The MUSAP project aims to develop a new software interface called Unified Signature Application Programming Interface (USAPI) Library. The interface provides a consistent and flexible way for applications to request either low, substantial or high LoA signatures, regardless of the SSCD technology or location of the private key.
Can you briefly present your team?
Methics team is behind conceptualizing and developing of MUSAP. Methics is a Finnish software company that specializes in delivering standards based digital identity and mobile signature solutions.. Methics solutions have been delivered to customers in many countries in Europe ans Asia for national identity management solutions and critical business environments. Methics aims to offer a bridge between traditional PKI and decentralized identity projects to provide identity and signing services.
How did you come up with this project idea and what benefits will it bring to the end users?
Methics has been developing mobile PKI products to use SIM/eSIM or APP & HSM as wireless PKI clients or commonly known as SSCDs. We saw there were multiple clients (SSCDS), but it did not provide a unified option for end-user to choose their choice of wPKI client. We saw a need to upgrade/extend the existing state-of-the-art identity systems, that create a unified signature profile, to contain all aspects.
MUSAP will be used to implement a use-case driven identity management system deployment where different/multiple eIDAS Level of Assurance (LoA) are needed. Project has been aimed to work on combining multiple credentials storing/presentation mechanisms offered by SSCDs to allow flexible credential management by the end-users. Allowing end-user to control their trust relationships (private keys), eventually not storing all keys in one basket.
How is TrustChain supporting your growth and what role does it play for the next steps in your development?
Trustchain’s initiative to connect with academic coaches has been excellent . It facilitated a technical discussion regarding our use case and potential collaboration options. Moreover, other projects in the OC1 which have similar cases, allows to validate the use case and design a user-centric product. TrustChain project has opened fresh perspectives on our business model.
Why did you apply to the TrustChain call and has your vision changed since then?
Our vision related to what opportunities MUSAP can open for Methics has enhanced. Methics is an established market leader in providing identity based solutions with our trademark brand names Kiuru and Alauda. As we develop MUSAP during OC1, Methics hopes to be able to tap into different identity vendors and TSPs as partners, to help strengthen our European market offering.
As MUSAP compliments eIDAS 2, we vision MUSAP to be used in packaging EUDI Wallet apps, which will allow Type 1 and Type 2 configs in one device, i.e. users having LoA High and LoA Substantial identities enabled through MUSAP.
What is the most valuable takeout from the TrustChain project and why was the topic of the Open Call important to you/your team?
This project is not implementing technologies in silo. Core aim of NGI Trustchain is to build interoperability. With MUSAP we hope to provide the bridge between centralized and decentralized technologies.
Did you establish collaboration with any of the TrustChain teams or plan for any kind of synergies? If yes, what is the biggest potential in such collaborations?
Yes. We established collaboration with decentralized identity company called Danubetech and their NGI Trustchain project called Client-DIDs. MUSAP allows DID documents to be signed with specific signing algorithm. As a roadmap, we can see MUSAP becoming part of their portfolio to offer signing services.
What are your expectations regarding the TrustChain software ecosystem and its contribution to the NGI priority areas?
To provide interoperability and open-source tools.
What are the next steps for your team?
- To complete on-going pilot in Mongolia where MUSAP will interface SSCDs from two identity systems i.e. SIM based Unitel Mobile ID and App based GSign App. Allowing users to rely on their preferred SSCD for signing and MUSAP provides a credential selection mechanisms.
- Complete demo with Danubetech and polish MUSAP to be used in end-user app for the use case.
- Publish complete repositories of MUSAP and reference applications.
What is the message you would give to new and potential applicants to TrustChain Open Calls?
TrustChain prioritizes innovation and encourages innovators to validate their ideas through user-centric preselection. Look at the state-of-the-art of your domain and identify problem your product/service can solve. Do not hesitate to use existing material/products/service to compliment your offering.