Authlete 3.0 empowers organizations to improve how they issue and manage user credentials


Authlete launched Authlete 3.0, offering support for OpenID for Verifiable Credential Issuance (OID4VCI). This new capability empowers organizations—including governments, financial institutions, and educational establishments—to revolutionize how they issue and manage user credentials.

With the introduction of Authlete 3.0, Authlete now offers a simple API solution for quickly issuing interoperable verifiable credentials (VCs) conformant with OID4VCI. Built on OAuth and OIDC—proven and widely used global standards for authentication and authorization—OID4VCI supports various credential formats, including SD-JWT VC and mdoc/mDL.

VCs are tamper-evident digital credentials whose authorship can be cryptographically verified. This digital proof mechanism makes VCs more secure, verifiable, trustworthy, and portable compared to physical documents or cards. Furthermore, VCs allow holders to selectively disclose only necessary information and eliminate the need to carry physical credentials, enhancing flexibility and user-centricity.

“We are dedicated to empowering organizations to build secure, user-centric, and interoperable digital identity infrastructures, while contributing to the development of a globally interoperable digital identity ecosystem,” said Authlete Co-founder Takahiko Kawasaki.

Authlete’s OID4VCI support for SD-JWT VC and mdoc/mDL formats has already proven effective through multiple global pilot projects, including EU Digital Identity (EUDI) Wallet’s Potential project, Japan’s Trusted Web initiative, and the Global Assured Identity Network Technical Proof of Concept (GAIN POC).

Japan’s Trusted Web initiative aims to build a new framework of trust that enhances data control for individuals and organizations and establishes mechanisms for data verification without excessive dependence on specific services. In a Trusted Web pilot project aimed at improving the efficiency of Know Your Business (KYB)/Know Your Customer (KYC) processes for opening corporate bank accounts through reusable KYB/KYC and digital verification, Authlete successfully issued SD-JWT VCs to a digital wallet developed by DENTSU SOKEN.

“To develop and validate a prototype aligned with Japan’s legal frameworks and practices, it was essential to accurately map required information, such as ‘proof of corporate existence,’ from actual practices into the VC and to issue it according to interoperable open standards,” said Yasuo Higa, DENTSU SOKEN’s Chief Architect, who led the KYB/KYC pilot project. “Authlete’s high degree of customization and compliance with OID4VCI allowed us to achieve this and create a prototype ready for deployment.”

In the GAIN POC, which aims to create a globally interoperable network for high-trust identity assurance, Authlete successfully issued OID4VCI-conformant SD-JWT VCs to digital wallets provided by Talao, Meeco, and Datev.

“Together with Authlete, we demonstrated how we can achieve seamless interoperability, paving the way for a secure and interoperable digital identity ecosystem,” said Talao’s Co-founder and CEO Thierry Thevenet. “Authlete’s expertise in OpenID protocols has been crucial in achieving this milestone, and we look forward to continuing our collaboration.”

Potential use cases for VCs are wide-ranging from government-issued identity documents like passports and driver’s licenses to reusable KYC verifications for banking to academic certifications.

The advantages of VCs and the evolving ecosystem surrounding their issuance are explored in KuppingerCole’s white paper titled “Guidance on Implementing Verifiable Credential Issuance,” commissioned by Authlete.

In addition to support for OID4VCI, Authlete 3.0 offers the following features and benefits:

  • Enhanced FAPI compliance settings: Configure FAPI compliance levels with granularity, including FAPI 2.0 Message Signing to enable non-repudiation.
  • Multi-tenant organization management: Set up multiple organizations and services within a single, intuitive management console.
  • Multi-region support: Select server locations in the US, Japan, Brazil or the European Union directly from the dashboard.
  • Social logins and multi-factor authentication (MFA): Login with Google or GitHub credentials with MFA for added convenience and security.
  • Granular access control: Ensure compliance by aligning permissions with each team member’s specific access level.



Source link