As MOBI and its members create and update Standards, new terms will be added to the Glossary.

Glossary of Terms Feedback
Please share your feedback, comments, and suggestions for the terms listed in the Glossary. Before providing feedback, please identify the term and its associated number. You can provide feedback for as many terms as you would like, but please only provide feedback for one term per form. The MOBI team will read and review all feedback and make updates accordingly.

Provide Glossary Feedback


A1. Access Certificates – Access Certificates (ACs) are documents providing the ability for a particular entity to access a particular endpoint in the network’s data layer.

A2. Accessor – An entity is an Accessor of a resource if it attempts to access the URI endpoint. An Accessor may need to go through security and authentication processes in order to actually access said endpoint.

A3. Additive Manufacturing – Additive Manufacturing is the process of creating an object by building it one layer at a time. It is the opposite of subtractive manufacturing, in which an object is created by cutting away at a solid block of material until the final product is complete. Additive manufacturing typically refers to 3-D printing.

A4. Advanced Shipment Notice (ASN) – An Advance Ship Notice or Advance Shipping Notice (ASN) is a notification for pending deliveries. It is similar to a packing list and usually sent in an electronic format.

A5. Agent (Cloud-Agent, Software-Agent) – An Agent is a software component that is able to control an entity’s digital wallet (to an extent that is typically defined by the entity) and the communication to other agents in order to send or obtain information stored in the digital wallet. The agent software can be deployed on an edge device or server that is run by the entity itself or a service provider on behalf of that entity.

A6. Allow List – An Allow List is a list that specifies entities that are allowed to access a particular resource.

A7. Anti-Money Laundering (AML) – Anti-Money Laundering is an umbrella term for the regulatory processes that firms require.

A8. Application Programming Interface (API) – An API is defined as a specification of possible interactions with a software component, allowing two applications to interact with each other. It defines the kinds of calls or requests that can be made, how to make them, the data formats that should be used, the conventions to follow, etc.

A9. Asset-Backed Security (ABS) – An Asset-Backed Security (or ABS) is a security whose income payments – and hence value – are derived from and collateralized (or “backed”) by a specified pool of underlying assets.


B1. Bill of Lading – The Bill of Lading is a transportation document that acts as a “contract of carriage,” containing the terms and conditions between the shipper and carrier.

B2. Bill of Material (BOM) – A Bill of Material is a list of all materials required, along with the quantities required.

B3. Binding – It is often desirable to establish an additional binding of credentials to the subject that they refer to (in general there is a distinction between the entity that has the credential in their wallet – the holder – and the entity whose attributes and permissions are described by a VC – the subject.) Binding methods include using secure hardware that protects a secret key where the associated public key is referenced in a verifiable credential.

B4. Block List – A list that specifies entities that are not allowed to access a particular resource.

B5. Blockchain – A blockchain is a growing list of records, called blocks, that are linked using cryptography. Each block contains a cryptographic hash of the previous block, a timestamp, and transaction data (generally represented as a cryptographically secure tree structure such as a Merkle tree).


C1. Certificate of Conformity (CoC) – A CoC or Certificate of Conformity is a declaration of conformity with the type approval of the European community. It ensures the free movement of vehicles within the European Union, specifically for those vehicles that are subject to homologation or registration.

C2. Credential Issuance – Credential Issuance describes the process by which an authority (“issuer”) creates and transfers (“issues”) a VC to a holder in bilateral communication. This requires different communication steps to include and verify associated data. Consequently, credential issuance is frequently preceded by a verifiable presentation in which the prospective holder convinces the issuer of their eligibility.

C3. Credit Rating Agencies – A Credit Rating Agency (CRA, also called a ratings service) is a company that assigns credit ratings, which rate a debtor’s ability to repay debts by making timely principal and interest payments and determine the likelihood of default.


D1. Data and Functional Interoperability – Data Interoperability addresses the ability of systems and services that create, exchange, and consume data to have clear, shared expectations for the contents, context, and meaning of that data.

D2. Data Bucket – A logical data abstraction for a persistent data store. Data written to a Data Bucket can be used repeatedly over time.

D3. Data Exchange – Data Exchange is the process of taking data structured under a source schema and transforming it into data structured under a target schema so that the target data is an accurate representation of the source data. Data exchange allows data to be shared between different computer programs.

D4. Data Host – A Data Host is an entity that stores data and is trusted with properly administering it, authenticating requests to access the data, and distributing the data as needed.

