- From: <fotiou@aueb.gr>
- Date: Thu, 9 Nov 2023 09:33:49 +0200
- To: "'CCG Minutes Bot'" <minutes@w3c-ccg.org>, <public-credentials@w3.org>
Sorry if it has been repeatedly asked, but I think it will be very convenient to include in such emails a link to the video recording as well. https://meet.w3c-ccg.org/archives/w3c-ccg-weekly-2023-11-07.mp4 Thanks, Nikos -----Original Message----- From: CCG Minutes Bot <minutes@w3c-ccg.org> Sent: Thursday, November 9, 2023 7:21 AM To: public-credentials@w3.org Subject: [MINUTES] W3C CCG Credentials CG Call - 2023-11-07 Thanks to Our Robot Overlords for scribing this week! The transcript for the call is now available here: https://w3c-ccg.github.io/meetings/2023-11-07/ Full text of the discussion follows for W3C archival purposes. Audio of the meeting is available at the following location: https://w3c-ccg.github.io/meetings/2023-11-07/audio.ogg ---------------------------------------------------------------- W3C CCG Weekly Teleconference Transcript for 2023-11-07 Agenda: https://www.w3.org/Search/Mail/Public/advanced_search?hdr-1-name=subject&hdr-1-query=%5BAGENDA&period_month=Nov&period_year=2023&index-grp=Public__FULL&index-type=t&type-index=public-credentials&resultsperpage=20&sortby=date Organizer: Mike Prorock, Kimberly Linson, Harrison Tang Scribe: Our Robot Overlords Present: Harrison Tang, Pauld gs1, David I. Lehn, Manu Sporny, TallTed // Ted Thibodeau (he/him) (OpenLinkSw.com), Nate Otto, Charles E. Lehner, Kimberly Linson, Joe Andrieu, Vanessa, Adrian Gropper, Erica Connell, Will, Nis Jespersen , Jeff O / HumanOS, Chandi Cumaranatunge, Steve Magennis, Phil (T3), PL/T3, Denver, Bob Wyman, Dmitri Zagidulin, Jing Chao, Brandi Delancey Our Robot Overlords are scribing. Harrison_Tang: Okay it hasn't started. Kimberly Linson: In if you are on the thank you oh don't talk is what you're telling me to wait on says it's thing today so really quickly that today we have a new talking about true age which is I think a really exciting use case and a demonstration of the kind of power and adoption that we are you know I just keep telling books I feel like the flywheel is really starting to churn and I'm now I'm just worried about getting my sleeve caught. Kimberly Linson: I'm sorry. Kimberly Linson: And if you are on the ccg list man who already posted the slides he's going to be going through today so you can have those and follow along just to go through our our housekeeping items we follow a code of ethics and professional conduct the link to that can be found in our agenda but I think the basic premise is that we are all driving towards the same goals and and we want to. Kimberly Linson: Foster a community of. Kimberly Linson: Being and respect and participation from everyone in the community and I think that is is one of the things I really enjoy about being a part of this community we welcome everyone to attend and be a part of this community group in fact that is the purpose of a community group is to have as many different varied voices as possible to provide feedback and ideas and iterate to the larger from the larger Community to. Kimberly Linson: To the the work. Kimberly Linson: Groups it t at w3c so anyone is welcome to participate however if you want to get deeper into the work and really provide any kind of substantive contributions than I would invite you to please sign the full IP our agreement and join w3c both of which do not cost and you can do that by following the links also in the agenda we do keep minutes and an audio recording of this call. Kimberly Linson: What you just. Kimberly Linson: The UN video recording which you just saw a start and that is important for us to keep a record of what's being said both for you know historical preservation and and organizational history but also to just make sure that we are open and transparent about the things that are being discussed in in this community and we do keep track of in the in the queue use that too. Kimberly Linson: To keep track of speakers. Kimberly Linson: And that is what Harrison and I will be managing I invite everyone who has a question or a comment on what we're about to here today to to participate in the queue and you do that by putting q+ in the queue and if you want to remove yourself from the queue you can put Q - and now we are to the time of day that I always look forward to which is introductions and reintroductions for those of you that weren't on the call last week we actually. Kimberly Linson: Used the time last week to do a. Kimberly Linson: And all Community introduction which was great so I really do invite you if you were not here last week and want to reintroduce yourself if you haven't been here for a while and want to introduce yourself or if you are brand new to please put yourself on the Queue and let us know that you're here. Kimberly Linson: All right I will I will take that as a sign that everyone feels like they are well-versed in this community and move on to announcements and reminders does anyone want to put themselves on the Queue with an announcement or reminder. Kimberly Linson: Manu go ahead. Manu Sporny: https://www.w3.org/TR/rdf-canon/ Manu Sporny: I can do one real quick the rdf data set canonicalization specification which is one of those boring pieces of Plumbing that kind of power some of the verifiable credentials work was successfully published on on Halloween of all days as a candidate recommendation so that basically means that we are feature complete we are looking for implementers for that specification. Manu Sporny: As we already have quite a few implementers for the specification it did not change that drastically since 2015 or so so that let's see yeah that that specifications out there right now will be kind of collecting implementations through the end of q1 I'm next year and then we'll be proceeding that specification to kind of a global standard at that. Manu Sporny: Point so. Manu Sporny: It's been in the making for 8 years now I guess it should really probably closer to 11 years as when the work started but nearing the end which is great to see the other heads up is that we