Let’s talk about digital identity with Riley Hughes, Cofounder and CEO at Trinsic. This week, Oscar is joined by Riley Hughes, Cofounder and CEO at Trinsic and host of the Future of Identity podcast. They delve into Verifiable Credentials, including what verifiable credentials are, some examples and success stories of how these are being used and implemented, the connections between verifiable credentials and wallets and whether verifiable credentials will become interoperable. [Transcript below] “It seems like the future of identity will be much better than it is today.” Riley Hughes is CEO and Co-founder of Trinsic, a reusable identity infrastructure provider. As a leader in the decentralized identity community, Riley has pioneered efforts on making emerging, privacy-preserving technologies such as identity wallets and verifiable credentials adoptable to the masses. He began his career in the decentralized identity space as the second employee hired at the Sovrin Foundation where he established and led several teams. Connect with Riley on LinkedIn. We’ll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Go to @Ubisecure on YouTube to watch the video transcript for episode 97. Podcast transcript Oscar Santolalla: This week we are discussing verifiable credentials. I am joined by Riley Hughes, the host of The Future of Identity Podcast, to explore some of the most recent success stories of verifiable credentials and how we can work to improve adoption moving forward. Stay tuned to find out more. Let’s Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Hello, and thank you for joining a new episode over Let’s Talk About Digital Identity. One term that has been in our radar for the last – I would say four or five years has been verifiable credentials. Which I will say personally, I’m feeling that is becoming in the last one, two years pretty crystallised. And we have not talked too much about this lately, so I have a very special guest who has a lot of insight – what’s going on worldwide about verifiable credentials. Our guest today is Riley Hughes. He is the CEO and Co-founder of Trinsic, a reusable identity infrastructure provider. As a leader in the decentralised identity community, Riley has pioneered efforts on making emerging privacy preserving technologies – such as identity wallets and verifiable credentials – adoptable to the masses. He began his career in the decentralised identity space as the second employee hired at the Sovrin Foundation, where he established and led several teams. Hello, Riley. Riley Hughes: Hi, Oscar. Great to be here. Oscar: It’s great to have this conversation with you. So very welcome. And let’s talk about digital identity. And as usual, I want to hear more about our guests. So, if you can tell us about yourself, and especially your journey to this world of identity. Riley: Happy to do so. I am very fortunate to have totally fallen into this amazing industry. And it happened because while I was at college, I was seeing all those smart people around me going and getting jobs at elite places, you know, investment banks and management consulting firms, and so forth. And I thought that I wanted to kind of differentiate my resume enough that I could, maybe I could get an interview as well at one of these places. So, I thought, “What is the most, kind of, off the wall internship that I could get that would differentiate me from all of my peers?” And I ended up getting a job at the Sovrin Foundation, as you mentioned. Sovrin at that time was very early. I was, as mentioned, the second employee hired, and it was kind of a blockchain meets identity meets nonprofit, you know, meets early employee kind of a role. And so, it, sort of, fit my criteria for differentiating my resume. But it was also just really, really exciting to be part of an early organisation. It grew up to about 25 employees in short order. And I was able to participate in some of that growth. And that was a lot of fun. And what I realised is that there are a lot of problems to solve in this world of digital identity. I remember just thinking, “Man, it seems crazy that we are sending people to outer space, and we’re editing genes, and we’re doing all kinds of unbelievable things with science and technology. And yet, the best way to prove who I am on the internet is to take a photograph of my government-issued document and a selfie, or something. It just seems kind of backwards.” It seems like the future of identity will be much better than it is today. And so, although I didn’t necessarily know whether Sovrin would be the ultimate manifestation of that better digital identity future, I did know that something would happen here that would lead to that better future. And so, I thought I would stick around in this space. I decided not to go for those other kind of recruiting opportunities that I alluded to. And instead, I started Trinsic with a couple of -. And that’s kind of how we got to where we are today. That was a little over four years ago. Oscar: Yeah, super interesting that one of the first jobs – when you start to differentiate yourself – it was Sovrin. How did they find you? How did you find them? Riley: The Chair of the Board of Sovrin was Phil Windley. And he was a professor at the university that I was attending. So, they had a job posting out for university students. And they didn’t have any money yet so they couldn’t pay very much and so they needed a university student and that’s sort of where I came in. Oscar: Right place, right time. Fantastic, those coincidences that sometimes happened. So, you’ve been around, as you said, four years/five years in this space already. So, what would you say has been something that has surprised you the most, something special you would like to tell us? Riley: Yeah, that’s a great question. I think that when I started in this space, and the way we were talking about verifiable credentials, was as if it was a digital representation of a physical document. Right? And we can get into more about what verifiable credentials are and what they aspire to be. But the thing that was most kind of interesting and surprising recently, is – at Trinsic we are an infrastructure provider for verifiable credentials. And so, when companies want to incorporate a verifiable credential-based solution into their offerings, we’re an infrastructure to enable them to do that. And as we did a kind of – an inventory or a survey of the landscape, of all of our customers and the ones that were most successful. What we realised was that people were not using verifiable credentials as a replacement for a physical document, generally. Instead, what they were using it for, is – in the same way that a FinTech developer might use an open banking API, right? Basically, open banking allows you to unlock your data from its original silo, which is your bank account, and reuse that financial data and make it interoperable across other third-party applications. And, you know, what our customers were using verifiable credentials to do is something similar, but for personal data. Unlocking that personal data from its original silos and making it useful and interoperable and reusable across multiple applications. And so, it actually changed, Oscar, the kind of form factor of the product we needed to build, right? And we realised that the correct – you know, we needed to change some things about how we were approaching our product. So that’s been what we’ve been in the thick of doing for the last few months. And it’s been a fun journey. Startups are always a little bit of a roller coaster. And this is a fun part of that roller coaster. Oscar: OK, super interesting, Riley. So, let’s jump into the main topic. So, tell us please, what are verifiable credentials? Riley: Yeah, I alluded to verifiable credentials often being talked about as a digital representation of a physical document. And generally, when you hear the term verifiable and credential – a credential is sort of an attestation, or a claim made about one party by another party. So, in healthcare, right, your credentials are something that you’ve obtained, from a trusted source, that you can use to prove to somebody else certain things about you, and what your qualifications are, et cetera. And verifiable credentials are a way to do that verifiably, cryptographically in a digital form. Now, if we’re talking about – I think there’s two ways that people use the term ‘verifiable credentials’ today. One is with an uppercase, V and C, an uppercase Verifiable Credentials, that is the formal official W3C Verifiable Credential Data Model Standard. And that is a specific kind of verifiable credential that is sort of an interoperable, and probably the most well-adopted, and well talked about kind of verifiable credential. And then you have the lowercase, vc, verifiable credential. And there are lots of different kinds of lowercase verifiable credentials. Lots of things that can fit this model of an attestation that is given to you by some trusted party, and used to get access to the things you need throughout your life. So, I guess it depends on which of those you’re talking about. But I hope that that’s a helpful kind of intro. Oscar: All right, thank you for that. And the same term can mean different things from different perspectives. Let’s make even more concrete. So, let’s hear from you some concrete examples. If you can tell us something that is already widely used, some that most of us might already know about. So, tell us a bit of some examples of verifiable credentials. Riley: Yeah, I mean, again, if we’re to zoom out a little bit and talk about verifiable credentials in the broadest sense. Even something like a credit card could be consi
