Our Privacy-Preserving Web3 Approach
MOBI and its members believe a compliant, privacy-first approach is key to enabling interoperability and preserving information security in the Web3 era.
Cybercrime is expected to cause $10.5 trillion in damage annually by 2025 (almost 10% of the projected 2025 global GDP) with an annual, accelerating growth rate of 15%. As cyber threats mature, legacy systems are more vulnerable to attack than ever before.
Stakeholders around the globe are seeking novel technologies to address these threats and protect consumers’ and organizations’ sensitive data. Regulations such as the EU’s Global Data Protection Regulation, or GDPR, (2016) the California Privacy Rights Act, or CPRA (2020), and the White House’s Federal Zero Trust Strategy (2022) place strict provisions on the storage and exchange of this data in government and enterprise environments.
GDPR, which went into effect in May 2018, comprises the world’s most comprehensive set of data protection rules, placing strict limits concerning the processing and handling of consumer data. GDPR emphasizes the importance of data minimization, integrity, and confidentiality, and applies to any enterprise, regardless of its location, that processes the personal information of individuals inside the European Economic Area (EEA). Statewide regulations in the US such as CPRA are increasingly focused on consumer data protection in enterprise environments. A number of states are working to follow the lead of CPRA, which has drawn many comparisons to GDPR.
The Zero Trust Mandate requires federal agencies to migrate to a zero trust architecture by the end of FY 2024. Zero trust is a security model that assumes all network traffic is untrusted until proven otherwise. The goal of zero trust is to improve the security of an organization’s network by reducing the attack surface and minimizing the potential for data breaches.
Citopia and the ITN: GDPR/CPRA Compliant Zero Trust Architecture
In order for truly privacy-preserving frameworks to scale, it is necessary to establish trusted, decentralized, self-sovereign identities (Self-Sovereign Digital Twins™, or SSDTs™, for the MOBI community). Leveraging SSDTs™ in implementation will give stakeholders a shared framework for verifying claims and identities, which will be critical to enable seamless multiparty business automation.
To this end, MOBI and its partners created Citopia and the Integrated Trust Network (ITN). Together, Citopia and the ITN form the first Web3 solution that achieves zero trust and privacy preservation for every one of its transactions by using World Wide Web Consortium (W3C) standards combined with industry (e.g. MOBI, IEEE, ISO, SAE) standards.
Citopia is a secure virtual business network with machine-readable, zero-trust, privacy-preserving, and provably correct business transactions using W3C Verifiable Credentials (VCs) with zero-knowledge (ZK) cryptography without the need for centralized certificate authorities. Learn more about Citopia.
The ITN is a federated certificate authority for IoT, eCommerce, and business automation as a global trust anchor. ITN is the first cross-industry Web3 infrastructure for trusted, self-sovereign identity backed by global consortia (MOBI, MEF, and AAIS). Learn more about the ITN.
Citopia vinTRAK is a Web3 infrastructure that enables businesses to create scalable, multiparty Vehicle-to-Everything (V2X) business automation, including usage-based insurance, road usage charging, emissions tracking, congestion management, and more.
Read more about vinTRAK
Read about vinTRAK pilots
Citopia partsTRAK digital infrastructure allows for multiparty supply chain track-and-trace applications through using MOBI and other industry (W3C, IEEE, ISO, SAE) standards for global battery passports, maintenance & recall traceability, and ethical/sustainable sourcing for more transparent and resilient global value chains.
Read more about partsTRAK
Read about the partsTRAK pilot
Citopia MaaS universal wallet provides a seamless travel ecosystem that enables riders to search, book, and pay for multimodal trips all from the same gateway; offers an efficient end-to-end experience; and eliminates the need for multiple logins, user cards, apps, and payment methods. Users (riders and service providers) on Citopia MaaS have full control over who sees their data, how much data is shared, and how that data is used.
Read more about MaaS
Read about the MaaS pilot
The Transit IDEA Program is a part of the Transit Cooperative Research Program (TCRP). TCRP is sponsored by the Federal Transit Administration (FTA).