were scheduled to do the candidate recommendations for the verifiable credential data Integrity specifications today but due to workload issues. Manu Sporny: Who's at w3c. Manu Sporny: Happened there is a we're planning on publication of those in the candidate recommendation next week at some point that's it. Kimberly Linson: Wait could you do you have the link candy to those two to put in the chat please. Manu Sporny: Yeah let me try and find. Kimberly Linson: Thank you Harrison. Manu Sporny: https://www.w3.org/TR/vc-data-integrity/ Harrison_Tang: Yeah man you are just curious can you give us a little overview of the rdf canonicalization like how's that different from like linked data you know yeah it's like who are the relationship between the two if there's any. Manu Sporny: https://www.w3.org/TR/vc-di-eddsa/ Manu Sporny: https://www.w3.org/TR/vc-di-ecdsa/ Manu Sporny: Yeah that's a great question so I'm trying to get these links in here here the other links to ecdsa Media say the the relationship basically when you need to digitally sign something like a verifiable credential there are various different ways that you can digitally sign it one of them is you can just take the verifiable credential and kind of. Manu Sporny: Shove it into an. Manu Sporny: Elope as it stands and then digitally sign that the problem well one of the one of the issues with doing that is that sometimes depending on the type of envelope you stuff the verifiable credential into all of a sudden you can't see any of the data you can't work with it you know like a put it in a database and all that kind of stuff so canonicalization is basically used to take a verifiable credential as you see it and then transform it into something that. Manu Sporny: You can digitally sign in a way that is. Manu Sporny: In a way that kind of signs the meaning of the credential instead of just signing what the credential looks like so there's a difference between signing the B which obscures what the credential you know it obscures the credentialing can't see it anymore versus signing the information associated with the verifiable credential so. Manu Sporny: A high level is it unfortunately this stuff is like super low level cryptography stuff but fundamentally rdf data set canonicalization is an attempt to sign the information that goes along with the verifiable credential so that you can put that verifiable credential in a lot of different places without there being issues with it like like for example if you just sign the B. Manu Sporny: Adding a. Manu Sporny: Single white space into the verifiable credential will destroy the signature and that's a problem when people go and lay copy and paste this stuff and put it in web pages like they do for like manat org and SEO optimization and you know doing things like listing store hours and products and stuff like that so rdf data set canonicalization allows you to basically make the data in the verifiable credential more resilient and digitally sign it at the same time. Manu Sporny: Really that was helpful it's hard to it's hard to. Manu Sporny: You know what it is at depth. Harrison_Tang: Yep yeah I recall you mentioning about this as part of the daily Integrity proof presentation so thank you. Kimberly Linson: Thanks that was great any other announcements are reminders. Kimberly Linson: Okay Manny well I will give you the floor back to tell us about true age and what you've been up to. Manu Sporny: All right let me go ahead and screen share here. Manu Sporny: So today's presentation is on a production deployment a really large production deployment of w3c verifiable credentials so using all the technology that we've been working on in this group for the past many years eleven plus years I guess at this point this stuff is actually rolling out into production and not in a small way in a very very you know large way so that's what the presentation is about its. Manu Sporny: Kind of about. <nate_otto> world premiere presentation! Manu Sporny: I learned things that nature this is the first time this presentation is being done anywhere so please be kind it's trying to explain the expansive this of the project is is also fairly difficult okay so this this project is called true age it is a digital age verification program that is nationally available right now in fact the program went into production in January of this year. Manu Sporny: And we took a long time. Manu Sporny: Waiting to talk about it because we wanted to make sure that everything was running correctly and you know there was a good adoption story there and that sort of thing so this is about digital age verification it's about making sure that you know college students are no longer able to use their fake IDs to go in and buy things they shouldn't be buying it's to make sure that you know the sale of age gated products in the United. Manu Sporny: Is done in a safer more responsible way I'll go into the reasons why that's a difficult thing to accomplish these days but first of all let's talk about like what production deployment means so true age went into production in January 2000 23 at the end of July California the state of California DMV announced that they. Manu Sporny: They were integrating it into their. Manu Sporny: Digital driver's license so this image that you see here on the left is a verifiable credential it's a 100% Bonafide w3c verifiable credential that expresses that the person is above a certain age and you've got a picture of the individual there so that the clerk can match it against the individual and then scan the code so this is integrated into the state of California's digital driver's license application. Manu Sporny: It's just rolled out into a pilot last month 1.5 million people is the target pilot population with an expansion to the 24 million California's that have a driver's license in California you will note that it is not using the mdl to prove age at all this is using a different technology that's more privacy preserving and I'll go into those qualities here in a bit. Manu Sporny: So that was in October. Manu Sporny: Sorry that was in in like