You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Innovation Tagline:  TBA 

Project Keywords:  TBA

Project Members

  1. Roman Zoun Dr.-Ing. Roman Zoun
  2. TBA
  3. TBA

Project Description (no more than 1,000 words including graphics)

Imagine to "login with google" and google will never know you did it. We introduce an anonymous social login plugin to digital services to allow users use the secure way to onboard and register using thirdparty login, without notice them about it. Our goal is to wake the privacy awerness in users and move tell the world, that social login can be anonymous and the data collected by them shouldn't be collected. Stop "login with google", start "login with google as verifiable credential"

Problem

  1. Onboarding processes are established on nearly every online service using social login via OIDC This is easy, but involves a central identity provider such as LinkedIn Facebook google etc, see this:
  2. The current solution is user friendly and everyone love to use it, mostly with an two factor authentication, which involves often the mobile phone and a password. 
  3. The social login is integrated in the process like start-button on windows desktop, but everytime I use it, the central IDP notice this and can learn more about the behavior of the user. For example, I logged in here using linkedIn, so LinkedIn will provide me some advertisment arount linux foundation. 

Solution

  1. Provide a service which combines the usual social login onboarding, without the central IDP get your behavior. We introduce the Social verifiable credential, a service where a user login once, and issue his social account as verifiable credentials in his wallet. In addition we introduce a simple OIDC SSI verifier to include the social login as verifiable credentials easy into your service. 
  2. Our solution doesn't include any central IDP, no databases for storing the data and is easy to integrate to your service, as configuration for docker-compose, kubernetes AWS, Azure, Google Cloud ...
  3. As minimum is an issuer with the social login via central IDP. The verifier is not needed in the beginning, since a lot of products can solve this

Accomplishment and Team

  • We are currently only one person with some tech background and architecture with hyperledger aries 0.6/Spring/angular
  • more dev skills are required

Project Plan

  • Define schemas, implement plattform with social logins, implement self-issuer after login, implement OIDC-verifier with configuration, implement different ops configs
  • TBA




  • No labels