Mosaïque: a Purpose-built Digital Wallet
Over the past 10 years, we have collectively been moving the global economy online. However, many transactions require proof of who we are, preventing them from making the transition (e.g., purchasing real estate, voting, and the purchasing restricted goods). To successfully interact in a digital world, we need reliable digital identities that map the online identity to the real person.
There have been several decentralized identity projects using distributed ledger technology and blockchain. Blockchain solutions are interesting since they depend on reliable digital identities. To use them, users need a digital identity that is managed by a ‘digital wallet’ which enables secure transactions, workflows, and identity management services. Currently, there are no wallets that provide a complete set of capabilities. Additionally, while blockchain identities are reliable, many wallets (especially cryptocurrency wallets) support anonymity and do not map the digital person to the real-life person.
The Cybersecurity Research Lab is developing Mosaïque: a digital wallet for the real estate industry that uses self-sovereign identities (SSIs). The wallet can be applied to a broad range of business applications including payments, transactions, digital signatures, asset management, due diligence, and general identity management services. We are starting in the real estate industry because of the success and momentum of existing blockchain solutions that require digital wallets to use them.
We see the future of digital identities and digital wallets as being interoperable as opposed to the current ecosystem of siloed solutions. As such, we are developing Mosaïque to support crossplatform processes as well as communication between wallets- just like their real-life counterparts.
There are two main issues with current digital identities: privacy risks, and identity mapping.
Before blockchain and the concept of digital wallets, identities were, and largely still are, managed by databases that are centralized and depend on honest and ethical database management. However, numerous scandals involving the mismanagement of personal data, have fostered heightened privacy concerns among users. In a survey by Groopman & Etlinger (2015), 78% of consumers reported being highly concerned about organizations selling their data to 3rd parties.
Many efforts are being made to create reliable identities that map the digital person to a real-life person. While Estonia is often cited as the poster child for digital identities (DIDs) with their stateissued digital identity systems, government DID programs have been launched, piloted or announced in Algeria, Belgium, Cameroon, Jordan, Ecuador, Kyrgyzstan, Iran, Italy, Japan, Senegal, Estonia, Thailand, Turkey, Myanmar, Afghanistan, Bulgaria, Denmark, the Netherlands, the Maldives, Poland, Norway, Liberia, Jamaica, Sri Lanka, France, the U.K. Australia, Zambia, and Canada (Thales, 2020). A McKinsey (2019) report found that countries with full digital ID coverage in 2030 could unlock the economic value of up to 13 percent of their GDP.
Canada is progressing with its federal DID scheme, the Pan-Canadian Trust Framework in partnership with the Digital ID & Authentication Council of Canada (DIACC). Digital driver's license projects have gained traction in the U.K., USA, Australia, and the Netherlands and 1 billion ePassports are currently in circulation providing secure and expedient cross-border movement (Thales, 2020). This is supported by the EU’s Electronic Identification and Signature (eIDAS) regulation put forward in July 2016, making cross border recognition of electronic IDs mandatory by September 2018 (European Union, 2018). However, most of these programs are centralized, and once again vulnerable to mismanagement.
WALLETS AND IDENTITIES
Blockchain applications require digital identities (DIDs) and digital wallets for users to interact with the blockchain. These identities can be centralized, decentralized, or federated. However, decentralization is key. Without it, trust in the system will be lost. Centralization in identity management or blockchain applications enables the hosting organization to have a monopoly over the system which discourages adoption and entrepreneurial development using the technology.
Digital wallets are an improvement over real-life identities because they are verifiable and privacy-preserving. Wallets that issue verifiable credentials (VCs) provide assurance that a given piece of information is true without disclosing the information itself. For example, to rent a car, a digital wallet would issue VCs which provide instant verification that the person is who they say they are and that their driver’s license is valid. Meanwhile, a real-life car rental business does not call the government every time they obtain a customer’s physical driver’s license to ensure it’s not counterfeit. A digital identity can also issue verifiable credentials which assure the other user that he or she is of the age of majority. A real-life ID, on the other hand, provides additional, personal information that the verifier doesn’t need to know including the ID holder’s home address.
Unlike their real-life counterparts, digital wallets are privacy-preserving and issue verified credentials for instant verification and authentication.
The overall direction of existing efforts points towards a digital wallet that acts like a real wallet, able to make transactions, prove identity, authenticate licenses and memberships, and do so between organizations and individuals and between the individuals themselves. However, most successful digital wallets represent single-use scenarios, e.g., cryptocurrency wallets, ticket apps, loyalty cards, vendor apps, and payment cards (O’Donnell, 2019). These existing solutions are not interoperable, requiring people to have several wallets and several identities for different use cases.