august/september that announcement was made in October last month verifone who is the largest point-of-sale manufacturer in the United States they cover close to 60% of all convenience retail stores in the United States. Manu Sporny: So there are. Manu Sporny: Ten fifty thousand of these stores verifone provides point of sale software for close to 75 thousand of them and so basically verifone announced the integration of true age this new privacy protecting you know age verification program so you've got the largest point of sale vendor in the United States integrating true age the verifiable credential you know privacy preserving approach of approving age at the point of sale. Manu Sporny: There reaches around 124 million. Manu Sporny: Those are the people that are under the age of 40 that you're supposed to card when they walk into the store and try to buy a bottle of wine or things of that nature and then the target population for most Californians is you know 24 million that have a driver's license okay so this is big news big adoption its public this booth this is our booth at the National Association convenience stores show that had twenty-four thousand attendees. Manu Sporny: Yeah and then the California DMV. Manu Sporny: Is on the left okay so that's the high level business use case you know it seeing adoption there's significant money and effort going into it but let's go back to kind of understand why how digital age verification actually works because it doesn't work like a lot of people talk about it when they talk about digital credentials and mobile driver's license and things like that this is you know when people hear age verification they're like oh I just show my. Manu Sporny: Ins like. Manu Sporny: That is part of it but that is certainly not the whole story so fundamentally you know true age in these are you know true age slides they're committed to safely and simply keeping age-restricted products out of the hands of minors as some of you may realize you know there have been printing technologies that have been outsourced from the United States subsistence specifically around driver's license Printing and so it is fairly easy. Manu Sporny: Easy to get a fake driver's license. Manu Sporny: That is printed on the same printers using the same ink and materials and the same software that DMVs end up using so it's very easy to create fix these days and you can't really tell by looking at the plastic card that it's a fake even more challenging the way the the way things work in the United States is that retailers can ask a driver it can't ask a DMV whether or not a driver's license is real or not. Manu Sporny: There are costs associated with the states that. Manu Sporny: Happens some states only allow that to happen with you know law enforcement and what that ends up the the situation we end up in is the clerk that's you know basically policing whether or not the the age gated product should go to a potential you know someone that's under age has no way of knowing whether that plastic card that they're holding that looks very real is in fact legitimate driver's. Manu Sporny: License so. Manu Sporny: Needed to be you know it needed to be addressed and they said well you know we could go digital with it we could depend on digital signatures which you can't counter fit in in that might be the way to kind of combat some of this uptick and card fraud that we're seeing the other thing to know about the organization that put this together the National Association of convenience stores. Manu Sporny: Profit and connects us their standard-setting body is also a non-profit standard-setting body like like the World Wide Web Consortium they you know create standards for the retail industry and they depend largely on Open Standards w3c ITF things like that in when the verifiable credentials want to work was happening they looked at it and went we believe that is the solution that we need to use an open standard Bearer. Manu Sporny: Bible credentials this. Manu Sporny: Re is massively decentralized so you these hundred and fifty thousand stores you might have like you know 17,000 to 20,000 well sorry no 12,000 to 17,000 of them are like 7-Eleven but the but the long tail is like mom-and-pop own stores the you know family owns two to three stores in that is the vast majority of the the way these. Manu Sporny: Stores operate. Manu Sporny: So anyways massively decentralized and we needed a solution that would help all of them without harming the decentralization aspects the other thing to know is that most of the age gated products in the United States are sold through convenience stores so that is where most people go to buy age gated product they do 54 million transactions a day every single day 365 days a year some days it's a little. Manu Sporny: Or some days it's a little less but it's a massive number of. Manu Sporny: H gated transactions that they do and that includes everything you know they're it includes everything that you can think of from alcohol to cigarettes to vape to cannabis to energy drinks or regulated in some states you have to be over a certain age to to buy them things that things of that nature these dots kind of represents how many of these stores exist. Manu Sporny: The stores nationwide that fluctuates by a couple thousand every year they do 165 million transactions a day the stores together 200 million plus customers per year so 2/3 of the US population finds themselves in the convenience retail store at some point during the year many of them multiple times a week and as I said you know over 50 million age checks per day the reason this is such a big deal to. Manu Sporny: To a convenience store is the margins of razor razor. Manu Sporny: At a convenience store if you if you sell 10 million dollars worth of products through your store your your profit on that might be twenty thousand dollars so most of the stuff is just razor thin gas has sold at a loss to try and get people into the store to buy coffee and sandwiches and things of that nature and educated products and so. Manu Sporny: So if they sell to the wrong