Part 2 of 2. Read part 1 here.
In Part 1, we described how cheqd and verifiable credential service providers fit into the traditional identity market, offering a new dynamic in the market for reusable data. The advent of this new component will help lower the cost of customer verification checks, reduce manual processing times and minimise the surface area and capacity for fraudulent interactions.
In this blog, we will focus more narrowly on how cheqd differentiates itself in the decentralised identity space, looking at problems cheqd helps solve with credential payments and real-time status checks. We will also explore cheqd’s unique focus on interoperability, usability and its partnership network. Through this blog, we hope readers can have both a holistic and nuanced understanding of what sets cheqd apart from its competitors and predecessors.
1. Commercial models for credentials
Creating sustainable business models around digital credentials has been a serially overlooked challenge. To date, digital credentials have been praised largely for their philosophical benefits, such as empowering user privacy and data protection; or, solving compliance challenges. And while these benefits are noteworthy, on their own, they do not lead to widespread enterprise adoption.
There is, however, a reason that commercial models are often avoided or put aside in conversations around identity:
In federated identity schemes, the participants generally commit to sharing and consuming data within a closed ecosystem of companies, to avoid each company carrying out their own customer checks.
- Problem 1 – transactional payments: The difficulty here is that in a consortium of 10 banks (for example), adding transactional costs for data sharing would be more prohibitive than profitable, because each company is both sharing and consuming data via the consortium. As such, this mutual benefit means federated identity schemes are more beneficial in regards to lowering costs, rather than making revenue.
- Problem 2 – closed loop: In a closed loop consortium, each company agrees to a set of rules and governance framework. This means that the level of assurance in each data sharing transaction remains consistent. Therefore, there is no cost associated with trust, as trust is established by the governance framework. Therefore, there is nothing really to pay for, unless the scheme agrees to a flat fee for data exchange.
In an SSI paradigm the general idea is that cryptographically verifiable data is sent from companies to individuals directly, who then share that data with third party companies. This allows companies to trust each other without a direct relationship or consortium, broadening the utility of that customers’ data. However, while this sounds beneficial in principle, there have been challenges in practice:
- Problem 1 – Lowering mutualised costs is not a strong enough incentive on its own: While credentials shared by the individual do reduce the cost of verification for the relying party – this same cost reduction can already be achieved through federated models. Therefore, there is not a clear enough commercial incentive for companies participating in federated identity schemes to make a switch to SSI.
- Problem 2 – Payments for SSI credentials poses privacy risks: Introducing payments for digital credentials has a far greater applicability in a decentralised market, rather than a federated market, because the relying party may not know who the issuer is. As such, a payment to “trust” the credential data and also the issuer is something companies would be willing to pay. However, since the data is shared by the individual, it is very difficult to create a payment flow for verifying shared data, without creating a privacy leakage risk for when that individual shares their data.
We have positioned cheqd to solve these industry problems, and late last year we released our “Credential Payments” product which provides “issuers” of Credentials, such as KYC providers, credit bureaus, DAOs, etc., an incentive to issue credentials, whilst preserving the privacy of individual data “holders”.
Importantly, Credential Payments was built with three core pillars in mind:
- It is privacy preserving: Through payment-gating through credential status lists, the user’s privacy is strongly protected via “herd privacy”. Specifically, an individual credential is tied to a binary digit “bit” (either a 1 or 0) within a list of, at a minimum, 16,000 bits, where each “bit” refers to whether a credential is revoked/suspended or not.
In this case, if a verifier pays to check this status list, neither the issuer (nor an oracle running on the network) will be able to “personally identify” the individual based on this data. Issuers may also periodically re-issue certain credentials that “rotate” the status list and respective entry, if the individual requests so – and importantly, the issuer can destroy their source data to “anonymise” the status list if necessary.
- It is decentralised: Ensuring that no single party controls the payment gateway was another core decision in designing credential payments. This is because having a single organisation manage the interaction between payments and status list decryption could enable that entity to potentially monitor transactions, or would be a risk for experiencing downtime.
Through using the cheqd network and asymmetric key sharding techniques, we have been able to decentralise decryption keys and use smart contracts for access control on the network. Thus, only the verifier is able to access a particular credential status after making a payment.
- It creates a systematic market for data sharing: Through focussing on both privacy and decentralisation, we have been able to create the architecture to build systematic markets for data sharing, leveraging digital credentials. This allows individuals or organisations to “Pay to Trust” each other, creating a sustainable commercial model for digital credentials, providing a concrete incentive to build trust.
This model can apply to any industry vertical exploring the issuance of digital credentials, which will become increasingly prevalent alongside emerging regulations such as eIDAS 2.0 (discussed later).
Regulated Payment Schemes
Recently, we have been exploring payment flows for regulated industries, where the $CHEQ token is used for customisable commercial models alongside a stable currency, e-money token, CBDC or fiat currency. We have centred this work around the creation of “Regulated Payment Schemes” for large financial services, existing consortia or existing ecosystems exploring Verifiable Credentials.
Using cheqd Payment Schemes, we can bring the benefits of credential payments to consortia or “federated” payment schemes, bringing them up to date with the latest technologies – and providing them a clear commercial model. We will be writing a separate blog around this topic over the coming months.
2. Dynamic Credentials
One of the challenges with digital credentials is that once they are issued, the contents within the credential are generally “static”. For example, if I get issued a credential with the attributes: name, DoB, nationality – and then I change my legal name, that credential is no longer reflective of my identity.
In scenarios like this, credential issuers traditionally have used “revocation” or “suspension” lists to invalidate an issued credential. The challenge with this model is that verifiers need to make a “phone home” to the issuer in order to query whether the credential has been revoked/suspended, which can be time-consuming and also may compromise the privacy of the holder.
