Enabling 1-click customer onboarding and ID verification in banking.
How yes.com and walt.id used Self-Sovereign Identity (SSI) to streamline log-in and identity verification while maintaining high security standards and respecting data regulations such as GDPR.
About yes.com
The yes.com AG created a modular multi-consent solution based on a network with over 1,200 banks, approved and trusted by highest regulatory standards. yes.com aims to simplify onboarding, checkout and signing processes with a two-click solution.
yes® services combine the width of existing online banking relationships with a unique depth of functions for today's 50 million German online banking customers. The vision is to become the world’s leading open-banking ecosystem enabling users, banks, and merchants to easily and securely exchange identities, signatures, payments and data.
The Challenge.
yes.com is building an ecosystem based on the federated identity paradigm. However, as identity wallets are coming to Europe (e.g. via eIDAS), yes.com wanted to explore how wallets can be integrated into their system so that their bank partners can leverage their bank KYC verified identity to interested parties through wallets for all sorts of use cases from remote identification of students to KYC to applying for a loan. The key challenge was the interoperability of identity solutions, while making the processes secure and more user friendly.
The Solution.
yes.com realized that they needed help to adopt wallets and new user-centric identity paradigms like Self-Sovereign Identity (SSI) for various reasons such as due to the technical complexity and fast-changing environment (e.g. standards, regulations). They screened the market for vendors which fulfill the following criteria:
Compliance with emerging EU identity standards (EBSI, ESSIF)
Compliance with established data exchange protocols that are already used by large enterprises and ecosystem participant (particularly OpenID Connect)
Solution that is easy-to-use and integrate
Solution that support end-to-end use cases (Issuance to Wallet to Verification)
yes.com chose to work with walt.id to realize their goals as the company fulfilled all requirements.
The Results.
yes.com applied for a ESSIF Labs funded project (which was granted) to showcase a potential solution and the different use cases. The main goal was to enable bank partners to issue identity credentials to a customer’s wallet as well as to request and re-use such identity credentials from wallets in the context of remote identification of university students for digital diploma issuance (even though the approach is suitable for a wide variety of use cases). Moreover, the project should be the first worldwide implementation of novel user authentication flows (based on OpenID for Verifiable Credentials ) that offer a seamless user experience for onboarding and identity credential collection (see screenshots).
Walt.id provided the open source infrastructure that enabled the project. Moreover, walt.id’s experts supported tasks around data modeling and the implementation (e.g. OpenID for Verifiable Credentials implementation on the wallet side).
All of this allowed yes.com to realize their use cases fast and with ease, i.e. to issue identity credentials to wallets (yes.com implemented and hosted the issuance service, which creates a verifiable credential based on bank verified identity data) and to request and verify identity credentials for various use cases like identity verification (walt.id hosted the op wallet and verification service).
The user journey is as follow:
Step 1: The user who wants to get a diploma has to be authenticated and uses her/his wallet to do this.
Step 2: The wallet does not have the requested credential yet. However, the wallet knows that yes.com issues this kind of credentials and redirects the user to the yes.com issuer service.
Step 3: The user selects her bank, logs in with her bank and confirms the issuance of a bank-identity based verifiable credential.
Step 4: The wallet asks for confirmation to save the credential.
Step 5: The wallet knows that the user wanted to authenticate herself to the university and offers to redirect her back to the university.
Step 6: The university receives this authentication credential and starts to issue the digital diploma.
Please find below screenshots that illustrate this process, with the different wallet interactions.
“Our goal is to issue verifiable credentials to wallets using verified user data provided by banks. Walt.id's SSI Kit provides an easy way to create verifiable credentials in JSON-LD and JWT format.”
Dr. Daniel Fett
Specialist Protocol Design & Security Threat Analysis
yes.com
Ready to get started?
Interested to chat with yes.com?
get in touch with yes.com experts to discover more about their products.
About the organizations.
-
Walt.id develops Self-Sovereign Identity (SSI) solutions for businesses and governments across industries.
Developers and organisations rely on our open source products as an easy and fast way to use Self-Sovereign Identity - including Europe’s new digital identity ecosystem based on the EU Blockchain and the EU SSI Framework (ESSIF).
To ensure client’s success, our industry-leading experts provide holistic services including from conception over the implementation of pilots and production system to enterprise support and managed cloud services.
-
We make it easy to answer a variety of questions with a quick “yes®”!
There are regulatory restrictions for user identification in different branches (insurance, telecommunication, banking, e-government etc). The current onboarding processes are time-consuming, costly and deliver a poor customer experience. A successful onboarding experience will improve conversion rates, increase revenue with cross-selling and upselling and thus contribute to customer value. The yes® ecosystem for digital identity services is built upon a distributed identity architecture: yes® is connecting identity providers (banks) to relying parties with different tasks of user onboarding.
For more information visit yes.com or get in touch via email.