person. Manu Sporny: Accidentally sell to a minor they knowingly sell to a minor it's jail time they lose their liquor license these stores are a part of a police stings fairly regularly first offense is a two thousand five hundred dollar fine so that's 10% of their profit for that month would just go in a single violation each single violation is you know multiple finds in the big problem right now is that. Manu Sporny: These Clerks. Manu Sporny: You are now. Manu Sporny: You know trained in counterfeit detection on cards and even if they were it's really hard to tell counterfeit card these days are not able to keep up to figure out what's the fake and what's not the other danger of course is in a convenience store If you deny someone a sale there is a nonzero likelihood that you're going to have a gun pointed at you shootings at convenience stores or. Manu Sporny: Unfortunately common well at least violence at convenience stores can be common from consumers that feel like they should have been sold a product and they're being denied so there's a lot of safety Clark safety that that we're concerned about here as well when you put a clerk in that position who is you know they're making minimum wage when you put them in a position to policing you know an age gated product there is always the. Manu Sporny: At them saying no puts them in danger so fundamentally what we needed was a system that did not put the clerk in that kind of danger we needed a system to say no we needed to make sure that the clerk wasn't the one saying no we needed an on fraudulent identity documents and the other really nice thing here is that the National Association convenience stores was saying if people you know if. Manu Sporny: We're if we're tracking individuals people you know themselves nobody's going to buy into the thing this needs to be privacy-preserving from the get-go we need to take gdpr and CCPA and vcd Pa and all the Privacy regulations that are coming into into the for seriously in build a system that is truly privacy-preserving where we cannot you know. Manu Sporny: Know which individual. Manu Sporny: Buying what product as they go from store to store the other thing you know they really wanted to avoid is were like look the you know retailers want to know that information in that is not the purpose of the program you know retailers would love to have you know be able to track individual store to store but clearly That's goes against privacy regulation and is not the right thing to do for a digital age program the other danger here. Manu Sporny: Any of these stores were buying point of sale software that was just storing IDs they would scan the driver's license in store 35 pieces of pie on the point of sale system and that is just not a good thing to do it creates a Honeypot that that attackers can attack and so we wanted to eliminate the storage of all that pii Across the Nation so that those are the things that are kind of that were driving this program the other thing is. Manu Sporny: Is that right. Manu Sporny: They wanted they didn't want to be responsible for building this system and then building it you know buying something and then finding out that it didn't actually achieve what they needed to in the state that they were operating in they wanted to make sure that the documents that they were receiving to do age verification where authentic documents meaning digitally signed on fraudulent and they wanted it to be fairly you know friction fee-free based on a valuation. Manu Sporny: Ation that this National. Manu Sporny: And convenience stores did 90% of people in the US in the sample set supported a nation Nationwide standard for age verification so customers basically said you know I don't want to you know I don't want to go into one store and and be vetted in one way and going to another store and be vetted in another way this this was happening so for example like you know people use their passports sometimes to prove age when when they're visiting. Manu Sporny: Eating from out of town like in Hawaii. Manu Sporny: There's a lot of passport usage to prove age whereas in certain States you know you're the types of ID's that you need to take like tribal IDs versus driver's licenses you know tend to tend to create friction at the at the point of sale so there there's a lot of complexity here in you know which age document proves your age so people basically said it would be nice to have you know one way of doing this across the u.s.. Manu Sporny: You know when you look at this program from the outside it's a fairly simple program you want to keep adult products out of the hands of underage kids you want to shut down social selling so social social selling is when someone above age goes into a convenience store in buys a lot of age gated product and then walks to the nearest high school in resells that to high schoolers right so that's social selling that we wanted to cut down. Manu Sporny: On social selling also. Manu Sporny: That the individual would just chain from store to store they would go to one store by their top limit and just walk into the another another store different brands different retailer by their limit than walk into yet another store and do that these systems you know these systems were completely disconnected and that meant that people could go way above you know they're their purchase limits and then go and do social selling with that we wanted to. Manu Sporny: Standardize the carding process and of course protect. Manu Sporny: See as they went in there's no reason why you should be handing over 35 pieces of personally identifiable information when all you need to prove is your age at the end of the day the thing you show is this thing on the right here so this is my kind of true a JAP this is a verifiable credential for in age token that basically says I'm over the age of 21 and it and it has a you know a single. Manu Sporny: Use token in it. Manu Sporny: That's it there's it doesn't have my name it doesn't have an image it doesn't have my home address or any of that stuff in there okay so let me let me pause for half a second