D5. Data Host Bootstrap Certificate – The Data Host Bootstrap Certificate (DBC) is a certificate that provides a cryptographic proof that a particular entity (Data Host) is allowed to serve a particular type of data from a specific URI.

D6. Data Marketplace – A decentralized Data Marketplace or exchange is a network run on a secure, smart contract blockchain that enables users to restore control over their data and monetize data assets without relying on a centralized platform.

D7. Data Owner – The Data Owner is the owner of a certain piece of data, usually the same as the entity that generated said data (referred to as the Data Generator).

D8. Data Stream – A logical data abstraction for data buffers. Acts as an ephemeral “stream” of data and persists for a set period of time in the network until it is purged in the online systems, thereafter, moved to nearline data systems, and ultimately moved to offline data systems.

D9. Dealer Management System (DMS) – A Dealer Management System (DMS) is a software suite that provides the tools auto dealers need to more effectively run their businesses.

D10. Decentralized Identifier (DID) – W3C Decentralized Identifier (DID) represents a globally unique identifier that can be resolved to a DID Document, or de-referenced on a specific distributed ledger network, much like a URL on the Internet.

D11. Decentralized Storage System (DSS) – A DSS is a non-static collection of data storage nodes with a global identifier where each node typically consists of a set of object revisions (“commits”) which each represent a change (creation, update, or deletion) of a single node object. Each commit is signed, immutable, and content-addressable (typically stored and referenced by its hash).

D12. Delivery Note – A Delivery Note is a document that lists out the description and quantity of the goods in a delivery. It can be signed by the recipient and returned to the seller as proof of delivery

D13. DID Document – A DID Document is a simple text document that describes how to use that specific DID. Each DID Document may contain at least three things: proof purposes, verification methods, and service endpoints. A DID Document can specify that a particular verification method, such as a cryptographic public key or a pseudonymous biometric protocol, can be used to verify a proof that was created for the purpose of authentication. Service endpoints enable trusted interactions with the DID controller.

D14. Differential Privacy (DP) – A method for obfuscating sensitive information by adding noise with expectation value 0 to data. Differential Privacy is best suitable in scenarios where large datasets are aggregated as the expected value of the average does not change under adding noise whose distribution is centered at 0, and where mathematical guarantees for the indistinguishability of entities with respect to query results are required.

D15. Digital Wallet – A software application that runs, for example, on a user’s mobile phone, a laptop, server, or on a vehicle’s hardware. A digital wallet contains private keys that can be used to encrypt messages, prove control over a DID, permissions or property on a distributed ledger, or eligibility to use a VC. A digital wallet typically also contains VCs. If binding is relevant, a digital wallet can also contain a link secret or similar constructions that should never leave the wallet in unblinded form. Frequently, digital wallets also contain information about (private) peer-to-peer connections with and references of other entities in the digital identity ecosystem.

D16. Distributed Ledger Technology (DLT) – Distributed Ledger Technology (DLT) enables consensus about the state of replicated, shared, and synchronized digital data geographically spread across multiple sites, countries, or institutions. A peer-to-peer network is required as well as consensus algorithms to ensure replication across nodes is undertaken. Blockchains are the most well-known example, though general practical byzantine fault-tolerant systems fall under this category as well.


E1. Electronic Control Unit (ECU) – An Electronic Control Unit (ECU) is an embedded electronic device, basically a digital computer, that reads signals coming from sensors in different components of the car. The ECU also controls various important units depending on information from the sensors.

E2. Electronic Data Interchange (EDI) – Electric Data Interchange (EDI) is the computer-to-computer interchange of strictly formatted messages that represent documents other than monetary instruments. EDI implies a sequence of messages between two parties, either of whom may serve as originator or recipient.

E3. Engine Serial Number (ESN) – The Engine Serial Number (ESN) is a unique number that identifies (within the context of a known manufacturer) an engine block.

E4. Entity – An Entity (e.g. vehicle, corporation, individual, etc.) is a network participant that interacts with the system by reading/writing data, enforcing permissioning, or otherwise supporting the network in some way. An entity is identified using an entity certificate anchored on a DLT.

E5. Entity Certificate (EC) – An Entity Certificate (EC) is the certificate that represents all of a particular entity’s network-level information and metadata, including but not limited to identifiers about who they are, the URIs to delegate trust to, and their public keys. An EC is always paired with a corresponding EID.

E6. Entity Identifier (EID) – An Entity Identifier (EID) is a unique alphanumeric string that uniquely identifies an entity within the system network.