We have identified 22 promising digital wallets globally since the Canadian digital wallet space is underdeveloped. Even the global list, most projects are in the testing or early market stages. These wallets are generic or purpose-built for use in a specific identity network.
MOSAÏQUE FOR REAL ESTATE
The popularity and adoption of blockchain have been rising significantly and it is identified as one of the main disruptors of the real estate industry (PWC, 2020). This is because current transaction costs amount to 11-22% of the purchase price, several documents need to be signed, and the industry runs predominantly on paper-based processes that are time-consuming, error-prone, and invite fraudulent activity. Existing systems address fractions of a real estate transaction, no systems support complete transactions or title transfers, and there is no path to create one; existing systems and processes address fractions of a transaction and are not designed to communicate to each other. Such systems include multiple listing services, Terranet, and brokerage systems. This sector is antiquated, broken up, and needs disruption to move forward.
The decentralized and unalterable features of blockchain offer more efficient ways to make transactions and structure workflows. As a result, there a growing number of companies and governments developing blockchain applications for real estate. For example, the real estate giant RE/MAX has entered into several partnerships to explore blockchain utility in their business and Hilton Worldwide is using blockchain for property management (CB Insights, 2019). Popular real estate blockchain applications include tokenization, property management, title management, and due diligence.
To interact with several blockchain applications, users need an interoperable digital wallet to enable secure transactions, workflows, and identity management services. Currently, there are no wallets that provide this. Existing digital wallets don’t provide workflow features because they do not have the context of how the user would interact with them. Additionally, the wallets needed to use blockchain applications are not widely interoperable like their real-life counterparts.
We have created the Mosaïque wallet which supports existing specific blockchain solutions, but which uniquely supports broader, overarching real estate processes involving multiple companies. Mosaïque is a decentralized, contextual digital wallet that provides individual and enterprise identity services. Mosaïque uses self-sovereign identities (SSIs), which are decentralized by nature: they are self-owned and controlled, do not rely on external administrative authority, and cannot be taken back. (Fromknecht, Vlicanu & Yakoubov, 2014). SSIs enable the exchange of attributes and give users governance over their own identity.
The Mosaïque wallet issues verifiable credentials based on the user’s SSI and takes into account the user’s persona in a transaction (e.g., a person can be a buyer, an agent, and/or a seller, and thus takes on different personas). The credentials verify the user and their persona and ensure compliance in transactions. This will allow Canadians to securely list, view, bid on, buy, sell and safely register a property.
Our wallet is focused on providing the infrastructure for building applications that create, share, and update documents between organizations and individuals. It achieves transparency, privacy, redundancy, decentralization, security, immutability, and trust.
From a technology perspective, Mosaïque has the following characteristics.
Data-driven state machine technology
An abstract mathematical model of a process and is supported by the Mosaïque blockchain implementation. The process can only exist in one state at a time and moving between states is called transitioning. Our eSÛRe application uses this technology, giving us flexibility in system processes without having to create, test or deploy new code.
Anything over 100 transactions per second can handle the transaction load of a large enterprise cross-company application. Mosaïque has a throughput of 3,000.
Mosaïque uses self-sovereign identity (SSI), a recently widely adopted standards-based system for keeping data private and verifying claims. It allows the system to be fully decentralized. Using distributed identifiers and verifiable credentials and non-custodial support for private keys in a cryptographic wallet will also facilitate a level 4 NIST Authenticator Assurance Level: very high confidence that the claimant’s control authenticators belong to the subscriber - providing impersonation resistance.
Contextual rendered data
Mosaïque supports contextually rendered data which turns data into visible representations i.e., contract data appearing as a traditionally recognizable contract, making the system easier to use.
QR code scanning
QR code scanning will identify any objects or actors in the system.
W3C verifiable credentials
Credentials that are signed by one organization and can be verified by others
The equivalent of the digital wallet for enterprises to meet their specific needs.