I've kind of covered high-level stuff any questions so far you can keep going to the tech stuff but go ahead David please. Manu Sporny: Yeah I'll get into the details they are and how we do it fundamentally we take the identity information and create a synonymous Persona so there is there is we can tell counts associated with a certain token but we can't get to any of the pii I'll go into that here in a bit. Steve Magennis: Yep can you hear me that kind of a typical store might do 10 million dollars of sales with a. Steve Magennis: It's about you know 2% margin and then you follow it up to say that a 25 hundred dollar fine represents 10% of the profit for that month. Manu Sporny: Yeah she was a hand a bit of a hand wave. Steve Magennis: I understand that by me this is like you know a factor of 100 raise one is kind of get a sense of you know what these convenience stores sort of you know sort of an average ones are typically does in terms of business. Manu Sporny: It there it is an average one in the middle of the Midwest and a 400 person town or one that's in downtown New York City right eye well it I it the ten million one is probably something that is in a service area of like 100,000 people. Manu Sporny: But again I mean it's it varies wildly. Manu Sporny: In the fines vary wildly and then who's stung where varies wildly like as you can imagine like the further you get out in the rule rural communities the less stings there are the less things of that nature the more you get into cities the more stings there are. <nate_otto> Fines in Oregon are $1000 to the employee and $5000 for the establishment for age check violation. Manu Sporny: Is a lot of diversity I guess is what I'm trying to trying to say. Steve Magennis: Yeah but me I guess I guess maybe a better question would be so is sort of a two percent to 25 percent margin kind of not uncommon or is it work now. Manu Sporny: It's not uncommon that's a pretty common thing I mean you've got you know station you know these convenience stores also sell gas so if you if you go to a gas station at all that's that's a convenience store or is it is a convenience store right and what they typically do is they sell gas at a loss to get you into the store so you will buy a Gatorade or a coffee or you know. Manu Sporny: Like that something that has a higher margin item so the whole business model for convenience stores is built around getting you into the store so that they can sell you something that's in the store. Steve Magennis: Okay thank you. Adrian Gropper: Okay in the early slides you showed California driver's license and and a wallet so I'm just curious and I'm sure you're going to maybe get to this this presentation that you just showed us with your picture on it is that something that would be available in the DMV app or how is that being handled that not just. Adrian Gropper: Immediately but sort of. <steve_magennis> This is exciting stuff! Adrian Gropper: Mixed ages in the future. Manu Sporny: This thing on the left Adrienne is that what you're talking about are you talking about the thing on the right the thing on the left is available in the DMV app today so if you're in California if you're a California Citizen and you've got a driver's license there you can get this today. Adrian Gropper: And what I'm asking is all of this back-end stuff which I'm sure you're going to get into you know to avoid social selling and what's not is this integrated into the system when you are using the California driver's license app to prove age. Manu Sporny: That guy's I think I'm trying to read between the lines Adrian the so does the California DMV app do anything special other than showing a QR code and the answer to that is no so the count California DMV app all they do is they show these single use tokens and they show the picture and that's effectively all that's done there right the the mechanism to. Manu Sporny: To ensure that people aren't going over there. Manu Sporny: Limits for anything that does have limits on it products that have limits on it that's all done in the back end of the true age system. Adrian Gropper: And I'm sure you'll get to this the reason I'm asking is there's already over a decade of experience with prescription drug monitoring programs that have similar requirements so please go on them I think you're going to get to that. Manu Sporny: Yes that's exactly right Adrienne and I would imagine this system is closely related to that but takes a more aggressive privacy stance than prescription drug systems tend to take so part of you know the part of the work that we did you know in the program is is look at the way prescription drug programs you know operate. Manu Sporny: Because the Cannabis regulations and the u.s. look like they were going to you know follow the same kind of path but yeah I'll get into that a bit more Adrian they're very strong parallels between the two systems and then just please you know ask ask the the remaining questions when I get to it if I don't answer your question okay I'm going to keep going here's some just cook or tannins. Manu Sporny: The slide. Manu Sporny: Up there so you can read through the details here I wanted to put a focus on privacy today and this other thing free this system is free for retailers it's free for consumers there was no way that the system was going to get adoption if it wasn't free to the retailers and the consumers as I said true age is a non-profit and acts as a non-profit their goal is to solve industry problems. Manu Sporny: For the. Manu Sporny: Three it's the Retailer's job the retailers are the ones that are for profit okay systemic volume limitations will talk about that here in a bit okay so how does this work fundamentally we started the design off with a massive reduction in pii we did not want to collect all 35 pieces of information on a driver's license so the way this was done before is they ask you for your driver's license they flip it over and there's a PDF. Manu Sporny: 417 Barcode. Manu Sporny: They scan that and they put it into the point of sale system that captures all of the data in that PDF barcode