RatifyID is a platform offering a digital wallet and identity to their users.
It consists of a mobile application dedicated to individuals, a management web platform for businesses, and an ad-hoc backend to serve each.
The platform has been developped under the strict regulation of the Trusted Digital Identity Framework, part of Australian government's programme for their Digital ID System.
The mobile app provides simple functionality: a digital wallet where users can verify and store their identity documents, and a digital identity provider medium to allow them to use digital services.
The most effort has been done on the security and privacy of user data: as per TDIF requirements, all user data is encrypted in transit and storage, using Australian Approved Cryptographic Algorithms (AACA).
The business platform offers businesses a medium to connect them with individuals, for the purpose of legitimating and providing them with services. Clients can make identity requests to specific individuals, and request some details from user's digital identity.
Individuals must express their consent to each request from businesses: no-one is allowed to see a digital identity's details unless the owner of it allows them to. Individuals can also manage their connection to each business at a later time, affecting any future requests from businesses.
The backend serves as the fulcrum of the entire ansamble, while enforcing security and privacy between parties. Among the main tasks, the backend is also responsible for evaluating digital identity proofing levels, pairing clients with individuals, and ensuring authentication and credential levels. As part of the security efforts, RatifyID disallows authentication at CL1, requiring at least level 2 (CL2).