SSI Orbit Podcast
Removing Roadblocks to Broad SSI Adoption with Heather Dahl
By Mathieu Glaude
March 11, 2021

Okay, we’re live. Hi Heather, thanks for joining me today.

Thank you for having me.

Mathieu: Heather, I’ve been looking forward to this conversation. I was researching you online and reading about some of the experiences you’ve had. The one that stuck with me was the children’s book series that you co-authored. The books teach kids all about cybersecurity, and I find that fascinating. In this decentralized identity industry that we’re in, we could definitely work to improve our ability to completely break down a topic like that and explain it clearly to kids. Would you mind talking to me about yourself and your experiences?

The CYNJA Series

Heather: Our books are called “The Cynja Series.” C-Y-N-J-A, which stands for Cyber Ninjas. The world has a lot of ninjas out there, especially when you’re 9 or 10 years old. Being a Cyber Ninja? That’s a special kind of ninja: with unique expertise, that’s trained and learned over time. It all happened around the same time I got into decentralized identity. I was developing threat intelligence solutions with Chase Cunningham and said, “I have a project for us! Let’s write a children’s book about cybersecurity that’s really awesome and cool.” Chase Cunningham and I co-authored the books along with Shiro Darasu, who’s a fantastic artist. We realized that kids didn’t fully understand the dangers that were lurking in cyberspace. When we looked at most of the typical cyber education materials, they included spaceships and fuzzy bunnies —neither of which live in cyberspace, exactly. There’s nothing out there that was capturing the interest, especially of a certain nephew of mine. So, that’s where the book started. I wanted to inspire a kid like my nephew, who, at the time, didn’t think bad guys lived in cyberspace.

Instead of wanting to be a cyber warrior, he was more interested in slaying dragons. I tried to explain to him that job opportunities are pretty limited in that field, but job opportunities slaying Botnets and Worms; now we’re talking! That’s how we developed the Cynja book series

As we talk about decentralized identity, the next frontier is trying to explain this. Not only to kids, but to adults: business executives, lawyers, accountants, and so on. This is something where we have to develop the story for multiple audiences, multiple personas, and explain it. On the one hand, I guess you know what my next children’s book topic is! On the other hand, we’re committed to it within Indicio, as well.

Mathieu: That’s amazing! It takes a special talent to be able to break a topic down to the right principles and the right basics to be able to explain it to any type of audience. As I mentioned earlier, I think that’s badly needed in SSI or in decentralized identity. It’s impossible to underestimate the importance of visuals. Not only for conveying complex topics but also in catching interest where someone genuinely wants to spend the time to learn.

Heather: Since we’re talking on a podcast, I want to mention that it’s visually astounding to see the images of the artists that we work with. Shiro Darasu is a software engineer who happens to be an amazing graphic artist. He understood the concepts, and we all got on the same page of “What could this world look like? Let’s visualize it.” We need to go through the same activity here in self-sovereign decentralized identity and explain how this world works for multiple learners. That could be for someone who wants to read, or is perhaps a visual learner, or maybe that’s someone who likes this podcast and wants to listen while driving in the car. We have to make sure that those of us who are developing and working in this space convey that information in multiple ways and through various channels.

Mathieu: Then, I guess you moved into the centralized identity arena. At a later point, you were the CEO of the Sovrin Foundation. For those who don’t know Sovrin: Sovrin is a decentralized network that serves as a public identity utility for several decentralized identity projects. Heather, you were the CEO of Sovrin — do you mind talking about how you got into that space and then about your experiences with Sovrin?

Heather’s career trajectory to Sovrin

Heather: To talk about how I got to that position at Sovrin, we have to go back a few years. There were a lot of people who spent hours and years of work to reach the point where Sovrin was. I became involved in what’s now known as self-sovereign identity in perhaps 2011. About ten years ago, I worked with the company Nustar, and we were doing some initial research and development around what became the “respect network.” When I was involved in the respect network, we had done some research with Drummond Reed, who helped create that network. I was, and still am, very focused on children’s data safety and privacy around children. When I left Nustar to focus on my Cynja books, I also was getting asked by parents right-and-left: “How do I protect my kids online?” So, Chase and I developed the first commercial application on the respect network, called Cynja Space. Cynja Space allowed parents to effectively control and manage how their children’s data was stored when they were online or on their iPad. That’s how I became involved with what evolved to be Sovrin. I served on the board of directors of Sovrin, and things continued to mature. Eventually, I moved into the role of CEO of the Sovrin Foundation.

