Blockchain for Decentralized Identity — dApp — Travel
In this post, let us imagine the potential of decentralized identity using SSI (self-sovereign identity explained in the first blog) to disrupt experiences in the travel industry.
What if you can get through an entire international trip using your smartphone without taking out any physical documents — contactless? Let us visualize the experiences.
1. You don’t need a username/ password to log in to the airline website to book your ticket. Instead, you use your loyalty card (assuming you have one) stored in your digital wallet to book a flight. Upon purchasing your airline ticket (paid for by a financial instrument in your digital wallet — refer to the fourth blog on digital wallets), you receive the same with the travel details (booking number, date, flight, seat no.). In addition, before your travel, you get any legal requirements from Timatic, IATA2 for the destination country sent to you to prepare for the trip (Covid vaccination, visa, etc.).
2. Similarly, you make reservations for a rental car and hotel at your destination. Again, no login passwords are required; use your loyalty cards with minimal information (zero-knowledge proofs as explained in the fifth blog) to close the transaction paid by financial instruments in your digital wallet.
3. Your passport details, including your picture, are stored as verifiable credentials (explained in the fifth blog) using ICAO (International Civil Aviation Organization1) standards in your digital wallet on your smartphone. So it is a digital passport.
4. If required, collect your visa. You get it online and store it as a verifiable credential (VC) accessible via your smartphone.
5. Before travel, you check in for your flight and receive your boarding pass as a QR code using IATA2 (International Air Transport Association) standards.
6. You hail a ride via a rideshare app on your phone and pay for it using a financial instrument attached to the app to get to the airport.
7. A location app determines your arrival at the airport. Then, your phone automatically creates an attestation proof (refer to the fifth blog) for you with the required claims for check-in. Finally, you accept and present it to check-in.
8. You provide instant proof of your ticket with a QR code and a compound attestation proof with just enough information from your passport and visa. It is Zero-Knowledge Proof compliant with the SSI minimization principle (refer to the first blog). The proof contains only the claims from verifiable credentials (refer to the fifth blog) in your digital wallet required to complete the transaction.
9. Next, you pay for your bags using a financial instrument from your digital wallet.
10. If a Covid vaccination card is needed, that is also automatically included in the proof. A recent Covid vaccination test result from an authorized lab is a verifiable credential stored in the digital wallet. Vaccination rules for each country are automatically captured from Timatic from IATA2 and provided in step 1 above help you prepare for the trip.
11. While passing through immigration and customs, you use compound attestation proofs automatically generated based on your location from your digital wallet produced using minimization principles using zero-knowledge proofs. You go through without any friction in the experience.
12. Next, while passing through security, you use a QR code with proof created based on your location from your digital wallet. The proof contains claims from your verifiable credentials in your digital wallet needed to complete the process. Your experience is seamless and fast.
13. Upon arrival at your destination, with location information, your app creates compound proof from your wallet using claims from your passport and visa. You accept, present it using a QR code to the immigration officer, and go through immigration and customs.
14. While collecting your rental car, using your smartphone and location, you receive a compound attestation proof of your reservation, your name on the passport, a valid driver’s license number, and the financial instrument for payment. You accept, present, and drive off.
15. At the hotel, using your location, your smartphone presents you with your reservation, just enough claims from the passport required, and a financial instrument for payment — a covid vaccination card, if necessary based on local rules, gleaned from Timatic from IATA2. You accept the compound proof, present it at the reception using a QR code and collect your digital key, store it in your digital wallet, and use it to access your room.
16. Trip expenses like meals, excursions, and shopping can also be covered using payment instruments stored in the digital wallet and any identity claims from the smartphone.
The above experience has privacy and trust by design built into each checkpoint where only information required to complete that step of the trip is shared, not the entire paper document. With even more intelligence built-in, the attestation proof gets automatically created for your review at each checkpoint gauged by a location app on your smartphone. The experience reduces friction at each point and improves efficiency while reducing costs. The business process is GDPR (General Data Protection Regulation) compliant. The transition to this experience will be evolutionary, not revolutionary. It has already begun with specific experiences implemented as standards evolve (see the seventh blog for standards). Along the way, some steps in the process may require integrations with legacy applications. For example, today, the IATA2 travel pass enables airlines, governments, and organizations to verify health travel documents instantly. As of writing, seven airlines have implemented it, and fifty more are in the trial phase. IATA is taking a leadership role in defining the self-sovereign identity standards for the travel industry.
In the next post, I will cover the EU.
A digital wallet is a software used to digitally store (usually in a smartphone) the contents of a wallet, like IDs, loyalty cards, and financial instruments used for payments. In essence, it is a digital version of a physical wallet.
Presentation or Proof
The proof attests a claim or compound claims from the holder to the verifier to prove some form of identification to complete a transaction. All are achieved without making contact with the issuer.
Self-Sovereign Identity (SSI):
A decentralized way to manage the identity of an entity, built on the principles of transparency, interoperability, portability, and consent from the owner who controls what they own, know and have.
A credential is an attestation of authority, competence, or qualification given by an authorized party (issuer) to an entity (holder). It consists of metadata, claims, and proofs and has one or many claims related to an entity’s identity. It is to respond to attestations for proof of a claim. Claims from multiple verifiable credentials consolidated to respond to a request for proof is called a compound verifiable credential.
A zero-knowledge proof is a method of authentication using cryptography that allows an entity to prove to another that specific requirements for a transaction are met instead of disclosing all the data (selective disclosure).