According to the late, lamented, Kim Cameron in his seminal 2005 blog, The Laws of Identity, the Internet was designed and implemented without an identity layer and has developed ever since as a patchwork of identity workarounds and one-offs.
In the November 2019 BBC Dimbleby Lecture, Tim Berners Lee, inventor of the World Wide Web, proposed a mid-course correction for the Web by decoupling data from the application. This, he argued, would give users complete control of their personal data and enable them to make use of decentralized data stores called Pods, developed using the Solid specification.
The GAIN (Global Assured Identity Network) proposal has the potential to deliver both an identity layer for the Internet and this mid-course correction. GAIN addresses the patchwork of identity workarounds and implements a global identity system that enables a shift towards a user-centric and high-trust identity paradigm for the Internet.
The genesis of GAIN
GAIN builds on the remarkable success of the worldwide payments’ ecosystem, implemented by the international financial community and delivering global payments schemes such as Swift, Mastercard and Visa. This financial ecosystem is based on open standards and financial-grade APIs; it can be envisioned as a financial overlay to the Internet.
Trust in the international payments system is underpinned by formal compliance with international banking regulation, such as Sarbanes-Oxley, the Basel Framework, ‘Know Your Customer’ (KYC), Anti-Money Laundering (AML) legislation and PCI-DSS. Financial institutions that are members of the international payments’ ecosystem must provide evidence of:
- implementing all the required technical controls;
- applying the rules of the various compliance schemes; and
- submitting themselves to a process of regular certification.
Membership, technical controls, scheme rules and regular certification are just four of the methods by which trust is maintained between members of the payments’ ecosystem and between financial institutions and their customers. In effect, financial institutions are already required to operate within a global financial payments Trust Framework.
By catalysing a decentralised and interoperable global network, as has been achieved for payments, Financial Institutions will offer high-trust identity assurance within a safe, sufficiently regulated environment: a major step toward Digital Trust.GAIN DIGITAL TRUST White Paper