LinkedIn 
Twitter 
YouTube 
Vimeo
LEI Solutions
GLEIF’s Digital Strategy for the LEI
Introducing the Verifiable LEI (vLEI)
Digital certificates , even though highly applicable, widely used and covered in many legislations, have not solved digital identity entirely. Certificates are not unique, the information contained within might be outdated, and revocation has always been an issue. Furthermore, there are so many schemes at the same time. A digital certificate issued in one country under a local scheme might not be usable by the owner in another country or context. Digital certificates do not provide the mission that has been envisioned by GLEIF: Each business worldwide should have only one global identity.
The industry has considered these issues and has devised with a new approach to digital identity management. Thanks to advances in distributed ledger/blockchain technology, digital identity management with the additional feature of decentralized identity verification now is possible. Based on a concept known as self-sovereign identity (SSI), this new approach to authentication and verification of digital identity began as a means by which a person, the identity holder, has control of his/her personal data over how, when, and to whom that data is revealed.
This approach is set to transform the nature of identity management and how person-to-entity, or entity-to-entity, interactions take place in the digital world. It can address the need for automation in verification while maintaining data privacy and confidentiality. The LEI will have a key role in this process.
Verifiable Credentials (VCs) and the emerging role of the LEI
Verifiable Credentials are digitally signed credentials that are not only tamper-resistent but capable of being verified in decentralized manner. vLEIs are based on the Trust over IP Authentic Chained Data Container (ACDC) specification, based on the Key Event Receipt Infrastructure (KERI) protocol (an Internet Engineering Task Force (IETF) draft specification), which is a more secure, enhanced variant of the W3C Verifiable Credential specification.
Use of VCs began in the domain of self-sovereign identity through so-called ‘individual wallets,’ which contain digital versions of credentials issued to and carried by natural persons. Examples include driver's licenses, passports, store loyalty and membership cards. All of these exist as physical credentials today and will likely have both an analog and a digital version in the near future. Self-sovereign identity is based on the principle that natural persons should have control over the personal information contained in their credentials and can choose to prove their identity and certain facts about themselves in a controlled and safe manner.
GLEIF asserts that the LEI is the ideal foundation on which to establish a chain of trust for organizational identity.
The LEI as a Verifiable Credential – the vLEI Trust Chain
- GLEIF is the Root of Trust
- Root AID (Autonomic Identifier) to establish the Root of Trust
- Delegated AIDs to issue Credentials
- GLEIF will establish a trusted network of Qualified vLEI Issuers (QVIs)
- QVIs are qualified to issue Entity and Role Credentials:
- to Legal Entities
- to Persons who represent Legal Entities either in official or functional roles
By combining three concepts – the organization’s identity, represented by the LEI, a person’s identity represented by their legal name, and the role that the person plays for the legal entity, vLEI credentials can be issued and become part of organizational wallets.
vLEI Role Credentials issued by Legal Entities to Persons whose Official Organizational Roles (ISO 5009 standard awaiting publication) that can be verified both by the Legal Entity as well as against one or more public sources.
Examples:
- Legal Entity – CEO
- Legal Entity – Board Chair
vLEI Role Credential issued by Legal Entities to Persons in the context of the engagement of those Persons with the Legal Entities which can be verified by the Legal Entity.
Examples:
- Legal Entity – Other Employees
- Hospital/Physician’s practice – Patients
- Community/Ecosystem/Exchange/Registered Member
- Trusted Supplier/Provider/Registered Member
In December 2020, GLEIF announced its plans to create a fully digitized LEI service capable of enabling instant and automated identity verification between counterparties operating across all industry sectors, globally.
GLEIF invited stakeholders from across the digital economy to engage in a cross-industry development program to create an ecosystem and credential governance framework, together with a technical supporting infrastructure, for a verifiable LEI (vLEI), a digitally verifiable credential containing the LEI.
The vLEI will give government organizations, companies and other legal entities worldwide the capacity to use non-repudiable identification data pertaining to their legal status, ownership structure, authorized representatives and employees in a growing number of digital business activities. This includes approving business transactions and contracts, onboarding customers, transaction within import/export and supply chain business networks and submitting regulatory filings and reports. GLEIF already is engaged in research partnerships and technical trials with stakeholders across the pharmaceutical, healthcare, telecom, automotive and financial services sectors.
