News Company Passport

Since 2021, the Company Passport initiative has been working on providing the necessary foundation for the introduction of Organizational/Business Wallets, acknowledging that the introduction of such wallets will have a significant impact in many different scenarios. Our primary use case is centred around the foundation and ‘onboarding’ of companies (more specifically the Dutch Private limited Company), including the KYC/KYB process. At this stage Company Passport has provided a harmonised taxonomy, several credential schemes and an eIDAS 2 based architectural framework, grounded in the ARF. The current focus of the use case is on the process as used in the Dutch context. All this information can be accessed on our website www.companypassport.eu and in our Github here.

Please find videos of May 6th session in the links below. We are still arranging English sub-titles of the actual presentation films. The aftermovie has recently been published on LinkedIn.

CP Partner Event Aftermovie (already with english subtitles)

Videos per presentor (only in Dutch at the moment)

• CP General - Robert jan

• CP Taxonomie - Joost

• CP Sandbox - Eelco

• TIP - René

• TIP - Victor

• PCSI DD - Alexander

More specifically we would like to make some observations regarding the use of business wallets

Scope Expansion of the Business Wallet Beyond Legal Person (LP) Definition

We propose broadening the scope of the Business Wallet, from the narrow EIDAS2 focus on Legal Persons only.

1. Business wallets should not only be offered to Legal Persons but also Natural Persons with their own business, who make up most business registrations. For example, in the Netherlands, 90% of registrations are sole proprietorships, partnerships and associations that do not fall under the Legal Person definition. Many types of relying parties (for instance banks), distinguish between sole proprietaries of Natural Persons and their Natural Person acting as a citizen's normal household.

2. Business wallets should also accommodate those who hold no registration in an EU business register but are still registered by another body to confirm their existence. In the Netherlands, there is a category of entities that does not need to be registered in a Business Register. Potentially that would require a different type of register to be set up (or such entities would need to be added to the Dutch Chamber of Commerce holder register).

Deployment of Organisational EUDIW

It is anticipated that, in the vast majority of cases, the Organisational European Digital Identity Wallet (EUDIW) will be deployed as a cloud-based solution. While it is technically feasible for very small enterprises to "host" the organisational wallet on a local device, this will likely be the exception rather than the norm. In such scenarios, the organisational wallet would resemble the Natural Person (NP) EUDIW, mainly focussed on "2) Requesting, holding, and presenting capabilities" mentioned below. The main difference then is the presence of an "LPID" or indeed an "Organisational PID" as the case may be.

In the current ARF communication protocols we found no base that a mobile device-bound organisational wallet could completely function as an issuer or relying party.

In terms of "Issuance" a device bound wallet could of course "issue" something with appropriate seal and/or digital signature, but we have no confirmation if this procedure meets all conditions to be considered as "issuance" under eIDAS - ARF.

Preferred Architecture: Modular Cloud-Based Capabilities

In practice, organisational digital identity functionality will more commonly be realised through a modular architecture comprising three distinct, cloud-based capabilities:

1. Issuing capability

2. Requesting, holding, and presenting capability

3. Relying party capability

In such an architecture, both the (1) issuing component and the (3) relying party capability are typically integrated in the organisation’s internal legacy systems (e.g., via APIs). In the context of banking institutions, this refers specifically to integration with Know Your Customer (KYC) systems and the static data repositories of product platforms. The same type of connection to more corporate oriented legal systems may apply to the (2) requesting/holding/presenting component, yet this could just as well remain stand-alone with no connection to legacy systems.

Value creation

Note that as part of our explorations Company Passport has found that successful uptake and value creation is expected in general B2B engagement (i.e. entering safer, securer, non-refutable fraud resistant and machine readable B2B engagements), rather than “just” engagements with obliged entities. Noteworthy in this respect is the fact that the firm (or NP) has selective disclosure rights and can therefore decide which data-points the firm/NP wishes to consent being shared.

Furthermore, for relying parties in a broad spectrum of economic transactions, sets of verifiable credentials can function as trust anchors that via search actions on credential listings or via M2M system integrations instantly can be verified. This enhances trust and actively prevents fraud.

As a result of experiments we have performed in our Sandbox environment, we conclude the Business Wallet needs additional features such as system-to-system sharing of data, inbox functionality, delivering data in the wallet without human intervention and a flexible permission and trust system. We see great potential in granular authorisations and power of attorney.

