LEI Solutions > vLEI – Verifiable LEI

GLEIF vLEI
Verifiable Credentials containing trusted organization identity and roles

Based on self-sovereign identity (SSI), the vLEI enables automated digital identity verification between counter parties.

NEW Ubisecure RapidLEI selected as vLEI Issuer for GLEIF Proof of Concept. Read Announcement

The LEI is the ideal foundation on which to establish the verifiable credentials chain of trust for organizational identity.

200+

Regulations requiring LEI

2m

LEIs already in use today

G20 & FSB

Driven by and overseen by International Bodies

ISO 17442

Defined by the ‘who is who’ standard

Today’s global business presents risk for both transactions and international partnerships. At the heart of reducing such risk is the ability to confirm identity. How do you know your potential business partner is who they say they are? And does the person you are dealing with have the right to act on behalf of that company?

The vLEI solves this problem. The vLEI is a digitised LEI service, utilizing digitally verifiable credentials containing the verified organization identity to provide automated identity verification between counterparties. vLEI will provide a cryptographically secure chain of trust that will replace manual processes needed to access and confirm an entity’s identity across all industries.

vLEI is delivered in an agnostic method able to support any of the existing and future self-sovereign identity (SSI) platforms, be they blockchain / distributed ledger based or otherwise self-sovereign identity (SSI). This ensures the identity holder has control of his/her personal data over how, when, and to whom that data is revealed.

vLEI provide non-repudiable identification data pertaining to:

eSign contract

Legal Status

LEI link to business registries

Ownership Structure

Delegate Rights

Authorized Representatives & Employees

Verifiable LEI use cases include:

LEI use case

Approving business transactions and contracts

RapidLEI speed

Onboarding customers and KYC

LEI use case

Import/Export workflows

LEI use case

Supply chain approvals

LEI use case

Submission of regulatory filings

The vLEI Credential chain of trust

GLEIF asserts that the LEI is the ideal foundation on which to establish a chain of trust for organizational identity.

vLEIs are based on the Trust over IP Authentic Chained Data Container (ACDC) specification, based on the Key Event Receipt Infrastructure (KERI) protocol (an Internet Engineering Task Force (IETF) draft specification), which is a more secure, enhanced variant of the W3C Verifiable Credential specification.

By combining three concepts – the organization’s identity, represented by the LEI, a person’s identity represented by their legal name, and the role that the person plays for the legal entity, vLEI credentials can be issued and become part of organizational wallets.

  • GLEIF is the Root of Trust
  • GLEIF issues vLEIs to RapidLEI as an attestation of trust
  • Verifiable Credentials are created by RapidLEI – an accredited LEI Issuer
  • RapidLEI’s role is to assert information about a subject to which a credential is issued
  • RapidLEI cryptographically signs the credential with its private key

vLEI Verifiable LEI

Once obtained, the vLEI can be used as a basis to issue additional credentials to confirm roles and rights to members of the organization.

vLEI roles

Delegated Authority

vLEI Roles and Rights

vLEI Role Credentials are issued by Legal Entities to Persons to assert their official roles and to represent Legal Entities  (ISO 5009). Individuals and roles can be verified both by the Legal Entity as well as against one or more public sources.

vLEI Roles can also cover roles individuals are authorized to perform on behalf of the legal entity. Examples:

  • Legal Entity – Other Employees
  • Hospital/Physician’s practice – Patients
  • Community/Ecosystem/Exchange/Registered Member
  • Trusted Supplier/Provider/Registered Member

Asserting Rights

Two further verifiable credentials are defined that allow information on people associated with the organisation.

  • Official Organisation Role” credential (OOR) – the OOR links an individual with an organisation in a well-known role. The roles are limited to an official set of ‘official’ roles as defined by an ISO standard (ISO 5009_2022). This list includes roles such as ‘Director’, ‘Chief Executive Officer’, ‘Chief Financial Officer’. With an OOR credential an individual is able to present themselves as holding an official role for a given organisation, and all the claims presented can be electronically verified in real time.
  • Engagement Context Role credential (ECR) – the ECR is very similar to the OOR except that the role is custom, the legal entity can define any role they wish and place that in the ECR. For example, “customer of”, “supplier to”, “contractor for”.

Ubisecure, the company behind RapidLEI, offers Identity & Access Management (IAM) solutions to add further credential augmentation for granular digital rights management for roles and individuals, and the delegation of those rights.  Talk to us today or see Delegated Authority for more details.

Participate in Verifiable LEI Pilots

Ubisecure, the identity services company behind RapidLEI, has a long history of building solutions that connect businesses to both global and nation-wide digital identity initiatives.

The RapidLEI Team is working closely with GLEIF and other industry stakeholders on Verifiable LEI Pilots. Get in touch today to discuss participating in our pilot program.

Rapid LEI by Ubisecure
GLEIF Accredited RapidLEI

Delegate Rights

vLEI Infrastructure Plans

The vLEI is an organisation Verifiable Credential following the W3C specification. It is delivered in an agnostic method able to support any of the existing and future self-sovereign identity (SSI) platforms, be they blockchain/distributed ledger based or otherwise.

It enables a cryptographic chain of trust for organisations and their representatives to securely assert their verified identities, roles and (in conjunction with Ubisecure CIAM platform) rights in digital, automated, identity assurance scenarios. Counterparties, or relying parties, will be able to consume the vLEI knowing that the information it contains has already been verified by an accredited LEI issuer like Ubisecure, and because it has already been verified, can trust it.

LEIs will be used for self-sovereign identity (SSI) and other technologies as verifiable credentials. SSI enables an individual or organization to choose with whom to share details about their identity and who is authorized to act on their behalf.

The vLEI infrastructure will be a network-of-networks, developed using the KERI (Key Event Receipt Infrastructure) protocol. It will support the full range of blockchain, self-sovereign identity and other decentralized key management platforms.

vLEIs will be hostable on both ledgers and cloud infrastructure supporting both the decentralization of ledgers plus the control and performance of cloud. Portability will enable GLEIF’s vLEI ecosystem to unify all ledger-based ecosystems that support the vLEI.

The vLEI ecosystem is in full accordance with ToIP (Trust over IP) standards.