Please describe your proposed solution
How do you perceive the problem you are solving?
Access relies on traditional keys, access cards, NFC Token or digital keys which can be lost, transferred, stolen, or duplicated and that are replaced at a certain time. The access management relies on a high number of keys to determine in which areas an individual can access or not based on predefined permissions. Various access systems with different legal entities cannot handle the same key. Therefore, we create a secure unlosable untransferable key based on biometrics, applying the principles of self-sovereign identity and using zero-knowledge-proof with the following settings and advantages:
- between users, which prevents unauthorized access sharing and enhances security protocol
- Convenience: Users do not need to remember passwords or carry keys or card
- Reduced Costs: By eliminating the need for physical security devices (like keys or access cards), and the replacement, organizations can reduce overhead cost
- Security and Privacy: Self-sovereign identity allows individuals to own and control their digital identities without relying on a central authority
- Consent-Based Data Sharing: SSI enables users to control who can access their identity data and under what circumstance.
- Interoperability Across Different Systems: SSI provides a standardized way of identity verification that can work across different platforms and system
- Reduction of Fraud: Biometrics linked to a self-sovereign identity make it much harder for fraudulent access since the identity is directly tied to immutable physiological or behavioral characteristics that are difficult to forge or steal.
- Non-Repudiation: Incorporating biometrics ensures that actions taken on digital platforms can be irrefutably linked to an individual, which is crucial for legal and security reason.
- Greater User Trust and Adoption: By empowering users to manage their own identities and using biometrics for verification, systems based on SSI principles can increase trust among user.
- Privacy and Data Protection: Biometrics are user-owned, user-centric, user-stored, hashed and encrypted to comply with general data protection.
What are your reasons for approaching it in the way that you have?
We create a user-owned key, that cannot be lost, transferred, stolen, duplicated and that can be used across all systems for identity and access management.
Furthermore, this key meets the highest demands in data protection, uses zero knowledge proofs allowing the verification of data without exposing the actual information, and minimizing the amount of personal data processed and stored. The key works in critical infrastructure: KRITIS-DachG: The KRITIS-DachG mandates stringent security protocols for critical infrastructure, emphasizing the need for robust smart access systems. These systems must ensure secure, efficient, and controlled access to sensitive areas, mitigating risks and safeguarding against unauthorized intrusions. NIS2UmsuCG: NIS2UmsuCG emphasizes the importance of cybersecurity across essential services. In high-security environments, smart access solutions are critical to implementing these standards, providing secure authentication and monitoring to prevent breaches, ensure compliance, and enhance overall system resilience.
Who will your project engage?
Our product can be used by all existing 40,000 B2B-customers of Salto on 1.8 million smart locks.
How will you demonstrate or prove your impact?
We will integrate the secure unlosable untransferable key within the hardware and software solution of Salto Systems..
Explain what is unique about your solution, who will benefit, and why this is important to Cardano?
Unique: It is a key, that is secure, unlosable, untransferable, decentral, user-centric, user-owned, compliant.
Benefit: Convenience because users do not need to remember passwords or carry keys or cards. Reduced costs, by eliminating the need for physical devices like keys or access cards and the replacement.
Trust: Empowering users to manage their identities.
Importance to Cardano: Real-world product with Tier1-partner with creating transactions if form of digital identity as a key sitting on Cardano via a DID decentralized identifier did:prism or did:iamx.