Trust services ecosystem

Company Passport has already had in depth engagements with Center of Excellence Datasharing & Cloud, iShare & de Dutch eHerkenning providers (QTSPs). Trust you will find our initial conclusions helpful (see attachment which demonstrates engagement organisational wallets in Datasharing and Dataspaces)

Perhaps more noteworthy for Natural Person EUDIWs, yet just as helpful for situations where a NP represents a business, it can be important to reconfirm the binding of the actual natural person to the device. Company Passport has engaged with Partnership Cyber Security Innovation “Digital Deltaworks” to provide options to make this more robust. ARF 1.5 has since provided allowances for this.

There are a lot of other identifiers in different contexts and processes in use, for example in the field of intellectual property, the taxation, customs, and excise domain, in education, in health, in automotive. We suggest considering how trust can be enhanced, for example by using organisation wallets and credentials to verify if conditions are (still) in place and how to issue and verify commonly used identifiers in a more cost and process efficient way to develop a more robust and competitive internal European market.

Attachments

General Presentation on Company Passport and its partners

Whitepaper Scheme aggregator (in Dutch):

• Samenwerking en governance voor interoperabiliteit in grensoverschrijdende digitale transacties

CP Taxonomy Working Group (SKOS, Ontology, Datamodels, Schema’s & Rulebooks)

Coe Datasharing & Cloud / iShare / eHerkenning partnership with company passport

• Exploring the value of EUID (eIDAS2) Legal Entity Wallet for Data Sharing Initiatives

• The value of the EUDI Legal Identity Wallet for Data Spaces

• Exploration or EU digital identity wallets for legal entities with Company Passport and iShare

We’re excited to announce that Credenco will further develop the Company Passport Sandbox Environment as part of the current phase, running until April 2025. This marks an important step in testing and validating the Joint Taxonomy & Schemes, a key component of the Company Passport initiative.

Building on their previous work, Credenco will integrate their Organizational Wallet into a single platform to issue, manage, and verify credentials for key Company Passport use cases, including:

✅ Establishing a new limited company (BV)

✅ Assigning a wallet to an existing company

✅ Opening a bank account

To illustrate their expertise, Credenco has successfully contributed to projects such as e-Invoicing with FIDES Labs and SmartVOG with Justis, de screeningsautoriteit, demonstrating their ability to bring real-world implementations to life.

“We are honored to have been selected as a partner in developing a sandbox environment for Company Passport and to have the opportunity to contribute to this initiative and demonstrate the power of SSI technology in real-world use cases.” – Eelco Klaver.

With their strong track record in wallet integration, sandbox development, and functional validation, Credenco will play a key role in enhancing the current environment. Exciting times ahead for the Company Passport initiative!

On May 14th, we hosted an inspiring afternoon where we invited entrepreneurs to learn more about the Company Passport initiative and its potential benefits. Entrepreneurs from various sectors joined us, and we are grateful for the valuable insights they provided, which will help us identify key value streams and develop an effective adoption strategy for Company Passport.

The session kicked off with an informal lunch, offering entrepreneurs the chance to network and connect with our project management team. This was followed by a plenary presentation and a live demo, where numerous questions were asked, and feedback was provided regarding the usability of Company Passport. The interest was high, and by the end of the session, everyone recognized the importance of wallets and credentials, as well as upcoming regulations such as eIDAS 2.0.

Together, we can drive the digitalization of entrepreneurial activities. Want to know more about upcoming events? Fill out our contact form or join our partner program. For our first upcoming event see this event by Fides.

On November 28, the kick-off of Phase 3a of the Company Passport took place. In phase 3a, we are working towards the practical realization of the Company Passport. In this new phase, we see growth in our project organization and have welcomed new experts, in addition to our familiar participants, including the Belastingdienst, ABN AMRO Bank, KVK, and the KNB.. The diversity in knowledge and experience opens up new perspectives within this public-private partnership, as we build towards a Proof of Concept in the coming year.

To achieve this ambition, five new working groups started on Tuesday, November 28, each focusing on specific topics and issues. Together with selected experts, these working groups are building a Proof of Concept that will be presented in the course of 2024.

We would like to thank all the involved experts who have dedicated themselves to this collaboration, making a safe and efficient world for entrepreneurs possible.