2019 Mission Billion Challenge
Solid: Decentralized, Inclusive and User-Centric Digital ID
Tagline:
Private and interoperable way to establish and extend your identity over time while remaining in control of your own data
Pitch:
Solid uses existing WWW technology and standards to create an inclusive, user-centric digital identity and data storage platform for universal deployment (much like the original Web), and therefore ideal for governments, NGOs, and individuals.
Funded initially with a $1M donation from Mastercard, Solid was created by WWW inventor Sir Tim Berners-Lee as an open-source project using globally interoperable standards to put individuals in full control of their own Personal Online Datastores (PODs), that can be securely accessed via any Web-connected device or browser.
PODs allow you play an active, meaningful and dignified role in the management of your own identity data. PODs are designed using Linked Data, a method of publishing structured data so that it can be interlinked (connected) and become more useful to read, share, and understand.
User-Centric Ecosystem
- Within the Solid ecosystem, you decide where you store your data. PODs can be in your house or workplace, or with an online Solid POD provider of your choice (data custodian). Since you own your data, you’re free to move it at any time, without interruption of service
- You give people and apps permission to read or write parts of your Solid POD. You never have to sync, because your data stays with you
- Store anything you want in your own Solid POD. PODs are like secure USB sticks for the Web that you can access from anywhere. You decide which things people and apps can see
- Think of your Solid POD as your own private website, except that your data interoperates across all your apps, which means you have your own personal API to go along with it
Humanitarian & Development
- Portable Solid PODs enable the creation of a functional identity that “lives” beyond the life of a single program, organization, vendor, or service provider (online and offline)
- Agencies, NGOs and service providers can transfer the data they've collected to that beneficiary’s POD, wherever it lives (with his/her consent)
- Individuals can then, if they choose, share specific pieces of that data with other service providers in order to validate their identity (i.e. application for credit with a microfinance institution)
Empowerment / Building an Identity
- Empower individuals to establish and manage their own identity profiles
- Implement informed consent management, including the ability to track what happens with one’s identity data
- Provide individuals with an identity that connects verified engagements and transactions over time to enable dignity in identity, long-term financial inclusion, and access to digital payments
Implementation
- Inrupt is spearheading the global commercialization of Solid and is already working with public and private sector partners in developing nations
- The combination of Inrupt, Solid’s open source community and institutional partners like Mastercard gives Solid the support to become one of the global standards for data interoperability and identity
Elevator pitch:
Solution location:
Boston, MA, USAN/A
Solution's stage of development:
PrototypeWhat makes the solution innovative:
- The core innovation of Solid is that it builds on the proven success of the Web by extending it with new open standards that collectively support truly innovative personal data management by individuals themselves
- Neither hype-distracting blockchain nor invasive biometrics are required
- Instead, our generic and independent extensions to the Web include writing to the Web (LDP), notifications of changes to data (LDN), and full access control for data (WebACL)
- A core practical innovation of Solid is using "Linked Data" everywhere to provide the critical requirements of interoperability (via shared vocabularies) and extensibility (via the graph data model)
How the solution demonstrates 'privacy by design':
- Fundamentally, Solid protects individuals’ privacy through service providers building applications and services that do not harvest personal data in the first place. Anyone can create apps leveraging data already held in a beneficiary’s POD, but only with that individual’s explicit and informed consent
- Likewise, apps can only write data to an individual's POD with that individual's explicit and informed consent
- Once data is in a POD, the open WebACL standard implemented by Solid provides a highly granular degree of access control to every piece of data in an individual's POD
- Solid enables practical and simple oversight of use, retention, and disclosure of personal data limited to relevant purposes. Individuals can use their POD to communicate their data intentions
- Our offline-first design philosophy in conjunction with Mastercard's secure smartcard data storage addresses extremely difficult deployment scenarios (low/no connectivity)
- In partnership with Mastercard we can leverage global tokenization services to offer complete anonymization of any interaction with an individual's data
- Ultimately, we provide a clear roadmap to individuals hosting their own data (i.e. physically under their direct control), and for early adopters this is even possible today (e.g. by using a Mac mini or Raspberry Pi running Solid connected to the Web via a home router)
How the solution can be incorporated into digital identification systems:
- Solid can form the foundation for national, functional and informal identification systems
- It puts individuals’ PODs at the center of the system, allowing any app (with the user's consent) to interact with the data in those PODs via a common, standardized interface
- Government agencies and NGOs do not need to build custom APIs or waste resources recollecting the same data
- Each organization can transfer the identification data it has collected on an individual to that individual’s POD, making it available for the individual to share it — if they choose — with any other organization seeking to confirm their identity
- Over time, individuals interacting with a variety of organizations can build a robust, multi-faceted picture of their identity, including biographic, social, medical, financial, and educational data
- The information remains in the user’s control, but specific data points can be shared with new digital identification systems as necessary
- In terms of national ID systems, a “National ID POD” can represent a Government’s view of an individual, and can become a single point of integration between the different Ministries, agencies, etc. while providing access and some level of control to the individual
How the solution is 'user-friendly':
- Users can access their Solid PODs via any Web browser on any connected device
- Solid does not mandate any specific type of user interface for PODs
- Designers can pull from the wide range of established accessibility design standards for the Web