Mathieu: How did Sovrin evolve? Sovrin’s still running today. If you go to Sovrin’s website, there are tons of different organizations that are associated in one way or another with Sovrin and that use Sovrin. It seems to be one of the most popular implementations today in that decentralized self-sovereign stack. How has Sovrin evolved today from the time you got into it? Also, perhaps you can begin talking about Indicio: what got you into that, and what are the big differences between Indicio and Sovrin?

Heather: Sovrin is a success story of a tremendous community effort. When I say community, we’re talking people from all over the world; various companies of different sizes, across industries sizes, and different solutions and visions for where they want self-sovereign identity to go. Someone new to the field needs to understand that Sovrin’s not one person or one particular effort. Sovrin is a collection of the world’s beliefs and support for the concept that an individual must have the ability to manage and control their own digital identity. I saw at Sovrin that our goal is to adopt decentralized identity (or self-sovereign identity). We need to move away from the centralized database model, where a company gives you an identity, and you’re locked into that database. In that model, you can’t prove something about yourself without someone looking into their database.

What Heather’s working on at Indicio

The vision is something that we all believe in and want to achieve, but it’s important to remember it takes a lot of steps to get there. At Sovrin, we saw the challenges that organizations had. We saw the challenges, the blockers, the learning curves, and the frustrations. At Indicio, our motto is “no blocker is too big or too strong.” Our goal at Indicio is to simply accelerate the creation, adoption, and the widespread use of verifiable identity credentials. In that way, people have control over their digital identities and how they share their personal information in a way that’s secure and protects their privacy. Our mission is to achieve that goal by helping any organization that encounters a blocker that they don’t understand when working through their digital identity initiatives. Another way I like to think of it is like a homework helpline. “Not sure where to go in decentralized identity? Bring your question to us!”

With Indicio, we’re trying hard to make verifiable credentials easy to adopt and easy to use across all stages of the decentralized identity journey. We realized that in order to make that happen, it’s not merely a technical challenge. Indicio does offer technical help. We have a team of engineers and architects who can help you work through any kind of blocker. Alternatively, maybe you’re trying to figure out an architecture, or you’re trying to figure out how to build a decentralized identity solution. We’re there. If you’re trying to implement into a proprietary solution, we’ll help you do that too. Essentially, whatever it’s going to take (from a technical point of view), to help your SSI adoption of decentralized identity, we are going to be there side-by-side helping your team do that. What we learned is that a lot of organizations need training. We offer instructor-led training, programming from: “what’s a Verifiable Credentials” all the way to “how to set up your own Indy-based network.” Indeed, we customize the training programs, or we have modules that we’ve used with various clients. If you don’t teach how decentralized identity works, if you can’t get everyone on your team or the partners you work with on the same page, it’s going to be extremely challenging to move forward with a common language. So Indicio offers training.

There’s another blocker in determining the business strategy behind the changes. In other words, what’s the strategy of the solution I’m trying to build? What’s the strategy of my company, and how do I explain this new decentralized world? How do I explain the benefits of decentralized identity to my internal executive sponsors? So, we work on business strategy. Then, you’ve got to go out and explain this. We offer marketing and professional services around marketing. We can help organizations do slide decks, crafting their compelling stories. We help with technical writing; we help with writing press releases; we help with writing white papers; we support social media strategies. We’ll work on anything that can go out to the market and help explain what decentralized identity is. We have an awesome marketing team, with writers, editors, or social media digital marketers, ready to work with clients on that front. Lastly, we have a practice that’s solely focused on decentralized identity governance. There are multiple efforts in that regard. Sovrin has a governance framework that’s been years in development. You have the Trust-over-IP efforts, or you have governance efforts coming through other organizations. We have a governance team that helps organizations understand or review different governance documents. Some organizations want to write their own governance, and we help with that.

That explains the whole offering of what Indicio does, but it all boils down to “bring us your blocker.” One of the five areas I’ve just talked about is probably going to be able to help you move through that blocker and successfully continue down the path of adoption of decentralized identity.

