Blockchain for Decentralized Identity — Digital Commerce
The Global Legal Entity Identifier Foundation (GLEIF)1 was formed out of the global financial crisis of 2008. The predicament outlined a need to enable global regulators to identify organizations in international transactions and regulatory reporting. The Financial Stability Board (FSB), on behalf of the governors of the central banks of the G20, decided to create the Legal Entity initiative in 2014.
The mission of the Global Legal Entity Foundation is to provide trusted services and open, reliable data for unique legal entity identification worldwide via a network of partners, the LEI issuing organizations. The LEI enables smarter, cost-effective, and more reliable decisions about responsible business parties.
Its vision for each global business entity is to have one legal entity identifier (LEI), which includes a digital identity. An open standard Global LEI Index stores the LEIs. The Index has a catalytic effect on global commerce operations with information on the participants in the marketplace. It is one of the market makers for Self-sovereign identity (SSI explained in the first blog).
LEI is a unique, globally recognized identifier for doing business. An organization has one exclusive LEI per an ISO standard. These are standard across jurisdictions globally to identify a company. It contains metadata about the organization. While an entity has only one LEI, it can have numerous DIDs (Decentralized Identifiers explained in the third blog), one for each relationship or connection to another entity that is cryptographically verifiable and decentralized.
How does LEI fit within Self-sovereign Identity? LEI is a digital identity using the principles of SSI for global digital commerce. It builds trust among parties doing business transactions. The tenets of SSI (self-sovereign identity) hold suitable for LEIs. First, they are interoperable, cryptographically identifiable digital identities. The legal entity identifier is a verifiable credential (explained in the fifth blog) that trusted and audited issuers issue to organizations for business transactions. Finally, it grants permissions to specific individuals with certain roles to transact.
The Chain of LEI credentials to interact are:
First, the GLIEF issues verifiable credentials to the authorized LEI issuer (this proves that the LEI issuer is accredited and governed to follow the rules by GLEIF). Next, the LEI issuer gives legal entity VCs (verifiable credentials) to organizations (the company requests an LEI from the issuer who grants it as a VC to prove LE identity2). Refer to the fifth blog for the Trust Triangle. Finally, the organization with the LE issues VCs to employees (with specific roles). The employees use the VC to represent the company and transact on its behalf. Collectively this brings organizational identity and human identity together. The VCs are stored in the organization’s wallet (described with digital wallets in the fourth blog) of the legal entity. The GLEIF maintains the list of the roles of VCs, LEI VCs, and issuers verification. At the bottom of the chain is the LEI data user who could be a regulator or an organization looking to verify an LEI, a list of official roles VCs within a LE. No PII (Personally Identifiable Information) is available publically. It is a cascading effort to build a chain of trust. Digital commerce use VCs for different business transactions. At the time of writing, 34 LEI issuers manage 1.6 Million LEIs globally (check the GLEIF website for current numbers). Some LEI issuers issue LEIs in their home countries, while others do it globally for >100 countries. Issuers need to be accredited.
Some jurisdictions mandate LEI for capital markets after the global financial crisis. Regulators wanted to verify it for OTC derivative transactions, and the EU has expanded it. ESMA (European Securities Markets Authority)3 regulates securities financing activities by setting out reporting requirements, data access, collection, verification, aggregation, comparison, and publication of data on securities financing transactions (SFTs) by trade repositories (TRs). The regulation in effect is SFTR (Securities Financing Transactions Regulation).
The organization wallet holds the LEI of the organization, the names of the people authorized to transact on their behalf, and the roles they undertake with specific permissions.
Below are some use cases where LEI can drive the adoption of digital commerce:
1. Regulators use LEIs — At the time when a business entity is registered and licenses to conduct operations are issued. The Regulatory Oversight Committee (ROC) provides governance over the process.
2. LEIs support those participating in business transactions by helping secure contracts between entities — customers, suppliers, providers. It is a cost-effective, frictionless way to prove and identify the entity.
3. The global index is a registry of financial service providers — for example, Payments systems.
4. LEIs make regulatory filing and reporting more efficient. For example, a third-party service provider could be an auditor for a regulator.
5. GDPR (General Data Protection Regulation) — the LEI design supports GDPR, the right to be forgotten.
6. For Financial Inclusion — Small and Medium Enterprises (SME) Sized Businesses struggle to participate in trade finance. The international flagship project helped expand financial services for the SME sector in Africa. The first initiative is in partnership with NMB Bank Ltd, LSEG (London Stock Exchange Group), Cenfri Cornerstone Advisory Plus, and GLEIF in Zimbabwe to promote the financial health of SMEs5.
7. For Supply Chain — LEIs help with paperwork and processes about import-export, border control, and payment for goods B2B. Consumers can check on the existence of LEI for goods purchased through the supply chain process. In addition, it builds trust in the global supply chain with vendors in different countries.