which is all of your Pi on your driver's license so you hand all of that over when the it was checked so the first thing we want to do is reduce the amount of pii that that even touches the true age system to follow what we saw happening with gdpr and CCPA which is you need to as a retailer. Manu Sporny: Reduce the pie. Manu Sporny: Collecting to the bare minimum for the transaction that you're performing and collecting 35 pieces of information was over collection of information so we narrowed it down to four pieces of personal information the issuing authority so which state issued this driver's license the document identifier number which is the driver's license number your date of birth and when the document expires those are the only four pieces of information that ever go into the true age system and when they go into the. Manu Sporny: The true Edge system. Manu Sporny: Immediately encrypted multi multi way encrypted meaning that it true age by itself cannot extract that pii again right so what we do is we require multiple parties to unlock the pii data there has to be a subpoena in play there has to be potentially law enforcement or the the courts in play legal counsel has to be in play and the technical team that operates the. Manu Sporny: In production has to be in play so you need multiple parties that are struggling for the word five mutually distrustful of each other to unlock it right so so you don't want you know everyone agreeing to unlock whenever they need to unlock something you need to make sure that you know the legal legal and operations. Manu Sporny: And all those folks are involved. Manu Sporny: Basically we take these four pieces of information we create a pseudonymous identifier for the person that only lives in the true age system in we lock away the pii until it's actually required based on some kind of legal process so once we you know create that suit on a pseudonym inside the true Edge system we issue a single use tokens and those single use tokens are the things that are used. Manu Sporny: Outside the system these single use tokens are. Manu Sporny: Lately random only the true age system can map them back to a Persona and even when we map it back to a Persona we don't know who that individual is all we know is what limits they may or may not have hit so the reason we did this is to prevent retailers from using these tokens to track people even the same retailer to stores from the same brand using a single-use token at one retailer and then the the next store. Manu Sporny: Does not allow them to track you. Manu Sporny: Single use okay and this kind of just goes over how that tokenization process happens the other important thing about this program is we have to make sure that these are real people that are onboarding into the system they do have you know we still and this is going to happen for a long time as far as verifiable credentials are concerned there are going to be plastic cards that exist. Manu Sporny: Some of those cards are going to be fraudulent. Manu Sporny: We know that we do our best to check the the driver's licenses though so they are services that allow you to check their water marks that exists in some drivers licenses that we can check before we onboard people this goes above and beyond what a clerks able to do at the cash register and then fundamentally that individual in order to activate these tokens activate the verifiable credential tokens they have to walk into the store and. Manu Sporny: Sent a driver's license present the QR. Manu Sporny: Um in a way that in a way that we can kind of bind the human being to those those sets of tokens the system is designed to work in fully offline mode so the store does not need to be online in order to check the verifiable credential and the digital signature on it that says the person is above a certain age yeah I think that's that's more or less that. Adrian Gropper: This sounds very interesting because it seems like you've created a contextual reputation system where deduplication is done on the basis of the duplicator credential the driver's license but the reputation is managed contextually for under whatever you know principles apply. Adrian Gropper: Enforcement or whatever you want to call it here how General is this model that you're using or am I leaping way too far is it is it truly is this idea of requiring a subpoena to break the notary's log is the way I always thought about it a general solution for reputation in context. Manu Sporny: Um that's an excellent question Adrian I I don't know is the answer I you know I think we'd like to think that it's generalizable we have been razor sharp focused on just age the the biggest thing we did not want this system to turn into is you know a tracking mechanism for Consumer preferences right and so we have tried to just narrow. Manu Sporny: To the. Manu Sporny: 2H gated purchases and enforcing quantity restrictions and that's it you could argue that that is generalizable to something like you know pharmaceutical industry it's generalizable to other systems that you know narrowly focus on a particular quality of an individual but you know I we haven't deployed we haven't we haven't deployed the generalized solution in other environments there. Manu Sporny: It would be differences. Manu Sporny: One thing that we did learn along the way is that there's always this pressure to like add more information and more you know kind of correlated will feels to the Persona in we've found that it's really important to have a set of legal staff that understand why that is such a horrible idea right I mean Goods because you have to think about kind of the Dynamics at play here retailers want more and more and more data. Manu Sporny: AA on the. Manu Sporny: But that works against the program because the more you know data you so associate with that Persona the less people are going to trust it people don't want people you know people don't want retailers hoovering up a bunch of data when all they're doing is you know an H gated purchase so all that to say these systems if there is something generalizable among