Mathieu: I think people underestimate the strategy and thinking that needs to go behind implementing a successful decentralized identity, or decentralized anything strategy. We’ve been dealing with this for years now, in the blockchain and crypto and the centralized technology space. It’s something that must be faced as soon as you want to take advantage of trusted data, transparency, and credentialing solutions, all together within a broader ecosystem.

In reality, your business model is likely to change because you need to evaluate where you fit in this new ecosystem. It’s an excellent philosophy for you to take that broader range approach of different services you offer. It’s not just one thing, like providing a blockchain, for example, or providing a use case. There’s so much that goes into properly defining a strategy altogether. You mentioned the governance side of things, which is quite interesting, and we’re facing some challenges there also. We’re in conversations in the Trust-over-IP initiative, as one example, and there’s a lot of work happening there. Based on Indicio’s experience of working with different clients, how much do people underestimate the need for governance, and how early do you need to start talking about it?

Heather: Sometimes, dealing with governance issues can be overwhelming if you’re new to this space. To have adoption, you need to have a lot of people who are new to the space become involved. Our focus is to make it less daunting. What do we mean by governance? Let’s go through a governance framework; let’s walk through the different components; let’s talk about what’s needed. How does this apply to what we call machine-readable governance? It’s nice to have a legal document, but how does that apply to the actual code and operation of your agents, of your network? We try to talk about governance from the very first step in building your systems and understanding the roles of governance involved. The existing governance that we’ve adopted in our community over time is not a one-size-fits-all. Sometimes, we have to walk through understanding the particular, unique parts of a use case or regulatory demands. We have to look through the governance best practices that we have thus far and evolve this to the next step. Then, how do you implement that, and how do you explain that to the partners? We go back over the marketing; how do you explain the governance on up to your boss? How do you explain governance in a way that helps accelerate adoption instead of slowing it down?

That’s one of the challenges for those who are already in the space. Governance has actually slowed their adoption, so what can we do to help explain the role of governance? Maybe, to their legal teams or general counsel, who are going through their own internal reviews. With our support, they can go through the review more quickly. Perhaps, they can work with the council to talk about their concerns or how they apply to the frameworks that they’re looking at.

Indicio’s TestNet

Mathieu: One of the most interesting aspects coming out of Indicio, which is also visible within this utility foundry working group that I’m a part of in the Trust-over-IP movement, is this Indicio network or the TestNet.

This is another piece to the puzzle in the whole stack, and it’s probably a piece that Indicio has identified as being a barrier to entry or increasing friction. We’re seeing more partnership announcements happening with Indicio, such as Trinsic and GlobaliD.

Are people looking for a fully-managed blockchain-based utility network? Is that the purpose of this Indicio TestNet, and what does the future of this network look like for you?

Heather: IdRamp and IDUnion’s Lissi Wallet both made announcements recently about working with Indicio. The effort originated with clients who are focused intensely on interoperability, especially the enablement of interoperability of networks. You need at least two networks to do that development. It began as a laboratory-based experimental network that clients could use to develop solutions. You can issue a credential on one network and read it from another. What’s fascinating is that innovation created the test network because we had clients wanting to push forward aggressively on interoperability, which is crucial to success. That’s where the Indicio TestNet started. When you’re focused on innovation, having someone there to call and help with your blockers is an important part of that. It allows our customers to have another brain to bounce ideas off of. By offering a professional staff supporting that network, it enables our clients to innovate and move faster. They’ve got that extra resource, they’re ready to go with them in the same direction, and it means there’s a support that’s committed to their success.

Mathieu: For this to be widely adopted, you need these solutions to be accessible. They need to be inclusive, and they need to be usable. I know Indicio was part of the Department of Online Security’s design challenge. Going back to your story of being able to explain stuff to kids, you need to be able to explain it in a similar way, depending on the user you’re trying to get it across to. How do you look at design? And, what do you think are the biggest contributions people could make in that space that would help the whole industry?