Originally designed for eSÛRe, Mosaïque is compatible with data-driven workflows, represented as state charts, meaning users don’t need to modify and test new code to add new workflows -a unique feature in the decentralized
To test Mosaïque, we have developed our own proof-of-concept application, eSÛRe, a fully decentralized application for bidding, tracking, and exchanging property rights. eSÛRe is made up of 3 interoperable applications, which can be used together or as standalone systems: the PDF fileTransparent Bidding Blockchain, opens in new window, PDF fileSmart Property Ledger, opens in new window, and PDF filePre-construction Contract Registry, opens in new window. We have presented our proof-of-concept in a paper which has been accepted for publication in a peer-reviewed journal: A. Mashatan, M. Lee, V. Lemieux, and Z. Roberts, “Usurping Double-Ending Fraud in Real Estate Transactions via Blockchain Technology,” Journal of Database Management. (Forthcoming. 34 pages. Submission: May 29, 2019. Acceptance: April 12, 2020).
The TBB tracks property bids made by buyers’ agents and allows the sellers to see the bids placed on their property. The added transparency assures the seller that no bid information is being withheld from them, enabling them to make an informed decision.
The SPL begins with the registering of a property on the blockchain and finishes with the title transfer of the property.
The PCR supports the execution and title transfer of pre-build real estate contracts.
The Canadian real estate market has been growing rapidly and further increasing prices in Toronto and Vancouver are beginning to make housing affordability a major concern (PWC, 2017). Numerous reports also indicate that fraud is a serious problem in the Canadian real estate market (Transparency International Canada, 2020). Our wallet will support blockchain initiatives addressing the shortcomings in the real estate industry and will protect Canadians on the most significant investment in their lives.
Other business use cases we could use our technology for include supply chain provenance, insurance claims, vehicle registry, healthcare treatment plans, AML and KYC compliance and investment fund due diligence.
This product overview is written by Annegret Henninger, opens in new window, and is based on our current development made by July 2020. The Mosaïque team was created from the blockchain team at the Cybersecurity Research Lab.
Atefeh Mashatan, opens in new window
Dave Mckay, opens in new window
Annegret Henninger, opens in new window
- CB Insights (2019). How Blockchain Technology Could Disrupt Real Estate. https://www.cbinsights.com/research/blockchain-real-estate-disruption/
- European Union. (August 29, 2018). Electronic Identification and Trust Services (eIDAS): clear Benefits for SMEs. https://ec.europa.eu/digital-single-market/en/news/electronicidentification-and-trust-services-eidas-clear-benefitssmes#:~:text=From%2029%20September%202018%20onwards,entirety%20in%20the%20 European%20Union.&text=The%20first%20eIDAS%20for%20SMEs,theme%20Using%20 eIDAS%20for%20Business.
- Fromknecht, C., Velicanu, D., & Yakoubov, S. (2014). A Decentralized Public Key Infrastructure with Identity Retention. IACR Cryptology ePrint Archive, 2014, 803.
- Groopman, J., & Etlinger, S. (2015). Consumer perceptions of privacy in the Internet of Things: What brands can learn from a concerned citizenry. Altimeter Group: San Francisco, CA,1-25.
- Malik, S., Foxcroft, T. (November 3, 2016). Real estate agents caught breaking the rules on Marketplace's hidden camera. CBC News. https://www.cbc.ca/news/business/real-estate-agents-caught-breaking-the-rules-on-marketplaces-hidden-camera-1.3825841
- O’Donnell, D. (2019). The Current and Future State of Digital Wallets. Continuum Loop. https://wiki.hyperledger.org/download/attachments/24775535/The_Current_and_Future_Stat e_of_Digital_Wallets_v1.0_FINAL.pdf?version=1&modificationDate=1574365535000 &api=v
- PWC. (2020). Emerging Trends in Real Estate. https://www.pwc.com/ca/en/realestate/publications/emerging-trends-in-real-estate-2020.pdf
- PWC. (2017). Emerging Trends in Real Estate. https://www.pwc.com/vn/en/industries/assets/pwc-emerging-trends-in-real-estate--2017.pdf
- Thales. (2020). Digital identity trends – 5 forces that are shaping 2020. https://www.thalesgroup.com/en/markets/digital-identity-andsecurity/government/identity/digital-identity-services/trends
- Transparency international Canada. (2029). Opacity: Why Criminals Love Canadian Real Estate (And How to Fix It). https://static1.squarespace.com/static/5df7c3de2e4d3d3fce16c185/t/5e1e357c8460a6689db1 c5f8/1579038078911/opacity.pdf
- White, O., Madgavkar, A., Manyika, J., Mahajan, D., Bughin, J., McCarthy,M., & Sperling, O. (2019). Digital identification: a key to inclusive growth. https://www.mckinsey.com/businessfunctions/mckinsey-digital/our-insights/digital-identification-a-key-to-inclusive-growth#