F1. Floorplan Audit – The primary purpose of a Floorplan Audit is to reconcile the inventory used as collateral for the floorplan financing to reduce the lender’s risk.

F2. Floorplan Lending/Financing – Floorplan Financing is a revolving line of credit that allows the borrower to obtain financing for retail goods. These loans are made against a specific piece of collateral (a vehicle or other asset, for example.)

F3. Freight Forwarder – A Freight Forwarder is an organization that provides logistics services as an intermediary between the shipper and the carrier, typically on international shipments.


G1. Governance – Administrator for users, roles, and certificate/UVI.

G2. Green Bonds – A Green Bond is a type of fixed-income instrument that is specifically earmarked to raise money for climate and environmental projects. These bonds are typically asset-linked and backed by the issuing entity’s balance sheet, so they usually carry the same credit rating as their issuers’ other debt obligations.​

G3. Group Permission Change Certificate (GPC) – Group Permission Change Certificates (GPCs) are certificates signed by a data owner prompting a Data Host to change the permissioning information of the group.


H1. Homomorphic Encryption (HE) – Allows performing computations on encrypted data (i.e., making meaningful operations without decrypting and knowledge of the decryption key). HE is either very limited in scope (either additions or multiplications, such as in the Pallier cryptosystem) or brings significant performance challenges when arbitrary operations need to be supported (“fully homomorphic encryption”).


I1. Identity – Identity is a combination of one or more unique identifiers having meta-data associated with them. Identity meta-data consists of certificates such as verifiable credentials (per the W3C definition) and other non-verifiable data objects associated with the unique identifier(s).

I2. Intersection Movement Assistance (IMA) – IMA warns a driver if another vehicle is running a red light or making a sudden turn when approaching an intersection.


K1. Key-Value Store (KVS) – A Key-Value Store (KV Store) is a system that stores (key, value) pairs. The key is used to obtain access to the value in some way. Distributed KV stores are KV stores spread across multiple machines and can effectively maintain a global state table.

K2. Know Your Customer (KYC) – Know Your Customer (KYC) is the process of verifying the identity, risks, and other information associated with a customer before initiating any business relationship.


L1. Left Turn Assistance (LTA) – Potential collisions with oncoming traffic while turning left belong to the most safety-critical situations accounting for ~25% of all intersection crossing path crashes. A Left Turn Assist (LTA) was developed to reduce the number of crashes.

L2. LiDAR – Front crash prevention systems use various types of sensors, such as light detection and ranging (LiDAR), to detect when the vehicle is getting too close to one in front of it.

L3. Loan Administration – Loan Administration refers to a lender’s processing of a loan and includes the review, underwriting, and evaluation of a loan application, as well as document processing and preparation of the loan closing.

L4. Loan Servicing – Loan Servicing is the process by which a company collects interest, principal, and escrow payments from a borrower.


M1. Master Data – Specifications and information related to products and business partners, such as supplier’s address and banking information. Master data management aims to provide data and processes for collecting, matching, persisting, and distributing such data within an organization but potentially also with business partners to ensure a single source of truth that provides consistency and control.

M2. Mobility Infrastructure – Mobility Infrastructure consists of physical components and software that enable greater use of mobility as a service.

M3. Mobility Service Provider – A Mobility Service Provider delivers door-to-door transportation service needs as a single entity.

M4. Mobility Services – Transportation services from public and private transportation providers.

M5. Multi-Party Application – A service or process that requires the participation and coordination of multiple disjointed entities.

M6. Multi-Party Computation (MPC) – MPC allows the computation of a function with multiple inputs provided by different entities where every participant does not learn the others’ private inputs but only the final result. Often, MPC also involves methods to make sure that the participants perform their task correctly


N1. Network – A group of entities that all participate in a digital system, generally with a specific goal in mind. Ex: A group of entities that participate in a distributed ledger such as Ethereum.

N2. Node – A node on the system network which is maintained by affiliates. A large number of nodes is meant to provide network availability and prevent collusion attacks.


O1. Obligor/Obligee – An obligor is a person or entity who is bound to another by contract or other legal procedure. Conversely, an obligee is a person or entity to whom another is bound by contract or other legal procedure.

O2. OEM Specific Dealer – Dealerships in agreement/partnership with OEMs

O3. Oracle – A standard for federated identity management (that is often used in enterprise single sign-on and social login) in which clients (such as a mobile application or a server) can request and receive information about valid sessions. In essence, a user proves attributes attested by a dedicated identity provider (such as the company HR or IT department, or Google/Facebook) by means of a signed JSON document that contains information about their identity.