- Solid is an open ecosystem for application developers so users will eventually be able to choose from a variety of apps to use with their PODs
- All third-party systems will request access to user data via PODs, so the user only has to interact with the Solid POD apps that they are comfortable with, rather than navigating third party systems
How the solution ensures interoperability:
- Interoperability is a core concept of Solid (along with extensibility)
- Built with ubiquitous, existing Web protocols and standardized formats (i.e. Linked Data)
- Solid uses shared vocabularies (e.g. schema.org, as used by millions of websites worldwide), which we believe is essential for interoperability
- Vendor lock-in is impossible because data generated when interacting with Solid applications is stored in the user’s POD
- Solid relies exclusively on open APIs and data formats, i.e. WebID, OpenID Connect, OAuth 2.0, JSON-LD, LDP, LDN, WebACL, and RDF
- Partnerships with global companies like Mastercard provide opportunities to leverage PODs for global scalability and adoption
How the solution accounts for low connectivity environments and for users with low literacy and numeracy levels:
- Built using “offline first” principles
- Although PODs live online, core identity elements can be securely written onto smartcards to allow (limited) continued use of identity in any offline environment
- Use of Linked Data makes it easy to sync new offline data added to the smartcard back into the user's POD. Inrupt’s partnership with Mastercard enables such an offline extension of PODs
- Because PODs are accessed via Web browsers, many users will be familiar with the navigation interface (i.e. Web browsing), which already includes a wide range of established Web accessibility standards
Vision over the next three to five years to implement or grow the solution to affect the lives of more people:
- Solid PODs are built to scale globally, with the same technology and standards as the existing WWW
- The system is designed to be deployed anywhere the Web exists today and does not rely on the adoption of new digital infrastructure like blockchain
- Solid’s success does not depend solely on Inrupt. Since PODs are inherently interoperable across institutional providers, the barriers to adoption are low
- As a company, Inrupt plans to drive global adoption by implementing the Solid platform with governments, nonprofits, healthcare providers, financial companies and other large institutions
- Decentralized PODs under the control of individuals become a cornerstone of interoperability.
Promotional video of solution:
How the solution team is organized:
Hybrid of For Profit and NonprofitSolution lead:
Other (Please explain below)Solution leadership:
N/A
How many people work on the solution:
20+Solution age:
3-4 yearsThe organizations applicants are currently working with:
- Inrupt is exploring partnership opportunities with private/public sector partners for commercial and non-commercial POD deployment in developed & developing countries. We hope to formally announce such partnerships in late 2019
- In humanitarian & development, Inrupt is already working closely with Mastercard to explore use cases for design and development of an open, inclusive and user-centric digital ID system based on interoperable and user-controlled PODs deployed by NGOs and aid agencies as the primary data custodians
- Developers from South America, Asia, and Europe have contributed to the open source project as part of a global Solid community.
Applicant skills that can attract the different resources needed to succeed and make an impact:
- Inrupt is co-founded by the inventor of the Web and creator of Solid, Sir Tim Berners-Lee, giving us the unique stature to attract developers and users
- We are backed by a global community of developers who are already contributing to Solid’s open source code base and building businesses that incorporate Solid technology
- Inrupt’s team includes executives and developers with decades of experience building enterprise-grade data architecture and integrating Linked Data into existing systems
- Giving power back to individuals attracts talent to Solid and Inrupt
Revenue model:
- Widespread adoption of Solid will shift the balance of power on the Web away from existing data monopolies, allowing new businesses all over the world the chance to grow based on the value they provide to users
- While Inrupt’s business model is still taking shape, our team’s deep experience in Linked Data, Web standards and enterprise data architecture makes us uniquely qualified to help large organizations adapt to a Solid-based Web
- While there will be many competing providers of Solid-based services and multiple POD deployments in the long run, we believe that Inrupt will become to Solid what Red Hat Inc. is currently to Linux (a trusted and reliable provider of secure deployments of this open source operating system)
- Since Solid PODs are open source, we expect various organizations to develop both free and paid applications (microservices) that can be deployed on top of Solid architecture to provide valuable digital identity services to individuals and organizations. It’s like having a globally open App Store where anyone can develop apps working on top of an open source digital ID platform like Solid. Just like anyone can build a website or develop applications for the Web today.
Reason for applying to the Mission Billion Challenge:
- Promoting the vision of a decentralized Web and user-centric digital identity
- Raising awareness of the alternatives to centralized, or proprietary identity systems
- Solid PODs as a credible foundation for digital identity
- While we have received tremendous interest from the private sector, academia, and governments, we actively plan on supporting efforts that enable deployment and testing of Solid's user-centric, inclusive and open digital ID platform with NGOs and international development organizations
- World Bank’s expertise and commitment to open competition, interoperability, privacy and user-centricity provides a perfect forum for discussion.
Key barriers to the solution:
- Changing organizational mindsets that data collected about individuals is “their data”
- Lack of awareness and capacity among governments, NGOs/agencies to evaluate user-centric identity systems
- Better understanding of the risks of breaking data out of silos
- Hype related to blockchain as an unnecessary distraction
- Education and awareness for individuals to responsibly manage their own data (via PODs)
- Institutional resistance from the IT community regarding Linked Data (graphs) as compared to traditional relational databases (which we address with new developer-friendly libraries like LDFlex)
Solution Team
- JB
- PM
- KO
-
Przemek Praszczalek Director, Humanitarian & Development (Mastercard)
to Top
Solution Name
Solid: Decentralized, Inclusive and User-Centric Digital ID