Indicio FAQ's

Indicio Proven provides comprehensive Verifiable Credential solutions for rapid, remote onboarding, seamless account access and reusable (with expiration) Know-Your-Customer (KYC) checks. By issuing a biometric template as a Verifiable Credential, institutions have a powerful way to verify liveness without having to store biometric data — and they can implement simple, instant workflows to defeat AI-generated identity fraud.

• Verifiable Credentials can store all kinds of valuable information in a tamper-proof way, as any attempt to alter the information breaks the credential.

• Instant, cryptographic proof of who issued a credential, and that the person presenting it is the rightful owner — an identity fraud killer.

• Mutual authentication enables you to verify who you share data with before sharing it — and they you.

• Data is shareable across disparate systems without direct integration.

• Data is immediately actionable — if you trust the source of the credential, you can trust the data.

• Data is secure — no need for third parties or to store the data in centralized databases to manage authentication.

• Takes the hassle out of data privacy compliance — a person is in control of their data and can share it by consent.

• Protect your systems from AI deepfakes with Verifiable Credentials that cannot be replicated by A

Users experience a simple workflow that easily navigates the user from beginning to end without confusion. The program is designed to ensure the user can easily access and review all their information and fully understand a request before accepting/denying.

• Secure Credential Issuance and Data Verification

  • Enterprises, Governments, and organizations of all sizes can use Indicio Proven to issue and verify tamper-proof credentials for authenticating identities in a secure and privacy-preserving way.

• Interoperability

  • Proven provides unmatched interoperability by supporting multiple standards, including AnonCreds, W3C Verifiable Credentials, DIDComm, and emerging standards like SD-JWT and OpenID for Verifiable Credentials (OID4VC).

• Global Standards

  • Proven also complies with global data protection standards including eIDAS, EUDI, and industry specific technology standards. Including W3C Verifiable Credentials, Open Badges 3.0 from 1EdTech, and IATA One ID and ICAO DTC for travel

• Customizable Deployments

  • Proven is designed for flexibility, offering both a SaaS platform model or allowing deployment via APIs in various environments, including on-premise, cloud-based, or hybrid setups

• Plug-and-Play Integration

  • Indicio Proven works seamlessly with the Indicio Network and other decentralized identity ecosystems. It offers pre-built integrations for developers to easily add decentralized identity to their applications.

• Privacy-First Design

  • Proven ensures that users maintain control over their data, aligning with principles of self-sovereign identity (SSI). It supports use cases that comply with data privacy regulations.

• Secure Credential Management

  • Indicio Proven enables full lifecycle management of credentials, including issuance, revocation, and expiration. Organizations can define policies for credential management, ensuring compliance with industry standards and internal requirements for credential authenticity and validity.

• Customizable Governance

  • Users can configure and manage their own trust frameworks, including selecting roots of trust, defining credential schemas, and customizing credential verification logic. This flexibility supports a wide range of use cases, such as identity verification, secure access management, and compliance monitoring

• Multi-Tenant Support

  • A single Indicio Proven instance can support multiple clients (tenants) in a single environment. Each organization can then securely manage its own decentralized identity (DID) configurations, verifiable credentials, and trust frameworks without interfering with other tenants, ensuring privacy and data isolation

• Customization and Configuration

  • Indicio Proven can be configured by each customer to match specific business needs, such as selecting roots of trust, defining credential schemas, and managing the lifecycle of digital identities and verifiable credentials. This flexibility enables various use cases, from KYC processes to digital access management

• APIs for external integration

• UI for issuance and verification

• Customer chat using basic message

Think of a Verifiable Credential as a container for sharing digital information. An organization — say a passport office — puts your information in this container and ships it to you and sends the shipping manifest, so to speak, to a distributed, blockchain ledger, so that its origin can be recorded and independently checked. You carry this container around on your mobile phone in a digital wallet application. You use biometrics to access it. And you present this container and the information in it (or parts thereof) when your passport or your identity needs to be authenticated.

The party authenticating your container checks the shipping manifest to confirm the origin of your credential. Additionally, because the information in the container has been digitally signed at the time it was created and issued, the authenticating party can be certain that the information hasn’t been tampered with. Altering the information would break the digital signatures and the container.

You can see all this happening in the diagram below:

• Proven is interoperable and compatible with:

  • Current and emerging global protocols, specifications, and standards for decentralized identity.

  • The European Union’s new regulations for digital identity (eIDAS) and digital wallets (EUDI)

• Fully decentralized, leveraging open-source technologies like Hyperledger Aries and AnonCreds.

• Designed for cross-network and cross-ledger compatibility, ensuring vendor-agnostic solutions

• Utilizes Zero-Knowledge Proofs (ZKPs) for selective disclosure, ensuring no centralized storage of personal data.

• Enhances user privacy and security by allowing individuals to:

  • Share only the necessary information.

  • Avoid exposing all personal details.

• Tailored for industries requiring high-trust digital credentials,

  • government, enterprise, and travel sectors.

• Proven enables the creation of Trusted Digital Ecosystems for immediately actionable data.

• Cloud-agnostic and supports multiple networks,

• Allows organizations to build, deploy, scale, and manage Verifiable Credential ecosystems without being tied to a specific cloud provider.

• Built on open standards, with community-driven development, ensuring transparency and continuous improvement.

• Open-source foundation fosters innovation and collaboration within the decentralized identity community.

Proven™ is a complete solution for building decentralized identity using Verifiable Credentials to authenticate and create immediately actionable data

Indicio Proven ™ is also

• Easy to integrate into existing systems

• Built on interoperable components, open source code, and open standards

• Fully customizable — deploy how you choose; customers own their solutions; there is no vendor lock-in

The short answer is everyone, our current pricing model is catered to enterprise and government sized organizations, but we are adding more tiers of Proven that will soon be more SMB friendly.

