Use Cases
In the context of the ENSURESEC e-commerce ecosystem, the proposed use cases will use the Ecommerce-SSI Bridge to implement the following workflows.
Secure Goods Distribution​
Delivery Company Identity and Scanners Verification​
Problem: Protection of a Delivery. Company X wants to protect its goods from being handled by unauthorized carriers, and threats or frauds in the distribution chain.
- An authorized employee of delivery company X uses the Ecommerce-SSI Bridge to register an identity (DID) for their organization.
- An e-commerce operator verifies the delivery company’s organization identity and uses the Bridge to issue a credential for the company to deliver on their behalf. The credential contains the company organization DID and is signed by the e-commerce operator’s private key which had been previously associated with the operator’s identity.
- The authorized employee of the verified delivery company registers a DID for each scanner (i.e. android scanners) used by the company couriers.
- The authorized employee uses the Ecommerce-SSI Bridge to issue authorization credentials to the scanner devices used to handle deliveries. These credentials are stored locally in the scanner devices.
- When a courier hands over the delivery, the scanner device uses the Ecommerce-SSI Bridge to present its credential to the e-commerce operator.
- The e-commerce operator uses the Ecommerce-SSI Bridge to verify that the parcel was only handled by an authorized courier, and it was not stolen or diverted in transit. This is possible because of the verification of the device handling the scanning of the delivery.
- (optional) The customer can acquire the courier’s scanner device credential in the form of a QR code. The QR code can be read using a mobile phone and the Ecommerce-SSI Bridge to verify that the scanner device belongs to a delivery company authorized by the e-commerce operator. This allows for verifying authentic deliveries.
Customer Identity and Delivery Verification​
Problem: Proof of Collection. Customers and e-commerce providers want to guarantee goods are collected by the right customer and avoid threats and frauds in the distribution chain.
- A customer creates a decentralized identity (DID) using a mobile application. This application can be a standalone credential wallet or an e-commerce shopping app.
- The customer performs a purchase on an e-commerce site.
- The e-commerce site uses the Ecommerce-SSI Bridge to issue a proof of purchase credential to the customer, which is saved to the customer’s phone.
- The customer receives the product delivery and presents the credential in a QR code to the courier scanner.
- The courier acquires the credential and uses the Ecommerce-SSI Bridge to verify its authenticity. The delivery is safely handed over to the right customer.
- (optional) The customer acquires the courier’s scanner credential (see Delivery Company Identity and Scanners Verification) and uses the Ecommerce-SSI Bridge to verify that it belongs to an authorized delivery company assuring the customer knows the delivery is legitimate.
The two scenarios above become even more interesting in the case of automated (i.e., drones) delivery and could even include product identification.
Secure E-commerce Sales​
Customer Identity and Credential Age Verification​
Problem: Verify a customer’s identity and avoid collecting and storing personal information. This would increase compliance and reduce liability for e-commerce and small sellers.
- An authorized bank employee registers an organization decentralized identity (DID) for its bank.
- A customer creates a decentralized identity (DID) using a mobile application which could be a standalone credential wallet or an e-commerce shopping app.
- The customer requests an Issuer (e.g. a bank) to issue a credential stating their age.
- The Issuer uses previously verified information about the user held on local record and the Ecommerce-SSI Bridge to create and issue a verifiable credential to the customer.
- The customer (namely Owner) downloads the credential in their app using a credential wallet.
- The customer purchases an item that requires age verification on an e-commerce site.
- The customer provides their credential to the e-commerce website using the Ecommerce-SSI Bridge.
- The e-commerce site uses the Ecommerce-SSI Bridge to verify the credential and authorize the purchase.
A similar scenario can be applied in the online purchase of dedicated drugs for specific health conditions. A general practitioner could issue a credential to the customer stating their condition.
Seller Identity Verification​
Problem: Verify a seller's identity. This verification would reduce small sellers' compliance burden and reputation risks.
- An e-commerce site allows an employee, which the seller previously authorized, to create a decentralized identity (DID for organization) using the Ecommerce-SSI Bridge.
- The seller requests an Issuer (e.g. its bank) to issue a credential stating its Know Your Customer (KYC) status.
- The seller presents the credentials to the e-commerce site operator using the Ecommerce-SSI Bridge.
- The e-commerce site operator verifies the seller’s credentials using the Ecommerce-SSI Bridge and allows the seller to trade on its marketplace
Product Identity and Authenticity​
Problem: Verify product authenticity. This verification would reduce counterfeit.
- An e-commerce site allows the seller to create a decentralized identity for each of its products (DID for objects) using the Ecommerce-SSI Bridge.
- The e-commerce site allows the seller to create and sign an authenticity credential associated with a given product identity using the Ecommerce-SSI Bridge.
- A user app allows a customer to obtain the product authenticity credential. The customer could achieve this by scanning a QR code from an e-commerce site, or it can even be directly attached to a purchased product.
- A user app allows the customer to verify the signature of the product authenticity credential using the Ecommerce-SSI Bridge, allowing verification of the seller's identity.