News Technology

IBM, R3, Mastercard join open source digital identity consortium


Today the Linux Foundation announced the launch of the Trust over IP (ToIP) Foundation with the aim of creating digital standards to enable parties to share data with trust. It’s about ensuring interoperability between different solutions for trusted data and digital identity.

The 17 founding steering committee members include Accenture, Evernym, IBM and Mastercard with contributing members such as DIDx and R3.

Motivations for forming the initiative were cited as the business challenge of managing digital assets and data as well as low consumer confidence with personal data. The combination, the group believes, is hampering the adoption of digital identity.

“The ToIP Foundation has the promise to provide the digital trust layer that was missing in the original design of the Internet and to trigger a new era of human possibility,” said Jim Zemlin, executive director at the Linux Foundation. “The combination of open standards and protocols, pan-industry collaboration and our neutral governance structure will support this new category of digital identity and verifiable data exchange.”

“In today’s digital economy, businesses and consumers need a way to be certain that data being exchanged has been sent by the rightful owner and that it will be accepted as truth by the intended recipient,” said Dan Gisolfi, CTO, Decentralized Identity, IBM Security. “Many privacy focused innovations are now being developed to solve this challenge, but there is no ‘recipe book’ for the exchange of trusted data across multiple vendor solutions.”

The ToIP Foundation says it plans to use models that leverage interoperable digital wallets and credentials that use the W3C Verifiable Credentials standard.

Hyperledger and the Linux Foundation

There’s quite a big overlap between the membership of this group and Hyperledger, which is part of the Linux Foundation. For example, its Hyperledger Indy project, which underpins the Sovrin identity network was contributed by Evernym. Drummond Reed Evernym’s Chief Trust Officer commented: “We are thrilled to help stand up the ToIP Foundation at the Linux Foundation and hope that it attracts every company and contributor who wants to build a strong and lasting trust layer for the Internet.”

The rationale for ToIP being separate to Hyperledger is two-fold.

Firstly, Hyperledger is primarily about business blockchain, whereas digital identity and privacy protocols is a broad topic and can be decentralized without using blockchain, although blockchain is often used for public key infrastructure.

And secondly, in a previous discussion with Hyperledger Director Brian Behlendorf in a different context he explained that “it’s really, really good to have a standards body in a domain separate from the leading open source project in a domain or from the open source projects in a domain.”

Hyperledger is not a standards body, it’s about open source projects.

However, in today’s announcement, ToIP appears to intend to be both a standards setter and home to open source projects. It has two standards working groups, the Technical Stack Working Group and the Governance Stack Working Group. And also two development groups, the Utility Foundry Working Group and the Ecosystem Foundry Working Group for “projects that wish to collaborate on the development of ToIP utility networks or entire ToIP digital trust ecosystems.”

“The Trust over IP (ToIP) Foundation is bringing together a powerful mix of experts and doing it at the exact right time given the urgent need to encourage greater adoption and increase trust in data privacy and ownership,” said Christine Leong, managing director, global lead for Decentralized Identity & Biometrics at Accenture.