others will be able to process visitors easily without requiring additional unnecessary steps mandated by proprietary systems. Travelers will not be confused about which credential they need for each point of verification. Moreover, since individuals will be fully in control of their own personal data in credentials in their own wallets or devices, they can be confident that their private health data is not being tracked or misused.  

Interested organizations are invited to join the ToIP Foundation to participate directly in this new Working Group or in the public comment period in May. They are also encouraged to join the Good Health Pass Collaborative at ID2020 to participate in the construction, adoption, and advocacy of the Good Health Pass Interoperability Blueprint.

Trust over IP Foundation Introduces a New Tool for Interoperable Digital Trust

By Blog

When the ToIP Foundation launched in May 2020, our mission was to define a new model for achieving trust online—a model that breaks away from the thousands of siloed solutions for secure, privacy-enhancing digital identity and trust that do not work with each other. This lack of interoperability costs billions of dollars per year in complicated and time-consuming integration and hinders adoption by the very customers we are trying to serve.

Our goal is to drive adoption of a new model for digital trust based on open standard digital wallets and digital credentials that are every bit as interoperable as the physical wallets and paper or plastic credentials that we use every day—to do everything from getting on a plane to entering a hospital to signing a mortgage. As these new tools emerge as the primary mechanism for contactless identity verification, payments, and other online transactions, they will become as essential to our digital lives as browsers and email clients have become to the Web today.

As that happens, it is critical to avoid recreating the vendor-lock in and fragmentation of the “browser wars” that hindered the early days of the Web. Interoperable solutions that avoid vendor lock-in are paramount for a vibrant digital marketplace where consumers are free to choose their preferred digital wallet software from a variety of vendors and use digital credentials from any issuer as they choose.

The need for market-driven interoperability

Open standards alone do not produce interoperable market solutions—there are too many ways interoperability can still go off the rails. Testing labs are another step in the right direction—but vendors need incentives to use them, and those incentives can be scarce in a new market.

The ToIP Foundation recognized that, as our economy grows increasingly digital and collaboration tools grow steadily more powerful, there is a new path to interoperability: tapping market dynamics to drive incubation and adoption of truly interoperable solutions.

With this approach, vendors and customers voluntarily work together to develop interoperability testing requirements designed to meet explicit customer needs in the market. Vendors then satisfy those requirements by passing these interoperability tests with production-ready software.

Introducing the ToIP Interoperability Profile (TIP)

To facilitate this new approach to market-driven interoperability, the Technology Stack Working Group of the ToIP Foundation developed the ToIP Interoperability Profile (TIP). A TIP represents a specific combination of technologies that span each of the four layers of the ToIP technology stack in order to meet the requirements of a set of target customers in one or more digital trust ecosystems

TIPs can be designed, refined and supported by multiple vendors and customers wishing to collaborate on interoperability. A TIP typically includes the following elements critical to customer success:

  • Use cases capturing the specific requirements of customers in one or more digital trust ecosystems.
  • Design principles that must be clearly defined when combining technology and business policies to formulate a solution architecture. 
  • Documentation that clearly communicates the design, architecture, features, and benefits of a TIP to the digital trust ecosystems targeted for adoption.
  • Best practices and implementation guidance for adoption of a TIP, including how to incorporate policies from the ToIP governance stack.
  • Interoperability tests that enable vendors supporting the TIP to be certified for verifiable interoperability.
  • Adoption metrics and case study references that provide quantifiable evidence of the real market impact.

TIPs harness market forces to drive convergence on interoperability

Each TIP consists of two types of components:

  1. Fully-standardized components of the ToIP stack. These components, called ToIP Standard Specifications (TSS), are standards that have already gained Foundation-wide approval. 
  2. Custom components that are specific to a TIP. Some places in the ToIP stack do not yet have agreed-upon specifications. For these gaps, a TIP must specify how it fills the gap via an open community specification that can be implemented by any vendor or open source project.

A conceptual “lego block” picture of a complete four-layer TIP—showing how it is constructed from a combination of standard TSS components and custom TIP-specific components—is shown in the figure below.

Launching the Saturn-V TIP

The first TIP published by the ToIP Technology Stack Working Group is named for the historically significant multi-stage rocket platform, the Saturn-V. This TIP emerged from work begun at a 2019 Connect-a-Thon event held by the Hyperledger Indy community. When the ToIP Foundation was launched in May 2020, ToIP members including Commerzbank (Main-Incubator), esatus AG, Evernym, IBM, Trinsic and idRamp recognized the opportunity to coalesce their collaboration into a TIP. 

Once the ToIP Technology Stack Working Group was formed, it established the criteria for managing the lifecycle of TIP from incubation through design, demonstration, acceptance and adoption. The Saturn-V collaborators then proposed their TIP following this process and it was formally accepted as a Draft Deliverable by the Technology Stack Working Group at their 24 August 2020 meeting.

The next stage: mission-critical collaboration on interoperability testing

All the vendors participating in the Saturn-V TIP actively pair with developers from other participants to work through agreed-upon test plans. Having the Technology Stack Working Group oversee the TIP development life cycle on behalf of all participating vendors ensures a more transparent and robust joint testing project than a typical multi-vendor “plug-fest”. 

Since the technologies used for the Saturn-V TIP are Hyperledger Indy and Hyperledger Aries at layers 1-3 of the ToIP Technology Stack, the open source Aries Test suites will be used as the baseline for all test plans. Participating vendors are currently tackling the following stages of the Saturn-V Interop Test Plan One:

  • Self-Validation against Aries Protocol Test Suite for Aries Interop Profile v. 1.0
  • Peer-Validation
    • Core Aries Interop Profile v. 1.0 (Aries RFC 302), which supports DID connections, issuing credentials, and fulfilling proofs
    • Connectionless Proofs using the Service Decorator (Aries RFC 56),
    • HTTP over DIDComm (Aries RFC 348).

Future missions

Once Test Plan One is complete, TIP Participants will define Saturn-V Interop Test Plan Two which intends to minimally include peer-to-peer validation for:

Once these stages of interoperability testing are completed, the Technology Stack Working Group will be able to assess whether component specifications of this TIP meets the criteria to become a TSS. If so, these will be advanced to become their own Draft Deliverables for ultimate approval by the Working Group and then the ToIP Steering Committee.

Please join us

We invite you to join in development of the Saturn-V TIP and formulation of new TIPs that provide full-stack interoperability for digital trust ecosystems. If you are not yet a member of the ToIP Foundation, membership is open to anyone—individual or organization—at both free and paid membership levels. For more information, please visit the Foundation membership page.

TIP development is coordinated through the ToIP Technology Stack Working Group

To join the Technology Stack Working Group, go to https://lists.trustoverip.org/, log in with the email address of your ToIP Foundation membership, then subscribe to the mailing list.