Versions Compared

Old Version 32

changes.mady.by.user Thomas Eppler

Saved on

compared with

New Version Current

changes.mady.by.user Dr.-Ing. Roman Zoun

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Innovation Tagline:  (decentralization of central Identity Provider)

Project Keywords:  TBA#decentralization #SSI #SelfSovereignIdentity #web3 #untrackable #Metaverse #DID

...

What we want to make possible: We want to show there is another way! Imagine "login with google," and google will never know you did it. We introduce an anonymous social login plugin for digital services to allow users to use the secure way to onboard and register using third party login, without notifying them about it. Our goal is to wake the privacy awareness in users and tell the world that social login can be anonymous and the data collected by them shouldn't be collected. Additionally, the user will have a passwordless Identity manager in his hand, no forgotten passwords anymore. Stop "login with google", start "login with without google as verifiable credential". 

list of abbreviations

  • OIDC - OpenID Connect allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner. OpenID Connect allows clients of all types, including Web-based, mobile, and JavaScript clients, to request and receive information about authenticated sessions and end-users. The specification suite is extensible, allowing participants to use optional features such as encryption of identity data, discovery of OpenID Providers, and session management, when it makes sense for them.
  • IDP - Identity Provider s a system entity that creates, maintains, and manages identity information for principals and also provides authentication services to relying applications within a federation or distributed network. Identity providers offer user authentication as a service. Relying party applications, such as web applications, outsource the user authentication step to a trusted identity provider

...

Besides this, we prepared a survey to find out features of our customers, the users, with the highest importance and lowest satisfaction value. This brings insights and high opportunity to our topic. Furthermore, we asked in the survey afterwards for the best features. From this we defined the top 3 4 List of the features in the topic Login, Accounts and personal data security:

  1. knowing which organization is sharing your data with whom else
  2. you have transparency about which personal data you have shared with which organization/website.
  3. that you can log into websites on the computer with biometric features (fingerprint, FaceID, ...) without having to enter a password
  4. you can decide and control who can see your personal data (name, email, date of birth etc.)*

The result is the top 3 4 wished features:

  1. that you can define who can see your personal data
  2. that you can *log into *websites particularly *comfortably and easily*
  3. that you can see in an overview which of your personal data is used by whom
  4. knowing which organization *is sharing your data with whom else*

Solution

In the beginning we will tackle the feature "you have transparency about which personal data you have shared with which organization/website." and "you can decide and control who can see your personal data (name, email, date of birth etc.)". During the " and "that you can log into websites on the computer with biometric features (fingerprint, FaceID, ...) without having to enter a password". During the hackathon, we will bring a solution or concept, together with hyperledger mentor and community, to solve the feature "knowing which organization is sharing your data with whom else". So we implement the second and third position from our customer research for the hackathon, and will provide a concept to solve the Top1 feature together with hyperledger community during the hackathon using methods from "inventive thinking". 

...

So we asked following features (1 not important/satisfied - 5 super important/satisfied):

IndexFeatureAvg ImportanceAvg Satisfaction
Ayour personal data (name, email, password, date of birth, etc.) are only stored with you and not somewhere in a "cloud" or with a provider.*3.
4
1764705882.
650
471
Byou can decide and control who can see your personal data (name, email, date of birth etc.)*4.
25
1764705882.
900
765
Cyou can confirm individual attributes of yourself (e.g. "Yes, I'm over 18 years old") without having to show all the detailed data (e.g. full date of birth)*3.
2
2941176472.
600
353
Dyou can obtain a service with an advantage (e.g. cheaper price) if you provide data about yourself*2.
4
3529411762.
200
118
Eyou have transparency about which personal data you have shared with which organization/website.*4.
05
1176470592.
250
059
Fto know how long which organization stores your data*3.
4
4117647062.
450
235
Gknowing which organization is sharing your data with whom else4.
05
117647059
2
1.
000
765
Hto know exactly to what extent a login service (e.g. Facebook, Google) tracks your activities across different websites in order to send you targeted advertising*3.
3
5294117651.
950
882
Iyou can decide for yourself what online services (e.g. Facebook) you use often store or evaluate about you - i.e. what you like, do, are, have*3.
3
352941176
2
1.
100
941
Jthat you can log into websites on the computer with biometric features (fingerprint, FaceID, ...) without having to enter a password3.
65
8235294122.
700
647



We clearly see that the feature "knowing which organization is sharing your data with whom else" has the highest importance and less satisfaction. 

...

So results are following top 3 4 features 

  1. knowing which organization is sharing your data with whom else
  2. you have transparency about which personal data you have shared with which organization/website.
  3. that you can log into websites on the computer with biometric features (fingerprint, FaceID, ...) without having to enter a password
  4. you can decide and control who can see your personal data (name, email, date of birth etc.)*



We asked for wished features and got following results:

...


FeatureAnswers
Athat all your personal data is only *stored with you (locally)*25%
Bthat you can define *who can see your personal data*45%40%
Cthat you can *confirm individual attributes of yourself *(e.g. "Yes, I am over 18 years old") without having to show all the detailed data15%10%
Dthat you have an *advantage* (e.g. lower price) *if you provide your data*15%
Ethat you can see in an overview *which of your personal data is used by whom*45%35%
Fthat you can see in an overview *how long who is storing your data*5%
Gknowing which organization *is sharing your data with whom else*40%30%
Hto see as an overview which of your *online activities* the login services (like Google, Facebook etc) are *tracking regarding across different websites*15%
Ithat you can *determine* which of your *personal data are stored by online services *which you use often20%15%
Jthat you can *log into *websites particularly *comfortably and easily*35%
KOther5%

...

  1. that you can define who can see your personal data
  2. that you can *log into *websites particularly *comfortably and easily*
  3. that you can see in an overview which of your personal data is used by whom
  4. knowing which organization *is sharing your data with whom else*