Inclusion, Interoperability, & Transparency

Heather: It’s interesting when you talk about inclusion. We could have stood up the TestNet and said, “Oh, only certain organizations get to innovate on interoperability between networks.” Instead, we made sure that the first thing we did was to open it up so that anyone who wanted to use the TestNet, would be able to use the TestNet. You can go to the Indicio website right now for instructions on how you can use the TestNet. Part of the story here is inclusion: making sure that when we do something, we contribute it back to the community, the test not being one of those. The next one would be the Department of Homeland Security Digital Wallet Challenge.

Indicio doesn’t have a digital wallet — we are not a proprietary product shop. But, what we do have is a tremendous amount of insight, having worked with a variety of clients and industries around the world. We have a team where some of the members were new to this space, and they brought brand new ideas. We have a team at Indicio that’s multi-generational, and we have a team working within a robust intern program. So, we’re getting points of view from dual natives, and I would even say that the generation before digital natives is involved all the way through. Within Indicio, we have representation from every generation on our team, and what that brings is a fascinating point of view.

We saw this digital wallet challenge, and we decided we would put together an entry as a challenge for ourselves. This is going to be our team project to push ourselves to the next level. Everyone on our team contributed, but we had a core group who led the effort. We put together the submission, which was very much based on relationships that you have in the digital world, and we were selected as a finalist. That shows me that we often get caught in engineering, driving the effort, and saving budget. Whatever the reasons are, they’re driving the design. In order for decentralized identity to succeed and ultimately be adopted at the consumer level, you have to have representation and inclusivity. It’s necessary to have different types of experiences, jobs, ages, backgrounds, or geographies and develop your wallet from that point of view. That was what was so incredible about the DHS digital wallet challenge. I’m sure the DHS could have put the prize money towards developing all different kinds of code for a wallet, but they put it behind UI/UX. That is a very important signal towards the future of what our industry needs to be focused on. That is, ultimately, a focus on those who will use the wallet. Again, at Indicio, we want to contribute and help drive the adoption of decentralized identity. Once this wallet challenge wraps up, we will be open-sourcing our final design and all the components for anyone to use, if that will help their projects to succeed.

For these mass adoption, consumer-focused critical applications, it’s essential to take all these things into consideration and build a strong foundation of knowledge. You can do that by doing tests and taking different representations of people into your design decisions at the outset, even before thinking about technology or implementation. If you don’t have this methodology in place, then what you’re trying to do is just not going to work; whether you’re talking about public sector issuance of credentials or general societal use of decentralized identity. Two days ago, we announced the Aries Bifold project, and Indicio is helping the community lead to get to a full mobile agent. Indicio made the initial code contribution to the mobile agent. Within that code was our first contribution to the UI/UX that we developed as part of the DHS digital wallet competition. Our next contribution will be our final entry. There are different ways of thinking and varied points of view. An organization may use the UI/UX that we put out there or not. Our code could provide inspiration to help gain traction, help them get over a hurdle that they have, or think differently. No matter what, if it succeeds, that’s what our hope is with these contributions that we’re making back to the community. We want to help everyone move forward together.

I love that among the close community that we work with, and even the public sector, everyone seems to be all about this openness — open contributions and providing transparency into what’s happening. The whole movement that we’re seeing here is all about transparency. It’s all about bringing high levels of assurance and security, and being able to provide control for people to manage their own credentials in their lives. There’s a broad ecosystem, and with everyone putting the contributions together, that’s how this is going to keep advancing. Some of the decisions that Indicio made on the corporate level were driven by our wanting to make a social impact with this technology. We don’t necessarily want to be tied down to the traditional pressures of shareholders, or investors, or whoever’s involved in the company. This feeling led Indicio to completely rethink the corporate structure.

Mathieu: Would you mind speaking about that? You took an interesting decision to steer the ship that way.

Indicio’s Structure as Public Benefit Corporation

Heather: In December, we incorporated as a public benefit corporation. That’s an option that is offered in just over 30 states in the USA. A public benefit corporation is an organization that balances its overall goals along with shareholder returns. Decisions are driven by a question – are you meeting the overall public benefit goals? At the same time, you’re also returning value to the shareholders who are involved, so they go hand in hand. We’re not saying, “Oh, we’re not going to pay our bills, so we’re not going to have a strong financial performance.” Instead, we’re going to have good performance while still embracing the goals and vision that our company was founded upon. We’re going to use the two together as a “north star” for our future. It wasn’t a decision we made overnight. Indicio was founded right after the pandemic began, and we thought about it for a number of months. We did analysis, we discussed it, we had our own internal meeting with our team, and we discussed it with others. We took our time and were very thoughtful. Ultimately, in December, we took the step of reincorporation as a public benefit corporation.