all of them is to make sure that you know and you're using the word reputation feel a bit uneasy about that. Manu Sporny: At that. Manu Sporny: Just some aspect of the individual doesn't creep into collecting more and more data on the individual you have to stay razor sharp focused on a very specific aspect that is that is in just and then just focus the system you know on that aspect going beyond that you know means that you're dangerously wandering into Data broker territory which this system is it's not designed to do it's you know. Manu Sporny: In luck. Manu Sporny: Do you know the legal staff have basically said at every turn if you go that direction you aren't you're going to violate gdpr you're going to violate CCPA you know it's not a not an end goal so sorry that's was long-winded way of saying I would assume the system is generalizable but until we actually apply it in a bunch of other scenarios you know we can't say for sure did that address some of your question Adrian. Adrian Gropper: Yes my my question was specifically about the need for deduplication in the reason I use the term reputation is to focus on civil resistance but let's I hear you and this is not necessarily on topic for today but it seems to me like you've gone part way towards you know something that could work for say voting to take the most controversial possible. Adrian Gropper: Nothing and. Adrian Gropper: That's the sense in which I meant it. Manu Sporny: Okay all right yeah and and again this system cannot work for voting I you know I'm just kind of going to say that it is the big advantage that we have in the convenience retail sector is that there are 4 million retail clerks out there that are out there right now who are in in the real world in person that are capable of checking in ID and they've been trained to do that in a rough you know basis so our civil resistance. Manu Sporny: Protection in the system is only because the. Manu Sporny: Our industry has 4 million people that provide that kind of check in person identity verification for free very few other Industries have you know have that so that's I think what what what creates the Civil resistance here to a degree let me this is just kind of how the app works on the on the left is you know how you on board into the system you download the app which is free you take a snapshot your driver's license. Manu Sporny: Ed and selfie. Manu Sporny: The true age system is designed so it only receives the four pieces of information I mentioned the client you know removes all the other information that's used to create a pseudonymous account that's associated with your driver's license and then your account is created but the tokens that you're given are deactivated until you walk into a store and activate them and you activate them by showing them the qr-code showing them your plastic. Manu Sporny: Vers license and doing the. Manu Sporny: There to do an age-restricted purchase then your tokens are activated you show the clerk the QR code to scan their trained to look at the image and look at you as well to make sure that that matches the system the true age system then takes that pseudonymous Persona and verifies the your age and quantity limits to make sure you're not over any quantities and then they send a token back to the convenience store point of. Manu Sporny: Sale system to put in the. Manu Sporny: Nothing no pii is ever stored in the transaction log and then you pay and you go so it's meant to be a pretty quick process that mirrors you showing your driver's license but is way more privacy protecting and safer for the retailer and the customer Harrison I see you on the queue. Harrison_Tang: Yes what do you mean by activated activated can you go a little bit deeper into that. Manu Sporny: Oh yeah let me see if I let's see well now I guess I didn't didn't put that slide in here deactivated just means like we can't trust people to onboard purely in an online situation and then use those tokens because nobody's actually bound that individual the human being to that that Persona in the system meaning there's no such thing as. Manu Sporny: Is like. Manu Sporny: There's no such thing as a purely online onboarding except for you know we'll talk about the California DMV case here in a bit but we wanted to make sure sorry let me go back Adrian's question was how do you do civil resistance in my answer was we've got four million Clark's that are always there in the United States that can check an ID and do things with a point-of-sale system and so the way that you know we. Manu Sporny: We on board system through the app. Manu Sporny: Onboard people through the app but we don't activate their tokens for the first time until they go into the store and do that physical binding that's how we keep you know people just guessing driver's licenses online or using fake IDs online to activate their account we have to have that individual going to a store use their use their app show their physical ID set that so that there's a mapping there and we need a physical person a clerk there. Manu Sporny: Checking all of those. Manu Sporny: So deactivated is only when you are on board for the first time once you go in the store and scan you know your ID and everything the first time then they're activated and you no longer need your physical driver's license do they answer your question. Harrison_Tang: Oh I see so the impunity is actually not fully online it's only when they first time going to the physical score the store then that completes our onboarding that's why I meant. Manu Sporny: Yes that's correct yep yeah you've got on board into the system and you have to do that with the physical interaction in the in the real world. Harrison_Tang: Don't why you need to do that is because you need that binding between the physical and digital identity. Manu Sporny: Yes you got it exactly exactly all right let's see who's on the I don't know who's David and then Adrian I guess are on the queue. Manu Sporny: Nope not not of the selfie no of the of the driver's license number date of birth expiration date the selfie we never see the selfie