On cheqd, we support on-ledger status lists, which makes querying a credential status highly available and near-instantaneous. Moreover, given how status lists on cheqd are structured, there is no way for an issuer or other party to correlate who’s credential is being queried, better protecting holder privacy.
Through this model, we have discovered that credentials issued on cheqd can be far more “dynamic” than other credentials. This is because an issuer can create an ecosystem where multiple different data points or feeds could trigger a suspension or revocation of a credential. For example, a KYC provider, running ongoing due diligence on their customers, will internally run:
- Criminal record checks
- AML screenings
- Background checks
- Regular checks that issued KYC data has not changed
If any of these ongoing feeds result in a red-flag or inconsistency, the issuer is able to automatically update the revocation or suspension list on-chain, in line with their internal AML/CTF policies and due diligence practices.
Therefore, a verifier, when “verifying” a credential, can also check the on-chain status list to gain a higher level of assurance that none of the credential information has changed since it was issued, and that the compliance status remains correct within a certain tolerance.
This gives the verifier a level of verifiable “static” data within the credential, as well as verifiable “dynamic” data on the validity of that credential, without compromising the privacy of the holder. This approach to achieve a high level of trust and assurance is unique in the market and cannot be achieved with generic credential status list approaches, differentiating cheqd from other DID methods and credential networks.
3. Simple REST APIs for integration
A central part of our work to this point at cheqd has been making it easy for developers to use our identity tooling. Rather than having to integrate a complex SDK, we now provide a suite of enterprise-ready APIs for developers to create end-to-end credential ecosystems with full support for credential payments.
This simplifies the integration, making it possible for a junior developer to hook our APIs into any existing product backend for issuing and monetising data in a reusable way.
For example, our partners FinClusive have recently integrated our APIs to issue KYC and KYB Credentials for a suite of customers in North America. The simplicity and flexibility of these APIs allows cheqd’s credentials and payments to be used for a myriad of use cases, to solve problems within industries where trust is costly, including:
- Reducing high costs for KYC and KYB data for customer onboarding
- Streamlining long manual processes for customer assurance in conveyancing, hotel check-in, mortgages, lending, etc.
- Lowering the surface area for fraud in digital communities, platforms and social media.
- Monetising stale/unused customer data via issuing it as verifiable credentials.
4. Future proofed for new eIDAS 2.0 regulation
The eIDAS 2.0 final text has been formally published, which is a landmark moment for the entire decentralised identity and self-sovereign identity community. Crucially, the new regulation includes:
- Technology Toolbox: ”The Toolbox should include a comprehensive technical architecture and reference framework, a set of common standards and technical references and a set of guidelines and descriptions of best practices covering at least all aspects of the functionalities and interoperability of the European Digital Identity Wallets including eSignatures and of the qualified trust service for attestation of attributes as laid out in this regulation”
- Requirements for qualified electronic ledgers: Qualified electronic ledgers shall meet the following requirements:
- they are created by one or more qualified trust service provider or providers;
- they ensure the uniqueness, authenticity and correct sequencing of data entries recorded in the ledger;
- they ensure the correct sequential chronological ordering of data in the ledger and the accuracy of the date and time of the data entry;
- they record data in such a way that any subsequent change to the data is immediately detectable.
Through aligning with both the technology toolbox and positioning cheqd to be a qualified electronic ledger, we can ensure that customers building on cheqd have a set of future proofed standards, protocols and infrastructure to become:
- Fully compliant with the eIDAS 2.0 technology requirements for digital credentials
- First movers in adopting digital credentials, prior to the legal deadline
Given our focus on this alignment with European initiatives and consortia, we are differentiated from many other blockchain networks that are looking for quick-wins, rather than long-term success, sustainability and compliance.
5. Market-leading interoperability for widespread commercial adoption
From inception, cheqd has focussed on becoming the most interoperable and feature complete identity network. To achieve this, it has built out tooling to support every major digital credential type, including JSON, JSON-LD, AnonCreds and SD-JWT.
The hypothesis here has always been: through supporting as wide a range of credential standards as possible, and providing a commercial model for these credentials, companies offering digital identity services will integrate with cheqd to improve their existing offerings to clients.
Since our launch in 2021, we have established a diverse and wide partnership network, and we are positioning ourselves to open new data markets across an array of verticals and industries. Recently, we are beginning to see this hypothesis be validated as partners such as Monokee, Animo Solutions, Walt.id, Verida, FinClusive, Soverio, IDCrypt and Anonyome have all integrated/have started integrating cheqd’s SDK or Credential Service APIs into their existing client offerings.
Going forward in 2024, we will be continuing to work with our friends at Animo Solutions, Sphereon and Walt.id, each leaders in cutting edge SDKs and identity standards, to make sure cheqd is fully supported with the latest industry protocols and standards for credential exchange or credential types.
cheqd stands out as a beacon of innovation and differentiation in a rapidly evolving decentralised identity landscape. With the Credential Payments model at its core, it is able to solve existing pain points across data markets, incentivising real-time and dynamic customer verification checks at lower costs.
Moreover, cheqd’s commitment to interoperability and strategic alignment with the eIDAS 2.0 regulation positions it as a leader, offering both flexibility and regulatory certainty to users across a diverse set of industries. As we transition towards the next phase of the journey into production environments, it becomes evident that cheqd’s differentiation lies not just in theoretical advancements but in the tangible application of cutting-edge solutions. The unique blend of visionary features, operational readiness, and a compelling commercial model sets the foundation for an infrastructure that can be harnessed at scale, ushering in a future where digital identity solutions are a commercial advantage.