E-commerce infrastructure

With the IOTA Audit Trail service, third-party e-commerce solutions can easily log and share immutable information while authorized third parties can access them and verify their integrity and authenticity.
The Self-Sovereign Identity service enables the creation, issuing, and verification of trusted self-sovereign decentralized identities and credentials.

The IOTA Audit Trail service is used in the ENSURESEC project and the wider e-commerce industry to prove that critical data has not been tampered with and has originated from a trusted source. Meanwhile, it also ensures that customer data can be managed in a more ethical and secure way for all ecosystem actors, and helps prevent cyber-physical threats.

This service enables users to create immutable encrypted data channels and share them with others. Data in channels are stored on the IOTA Tangle. A channel is implemented as an IOTA Stream and can handle different subscribers. By requesting a subscription to a channel, a subscriber can request Read, Write, and ReadAndWrite access to the channel. This request must be authorized by the creator (author) of the channel. After a subscriber is authorized, it is then able to write and/or read to and/or from the channel. In addition to subscribers, the author can always read and write messages in the channel. Authors and subscribers have their own IOTA Identity (through the SSI Bridge). All this workflow is managed with simple REST APIs.

This service enables users to create Self-Sovereign Identities, linking Decentralized Identifiers (DIDs) to people, organizations, or devices. Each identity is represented by a unique public key immutably stored on the ledger. Identities and public keys are used to anchor off-chain verifiable credentials, which are certificates containing identity attributes signed by an Issuer identity (using its private key).

The Issuer itself is an entity with its own decentralized identity. The Bridge allows an identified trust root to verify users' identity. Verified identities can then propagate this verification to other entities (organizations, individuals, or objects) using a network of trust approach. Identity can be used with the Audit Trail Service or as stand-alone. The entire workflow is managed with simple REST APIs.

Audit Trail Gateway (GW) and Self-Sovereign Identity Bridge code can be found at our public GitHub by clicking on 'view code'. We invite developers and innovators to install and build on top of our services. The IOTA Foundation has developed services as building blocks to use in current and future projects.

These services have been developed as part of the ENSURESEC project, funded by the European Commission.

By utilizing the IOTA Identity and IOTA Streams services, traditional systems can enjoy several important benefits. The services have been built to be used as the core data transfer mechanism between other components, or as a complimentary service should other message buses (such as Kafka) be used.