Who uses Gravity ?

Gravity enables data sharing for anyone, anywhere. Individuals use Gravity to request their data from trusted parties and to share this data safely to access services. Organizations and enterprises use Gravity to verify their users and improve their service delivery based on verifiable data. So far, Gravity has been used by individuals, enterprises, financial institutions, educational organizations and NGOs / humanitarian organizations.

Who are Gravity's clients/business partners ?

Gravity works with financial institutions such as digital lenders, private companies such as goods distributors, educational institutions and NGOs / Humanitarian organizations.

How do individuals use Gravity ?

Individuals can create a digital identity, request, receive & share their personal data through credentials or authenticate using their digital identity.

How do financial institutions use Gravity ?

Financial institutions use Gravity to

• verify the identity of their customers (eKYC),
• issue credentials about their customers, e.g loan history and repayments, and
• authenticate customers for digital lending.

How do NGOs / Humanitarian organizations use Gravity ?

NGOs / Humanitarian organizations use Gravity to:

• create digital identities for beneficiaries of humanitarian aid programs,
• issue credentials to their beneficiaries, e.g. identity, assistance received, household composition, etc. and
• authenticate beneficiaries to ensure that the right assistance is delivered to the right individuals.

How do educational institutions use Gravity?

Educational institutions use Gravity to:

• Issue education credentials such as certificates for their students and staff. These credentials are used by students/staff to apply for jobs or enroll in further education or training.
• Request credentials from their students and staff to verify their qualifications and eligibility for courses and training.

What is an issuer ?

A company or organization submitting verifiable data such as a school, a government, a bank, etc.

A company or organization can be both an issuer and a verifier.

What is a verifier ?

A company or organization that verifies data to provide a service such as bank, humanitarian organization, etc.

A company or organization can be both an issuer and a verifier.

What is a guardian ?

To make Gravity services available to individuals who do not have digital access or the appropriate capacity for access, they can ask another person or organization to serve as their digital guardian. The guardian is responsible for helping the beneficiary to create and manage their digital identity wallet.

What is a data subject?

An individual or an organization about whom the data is.

What is a holder?

An individual or an organization that stores and shares data on behalf of the data subject. A holder is usually, but not always, a subject of the verifiable credentials they are holding.

What is an Ecosystem Admin ?

An Ecosystem Admin is an entity that is in charge of governance of the whole decentralized identity system. The Ecosystem Admin can assign permissions to organizations (such as who has the right to issue, to verify and according to what schemas). The Ecosystem Admin can create credential schemas which will be used to issue and verify credentials in the ecosystem by the said organizations. The Ecosystem Admin is also a trusted entity that can host a list of entities' public keys and their corresponding identity.

There can be multiple Ecosystem Administrators depending on the need for decentralization within the ecosystem.

What is the Gravity Identity Wallet Application?

The Gravity Identity Wallet Application is an interface used by individuals with smartphones to create their digital identity, share credentials/authenticate and manage their digital identity (e.g. ask for corrections to their existing credentials, contest and delete credentials).

To ensure seamless user experience for all types of users, the Identity Wallet Application is a Progressive Web Application accessible via a browser or mobile desktop once installed. This allows individuals to start using the App without going through the trouble of installing another application from a Mobile App store.

What is the Gravity Portal ?

The Gravity Portal is an interface that is part of the Gravity Verifiable Data Exchange. It is made for organizations to submit and request data about users. It also comes with a set of features which help organizations manage the users they are guardians of. The Portal can also be used to assign staff roles and permissions to access the Gravity system. It is accessible through a web browser on a desktop/laptop with an internet connection.

What is the Gravity USSD menu ?

USSD (Unstructured Supplementary Service Data) is an SMS-like interface which allows users with basic phones or those without internet access to interact with the Gravity Identity Wallet. Individuals are required to authenticate using a 4 digit PIN to use the USSD menu and interact with their digital identity.

What it the Gravity Agent ?

The Gravity Agent is a server which can be set up and controlled by clients independently of Gravity. It could be set up on customer infrastructure and can be used for issuance, verification and guardianship purposes. This server exposes an JSON RPC API reachable via the public network (https requests). The Gravity Agent includes the Gravity SDK under the hood and therefore customers can benefit all of its features via this remote server.

Which blockchain is Gravity built on and why?

Gravity is built on the Tezos Blockchain. The Tezos Blockchain is public and permissionless.

We chose Tezos because the Tezos ecosystem aligns with Gravity’s high security standards (Gravity adheres to W3C standards) and our vision for a digital identity platform that builds trusted digital identities on blockchain that are private, portable and persistent.

We believe in Tezos’ focus on formal verification of smart contracts and on-chain governance, which allow for everyone to participate by submitting proposals to be voted on to update the Tezos environment.Additionally, as an alternative to hard forks, the Tezos ecosystem’s democratic, community-based, decentralized form of on-chain governance is also consistent with Gravity’s vision for our own ecosystem. Like Tezos, Gravity’s solution focuses on decentralizing and community-sourcing as many components of our protocol as possible to comply with the latest W3C standards.

