GLEIF vLEI Credentialing Software
Designing GLEIF’s software was one of the most rewarding projects I’ve been able to work on. The vLEI software provides transparency into business ownership in a matter of minutes utilizing a complex decentralized identity system called KERI. This makes business transactions and customer validation more efficient and more secure all over the world. You can read more about this on GLEIF’s website here.
Project Goals and Timeline
Duration:
October 2021 to February 2023
Responsibility:
UX Designer
I was the sole UX Designer on this project. I collaborated with two front end and three back end developers, attend and present at stakeholder meetings, and provided instruction to partners at other companies interested in understanding the project. My process included:
User Journey Maps
Swimlane Diagrams completed in collaboration with the development team (for in-band/out of band communication)
Wireframing
Revisions based on feedback from pilots and demo presentations.
This project contained open source designs, GLEIF-specific software and mobile exploratory concepts.
I also presented on the UX Process at IIW in Mountain View, CA.
The LEI trust chain (verification begins at the top level with GLEIF, who oversees the LEI (Legal Entity Identifier), Qualified Issuers verify legal entities and the authenticity of signatories.
Understanding the KERI System
I worked to understand GLEIF’s goals, the concept of Self Sovereign Identity and the background by:
Reading research like this on the fallout from the Financial Crisis, the origins of the LEI and the use cases for the Verifiable LEI.
Conducted competitive research of companies like Trinsic in the identity space and I met with the stakeholders regularly to understand GLEIF’s aims.
Worked closely with the development team and Sam Smith, a thought leader and the creator of the KERI system to understand the technology.
Understanding the Verifiable LEI User
When banks and other organizations are conducting business, ensuring that they have the proper signatory often requires some trust. When an executive signs, they trust that this person is authorized to sing on behalf of the company.
The Verifiable LEI provides absolute confidence that the signatory is authorized to conduct business on behalf of the organization through delegation of a role credential. These credentials are issued by qualified and vetted issuers that are conduct due diligence before role credentials are assigned. This allows the process to be a seamless one, an organization can trust that an individual allocated the proper role credentials can be easily verified.
A quick intro to a user’s role in GLEIF’s software helped quickly catch them up on who to go to in order to request credentials, approve credentials and revoke credentials. It also helped them to understand the limitations of their role.
Making zero-trust authentication user-friendly
The main goal was to create credentialing software that was easy for users to understand and use, even after not using it day to day. The swimlane diagrams linked here illustrate the complexity of this process.
The process included:
Creating flows for users to add, revoke and store credentials.
Break down self sovereign identity concepts like key rotation and make it user friendly.
Create open source software that can be used by the greater community and partner companies to build on top of.
Utilizing a quick intro section, progress bars and tutorials throughout, we were able to guide users through the verification process and all were able to successfully complete the demo when we tested it at IIW.
Managing multiple signatories and statuses
Often verification and processes like key revocation involved multiple signatories so that no one person could act alone on behalf of the business. The benefit of KERI is that the verification process is instant, but that’s all the more reason to include multiple parties in the process. This screen tracked how many participants were authenticated and how many were left.
Using known patterns for Credential Storage
Credential storage using known patterns was equally important. We created a contact storage system to ensure that it was understandable to users rather than just having to look at keys on their own, they could search by company, LEI, or contact names. This went through several iterations, but all agreed that searching by name, company or LEI would be simpler than searching by identifier.
Contributing to the Open Source Community
During the time that I was working on the KERI project, I also worked with the KERI open source community at times, I’d periodically be on calls related to KERI implementers and also had the opportunity to attend IIW. I’m looking forward to attending again in October.
There was a lot of interest in the KERI project within the open source community, and leaders from other companies had the option to look at what we had created, sometimes even in my Figma files. This is an example of a brainstorm we did with a member of the community - what would it be like if we had a mobile option for verification within KERI?
Reflection & Outcomes
Getting to work on a project with groundbreaking technology was really amazing! While I know that my UX and UI skills both have grown a lot since this project, I can’t help but share because this project led to a strong interest in self-sovereign identity. I have since worked on two startup projects and hope to take on more. It’s so cool to know that our work really influenced future direction in the KERI space.
Besides my own personal passion for the project, here are some tangible outcomes for GLEIF -
In December of 2022, the first vLEI credentials were granted to the first Qualified vLEI Issuer, Provenant and in 2024, Nord vLEI was given the same abilities
KERI’s technology has made inroads in technology and higher education, in addition to its role in the financial sector.
Check out how KERI is making a difference for GLEIF in this whitepaper.