Distributed Ledger User Verification
Glossary
Term DefinitionsAML (Anti-Money Laundering) A set of laws, regulations, and procedures designed to prevent the hiding or laundering of illicit funds through the financial system.API (Application Programming Interface) A set of definitions and specifications that define routines, protocols, and tools that allow applications to access and use other software or services.BigchainDB A scalable blockchain database for storing and querying large data sets.Biometric DataIndicators related to human characteristics used to identify and verify identities.Blockchain A distributed ledger in which transaction records are grouped in chronological order and linked together cryptographically.Closed Loop Trust ToolsA private, centralized, or permissioned system in which participants and permissions are limited.Cross-VerificationThe secure exchange of information between two or more entities to verify data.Decentralized refers to the fact that control and operations are distributed across nodes in a network, rather than being centralized in one entity.Distributed Ledger A database that is shared, replicated, and synchronized among multiple participants.Digital Unique Identifier (DUID)A unique identifier assigned to a user in a system.EthereumA decentralized, open-source blockchain platform that supports smart contracts and decentralized applications.GeolocationInformation about an individual's current location or past activities. Hashing The process of converting data of arbitrary length into a fixed-length string using an algorithm. Hyperledger Fabric An open-source blockchain framework hosted by the Linux Foundation. Immutability refers to the property that data cannot be changed after it is stored. IPFS (InterPlanetary File System) A distributed file system for storing and accessing data. KML (Key Markup Language) An XML-based language for displaying geographic data on a map. KYB (Know Your Business) Refers to the due diligence process of verifying the identity and legitimacy of a business's customers. KYC (Know Your Customer) Refers to the due diligence process of verifying the identity and legitimacy of an individual customer. Private key A key used to decrypt data and create digital signatures. Public key is paired with a private key and used to encrypt data and verify digital signatures. R3 Corda A blockchain platform for enterprises that focuses on financial applications. Smart Contract A self-executing contract that is stored on a blockchain and executed automatically. Trust Tool A secure, reliable, and transparent system or mechanism agreed upon by participants. Verification Address A specific location on a distributed ledger that stores user identity information and verification documents. Verified Document A document that has been verified for authenticity and validity.
Short Answer Question
What does cross-validation mean in the context of user authentication? Cross-verification refers to the secure exchange of information between two or more entities to verify the data of a verified document associated with a user's identity. For example, Company A can cross-verify a user's information with Company B to confirm their identity.
Describe two key differences between distributed ledgers and traditional databases. First, the read and write permission control of distributed ledgers is truly decentralized, rather than logically centralized like other distributed databases. Second, distributed ledgers are able to secure transactions in a competitive environment without a trusted third party.
List three types of biometric data and explain how they are used for user authentication. Fingerprint, iris, and facial recognition are three types of biometric data that can be used for authentication. For example, a user can verify their identity by scanning their fingerprint, iris, or face and access their digital identity or verified documents.
What is a smart contract and what role does it play in a user authentication system? A smart contract is a self-executing agreement that is stored on a blockchain and automatically executed. In a user authentication system, smart contracts can be used to automatically grant or deny access to a user's verified documents, depending on predefined conditions, such as the user's approval.
Explain the concept of "immutability" and how it is related to distributed ledgers. Immutability refers to the property that data cannot be altered after it is stored. This is relevant to distributed ledgers because distributed ledgers are designed to create an immutable record of transactions, which improves security, transparency, and accountability.
In the context of user authentication, what does "verified document" mean? Give three examples. A verified document is a document that has been verified for authenticity and validity. For example, a verified document could be a passport, a driver's license, or a bank statement that has passed an AML/KYC check.
Describe how geolocation data can enhance user authentication systems. Geolocation data can provide additional information about a user's location, which can enhance authentication systems. For example, if a user's physical location matches the address in their digital identity, authentication can be strengthened.
What are private and public keys, and how are they used in a blockchain-based user authentication system? In a blockchain-based user authentication system, private keys are used to digitally sign transactions and prove a user's ownership of their digital identity. Public keys are used to verify a user's signature and ensure the integrity of the data.
Explain the difference between a closed-loop trust instrument and a decentralized trust instrument. A closed-loop trust instrument is a private, centralized, or permissioned system where participants and permissions are limited, such as a bank's private blockchain. In contrast, decentralized trust tools, such as public blockchains, are open, open to anyone, and not controlled by any single entity.
Describe the concept of Person-to-Person Registration Verification (P2PRV) and give an example of its application in a user identity verification system. P2PRV describes a system where a person with a verified identity can verify another person's identity and documents. For example, Mr. A, who has been verified by a bank, can verify Mr. B's driver's license, thereby simplifying the process of Mr. B opening an account with that bank.