Go Back ↗

Identity Bridge

Helping to bridge different Digital Identity schema for the modern payments ecosystem

Suggest Edits

Knox Networks is a software platform that includes a white-label digital identity service. The Knox digital identity solution is comprised of two product lines:

  1. A server-side model that works with a financial institutions’ current identity solution and helps extend it to support mobile, PKI based identity solutions, and other devices
  2. A system that allows data to be wholly owned by the individual, with differential data privacy, dynamic updating capabilities, and front-loaded AML / KYC verification. In the second product line, the individual opts in to send data to financial institutions upon request.

Knox Digital Identity Features

  • Security and Privacy First: Contains security features to ensure that the data is protected and accessible only by those with the appropriate authority
    • Enables new modes of privacy preserving identity that allows many forms of credentials to be concurrently issued and allows for efficient verification
    • Provides a trusted solution to manage private keys and the exchange of credentials
    • Allows the use of Hardware security modules (HSMs) enable password-less access
  • Ease of Use: Built to enable easy use across an enterprise environment
    • Ability to use digital certificates to authenticate and sign transactions, documents, and messages
    • Eliminates the need for custom tokens as identity is managed in mobile and custodial wallets that use secure enclaves
  • Capture Critical Information: Provides ability to run regulatory compliant programs including onboarding, “Know Your Customer” (KYC), and other Anti-Money Laundering (AML) services program.
  • Flexible: Enables straightforward and efficient implementations even though every enterprise has different requirements depending on the use case and applicable regulatory regime.
    • The system can accommodate different levels of identification. It can be configured to allows users to provide certain information necessary for a particular transaction (e.g., more details for a larger transaction, including enhanced due diligence information)
    • Access rights, privacy management and other key features are set by the enterprise based on their own requirements
  • Traceable: Easy auditing of transactions, including storing pseudonymous information in the history of each transaction.

Sample Digital Identity Flow

  1. User is a customer of Bank A and logs in through the Identity Bridge using existing bank login credentials.
  2. User is instructed by Bank A to register their wallet and requests a Verifiable Credential (VC) from the bank to capture the user's bank account details.
  3. Bank A verifies the request and prepares an invitation for the user to register the wallet and download the VC.
  4. The invitation is shared with the user, who scans the QR code via the mobile wallet app. The identifier from the wallet is cryptographically verified, and the VC is specifically issued to the user as the subject and the bank identifier as the issuer.
    NOTE: A bank hosted Custodial Wallet Service can also be used here.
  5. The user now has this bank issued VC held in the wallet. This data remains in the wallet and can be requested as needed for financial regulation.

Updated 5 months ago