Lastly, Tezos fits within Gravity’s human-centric vision which values community-based input and a decentralized approach to create more innovative and effective solutions that truly meet the needs of all stakeholders.

What is Gravity's decentralized identity protocol ?

A set of modules that enables Gravity users to safely create and share data with organizations to access key services such as loans and credit, humanitarian aid and educational resources. Gravity’s decentralized identity protocol is in compliance with W3C standards, the highest set of web security standards.

What is the Gravity SDK ?

The Gravity SDK is the hub of Gravity's decentralized identity protocol, letting interfaces communicate with other low-level components of the solution such as the Tezos Blockchain and the decentralized credential repository.

How can organizations issue and verify credentials?

Organizations can issue or verify credentials through

• An API exposed by the Gravity Agent, or
• The Gravity Portal.

Who can validate a claim?

Claims are validated by trusted entities such as NGOs / Humanitarian organizations, governments and Financial Service Providers (FSP).

Who can use Gravity to verify data ?

Organizations can request verifiable data about individuals and businesses via Gravity. This can be done through Gravity’s data sharing portal, or via dedicated APIs.. For example, verifiers in the Gravity sphere can be digital lenders, other Financial Service Providers (FSPs), humanitarian organizations, employers, or other organizations. The Ecosystem Administrator grants organizations the right to verify credentials and also has the power to restrict the types of credentials that can be verified.

How does Gravity guarantee data privacy and protection ?

Our platform was built in line with the principles of privacy-by-design and is fully compliant with the GDPR. In particular, our platform is based on the following principles to ensure data privacy & protection:

End-to-end encryption: Data is encrypted end-to-end using a shared secret encryption key between sender and receiver.

Decentralized storage: Personal data is encrypted and its fragments are stored on different nodes in pre-defined geographies. Only users can access and piece it back together.

Selective data sharing: Only data actively shared and previously signed by its holder can be accessed by a third party. Users can choose which data they would like to share with each party.

Terms of use: Data shared can be accompanied by termsOfUse property which defines for what purpose the data was issued or shared, what rights the third party has to use it and for how long the party has the right to keep it.

Storage limitation: Data is stored-exclusively on users’ wallets. No other entity, including Gravity, is able to access the users’ data. They are therefore in full control.

What is Gravity's User Management system and how does it work?

The User Management system allows for the management of multiple users within the same organization. A designated administrator from the organization can assign various roles to different users within the same organization. This supports the principle of Least Privilege Access such that staff within the same organization are allowed to perform only those functions that are absolutely required to perform routine, legitimate activities.

What is an Ecosystem Admin / Provider ?

An Ecosystem Admin is an entity that is in charge of governance of the whole decentralized identity system. The Ecosystem Admin can assign permissions to organizations (such as who has the right to issue, to verify and according to what schemas). The Ecosystem Admin can create credential schemas which will be used to issue and verify credentials in the ecosystem. The Ecosystem Admin is also a trusted entity that can host a list of entities' public keys and their corresponding identity.

There can be multiple Ecosystem Administrators depending on the need for decentralization within the ecosystem.

What is the difference between Governance and User Management ?

Governance establish the rights between different organizations while user management established rights within an organization

What is the passphrase and why do I need it ?

The passphrase (also known as mnemonic or seedphrase) is a combination of 15 words that are randomly generated. The passphrase is used to generate an entity's private and public keys. The passphrase helps users to regain access to their Gravity Identity Wallet in case they have forgotten their PIN or password, or changed or lost their device. For this reason, it is essential that users carefully note down their passphrase and keep it safe and private

Is any personal data stored on the blockchain ?

No. Gravity is committed to ensuring individuals' Right to be Forgotten by ensuring that personal data is stored off the blockchain.

François: I am proud you remember / retrieve this 🙂. However this will change with the Spruce DID Manager so either we are not so accurate either we update this part once we integrate this new DID Manager

The following data is stored on the blockchain:

• Authentication public key: Used by remote parties to verify a signature with an "authentication" purpose (in W3C terms), most frequently used during the sharing of credentials,
• AssertionMethod public key: Also for use by remote parties to verify signatures with an "assertionMethod" purpose (in W3C terms), usually used during credential issuance,
• KeyAgreement public key: Used by remote parties to compute the shared secret necessary for end to end encryption,
• Link to the credential repository: A link to a dedicated space on the credential repository which allows issuers to know where to send credentials post encryption, and
• TZIP-16: Standard that helps attach off-chain metadata to the DID manager, allowing for the inclusion of metadata views.

This means that no personal data/personally identifiable information is stored on the blockchain, upholding beneficiaries’ Right to be Forgotten and safeguarding their privacy.

How do users delete their digital identity ?

Users can exercise their Right to be Forgotten at any time by requesting the deletion of their digital identity wallet through the Web App or USSD menu. Credentials are deleted from the system after 30 days. In case of erroneous or unintentional deletion, users have the possibility of cancelling the deletion within this 30 day period.

What happens if users change their device?