At Indicio, every single person on our team, from interns through our tech team, our marketing team, our government team — we all believe wholeheartedly that decentralized identity is going to have a transformative impact on society. Just as we believe we have a right to control our identities in our privacy offline, we also have the right to control our identities and verify in an online setting. We see verifiable digital credentials as something that enables everyone to have a permanent, portable digital identity and to have control and consent (key point) over who they share their personal data with. At the DNA level of our company, we wanted to recognize that decentralized identity is the foundation for this transformational change. So, we dedicated ourselves to building a successful and sustainable business based upon this commitment to the value of decentralized identity. We think that’s the most effective and accountable way to bring decentralized identity into existence. We’ve set out a charter that explains our mission, our values, our principles, and the commitments that we’ve made to pursuing them. At the end of every year, we’re not looking only for financial performance. That’s very important to us, but equally important to us is our performance against our mission. Together, we believe that is going to lead to growth, success, and ultimately the advancement of decentralized identity — which will benefit everyone.

Mathieu: I love what you said about the consent. I believe that that is truly key in everything we’re doing here. If you want to empower people to have a consent-driven life with what they’re doing, it’s all about consent. I love the public benefit corporation direction. For some who don’t know, there are well-known companies, like Patagonia for example, which is a public benefit corporation. In several of these really disruptive spaces, there’s so much benefit for people of this planet. If green energy companies and other similar industries could be able to take that structure, it would slightly realign the incentives. That way, you could not lose sight of your mission and why you started doing this.

Heather: It’s important that the technology that we’re working on reflects our mission accurately. In addition, how we operate as a company reflects our values and our mission. We’ve made commitments to our own employees on how we operate as a company; we’ve made commitments on our approach to sustainability in the environment. We have made commitments to inclusion — not only inside our own company but also to how we can help the community. That includes those who may not have access to the technical training, or for non-profits who don’t have large budgets. We make sure that we’re able do everything we possibly can for inclusion at every step of the way. Not only within our own company, but also for the clients that we serve, the decentralized identity community that we’re a part of, and then the community that we live in every day.

Mathieu: I want to take a couple points as my segué here. I’m going to try to combine two things together: first, you mentioned sustainability in the environment, and then you mentioned the incentives. In the space that we’re in, when we’re dealing with distributed ledger technology or blockchains, we typically get associated with the discussions of crypto, and bitcoin, and energy consumption, and mining, and stuff like that. It’s quite comical sometimes, some of the things that we need to explain in FAQs and other communications: “No, we’re not burning energy by mining and by running our technology.”

One of the things that “proper” crypto does very well is they have excellent designer incentive mechanisms in place. They often use their native tokens inside of that network. Is the concept of using a native token, or a digital token or digital currency, an idea that you have considered that could maybe help fuel and grow a decentralized public identity utility?

Emerging Decentralized Identity

Heather: We spend a lot of time thinking about the emerging economy of decentralized identity. To me, it’s more than a token. The question is, what is this emerged economy that’s being created? While there’s a token and network portion of it, there are other ways to look at networks and how they can be monetized. We work on that with clients and the community to define what is the best economy for decentralized identity. We don’t have a 100% solid answer to give today, but let’s explore all the different ways that you can exchange value through decentralized identity.

Let’s start with the questions:

    • Do you want to exchange value through decentralized identity?
    • Do you need to exchange value?
    • What does exchanging value mean to you?
    • What does exchanging value mean to your organization or your industry?
    • What’s the important value stemming from the ecosystem or collaboration you’re part of?

We work through a whole litany of questions to understand. Once we understand what value means in that particular use case that’s developing, we need to understand how it’s applied to the technology:

    • Is it at a network level?
    • Is it an agent level?
    • Is it part of a membership program?

If a token could be one of those answers, then what does that token do or mean, and so on. I don’t think the token is the ‘magic bullet’ that’s going to do it all if you don’t have a clear answer on what value is to begin with, in your particular use case.