Indicio Proven will only share information that is approved by the owner. If they did not approve the credential to be shared it will not be shared. Since the information is not stored directly in the digital wallet but coded into the blockchain, it is nearly impossible for anyone to hack into the system and gain access to the private information.

The Personal identity information (PII) is stored in the credential in the wallet on the user's device. It is very important to understand that no PII is ever posted to the ledger. What is posted publicly to the ledger is basically a template for what the credential should look like, as well as information that the verifier needs to verify the credential, but none of the values of the credential are on the ledger.

Proven is compatible with all wallets built using Hyperledger Aries

Yes, Indicio is compliant with both US and EU standards.

Indicio will work with your technical team to learn about your needs and the best path to a fast and effective integration.. We offer a variety of levels of technical support to ensure that we can meet your team's deadlines and goals.

Yes, Indicio Proven is designed for seamless integration with any existing digital identity provider or data source. It complements your current systems without requiring major changes or replacements, making it easy to adopt decentralized identity solutions.

No, Indicio Proven includes all necessary components—software, network, and digital wallet—eliminating the need for any specialized infrastructure. It is hardware-agnostic and can operate with your existing devices and systems.

Indicio Proven leverages decentralized identity, meaning personal information is stored and controlled by the individual rather than a central database. This significantly reduces the risk of hacking or data breaches. Additionally, identity verification is strengthened by binding biometric data to biographical information, helping to prevent fraud and impersonation.

Administrators will receive hands-on training during the implementation process. This includes access to tutorial documents that are shared as a continually reference to the process to ensure easy to learn programming.

Users will not need special training because of the simple, intuitive interface.

Yes, There is no limit to the number of credentials that a user may have in their wallet.

Indicio is part of the implementation process from step one to finish. We have a dedicated team that will work with you along each step advising of best practices and helping you work through any questions. Each project has a dedicated project manager who will have regular check ins and updates. Post launch our team will remain available to help tackle any unforeseen issues.

When you lose your phone, one item of concern is whether your credentials and other data are safe.

There are several layers of protection in place:

1. Your phone should be protected by a passcode and potentially your biometrics, such as a face image or your fingerprint.

2. Our wallet applications also include a pin code (which should not be the same as your phone pin) and use the same biometrics as your device (so a hacker would have to beat the biometrics at least twice).

3. For truly sensitive operations, the workflows involved in presenting this data (in order to impersonate you) can be paired with a liveness check and biometric comparison between the face on an identity credential and one captured by the phone’s camera.

When a device is lost, you can revoke the credentials that are stored in that wallet, making them useless even if the device and wallet are compromised. This is similar to how, if you lose a credit or debit card, you go to the card provider and ask them to turn it off.

The restoration experience, at the most basic level, is to go to the issuers and have the credentials reissued. This is what most credential issuers do today.

Biometric binding and liveness checks ensure that it is you who is using your phone and digital wallet app. The Verifiable Credentials stored on the phone can be revoked, removing them from the stolen device, and quickly reissued to your new device.

The ledger offers four important elements when building a decentralized identity solution, these being:

1. Immutability: The data cannot be changed — by anyone.

2. Tamper resistance: A distributed ledger makes it very difficult for a malicious actor to break in and change material.

3. High availability: If one node on the network goes down for any reason, there are plenty of others to receive data from.

4. Geopolitical and infrastructure diversity: By hosting the ledger on servers located in multiple geographic areas and by diverse organizations, network resilience to technical problems is maximized — and this contributes to high availability.

The following information — and only this information — is, typically, stored on the ledger:

1. DIDs for an Organization, Company, or Institution

   1. These are used to verify credentials from a particular issuer; the endpoint allows you to communicate with that issuer.

1. Credential Schemas

   1. A credential contains information and Schemas define the different fields containing that information.

1. Credential Definitions

   1. These are specific to the use of the AnonCreds credential format with Hyperledger Indy. Credential Definitions link a cryptographic key to each of the attributes in a Credential Schema. This allows a holder of a credential to share information in privacy-preserving ways, such as through selective disclosure (only a single attribute is shared) or a predicate proof (an attribute value can be numerically assessed without the actual value being disclosed, such as >21 or <21 for purchasing items that have legal age requirements).

1. Revocation Registry Accumulators

   1. This provides a way of signaling which credentials are valid by keeping track of which credentials have been revoked and which have not been revoked. The revocation registry accumulator is a way of proving your credential is valid.

1. Personally Identifying Information (PII)

   1. No PII or personal data of any kind is recorded on the ledger.

1. Credential Issuance

   1. No information about the issuance of any individual credential is recorded on the ledger.

1. The Verifiable Credential

   1. Verifiable credentials are not written to or stored on the ledger in any context.

One of the most powerful features of decentralized identity is that you can create an ecosystem of millions of people using millions of credentials with only three or four writes to the ledger: the credential type, the schema, the credential definition, the issuer DID, and the revocation registry

Distributed ledger networks prescribe rules for who can write and what can be written (no PII!) to a ledger and these rules are enforceable through legal agreement. These governance rules typically require that writes to a ledger must be approved by a Transaction Endorser.

Some great blogs about the topic are: What does the ledger do? And Why a ledger?

The server recommended may change as technology evolves but right now we recommend

• 50 GB Hard drive SSD

• AWS Type: c6i.larg

The costs can vary based on the use case you are looking to cover and what you may already have in place. Such as cloud based or on premises hosting, do you have tech that Proven needs to integrate with, how many users are expected, etc.

While a smart phone is required to access Proven mobile, there are some use cases where the service provider can have kiosks on site that the customer can use that will allow them to take advantage of the product and process.