Our StoryBlogPodcastAdoption Report
Documentation
Activate Account

Creating Derivative IDs

Suggest Edits

Some developers use Trinsic as the identity verification engine behind their identity wallet, credential, or other reusable ID product. "Derivative IDs" are digital identity credentials that are originated based on other digital identity credentials. This section explains how you can use Trinsic to create Derivative IDs and under what conditions that is acceptable.

Trinsic’s Identity Acceptance Network allows businesses to accept existing digital IDs as a form of verification. Suppose PocketRides, a ride sharing app, wants to create a PocketRide ID, a reusable ID specific to the PocketRide ecosystem. Under what conditions could PocketRide accept a digital ID from Trinsic’s network, then duplicate the data into a digital “PocketRide ID”?

Obviously each identity partner in the Trinsic network has worked hard to build a valuable network. CLEAR, for example, has done a lot of work to install kiosks in airports to onboard users. Dentity has spent months on the ground with festivals and concert venues. None of these partners would be happy to have another, potentially competitive product duplicate their users into another wallet. Therefore, Trinsic maintains rules around the creation of Derivative IDs.

Qualifying to create Derivative IDs

Generally, the creation of Derivative IDs is disallowed unless these two factors are present:

  1. The Derivative ID will be reused inside a specific ecosystem, not monetized more generally
  2. The Derivative ID represents more than the digital ID used in its creation

Reused in a specific ecosystem

Let’s look at our example above about “PocketRides ID”. If the purpose of this ID is to identify the user inside the PocketRides ecosystem (between two riders who both have the app, etc) then it is likely acceptable. If the purpose is to create a PocketRides ID that will be sold as a product to unrelated ecosystems, e.g. used for telehealth onboarding, it’s likely unacceptable.

A guiding light is that if the Derivative ID is used inside a single ecosystem, it’s comparable to being associated with a single account. When I get my LinkedIn profile verified, anybody can see the shield icon next to my name and assume I was verified. The purpose of this reusable badge is to enable trust in the LinkedIn ecosystem, and would be an appropriate use of a Derivative ID credential.

Represents more than the source digital ID

Let’s look at our example above about “PocketRides ID”. If PocketRides simply rips the data out of a digital ID and puts it into a new credential for the user, this doesn’t add any incremental value—the user might as well just reuse the original digital ID instead of creating a Derivative ID. But if PocketRides takes the original digital ID, plus a database check, plus some platform-specific reputation data to create the digital ID, then the PocketRides ID becomes a distinct thing in and of itself.

In fact, all digital IDs are created this way. There is some input data (could be a driver’s license photo, a selfie, a database, a birth certificate, a SSN card, etc), there is a decisioning engine, and there is an output. The output is a reusable identity credential which is essentially a representation of the diligence done on the input data—an abstraction that represents the decisioning.

If a new ID credential is created in this way, e.g. with multiple inputs or novel decisioning, then it’s likely acceptable. If a new ID credential is simply a clone of an existing digital ID, it’s likely unacceptable.

Acceptable methods for Derivative ID creation

Most digital ID methods can be inputs into the creation of a Derivative ID, however some proprietary schemes disallow this practice. If you’re creating Derivative IDs, your point of contact at Trinsic will ensure the right methods are configured in the dashboard to avoid any legal issues.

Partnering with Trinsic

If you are creating digital IDs, you may be eligible to partner with Trinsic to become an ID method in the Trinsic Identity Acceptance Network. A representative from Trinsic will work with you to understand your platform and ensure the IDs that you’ve created are acceptable in the network. Contact us to learn more.

Updated 1 day ago