Mathieu: For example, let’s take your particular use case of a node operator. We might say, “Hey, we really want to build this solid and sustainable network that could support the growth of this new paradigm that we’re pushing forward.”

Are tokens or some form of payments for node operators something that you think about? Let’s keep aside the end users for the moment, and focus on the sustainability of the network. We don’t want to find ourselves in a space where people are potentially leaving the network, because there’s not necessarily a good enough business model to be a node operator. If we avoid all of the nodes becoming centrally stored in some big cloud solution, does it makes sense, from a node operator perspective, to have some sort of token economy?

Finding Value for the Node Operator

Heather: Yes, it goes down to the question of what is the value for the node operator? What kind of value are they looking to get out of it? It may not actually be tokens, or it may be tokens. I had an interesting conversation two days ago with the CEO of another company. We were talking about precisely this question: what is the benefit a node operator wants?

His first answer was, “Look, I’m just trying to develop a solution here. I’m happy not being a steward, or whatever you want to call that particular role, because I get so much out of the community and it helps me build my solution. Instead, I see the future as my solution in how I’m solving problems. I don’t see my business hinging on how much monetization I get out of running a node.” That was a fascinating conversation. In a way, when I was trying to have this exact conversation with him, he was giving me the cart with the horse.

I want to go out and prove that this technology works. It’s successful, and we can build a viable business on it. Once I feel confident about that, then I’m going to worry about time, energy, and being compensated for being a node operator or a steward. But, right now, the cost that I spend operating that node is so small compared to the cost I’m putting into building my solution. He just did not see that, and after that conversation, I can appreciate his point of view. Once again, I do think our focus is on getting traction on decentralized identity actually being used. We’ll find value to deliver to those who operate the nodes on the network to make sure that we continue to have that distributed environment. I feel confident that it can be done, and value can be given to those node operators. We just don’t know what the best value is at this point.

Mathieu: From our perspective, based on the clients we’re doing deployments with, the biggest barrier is the ecosystem design. In other words, who’s doing what, who’s benefiting from what, who needs to do what, and who needs to be in this ecosystem. We need a better understanding of how value creation happens within a specific ecosystem. We’re seeing both sides. We’ve seen, and still see in the blockchain and overall in the decentralized technology space, that some people are coming at this from the perspective of a start-up or an entrepreneur. They’re looking to build an ecosystem solution like a marketplace, and then on the other side, you have the large enterprise or the public sector agency that is looking to explore and deploy the stuff as well.

As a company that’s really focused on removing blockers for your customers and for the industry, do you see the same blockers being present on both sides? On one side with the start-ups, and the other side for the large enterprise or public sector players?

Heather: I’ll call what we see the “boil-the-ocean” blocker. An organization may have gotten so far down the road, asking themselves: “will we have enough node operators to operate the network?” When In reality, we still haven’t even proven that the slides that you’ve built can actually work and benefit your clients. When it comes to actually running a network, that’s something that can be solved. But, let’s start first with the simple requirements. We are always relying on the belief that the simpler the system you make, the more likely you are to be successful. So, focus exclusively on taking the steps, accomplishing the simple, and things will build upon each other.

On the network decision, go to a network, or roll your own network. Whatever it takes to get things stood up and working, then you can start figuring out what the right network environment should be, and what the right compensation in a network should be for your particular use case.

We’re very focused on simple deployments of decentralized identity. What do I mean by a simple deployment? Decentralized identity that is concentrated on the relationship between a credential issuer, the credential verifier, and the credential holder. Once those participants are determined, then you can start deploying what we call a closed ecosystem. Make sure that that use case works, then move it over to the ecosystem. That simple use case actually may be inside your own company. You wouldn’t even need an outside partner to deploy a closed ecosystem that proves out the value of decentralized identity. Especially taking a global view, there are probably hundreds of enterprises that have use cases inside their own organization. They can deploy and use decentralized identity, and then they’re not wrapped up in a larger conversation about monetization of networks when they can focus on the success inside. That automatically starts opening things up. Success inside opens up success with partners; success with partners opens up success with collaboration consortium. As it continues, it keeps growing and growing, and then you can start focusing on the larger ecosystem issues. What we found is that if organizations aren’t focused on a simple solution, they can lose years to discussion and slide deck presentations. “Years” is not something the bosses like to see; they like to see traction, and deliverables, and building on a stepwise approach.

