Latest News

Achieving trusted digital transactions across the globe: OIX and ToIP align to make it happen

Two of the most influential global membership organisations in the digital ID space have aligned to forge a faster and more secure route to a shared and trusted digital future.

Both The Open Identity Exchange (OIX) and Trust over IP Foundation (ToIP) have driven key development and made significant progress in their respective communities towards addressing the challenges around establishing ‘trust’ in users via digital means.

They have now committed to aligning their efforts, having realised the synergies in the work they were doing and the vast potential of working more closely together to drive their common agenda across the globe.

With a combined worldwide membership of over 360 organisations, including some of the world’s largest stakeholders in a digital ID future, this is a crucial development in the journey towards full digital ID adoption and a digital future that will work for everyone involved.

Born from the self-sovereign identity movement, ToIP’s widely recognised ToIP Stack is defining a complete architecture for internet-scale digital trust that combines the technical requirements for cryptographic trust at the machine layer with the governance requirements for human trust at the business, legal, and social layers.

Equally, the OIX’s comprehensive work around the governance of digital ID has been highly influential and widely accepted. It complements the governance elements of the ToIP stack. A prime example is OIX’s recently launched Guide to Trust Frameworks for Smart Digital ID that encompasses over 10 years of research and in-depth evaluation of existing Trust Frameworks around the world.

The guide outlines how both a simple digital ID (i.e. digitised credentials within a wallet) and a smart digital ID (i.e. one that understands rules ‘to selectively disclose, derivate a specific attribute and aggregate several single attributes’ per the EU’s new eIDAS2 ARF) can meet the needs of all the parties involved in a digital relationship or transaction. With a specific focus on placing the needs of the end users at the forefront (also a key driver for ToIP), the guide defines the roles, responsibilities, principles, policies, procedures and standards needed.

While remaining technology agnostic, a particular feature of the guide is its alignment with the self-sovereign paradigm of decentralised identifiers (DIDs) and verifiable credentials stored in individual digital wallets. This mapping of OIX Trust Framework roles to self-sovereign identity roles, illustrated in the infographic below, is clearly explained in the guide.

John Jordan, Executive Director of ToIP, said: “The lack of a globally interoperable digital trust infrastructure has presented an urgent and widely acknowledged need for both technical standards and governance that ensure trust can be established quickly and safely across all sectors and borders. Our two organisations have a common vision – building trust online, and simplifying and standardising how trust is established. Our collective knowledge, expertise and research will be a powerful force ensuring the benefits of digital ID are realised by everyone involved – the end consumers, governments, relying parties and ID providers.”

Nick Mothershaw, Chief Identity Strategist at OIX, said: “Various initiatives around the world are trying to address the same issue with differing approaches. It is a highly complex global challenge that needs a united global response, and one that ensures the needs of all parties are met. To achieve it, governance must be generic and technology agnostic, and smart digital ID will need to play a significant role.

“The goals and strategies of both organisations highly complement each other. We have both already made significant progress, which has been reflected in the growth of our memberships and the self-sovereign alignment of the new OIX trust framework. By further aligning our efforts, we can have a greater impact.”