The credentials in the vLEI Trust Chain are chained to each other as vLEIs are Authentic Chained Data Container (ACDC) credentials. This allow for the provenance of vLEIs to be traced back to GLEIF as both the Root of Trust for the vLEI Trust Chain as well as the entity that ensures that operational integrity of the Global LEI System.
The vLEI infrastructure will be a network-of-networks of true universality and portability, developed using the KERI (Key Event Receipt Infrastructure) protocol. It will support the full range of blockchain, self-sovereign identity and other decentralized key management platforms. vLEIs will be hostable on both ledgers and cloud infrastructure supporting both the decentralization of ledgers plus the control and performance of cloud. Portability will enable GLEIF’s vLEI ecosystem to unify all ledger-based ecosystems that support the vLEI.
Agnostic to any network and interoperable
- Development of the capabilities needed for issuance, verification and revocation of vLEIs do not need to operate on blockchain or distributed ledger technology.
This would allow GLEIF to connect to any blockchain or distributed ledger technology SSI network or cloud infrastructure without the need for custom implementation, cost and overhead of operation.
The verifiable LEI (vLEI ) Ecosystem Governance Framework
The Global Legal Entity Identifier Foundation (GLEIF) has published the verifiable LEI (vLEI) Ecosystem Governance Framework based on the Trust over IP Governance Metamodel. The vLEI Ecosystem Governance Framework, which has been designed from the ground up to complement GLEIF’s existing LEI governance, defines the vLEI operational model and describes how the new digital trust ecosystem’s range of vLEI issuing stakeholders will qualify for and perform their roles in the Global LEI System.
A year in the making, the Framework has been created in full accordance with standards and recommendations of the Trust over IP Foundation, hosted by the Linux Foundation. It is the most comprehensive Framework developed based on the ToIP Governance Model.
The Framework provides essential detail on the governance structures and processes that will shape the development of the vLEI ecosystem together with the services that GLEIF will provide, including the vLEI Qualification Program, essential key and credential management services, and a communications platform for information sharing between GLEIF and its network of vLEI issuers.
The documents of an Ecosystem Governance Framework are comprised of a Primary Document, one or more Controlled Documents (separate supporting documents focusing on dedicated topics for the Framework), and the Identifier and Credential Governance Frameworks.
Primary Document
verifiable LEI (vLEI) Ecosystem Governance Framework Primary Document
The primary document is the master document for the Framework. GLEIF suggests that the Primary Document is an excellent place to start when reading the Framework.
Controlled Documents
Documents for the vLEI Issuer Qualification Program
There are several Controlled Documents that are dedicated to the roles and responsibilities of Qualified vLEI Issuers. These documents are part of the Legal Agreement section of the Framework. The main legal document is the vLEI Issuer Qualification Agreement, to which there are seven appendices.
vLEI Issuer Qualification Agreement
An agreement between GLEIF and an organization that has been qualified by GLEIF to operate as a Qualified vLEI Issuer.
Appendices to vLEI Issuer Qualification Agreement
Appendix 1: Non-Disclosure Agreement (NDA)
An agreement that outlines requirements for handling confidential information.
Appendix 2: vLEI Issuer Qualification Program Manual
The document that describes the Qualification Program.
Appendix 3: vLEI Issuer Qualification Program Checklist
The document that details the control and process requirements for Qualification.
Appendix 4: vLEI Issuer Contact Details
A list of contact details of GLEIF and the Candidate vLEI Issuer during Qualification and of GLEIF and the Qualified vLEI Issuer during ongoing operations. This list also will include the contact details that GLEIF would need in order to manage the termination of a Qualified vLEI Issuer. For this purpose, the names, titles and email addresses of the Legal Entities’ Authorized vLEI Representatives (AVRs) must be provided, and updated on a regular basis as a section to this appendix.
Appendix 5: Qualified vLEI Issuer Service Level Agreement (SLA)
A document that details the services to be provided by GLEIF and the Qualified vLEI Issuers and the service level requirements for these services.