8. According to GLEIF and Loudhouse, it takes about six weeks to onboard banking clients; 50% of financial organizations use about four identifiers to identify client organizations1. The onboarding process for new business relationships is costly and time-consuming. Keeping the data current in global jurisdictions presents other challenges. KYC (Know Your Customer) processes during client onboarding in B2B scenarios; for example, prove the identity of officers of LE entitled to apply to a bank for business needs. They represent the LE and are authorized to do so.
LEI builds and establishes trust between organizations. Trust is at the foundation — to know your business partners. LEI is an attribute in a credential that you exchange. LEI is at layers 3, and 4 of the Conceptual Architecture (explained in the second blog post). Layers 1 and 2 are cryptographically auditable. The LEI has a crucial role in providing organizations with a unique immutable identification globally using VCs. The Trust over IP foundation7 and GLEIF together help regulators.
According to Victoria Cleland of the Bank of England6, the bank is taking steps to support the payments industry to innovate and offer better services to its customers. For example, the LEI can reduce the need for manual intervention, help detect fraud and pave the way for enhanced data in payment messages.
Regulators want it to provide oversight to the foundation to maintain the LEI reference database. LEI issuers have a federated system of over 30 organizations globally accredited by GLEIF to issue and keep LEI data. In addition, business registries and commercial firms have been certified by GLEIF. In partnership with the GLEIF, McKinsey has estimated that global adoption of LEIs could save the investment banking industry $150 million annually and up to $500 million annually for banks in issuing letters of credit4. In addition, the GLEIF and US-based Data Foundation have partnered to explore the use of LEIs for US federal agencies’ needs for entity identification. Today the US government uses fifty different entity identification systems. Migration to a consistent global system will drive efficiencies, save costs and remove friction in commercial business processes.
In the next post, I will cover NFTs.
Glossary
DID (Decentralized Identifier)
Like a Uniform Resource Name, a globally unique identifier that somebody can universally discover a DID on a blockchain using a method. A DID is an interoperable, open-sourced web standard delivered by the W3C2. Each DID is associated with only one DID document.
Digital Wallet
A digital wallet is software used to digitally store (usually in a smartphone) the contents of a wallet, like IDs, loyalty cards, and financial instruments used for payments. In essence, it is a digital version of a physical wallet.
Entity
A person, organization, or thing.
Global Legal Entity Identifier Foundation
Enables smarter, less costly, and more reliable decisions about trusted business parties.
Global LEI Index
The Global LEI Index is a global database of an online, open, standardized source of high-quality legal entity reference data.
Holder
An identity owner and user of a Digital Wallet where their credentials are accepted, stored and controlled using verifiable credentials. The holder approves attestation requests from verifiers and delivers the same.
Issuer
An issuer is a credible provider of identification documents; their signature (key) attests to the credentials’ validity. Governed by Governing Bodies or Trusted Anchors, issuers can belong to an ecosystem of trusted entities that issue documents/credentials with claims data. Issuers have the infrastructure to access a public blockchain to issue and revoke credentials. The schema and their definition of credentials are on the blockchain.
Legal Entity Identifier
LEI is a 20-digit alphanumeric code based on ISO 17442 standard developed by the International Organization for Standardization (ISO). Its purpose is to identify unique, permanent legal entities involved in global financial transactions and their relationships. It is also helpful to determine ownership. An effort is underway to make the organization’s roles official ISO standards.
Private Key
A private key is stored cryptographically in the digital wallet of the entity (holder) in the decentralized identity ecosystem. As the name implies, it is personal for the identity owner.
Presentation or Proof
The proof attests a claim or compound claims from the holder to the verifier to prove some form of identification to complete a transaction. All are achieved without making contact with the issuer.
Public Key
A public key is a cryptographic key stored on the blockchain visible to others. It identifies the identity of an entity. Along with the private key, the public key can read encrypted messages for the entity.
Verifier
A verifier is an entity that wants to verify claims from a holder to complete a transaction or event. The transaction uses a QR code at the endpoints.
Verifiable Credential
A credential is an attestation of authority, competence, or qualification given by an authorized party (issuer) to an entity (holder). It consists of metadata, claims, and proofs and has one or many claims related to an entity’s identity. It is to respond to attestations for proof of a claim. Claims from multiple verifiable credentials consolidated to respond to a request for proof, is called a compound verifiable credential.
References
1. https://www.gleif.org/en
2. Digital Identity for Commerce — An exploration of verifiable credentials and LEIs with GLEIF; Evernym webinar
3. https://www.esma.europa.eu/policy-activities/post-trading/sftr-reporting
4. McKinsey & Company and GLEIF White Paper: Creating Business Value with the LEI
5. GLEIF eBook: The LEI: The Key to Unlocking Financial Inclusion in Developing Economies
6. The road to enhanced payments — speech by Victoria Cleland at the Central Bank Spring Meeting
7. https://www.trustoverip.org/
Contact
Linkedin https://www.linkedin.com/in/anitarao/,
Twitter @anitaprao,