Top Burning Questions Q5: Where would I use a “Credentials Wallet?”
A wallet is a means for users to confirm their blockchain transactions. A common question from our customers is: “what‘s an example of a wallet in an enterprise context?”
To illustrate this, here’s an example of how a wallet might be used by an equipment manufacturer that is selling to other enterprises (i.e., B2B).
The equipment manufacturer provides an uptime guarantee to its customers. If the equipment is offline, the event can be automatically recorded in a blockchain for both the customer and the manufacturer to see.
The more important question for the manufacturer and its customers is: why was the equipment offline? Was the equipment offline for a valid reason, such as regularly scheduled maintenance? Or, was it offline due to a fault (and therefore there may be contractual penalties)? Or, were there external factors, like a flood, that will trigger insurance coverage?
In this example, the customer and the manufacturer submit their explanation and evidence (e.g., photos of the flooded equipment). Fingerprints of the documentation are logged on the blockchain. The actual data is stored off chain.
Recording the explanation and evidence in an immutable and auditable format creates trust. This trust speeds up processes like vendor performance review meetings, contract renewals, insurance claims, and regulator investigations.
So, what about the wallet?
Well, in a fully automated system there’s no need for one. That is, if the equipment being offline automatically triggered an alert, storing that alert information on the blockchain could be completely automated without the need for a wallet.
In our example, the “why” piece is a manual diagnostic. This information requires some authorization and authentication to make sure the person submitting it is who they claim to be, and has the permission to submit the documents.
One way to verify that the documents were submitted by authorized parties is to have each submitter digitally sign the transaction at submission. With multiple submitters (e.g., a manufacturer and customers), each party would have to integrate the submission system with their respective digital signature system.
With the VIA Credentials Wallet, all parties receive a simple mechanism to sign blockchain transactions without each participant having to integrate a new system. Each party also maintains their own enterprise user management systems (e.g., role-based access control (RBAC) models, identity access models (IAM), single sign-on (SSO), active directory service, etc.). This approach is particularly valuable at enterprises that have their employees hold their own private keys, such as through Yubikey (like Amazon, Apple, Google, Microsoft …) or an access card to login to their computers.
One of the key benefits to this approach is that the same Credentials Wallet can be used across multiple applications (e.g., systems from different manufacturers). In addition, RBAC integration with the wallet and VIA’s blockchain enables each organization to have their own rules to verify a transaction. Enterprises could decide to have multiple signatures to confirm a transaction, or only signatures from a certain role as submitters of a confirmation.
There are other benefits as well to a VIA-specific wallet. Long-time VIA blog readers will know that cybersecurity is a running theme as a differentiator for VIA in our platform. Everyone deserves the best cybersecurity. Over and above this, companies have a legal obligation to make sure they are protecting their financial and data assets. VIA has made the investment to harden VIA’s Credentials Wallet to U.S. Department of Defense (DoD) cybersecurity standards.
Looking for more information or have a related query? Don’t hesitate to contact us at firstname.lastname@example.org and submit your question.