O3. Original Equipment Manufacturer (OEM) – An Original Equipment Manufacturer (OEM) is an organization that makes devices from component parts either made internally or sourced from other organizations.


P1. Peer-to-Peer (P2P) – P2P refers to a collection of use cases that focus on direct energy exchange between energy peers in a decentralized manner.

P2. Personally Identifiable Information (PII) – PII is any information: (1) that identifies or can be used to identify, contact, or locate the person to whom such information pertains, (2) from which identification or contact information of an individual can be derived, or (3) that is or might be directly or indirectly linked to a natural person [ISO/IEC 29100:-1].

P3. Proof Creation – In a Verifiable Presentation, based on a proof request, the prover searches references (VCs or addresses of DLT transactions/smart contracts) in their digital wallet that allow them to present their attributes or permissions, together with a proof of their validity. This proof might be derived from one or several VCs in the prover’s digital wallet, the correctness of which can be verified based on the issuer’s signature on it, or the address of a DLT smart contract or transaction that testifies the claim.

P4. Proof Request – In a Verifiable Presentation, the verifier typically tells the prover at the start of the interaction which information they need, and what kind of proof they expect (a positive list of issuers that the verifier trusts, restrictions regarding the timeliness of a proof of non-revocation).

P5. Proof Transmission – In a Verifiable Presentation, after creating the proof, the holder sends it as a message to the verifier. The proof might be a Zero-Knowledge Proof derived via selective disclosure from one or several VCs, or a plaintext presentation of a VC that the holder has in their wallet, or a DLT transaction or smart contract address on a distributed ledger that the verifier can read and trust.

P6. Proof Verification – In a Verifiable Presentation, the verifier checks the correctness of the proof based on the requirements that they previously stated in the proof request and the proof that the prover sends. This can involve one or multiple read operations on a DLT or another verifiable data registry.


R1. Registration Certificate (Vehicle Registration Document, Part I) – The Registration Certificate or vehicle registration document gives the driver official permission to participate in road traffic with the vehicle. The document contains information about the owner and the vehicle, such as the owner’s name, the date of its manufacture, and the engine and chassis numbers. The registration certificate must always be carried by the driver and must be available at a traffic stop. In this way, the vehicle can be identified. A registration certificate is required for all vehicles subject to registration.

R2. Registration Certificate (Vehicle Title Document, Part II) – The vehicle owner is referenced in the registration certificate part II (Vehicle Title Document). In some legislations, it also indicates ownership of the vehicle. If the vehicle is financed (credit/leasing), the VTD typically remains with the lender.

R3. Revocation – When entities use VCs or entries of a DLT to prove their claims in a VP, there must be a means to disable their capability to create proofs from this when the reason why the issuance had happened ceases to be legitimate. For example, a driver’s license should be revoked when its holder was caught driving drunk. Similarly, it might be useful to revoke some registration or other documents of vehicles that are reported stolen.

R4. Revocation Certificate – Revocation Certificates (RC) revoke AC permissions if the AC has not expired automatically.

R5. Role – Roles regulate the creation of and access to data contained within the network.


S1. Secure Sockets Layer – Secure Sockets Layer is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.

S2. Securitization – Securitization is the financial practice of pooling various types of contractual debt (such as residential mortgages, commercial mortgages, and auto loans), credit card debt obligations, or other non-debt assets which generate receivables, and selling their related cash flows to third party investors as securities.

S3. Special Purpose Vehicle (SPV) – A Special-Purpose Vehicle is a legal entity created to fulfill narrow, specific, or temporary objectives. SPVs are typically used by companies to isolate the firm from financial risk.

S4.  Standard Carrier Alpha Code (SCAC) – The Standard Carrier Alpha Code (SCAC®) is a unique two-to-four-letter code used to identify transportation companies.

S5. Suppliers  – Suppliers are providers of goods or services.


T1. Tier-1 Suppliers – Tier-1 suppliers are companies that provide parts and materials directly to manufacturers.

T2. Tier-N Suppliers – Tier-N suppliers are lower sub-tier suppliers.

T3. Tokenized Carbon Credits (TCC) – This refers to a collection of use cases that center around digitizing carbon credits for ease of transfer, auditability, etc. In particular, TCCs are digital, tradable certificates or permits that represent the right to emit a specified amount of greenhouse gases.

