11 February 2021 – Basel – The Global Legal Entity Identifier Foundation (GLEIF) today unveils the issuance and technical infrastructure models for its recently announced verifiable LEI (vLEI) system.
A vLEI is a secure digital attestation of a conventional LEI. When fully developed, the vLEI will enable instant and automated identity verification between counterparties operating across all industry sectors, globally.
A secure chain of trust for vLEI issuance
GLEIF has designed all vLEIs in the form of Verifiable Credentials, in accordance with the World Wide Web Consortium’s open standard Verifiable Credentials Data Model. This process establishes GLEIF as the digital ‘root of trust’ and enables GLEIF to safeguard the integrity of the trust chain. Each vLEI must be issued by a GLEIF-certified vLEI issuer to a legal entity client that has an LEI. Once obtained, the vLEI can be used as a basis to issue additional credentials to members of the organization.
The vLEI issuance process has been designed in full accordance with standards of the Linux-based Trust over IP Foundation, of which GLEIF is a contributing member.
Independent, open and interoperable infrastructure
To fulfil its global potential, the vLEI system will interoperate seamlessly and securely with all technology models, e.g. blockchain, distributed ledger consortia by adopting a ‘network of networks’ approach. To accomplish this, GLEIF will leverage the Key Event Receipt Infrastructure (KERI) protocol to develop the vLEI’s technical underpinnings.
KERI provides a cryptographic development framework enabling vLEIs to be anchored and verified without requiring a self-sovereign identity, blockchain or distributed ledger utility network to operate. Using the KERI protocol, vLEIs can be created and utilized independently of any specific company or organization, with the highest levels of security, privacy and ease of use. KERI also enables GLEIF and the vLEI trust ecosystem to operate under GLEIF’s governance framework.
The vLEI technical infrastructure will enable the vLEI’s cryptographic keys to be generated and controlled directly by GLEIF, by vLEI Issuers and by vLEI holders, in accordance with the legal requirements in many jurisdictions. Each party will maintain full, independent control and portability across systems. This allows GLEIF and its vLEI issuing ecosystem to take advantage of all blockchain, distributed ledger, self-sovereign identity and other cloud-based public utilities to notarize cryptographic actions or transactions, maximizing interoperability and flexibility in the vLEI system.
“For the vLEI to become the de-facto choice in digitized organizational identity globally, both its issuing system and underlying architecture have to embody GLEIF’s unwavering commitment to open systems and open data,” comments Stephan Wolf, CEO, GLEIF. “The approaches we are laying out today will enable the vLEI system to support any other blockchain or SSI network or system, while retaining the capacity to utilize them all, and be able to support cloud infrastructures as well. This is a critical development in our work to bring the benefits of a digitized LEI system to all industry sectors around the world.”
When complete, the vLEI will give government organizations, companies and other legal entities worldwide the capacity to use non-repudiable identification data pertaining to their legal status, ownership structure and authorized representatives in a growing number of digital business activities, such as approving business transactions and contracts, onboarding customers, transacting within import/export and supply chain business networks and submitting regulatory filings and reports.
Support for vLEI development
Sam Smith, founder of Prosapien, and creator of KERI, comments: “KERI as an open standard protocol being developed in the Decentralized Identity Foundation under the aegis of the Linux Foundation is meant to provide a fully decentralized trust spanning layer for the internet. With KERI, GLEIF can provide universally verifiably authentic digital issuances of Legal Entity Identifiers via the vLEI. The vLEI backed by KERI enables securely attributed reputational trust transference across a network-of-networks of verifiable data registries. As a result the vLEI will revolutionize trusted interactions through truly portable platform independent trust. It expands the internet trust graph to literally encompass every legal entity in the entire world.”
Daniele Citterio, CTO, InfoCert SpA, an LEI issuer, comments: “The vLEI model is a tremendous opportunity to combine our self-sovereign identities initiative with our role as a GLEIF-accredited LEI Issuer into a new business proposition with value to organizations throughout Europe and beyond.
“The vLEI completes the picture of our SSI-based Dizme ecosystem, allowing identity verification of both legal entities having a vLEI and also natural persons in their roles within these entities. In addition, thanks to the vLEI's utilization of the W3C Verifiable Credential standard and also of KERI portable identifiers, I believe that we have a clear path to bring ‘one trusted and verifiable identity’ to businesses worldwide.”
The cross industry vLEI development program continues to evolve. GLEIF now invites software developers to engage with the program’s existing stakeholders from the pharmaceutical, healthcare, telecom, automotive and financial services sectors, with a view to exploring opportunities to leveraging vLEI identity verification in future applications, services and business models.