Introducing the verifiable LEI (vLEI)

I herewith confirm that I read, understood and accepted the privacy policy. I hereby confirm that data which I typed and clicked might be sent to social network owners and saved and electronically processed by them.

GLEIF has pioneered a new form of digitized organizational identity to meet the global need for automated authentication and verification of legal entities across a range of industries. It is called the verifiable LEI (vLEI). By creating the vLEI, GLEIF has answered this urgent and unmet need by working with stakeholders around the world to create a new global ecosystem for organizational digital identity.

The vLEI concept is simple: It is the secure digital counterpart of a conventional LEI. In other words, it is a digitally trustworthy version of the 20-digit LEI code which is automatically verified, without the need for human intervention.

Thanks to advances in distributed ledger/blockchain technology, digital identity management with the additional feature of decentralized identity verification now is possible. Based on the concept of self-sovereign identity (SSI), this new approach offers a means by which a person, the identity holder, has control of their personal data and how, when, and to whom that data is revealed.

This approach is transforming the nature of identity management and how person-to-entity, or entity-to-entity, interactions take place in the digital world. It addresses the need for automation in verification while maintaining data privacy and confidentiality.

The vLEI enables digitized trust on a global scale. It provides instant, automated identity verification of legal entities and their persons in official and functional roles. This verification can be cryptographically bound to official documents, transactions and interactions.

GLEIF believes that each legal entity worldwide should have just one global identity, capable of supporting its participation in the digital economy. Only then can all entities work together in ways that will unlock the true potential of digitalization: enabling innovation and collaboration to thrive unlimited by geography. It allows money, goods, and services to flow securely around the world faster, more efficiently, and at a lower cost than ever before.

Verifiable Credentials (VCs) and the emerging role of the LEI

Verifiable Credentials are digitally signed credentials that are not only tamper-resistant but capable of being verified in decentralized manner. vLEIs are based on the Trust over IP Authentic Chained Data Container (ACDC) specification (based on the Key Event Receipt Infrastructure (KERI) protocol github.com/trustoverip/tswg-keri-specification ; github.com/trustoverip/tswg-acdc-specification).

GLEIF asserts that the LEI is the ideal foundation on which to establish a chain of trust for organizational identity.

The LEI as a Verifiable Credential – the vLEI Trust Chain

• GLEIF is the Root of Trust.
• Root AID (Autonomic Identifier) to establish the Root of Trust.
• Delegated AIDs to issue vLEIs to its trusted network of Qualified vLEI Issuers (QVIs).
• QVIs are qualified to issue Entity and Role vLEI Credentials.
• Once a vLEI is issued to an Organization, vLEIs can be issued to Persons who represent Organizations either in official or functional roles.

By combining three concepts – the organization’s identity, represented by the LEI, a person’s identity and the role that the person plays for the organization, vLEI credentials can be issued.

vLEI Role Credentials issued to Persons whose Official Organizational Roles (ISO 5009 standard) that can be verified both by the organization as well as against one or more public sources, or through official documents obtained from the organization such as Board minutes or resolutions, statutes or articles, which would validate the name and the role of the OOR Person.
Example:

• vLEI Role Credential for a CEO
• Can be used to:
  • carry out official duties and powers conferred legally or required by regulation, e.g., annual reports, regulatory reports
  • carry out internal policies, duties or tasks, e.g., approve strategic plans, sign employee service awards

vLEI Role Credential issued by Legal Entities to Persons in the context of the engagement of those Persons with an organization which can be verified by the organization.
Example:

• vLEI Role Credentials issued by an organization to its authorized suppliers
  • Requirements for use defined by the organization
  • Could require authorized suppliers to submit invoices signed with their vLEI Role Credentials to eliminate presentation of fraudulent invoices

Chaining of the vLEI Credentials in the vLEI Trust Chain using ACDC credentials allows for the provenance of vLEIs to be traced back to GLEIF as both the Root of Trust for the vLEI Trust Chain as well as to the entity that ensures the operational integrity of the Global LEI System.

In December 2020, GLEIF announced its plans to create a fully digitized LEI service capable of enabling instant and automated identity verification between counterparties operating across all industry sectors, globally. Additionally, in December 2022, GLEIF announced the first suite of vLEI services to enable digital signing and automated verification of corporate caller IDs through proof-of-concept (POC) trials to be carried out by the first qualified vLEI issuer, delivering on GLEIF’s plans to create a fully digitized LEI service capable of enabling instant and automated identity verification between counterparties operating across all industry sectors, globally.

The vLEI infrastructure is a network-of-networks of true universality and portability, developed using the KERI (Key Event Receipt Infrastructure) protocol. It supports the full range of blockchain, self-sovereign identity and other decentralized key management platforms. vLEIs will be hostable on both ledgers and cloud infrastructure supporting both the decentralization of ledgers plus the control and performance of cloud. Portability will enable GLEIF’s vLEI ecosystem to unify all ledger-based ecosystems that support the vLEI.

vLEI network-of-networks based on KERI

Development of the capabilities needed for issuance, verification and revocation of vLEIs do not need to operate on blockchain or distributed ledger technology.

This would allow GLEIF to connect to any blockchain or distributed ledger technology SSI network or cloud infrastructure without the need for custom implementation, cost and overhead of operation.

Discoverability and interoperability are achieved through the use of the did:webs DID Method.

---

Relevant Files for Download