T4. Transmission Serial Number (TSN) – The Transmission Serial Number (TSN) is a unique number that identifies (within the context of a known manufacturer), a transmission unit.

T5. Transport Layer Security – The Transport Layer Security protocol is the successor of SSL and aims primarily to provide privacy and data integrity between two or more communicating computer applications.

T6. Trust Anchor – An authoritative entity that validates and qualifies entities on the network specific to the entity’s corresponding role.

T7. Trusted Executive Environment (TEE) – TEE is hardware for which the manufacturer guarantees that code is executed correctly on it (“remote attestation”) and no information is leaked outside the hardware. A prominent example is Intel’s Software Guard Extensions (SGX) solution. By creating a private key inside the TEE and only making the corresponding public key available, information can be encrypted in a way that makes sure it can only be decrypted inside a TEE.


U1. Uniform Resource Identifiers (URIs) – Uniform Resource Identifiers (URIs) ensure that a named URI will always point to the same resource it was assigned to. Note that this is similar to the addressing system on many blockchain platforms and represents one way to implement a URI.

U2. Unique Vehicle Identifier (UVI) – A unique vehicle identifier (UVI) is a unique alphanumeric identifier within the system described in this standard. Note that a unique vehicle identifier is not the same concept as a VID.

U3. Universally Unique Identifiers (UUIDs) – Universally Unique Identifiers (UUIDs) are unique identifiers that are associated with pieces of digital information and can be used to address and identify them.

U4. URL – A specific type of URI referencing web resources.


V1. Vehicle Birth Certificate (VBC) – A Vehicle Birth Certificate (VBC) is a data structure of strings and integers that records information about a particular vehicle at its creation.

V2. Vehicle Identity (VID) – A Vehicle Identity (VID) comprises a UVI and its associated data (VBC being one source of this data).

V3. Vehicle Registration Workflow – The process of (digitally) registering a vehicle through the interaction of a vehicle (and typically other stakeholders such as the vehicle dealer or owner) with an authority.

V4. Vehicle-to-Grid (V2G) – V2G refers to a collection of use cases that center around the coordinated, either uni- or bi-directional energy exchange between vehicles and the grid.

V5. Verifiable Credential – The W3C Verifiable Credentials Standard defines Verifiable Credentials as “a part of our daily lives; driver’s licenses are used to assert that we are capable of operating a motor vehicle, university degrees can be used to assert our level of education, and government-issued passports enable us to travel between countries. This specification provides a mechanism to express these sorts of credentials on the Web in a way that is cryptographically secure, privacy-respecting, and machine-verifiable.”

V6. Verifiable Data Registries – An abstraction of databases whose content is considered reliable and trustworthy by a large subset of stakeholders. A verifiable data registry might be a GitHub repository if GitHub is considered reliable and trustworthy by the involved stakeholders, or an Interplanetary File System (IPFS). Typically, a verifiable data registry will require strong integrity guarantees and timestamps, so blockchains or other distributed ledgers are an exceptional example of verifiable data registries.

V7. Verifiable Presentation – In many interactions, it is necessary for an entity (the prover) to convince the counterparty (the verifier) of the validity of statements regarding some of their attributes, so-called claims. Sometimes, trust with respect to the counterparty is sufficient to be convinced. However, there are many situations, in particular when there is little or no trust between the parties, that a proof of the validity of the claims needs to be given. In the analog world, a VP would consist of showing evidence in the form of documents (signed diploma) or plastic cards (containing, e.g., watermarks or crypto-chips) that are difficult to duplicate and manipulate. In the digital world, this usually employs methods from cryptography. A verifiable presentation consists of the following sequential steps: proof request, proof creation, proof transmission, and proof verification.

V8. VIN – A unique code, including a serial number, used by the automotive industry to identify individual motor vehicles, towed vehicles, motorcycles, scooters, and mopeds, as defined in ISO 3779 (content and structure).


W1. Waterfall Structure – Waterfall payment structures require that higher-tiered creditors receive interest and principal payments while lower-tiered creditors receive principal payments only after the higher-tiered creditors are paid back in full. Debtors typically structure these payments into such tranches to prioritize the highest-principal loans first because they are also likely the most expensive.


Z1. Zero-Knowledge Proof (ZKP) – In cryptography, a zero-knowledge proof (ZKP) is a method by which one entity (the prover, assumed to be computationally powerful) can prove to another party (the verifier, assumed to be computationally restricted) that a particular statement is true without revealing any further information.