Introducing the World’s First Consent-Based Data-Sharing Framework Built on Open Standards: The Affinidi Iota Framework

0
426
Introducing the World's First Consent-Based Data-Sharing Framework Built on Open Standards: The Affinidi Iota Framework
Introducing the World's First Consent-Based Data-Sharing Framework Built on Open Standards: The Affinidi Iota Framework
  • Affinidi Iota Framework disrupts how businesses gain insights about customers. Iota shifts the processing of queries to a personal data vault, providing transparency regarding what is disclosed through explicit consent. This grants individuals full control over how they are discovered and how they share information with others.


  • Affinidi Iota framework democratises developers’ access to data through modern and privacy-preserving open standards, including W3C Verifiable Credentials, DIF Decentralised Identifiers, OID4VP, OID4VCI, and Presentation Exchange format (PEX).

 

Affinidi, a Singapore-based data and identity management company, launched the Affinidi Iota Framework built on open standards at the WeAreDevelopers World Congress. This innovative framework establishes a new way for individuals to share data by prioritising explicit consent, empowering individuals to selectively share specific data points with a clear understanding of their intended use.

 

In the traditional digital landscape, individuals often share sensitive data with third parties without transparency or control, leaving their data vulnerable to misuse, unauthorised access, and data breaches. A Twilio report shows that 60% of Asia Pacific consumers demand consent and communication on data use, while a PwC study reveals a trust gap, with only 30% of consumers trusting businesses. Existing solutions exacerbate these issues by collecting vast amounts of individuals’ data (essential/non-essential) and transferring it to back-end databases, burdening developers with managing large volumes of data and associated risks. 

 

Affinidi’s Iota Framework disrupts this outdated model, pioneering a new era of data privacy and security. The Affinidi Iota Framework enables developers to request essential data points directly from individuals, with explicit consent, eliminating the need to collect and store non-essential information. This approach ensures individuals maintain control over their data, reducing storage burdens, and minimising risks associated with data collection and potential misuse. Affinidi equips developers with dev-friendly templates and robust tools, streamlining the setup of data-sharing processes. With our easy-to-use SDK, developers can navigate the complexities of identity, privacy, and security, building innovative solutions in just minutes.

 

The Affinidi Iota Framework revolutionises data exchange between businesses and individuals by adhering to strict consent-first principles, providing businesses with richer, more accurate data that enhances personalisation, and fosters market innovation and competitiveness. Roopesh Shah, Co-Founder and CTO of Gro Club, India’s first and largest bicycle subscription model that recently adopted Affinidi’s solution for seamless integration, shared, “We began with Affinidi Login to simplify access to individual data through a one-click onboarding process. But with the introduction of the Affinidi Iota Framework, we are thrilled to advance beyond efficient customer onboarding, laying the groundwork for a future where every interaction is precisely tailored to individual preferences based on accurate and consented data.”

 

Built on Open Standards

 

The Affinidi Iota Framework leverages cutting-edge technologies such as the DIF Presentation Exchange (PEX) protocol and the OpenID for Verifiable Presentations (OID4VP) specifications built on OAuth 2.0 to deliver a robust consent-first solution for a new way of data sharing.

 

  • At the heart of the Affinidi Iota Framework is the DIF Presentation Exchange (PEX) specification. PEX, based on JSONPATH, serves as a standard query language for data exchange, enabling powerful filtering capabilities that accommodate simple and complex use cases. By defining data requests with a structured syntax, PEX simplifies data sharing, making specific data requests more seamless and efficient. Using standardised schemas ensures that queries are portable, allowing multiple developers and businesses to utilise them without reinventing the wheel. This streamlines the data exchange process and enhances interoperability across different systems.

 

  • Building on the robust OAuth 2.0 authorisation framework, the OID4VP protocol provides a secure transport mechanism for Verifiable Presentations. Simply put, Verifiable Presentations extract specific information from Verifiable Credentials, like signed digital containers holding personal data (such as an ID or diploma). These presentations, shared as VP Tokens, ensure data authenticity and provenance. This groundbreaking feature enhances data safety, reducing risks of data breaches and fraud by sharing only necessary, verified information. It establishes transitive trust efficiently, maintaining high security and privacy standards within the Affinidi Iota Framework.

 

  • The Affinidi Trust Development Kit (TDK), our SDK, is an open-source toolkit that enables developers to build privacy-preserving applications efficiently, aligning with complex and evolving standards. This streamlined solution integrates multiple elements to provide privacy functionalities without requiring workflow overhauls. By bridging Web 2 and Web 3 technologies, the framework leverages decentralised data stored in the Affinidi Vault for just-in-time data acquisition. It offers a range of modules, including clients for identity management, verifiable credential handling, and login configurations, ensuring flexibility and choice for developers. Supporting various programming languages such as TypeScript and Python facilitates seamless integration of Affinidi’s trust services into applications.

 

How it Works

 

The Affinidi Vault is a secure personal data store where individuals can securely store their information. Developers need to create an Affinidi Iota Framework configuration to set up the basics required to query the data from the Affinidi Vault. After creating a configuration, developers can integrate the Affinidi Iota Framework into their application with the Affinidi TDK. This setup ensures that data is shared only with the explicit consent of the vault owner, empowering individuals with choice and control over the information they share while enhancing data privacy and security. This also simplifies real-time data acquisition, reduces complexity, and enhances trust and transparency.

 

Revolutionising Data Exchange and Ownership

 

Affinidi is leading a global movement to return data ownership to individuals through its Holistic Identity concept, addressing the fragmentation of digital identities across platforms. The release of the Affinidi Iota Framework marks another significant step towards achieving this vision.

 

“In a new world where individuals can control their identity and data, we must redefine how information is shared. The Affinidi Iota Framework represents a major step forward in safeguarding privacy and consent by shifting information processing to the individual’s personal data vault. Gone are the days of trusting third parties with sensitive documents like pay slips and bank statements just to open a bank account,” said Glenn Gore, Chief Executive Officer of Affinidi.

 

The beta version of the Affinidi Iota framework can be accessed through the Affinidi Portal. Learn more about the Affinidi Iota Framework here