Users can log in to their Gravity accounts on a new device by exporting their wallet from their old device. This can be done by logging in to the Gravity account on the older device —> More menu —>Security —> Export Wallet. Their keystore will be downloaded as a file on their old device. This keystore can be sent to the new device through a mechanism of the user's choice (message, email, etc.). As an added security measure, keystores are encrypted with the users' PIN. This prevents the keystore from being retrieved by a non-authorized entity during the transfer from one device to another. Users can then choose the Import Wallet option on the Identity Wallet Application to log in to their Gravity account.

What happens if I lose my device ?

Users can recover their digital identity by entering their passphrase and PIN. They can also create a new PIN using their passphrase if they forgot the previous one.

My data is wrong, how can I fix it ?

Users can click on a credential and choose the "Report as wrong" option to signal an error or change to their data. The issuer of the data receives this request and updates the data accordingly.

How do individuals access their Gravity Identity Wallet ?

Users can access their Gravity Identity Wallets via:

• The Gravity Identity Wallet Application on a smartphone, or
• A USSD Menu on a basic phone, or
• A printed QR code if they have no phones.

Is a smartphone necessary to access the Gravity identity Wallet ?

Gravity's mission is to make data sharing and identity management as inclusive as possible. Therefore, users can access their Gravity Identity Wallet with a smartphone or basic phone. If they don't have a phone, they can also share their personal data via a printed QR code.

How does Gravity ensure that my information is secured ?

You information is encrypted and stored in different pieces in multiple locations keeping them highly secure. Only you with your private key are able to piece the pieces back together.

How long can I keep my Gravity wallet ?

Users can keep their digital wallet for a lifetime.

What is the passphrase and why do I need it ?

The passphrase (also known as mnemonic or seedphrase) is a combination of 15 words that are randomly generated. The passphrase is used to generate an entity's private and public keys. The passphrase helps users to regain access to their Gravity Identity Wallet in case they have forgotten their PIN, or changed or lost their device. For this reason, it is essential that users carefully note down their passphrase and keep it safe and private

Is any personal data stored on the blockchain ?

No. Gravity is committed to ensuring individuals' Right to be Forgotten by ensuring that personal data is stored off the blockchain.

The following data is stored on the blockchain:

• Authentication public key: Used by remote parties to verify a signature with an "authentication" purpose (in W3C terms), most frequently used during the sharing of credentials,
• AssertionMethod public key: Also for use by remote parties to verify signatures with an "assertionMethod" purpose (in W3C terms), usually used during credential issuance,
• KeyAgreement public key: Used by remote parties to compute the shared secret necessary for end to end encryption,
• Link to the credential repository: A link to a dedicated space on the credential repository which allows issuers to know where to send credentials post encryption, and
• TZIP-16: Standard that helps attach off-chain metadata to the DID manager, allowing for the inclusion of metadata views.

Can I download Gravity's Identity Wallet Application ?

The App is not downloadable from a Mobile App store but instead accessible on the following mobile browser versions: Android Browser +2.1, Blackberry +7, Chrome +23, Chrome for Android +32, Firefox +18, Firefox for Android +25, Firefox OS +1.0, Opera 15 (Opera 10.5+ with localStorage), Opera Mobile 11, Phonegap/Apache Cordova 1.2.0, Safari 3.1 (includes Mobile Safari).

What is SSI ?

Self-Sovereign Identity (SSI) is a lifetime portable digital identity that does not depend on any centralized authority. An identity concept where individuals and businesses store and control their data on their own devices. Individuals and businesses can then provide this data when another individual or organization needs to validate them. This is all done without relying on a centralized database or authority.

What is a blockchain ?

Blockchain is a decentralized database that makes it possible to create a digital ledger of data and share it among a network of independent parties. Virtually anything of value can be tracked on a blockchain network, reducing risk and cutting costs for all involved. Blockchain is ideal for delivering information because it provides relatively fast, shared and completely transparent information stored on an immutable ledger whose access is based on the type of blockchain (i.e. public vs. private blockchain). With its decentralized and trustless nature, blockchain technology can lead to new opportunities and benefit businesses through greater transparency, enhanced security and easier traceability.

What is a digital wallet ?

A digital wallet is a software-based system that securely stores users’ credentials. A digital wallet can be used to create a digital identity that is private, portable and persistent. Users can then share certain attributes from their digital wallet with organizations to access services such as humanitarian aid, finance and education.

What is KYC ?

Know-Your-Customer procedures (KYC procedures) is a critical function to assess customer risk and a legal requirement to comply with Anti-Money Laundering (AML) laws. Effective KYC involves knowing a customers identity, their financial activities and the risk they pose.

What is Supply Chain Finance (SCF) ?

Gravity's supply chain finance solution is a user-centric platform built on decentralized identity. It benefits the whole supply chain ecosystem. Gravity's Supply Chain Finance solution is used by:

• Merchants, to leverage data such as the purchase history with their suppliers, verified KYC information, and mobile money transactions to access working capital from a lender of their choice through Gravity,
• Lenders, to provide earmarked credit through an API to these merchants without having to invest in supply chain lending infrastructure, and
• Suppliers, to avoid lock-in and having to integrate different lending solutions into their software stack while ensuring access to the most affordable rates to their merchants.