Tap to ID: Passwordless login with SSI-NFC smart card

Gimly ID is a 'Tap to ID' solution, implementing self-sovereign identity over NFC technology in mobile devices and smart cards for password-less login and smart access control. Our SSI-NFC smart card carries an embedded blockchain wallet that securely manages a public-private key pair to control its own Decentralized Identifier (DID) and to sign Verifiable Presentations (VPs) in authentication flows. The card can also carry its own Verifiable Credentials (VCs) in the local storage.

In this demo, presented during RWOT11, Caspar is a newly hired air cargo control manager at AirCargo LLC. Because Caspar is not allowed to carry his mobile phone in the high security area’s around the AirCargo terminal and control centre, he will need an SSI smartcard with an Employee ID credential with the correct security clearance attributes to get access. Caspar also needs the SSI smartcard as a 2FA when signing into high-security online employee web portal or other computer systems. After being successfully hired, Caspar receives an SSI smartcard from AirCargo LLC, which he will need to activate by requesting an Employee ID credential to be issued to the card.

This video shows our password-less login protocol in the Gimly ID solution where Caspar completes the employee onboarding process and logs into the employee web portal, using the Employee ID credential and his SSI smartcard. This login protocol uses SIOPv2, OIDC4VP for implementation with OpenID providers. It also implements the DIF presentation exchange request, where a user database is no longer necessary.