Mathieu: I’m starting to see a trend with your thinking, of keeping it simple with self-sovereign identity, with explaining cybersecurity to children. Often it’s the simple approach that allows you to make the most progress, because a lot of the pieces are ready. It centers around being able to test things out, try it out, and make it easy. Are there any exciting use cases that you see, or low-hanging fruit? What are the most exciting things you’re seeing today ?

Looking Forward –

Heather: The first thing that I’ll talk about is the structure that we’re seeing. With these exciting things I talk about, how did they even start? In reality, exciting things got started because of the three-legged stool: one is that they had one part of their early proof-of-concept or pilot focused on the technical solution. The credential issuer or verifier holder had the ability to write cryptographic messages to a digital ledger and retrieve them. So, you have the team that was able to do the technical success.

Then, working together, you had another group who was focused on the business of that solution:

What problem is it solving? Who are the issuers? How do we explain this?

How do we create presentations? How do we create blogs? How do we write about it?

How can we go get it funded? How can we get an executive sponsor?

How can we get a pilot working with actual users, that are not people working at the company?

The third group, or portion of this leg of the stool, is around governance. Even with a simple use case, it still needs governance — even if the governance is one line. The focus of the governance is:

How do users get and use credentials? How does this deployment comply with the ever-expanding global regulations on data stewardship?

When you have the technology, the business, and the governance working together on a very simple use case, then you apply it to the really exciting stuff that I think that people are constantly looking at. When talking about the cool use cases, we often overlook the arduous effort it took to get to cool. Because cool doesn’t happen overnight.

When we speak to use cases for our COVID world, we’re in a situation where you have data from one industry (healthcare), trying to convey authoritative data around a health status, to another industry that had no vision that they would ever need to interact with the healthcare system. Whether that’s something as simple as attending an event, or going to school, or doing anything that we used to do just over a year ago. We’re seeing a lot of use cases around getting back to pre-COVID life, however we can create that.

We’re also seeing some really cool early use cases coming out of IoT (Internet of Things). We often talk about decentralized identity and think about humans, but there are a lot of devices out there who (1) are connected to humans or (2) need to communicate device-to-device. That’s an area that hasn’t been a primary focus in the decentralized community, but I think it’s starting to gain traction. We’ll see start to see some intriguing developments there.

Lastly, fintech in the banking world. I think we all see the importance of authoritative data that can be used to speed transactions along, especially now in a world where people don’t want to go to offices; they don’t want to carry paper in. The reliance on digital records is more important than ever. Having the validity of those records built into the system is becoming more important, so we see those use cases coming out of the banking industry.

Mathieu: Wonderful! Well, Heather, I want to thank you very much for doing this with me today. I look forward to our next conversation — I would love to do this again in a few months from now.

Heather: I’m sure we’ll have a lot of new ideas and progress made between now and then, but yeah, thank you very much for doing this. I was really happy to be here, and thank you for asking me.

Related Episodes

Want to Be a Guest?

Come Onto the Show

Stay Connected to Get The Latest Podcast Alerts

Introducing our groundbreaking Trust Registry platform

The ultimate solution for forging resilient trust ecosystems in today's digital landscape.

Trust Registry



Orbit Enterprise

Establish your own trusted digital interactions ecosystem with your customers, partners and suppliers

Orbit Edge Wallet

Hold and manage issued verifiable credentials securely and in a privacy-preserving way

Orbit Trust Registry

Empower your organization to establish credibility, verify identities, and foster secure interactions with confidence and ease.



Product Updates



Verified Person

Receive a verifiable credential from Northern Block


Try our new OpenID4VC demo

Energy and Mines Digital Trust

Organizational Wallet and Credentials

Receive, store and exchange organizational credentials within your ecosystem




OpenID4VC Demo

Exchange verifiable credentials over OpenID4VCI and OpenID4VP.




SSI Orbit Podcast

Self-sovereign Identity, Decentralization and Digital Trust


Insights and News from the Forefront of Self-sovereign Identity

Latest Content