The formal SLA will be prepared for a subsequent version of the Framework and prior to the implementation of the vLEI Issuer Qualification Program in 2022 as Appendix 5 to the vLEI Issuer Qualification Agreement. In the meantime, a vLEI Services Catalog, v0.9 Draft, has been prepared to provide a background of the services that will be developed for GLEIF and for the network of Qualified vLEI Issuers.
Although the vLEI Issuer Qualification Agreement and its appendices will be listed as Controlled Documents within the Framework and distributed as part of the complete vLEI Framework, revisions to the vLEI Issuer Qualification Agreement, including all of its appendices, will be reviewed and approved by GLEIF only.
Appendix 6: Qualified vLEI Issuer TrustMark Terms of Use
A document that details the terms of use of the TrustMark by the Qualified vLEI Issuer.
Appendix 7: Qualified vLEI Issuer-Legal Entity Required Contract Terms
A document that specifies the contract terms that must be included in the agreement between a Qualified vLEI Issuer and a Legal Entity for vLEI services.
Identifier and Credential Governance Frameworks
The Identifier Governance Framework focuses on GLEIF’s Autonomic Identifiers (AIDs). Each vLEI Credential has its own Credential Governance Framework, one for each of the four types of vLEI Credentials. These Frameworks include policies and requirements for the issuance, verification, and revocation of each vLEI Credential, as well as the fields contained in each Credential, with a link to the technical schema.
GLEIF Identifier Governance Framework
A document that details the purpose, principles, policies, and specifications that apply to the use of the GLEIF Root Autonomic Identifier (AID) and its GLEIF Delegated AIDs in the vLEI Ecosystem.
Qualified vLEI Issuer vLEI Credential Governance Framework
A document that details the requirements to enable this vLEI Credential to be issued by GLEIF to Qualified vLEI Issuers, which allows the Qualified vLEI Issuers to issue, verify and revoke Legal Entity vLEI Credentials, Legal Entity Official Organizational Role vLEI Credentials and Legal Entity Engagement Context Role vLEI Credentials.
Legal Entity vLEI Credential Governance Framework
A document that details the requirements for a vLEI Credential, the entity level vLEI Credential issued by a Qualified vLEI Issuer to a Legal Entity.
Legal Entity Official Organizational Role vLEI Credential Governance Framework
A document that details the requirements for vLEI Role Credentials issued to official representatives of a Legal Entity. These vLEI Credentials are issued by Qualified vLEI Issuers who are responsible for the validation of persons in official roles against one or more public sources.
Legal Entity Engagement Context Role vLEI Credential Governance Framework
A document that details the requirements for vLEI Role Credentials issued to representatives of a Legal Entity in other than official roles but in functional or other context of engagement. These vLEI Role Credentials can be issued and revoked by a Legal Entity itself, or a Qualified vLEI Issuer can provide these value-added services to a Legal Entity.
Remaining Controlled Documents
Glossary
verifiable LEI (vLEI) Ecosystem Governance Framework Glossary
A document that lists all defined terms have been referenced in the Framework documents.
Risk Assessment
verifiable LEI (vLEI) Ecosystem Governance Framework Risk Assessment
A document that assesses certain risk categories regarding the operation of the vLEI Ecosystem and Infrastructure. Although for purposes of the Framework, the Risk Assessment is a separate document, responsible managers within GLEIF will manage these risks as part of the GLEIF risk register.
Trust Assurance and Certification
verifiable LEI (vLEI) Ecosystem Governance Framework Trust Assurance Framework
This document focuses on the ‘MUST’ statements within the other Framework documents and specifies the services/processes that will be used to evaluate compliance with these statements.
Technical Requirements
There are two separate Controlled Documents for the Framework’s Technical Requirements, with self-explanatory titles.
verifiable LEI (vLEI) Ecosystem Governance Framework Technical Requirements Part 2 vLEI Credentials
Information Trust Requirements
verifiable LEI (vLEI) Ecosystem Governance Framework Information Trust Policies
This document defines the information security, privacy, availability, confidentiality, and processing integrity policies for the Framework.
The Framework will be maintained by GLEIF and reviewed for revision at least once a year.
Relevant Files for Download
- Download as PDF: vLEI Q & A