The NGI_Trust project team, NGI_Trust advisory board, representatives from the EC and members of the wider NGI family got together on the 26th February 2021 to hear the results of five of the projects funded by NGI_Trust and learn about their experiences within NGI. CAP-A, CCS Cozy Cloud's Shiffremir, Decentralized Messaging, CryRev and TrustedUX were funded during the 1st and 2nd funding calls for NGI_Trust and have now all completed their projects or are near to completion. These projects represented a diverse range of the thematic areas explored by NGI_Trust and provided an opportunity to reflect on the full range of topics that are needed to create a trusted human-centric internet. Presentations from the projects are available on the webinar homepage.
User control was a strong theme within the projects but there is a ongoing challenge regarding the motivation of users to engage and manage their own privacy versus the convenience of using a (trusted) third party. CAP-A has developed a web-portal and a mobile app to encourage user participation in privacy-related tasks via a dashboard and easy to read policy annotations. The project has a video that demonstrate their work and is planning on setting up a non-profit organisation to continue the developments.
CCS takes this paradigm further and categorically states that they consider the users devices as the only legitimate places for data access and encryption. The project wants to exempt the end-user from trusting any service provider back-end, including Cozy Cloud, and thus creating a truly Self Sovereign experience. The project has released its code as open-source and continues to seek new funding sources to focus on the complexities of the UX.
Decentralized Messaging has the objective to combine identity and messaging into a single data model and protocol. Their app "Context" aims to allow users to interact and send messages person-to-person without using a centralised messenger. The project has built an architecture and prototype but is now looking to focus on market analysis, business modelling, pricing and IPR.
CryRev looks at the challenges of trust and privacy from a very different angle by focusing on the hardware and has built an open Hardware Security Module (HSM). The HSM makes use of a variety of open and innovative approaches to security including DNSSEC, RPKI, TOR Consensus and the Let’s Encrypt CA to provide a competitive product with a focus on openness as well as trust. The CrypTech Alpha is their first complete version of the machine and NGI_Trust funding helped support a version 4 release with a focus on performance as well as security.
Our final presenters unveiled the results of the TrustedUX project whose focus was not on building a trust environment itself but on providing a tool to help developers measure trust. TrustedUX is an online survey tool that helps measure user trust at any point in a product lifecycle and provides research-based evidence and visualisations of results. The project website is available to use now.
All of the projects presenting in this webinar highlighted the complexity of trust relationships, what is important in establishing trust, and how it is possible to measure and evidence how trust within a given environment. The discussion posed the question as to whether it is truly possible to remove the "trusted third-party" role within our ecosystem to truly achieve the "self" in sovereign identity.