Business
Swiss Federal Railways Tests a Blockchain-Based Credential Management System
The objective is to streamline the current paper-based process
Swiss Federal Rails (SBB) recently completed its proof of concept (PoC) of a credential management system based in the blockchain. The PoC is meant for the employed workforce of the company which is employed in its construction site.
Initially, the project ran between May and November and tried to streamline the current paper-based processes, and made them more agile.
Daniele Pallecchi from the Swiss National Rail Company told the media that the project will improve a range of fields and will boost the safety of the sites while also making sure that the highly qualified professionals work there.
She revealed that the solution was developed by Linum Labs and uses an open source technology called uPort, which was designed by ConsenSys.
How does it work?
The trial version of the software allowed the workers to create their digital identities via their mobile devices on the uPort and a certificate was, in turn, issued by the SBB to confirm that they went through appropriate training. The digital IDs generated this way were then used by the employees to sign in and sign out of their construction sites.
This is not the first time that Switzerland has dealt with blockchain-based identities. Around one year ago, the City of Zug implemented a citizen ID verifiable by the government, using uPort.
The main benefit of this system is that it is more reliable than the paper-based processes, is decentralised and easier to access. This also deals directly with security regulations and record-keeping requirements, which are particularly strict given the fatality train accidents usually entail.
In this case, record keeping is a requirement to keep track of over 30,000 employees’ work and their training. But an individual identity of a large number of workers from different companies working on the thousands of construction sites held by SBB across Switzerland is often handled by multiple companies. They deal with information such as medical records, training certificates, etc. This framework made it ideal for a decentralised initiative to test a pilot.
SBB workers, certification authorities and supervisors, have their own digital ID connected to their uPort ID, which is directly linked to their ID on the blockchain. A worker’s check in and check out are published on the blockchain, providing information that can be audited.
Over a five weeks period, a small team designed the application’s architecture. However, one limitation of uPort is the fact that it is based on Ethereum and suffers from well-known problems, such as scalability.
Compatibility with GDPR – where are we?
As soon as personal information is under the microscope, the European Union’s General Data Protection Regulation (GDPR) compliance jumps to mind. Competing sources state two different things.
On one hand, one explains that the company encounters an issue with the GDPR and its ‘Right to be forgotten’, meaning that all the information about a person should be removed from public domain if requested by the person in question. Since everything on blockchain is permanent and immutable, if needed, information on blockchain cannot be deleted.
On the other hand, Linum Labs stated SBB’s pilot is meant to “be interoperable and in compliance with GDPR and other data privacy laws.” All identities are said to be “GDPR compliant self-sovereign.”
According to Thierry Bonfante, head of product at uPort, the new architecture allows for the information to be stored off-chain, which is why the system works best with small amounts of data. He explained that this is the reason why it is only used for specific key management purposes like revocation, delegation and rotation.
The Final Word
The blockchain allows for a change in the status quo in a wide range of industries, particularly those dealing with a large number of subcontracted employees. However, everything that has to do with identities is prone to spark a debate, and if it’s in Europe, GDPR is bound to apply. Switzerland has been leading the race for a while, and this case study reflects how blockchain is changing the way businesses do things. Let’s keep an eye out to see if they launch a post-pilot phase software.
You have brought up a very great details , appreciate it for the post.
Hi there, just became aware of your blog through Google, and found that it is truly informative. I am going to watch out for brussels. I’ll be grateful if you continue this in future. A lot of people will be benefited from your writing. Cheers!
I really like and appreciate your blog post.Thanks Again. Fantastic.
What i do not realize is actually how you’re not really much more well-liked than you may be right now. You’re very intelligent. You realize thus considerably relating to this subject, produced me personally consider it from numerous varied angles. Its like women and men aren’t fascinated unless it is one thing to accomplish with Lady gaga! Your own stuffs nice. Always maintain it up!
I used to be suggested this blog through my cousin. I’m now not certain whether this publish is written by means of him as nobody else recognize such unique about my difficulty. You’re incredible! Thank you!
I like this site because so much utile stuff on here : D.
I believe you have remarked some very interesting points, regards for the post.
Pretty nice post. I just stumbled upon your weblog and wished to mention that I’ve really loved browsing your weblog posts. In any case I will be subscribing for your rss feed and I hope you write once more very soon!
Rattling great information can be found on weblog. “That is true wisdom, to know how to alter one’s mind when occasion demands it.” by Terence.
Usually I do not read post on blogs, but I would like to say that this write-up very forced me to try and do it! Your writing style has been amazed me. Thanks, very nice post.