we don't want to see the selfie because that's a tracking token that would be uploaded to us. Manu Sporny: No it does oh oh I'm sorry yes you're correct sorry the yeah it receives a hash of the selfie it does not receive the the selfie itself. Manu Sporny: Because they see it on the phone they see the selfie on the phone and there is in the the driver's license the physical driver's license has to tokenize and the true age system did the same token that they're showing on their app so there's a multi document binding between their physical driver's license and the four pieces of information on it the token the single-use token that they're showing the onboard into the system the. Manu Sporny: Sure on their drivers license and the. Manu Sporny: On the app all those things have to map line up we do not check the image data right that's that's what the clerk does they do that in a decentralized distributed way where that information is not uploaded to us. Manu Sporny: Yep that's right yeah and their ways of us getting better than that that's just what we have today because you know people have plastic driver's licenses that we have to deal with. Manu Sporny: Of course Adrian. Adrian Gropper: If in the beginning you said that the fake driver's licenses are readily available so if somebody has a fake if somebody wants to avoid the social limits or the reputation issue they can just get themselves 10 different fake driver's licenses and they're good to go. Manu Sporny: They could today in the future you know this system is it systems not 100% perfect right there's no such thing unless we ratchet up the security so much that it's a pain to use the system and no one uses it so we do expect some some people like that to slip through the cracks but then it's kind of like those people exist today and why would they use the app you know anyway meaning meaning that you know there's. Manu Sporny: No reason to use the extra stuff they would just get. Manu Sporny: Bunch of fake IDs this really comes into play when we're talking about California DMV so California DMV integrated it if if the state start you know going more to digital driver's licenses we can get rid of that you know plastic you know fraud Vector in the system so just you know be clear Adrian that the number of people that are doing that to get around the system are very. Manu Sporny: Compared to the number of college students that have a fake ID that try to use it you know. Adrian Gropper: Oh I II completely understand again the reason I asked the question for clarification is because when we see all of the problems with something like add hard as a way of creating a deduplicated ID and you're obviously avoiding that by not not doing any biometric matching of your hashes or like the world coin approach Etc I was just. Adrian Gropper: Trying to. Adrian Gropper: As to how far this particular scheme which I really like this notarization aspect of what you're doing is would be generalizable but yeah I got it. Manu Sporny: Yeah and you got it those are the reasons we did not do the biometric stuff is we did not want to fall into an adhar like system we didn't want to fall into a world coin like system where you know people were perfectly identifiable you know in the in the system it's just violates all kinds of privacy expectations well when you do that okay just noting the time you know we're almost out. Manu Sporny: Just to go through. Manu Sporny: This before I I this is the this is the age restricted purchase thing so cannabis was one of the things that we had to solve for there are limits like you can only buy you know eight thousand milligrams per day of something like a can of this Vape pod depending on the state that you're in and the regulations and play so the system is built to enable those kinds of systemic limitations and basically you know. Manu Sporny: Because your age. Manu Sporny: Is mapped to kind of a Persona that we don't know any of your you know details unless it subpoenaed we can do a systemic check when you do a purchase and see if you're over your limit or under your limit and that's the only you know checking that we do there as far as technologies that were used this is the list there's a lot of ccg technologies that we use or a lot of Delhi. Manu Sporny: 3C and ITF technologies that we use. Manu Sporny: So now the verifiable credentials data Integrity dids the connections age verification standard defines the standard that the point of sale systems speak in the verifiable credential itself we use oauth2 just for the Retailer's to connect to the system so that we authorized you know which which stores are checking with the system that QR code is a see bore LD. Manu Sporny: Added verifiable credential. Manu Sporny: Binary formats of compressed we use the VC API for issuing verification exchanges we use e TVs so the true age app which is a digital wallet uses an encrypted Data Vault to store these single use tokens we use authorization capabilities HP signatures chappy credential refresh is used to refresh the credential so when you when you get a batch of credentials. Manu Sporny: Them until you run out of those credentials which means that you don't have to you don't phone home for every single you know transaction you can get a bundle of think it's like 10 of them now and then every time you use one they're effectively spent and then when you run out he's credential refresh to go back and get a new batch and then we use did key for the signatures. Manu Sporny: On the. Manu Sporny: And unfortunately we're out of time back over to you Harrison. <harrison_tang> Thanks Manu !! Kimberly Linson: Thanks Manny this was really really fascinating and great in your right I'm bummed that we're out of time because I think that we could discuss this for for a lot longer so we will look for an opportunity to do that thank you everybody this was a really interesting topic it's so exciting to again see this flywheel I think really starting to catch momentum so thanks everybody will see you next next Tuesday. <jeff_o_/_humanos> Thx MAnu!
Received on Thursday, 9 November 2023 07:34:00 UTC