The Swiss Federal Railways (SBB) have completed a proof-of-concept (PoC) of a blockchain-based credential management system for workers employed on the company's shipyards.
The project took place from May to November and aimed at improving the current manual, paper-based processes in an "agile work environment with a blockchain-based digital audit-proof solution", Daniele Pallecchi, spokesperson for the Swiss national railway company, he told CoinDesk via e-mail.
"Construction sites on the FFS network often involve third parties – for safety reasons, there are stringent qualifications for personnel qualifications," said Pallecchi, explaining the need for a strong identity system.
The solution was developed by Linum Labs, a startup blockchain, using the open-source technology of uPort, a project launched under the aegis of New York's heterogeneous design studio, ConsenSys.
In the proof-of-concept, workers created their digital identities in the app on their mobile devices, and SBB issued certificates confirming their proper training.
The workers then used these digital IDs during access and exit from the work sites they were working on. To access the site, a worker could scan a QR code from the app on their mobile phone.
"Using uPort, railway workers, certification authorities and supervisors are able to have their unique digital identities linked to their respective IDs of uPort, which is then anchored to an identity on the blockchain. worker check-in / check-out is posted on the blockchain so that the internal database can be checked, "Linum Labs wrote in a post medium.
The app can also connect to identity systems authorized by city administrations, such as Zug ID, which also uses uPort's technology. This summer has been tried in the Swiss city of Zug to allow electronic voting via blockchain, and is now involved in another pilot: local residents can use Zug IDs to unlock bikes provided by AirBie, a bike startup Zurich sharing.
Pallecchi of the SBB refused to provide specific details on the next steps, adding that the company "could have more stable information" at the beginning of 2019.
uPort was not directly involved in the railway project, in accordance with the open source ethos of the startup, he told CoinDesk his product manager, Thierry Bonfante. "Our partners represent our system on the market, we will make sure that we have everything they need from us," he said.
However, while rail piloting was in progress, in August, uPort updated its architecture to solve scalability and privacy issues by moving multiple off-line operations. As uPort is based on ethereum, which has had difficulty resizing, doing every blockchain operation has made the system slow and ineffective, said Bonfante.
Another problem that pushed the change on uPort: it was difficult to comply with the general regulation on data protection of the European Union (GDPR) implemented in May. The regulation includes a "right to oblivion", which is to request that information about an individual be removed from the public domain at their request.
"If you always put your information on the blockchain, it's irrevocable," Bonfante said. "So you lost your right to oblivion."
With the new architecture of uPort, users' personal information is stored off-line on their mobile phones. In the case of the Swiss railway, "blockchain is used only for further key management purposes, such as key rotation, revocation and delegation to third parties", explained Bonfante.
The system works well for a small amount of information, uPort's director of commercial operations, Alice Nawfal, told CoinDesk. But in the future, as the market reaches the point where more complex identity applications will be required, "it probably will not work on a phone," so uPort is trying to create a storage hub solution, Nawfal said.
He added that SBB "really took" the opportunities of verifiable credential technology.
"Prior to this, the use cases were, for example, that people were able to identify who were residing in a particular city," Nawfal said. "And the railways are proceeding with a more complex implementation with certification and more credentials".
Image of the Swiss railway via Shutterstock