User-Centric Verifiable Digital Credentials

The Treasury Board Secretariat of Canada (TBS) and Shared Services Canada (SSC) are seeking a standardized method to issue and rapidly verify portable digital credentials across many different contexts, thereby reducing human judgement error, increasing efficiency and ensuring digital credential veracity using cryptography.

Challenge sponsor: Shared Services Canada (SSC) and Treasury Board Secretariat of Canada (TBS)

Funding mechanism: Contract

Opening date: August 29, 2019
Closing date: November 7, 2019 14:00 Eastern Standard Time

Please refer to the tender notice for this challenge on Buy and Sell.

Log in to view your submissions

 

Challenge

Problem Statement

This challenge is seeking a portable secure digital credentials (self-sovereign identity) solution held by individuals that can be independently, cryptographically and rapidly verified using emerging distributed ledger standards and an approach that may give rise to a global digital verification platform. For many contexts, ranging from applying for a job to transiting checkpoints for aviation security, paper documents remain the predominant way to prove key attributes about an individual, such as their name, date of birth, academic/professional qualifications, or security clearance. While these attributes might be presented in digital form, there are no widely adopted or standardized methods to issue and rapidly verify digital credentials across many different contexts. There exists no current capability to digitally verify without dependencies on centralized or low-latency network platforms (or both).

Note: The operational solution will be required to store all personal information within Canada

Desired outcomes and Considerations

Essential (Mandatory) Outcomes

Proposed solutions must:

  1. Create User-centric Verifiable Digital Credentials able to operate on a national or global interoperable verification platform;
  2. Protect the privacy and identity of the user at all times* (see note);
  3. Incorporate the following emerging and/or mature specifications for interoperability that have been funded, tested and/or championed by the United States of America Department of Homeland Security:
    • Decentralized Identifiers (Standards Development Organizations: World Wide Web Consortium (W3C) or Decentralized Identity Foundation),
    • Verifiable Credentials (Standards Development Organization - W3C); and
    • JavaScript Object Notation for Linked Data / JSON-LD (Standards Development Organization - W3C);
  4. Demonstrate the feasibility of the specifications described above in support of creating, transmitting and storing verifiable digital credentials using wallet or agent reference implementations. These reference implementations may include but not are limited to: Blockcerts, Hyperledger Indy Aries
  5. Adhere to applicable policy instruments, guidelines and frameworks, including but not limited to:
    • Requirements specified in the Treasury Board Directive on Identity Management; and
    • Conformance Criteria specified in the Public Sector Profile of the Pan-Canadian Trust Framework.

*Note: In relation to protecting privacy and identity of the user, the bidder is expected to demonstrate, in the proposal, knowledge and application of relevant controls as outlined in applicable guidance, including but not limited to the CSE ITSP.30.31 published document.

It is also expected that the bidder demonstrate, in the proposal, sufficient knowledge to enumerate relevant threat agents and mitigation approaches

Additional Outcomes

Proposed solutions should:

  1. Give issuers and recipients ownership of their official records that can be cryptographically signed and presented anywhere to verify credential provenance and ownership.
  2. Give issuers and recipients autonomy over how they use their records and verify digital credentials. For example, if issuers decide to switch vendors later on, they retain full access and use of their digital certificates.
  3. Give relying trusted third parties the ability to verify any record independently, in independent fashion, for free and independent of any software vendor or issuing institution. Relying parties can easily verify any digital credential through widely available technology such as a web browser or a mobile phone. Verification is based on open and interoperable approaches.
  4. Provide leading-edge digital credential security to enable the global trust economy that are cryptographically signed thus enabling third parties to verify their provenance and ownership.
  5. Demonstrate the components of self-sovereign identity:
    • decentralized and portable;
    • demonstrated control of attributes; and independence from a centralized registry, identity provider, or certificate authority.
  6. Demonstrate multiple partnerships and interoperability with other companies within verifiable credential ecosystem.

Background and Context

This challenge intends to determine the feasibility and characteristics of developing a national or global interoperable verification platform that can be used to independently verify digital credentials issued by a dynamic set of trusted issuers, and used by a broad and diverse population of users. This can be tested in a context, such as aviation security where there are many actors and authorities operating across many organizational and geographical boundaries. Building on these standards, the goal is to prove that a decentralized, interoperable digital verification ecosystem can be built that can be used by many independent issuers, operators, and most importantly users, by means of open-source libraries and standards-based capabilities. In order for a new technology to gain adoption, it must be made accessible through easy-to-use and widely available software and ubiquitous infrastructure such as Blockchain, Distributed Ledger Technology (DLTs) and Self-Sovereign Identity (SSI). A government could potentially leverage these and develop a ubiquitous infrastructure with enhanced transparency and auditing of public service operations, greater visibility into multi-party business operations, and automation of paper-based processes to improve delivery of services to organizations and citizens. There exists a common need to issue entitlements, attestations and certifications for a variety of purposes including travel, training, education, affiliation, organizational identity and delegated authority and more. Current issuance processes are often paper based, non-interoperable and are susceptible to loss, destruction, forgery, and counterfeiting. While there is a diversity of contexts, there are many common needs across different departmental and agency contexts with a potential use of interoperable implementations of Blockchain, DLTs and SSI that also support the growth and availability of a competitive marketplace of diverse technology implementations for government and industry to draw upon to deliver cost effective and innovative solutions. For many contexts, ranging from applying for a job to transiting checkpoints for aviation security, paper documents remain the predominant way to prove key attributes about an individual, such as their name, date of birth, academic/professional qualifications, or security clearance. While these attributes might be presented in digital form, there are no widely adopted or standardized methods to issue and rapidly verify digital credentials across many different contexts. There exists no current capability to digitally verify without dependencies on centralized or low-latency network platforms (or both). In addition, there is a potential need for self-sovereign identity, which is the concept that people and businesses can store their own identity data on their own devices, and provide it efficiently to those who need to validate it, without relying on a central repository of identity data.

Maximum value and travel

Maximum contract value:

Multiple contracts could result from this Challenge.

The maximum funding available for any Phase 1 Contract resulting from this Challenge is $150,000.00 CAD (plus tax) including shipping, travel and living expenses, as applicable, for up to 6 months.

The maximum funding available for any Phase 2 Contract resulting from this Challenge is $1,000,000.00 CAD (plus tax) including shipping, travel and living expenses, as applicable, for up to 12 months. Only eligible businesses that have completed Phase 1 could be considered for Phase 2.

This disclosure is made in good faith and does not commit Canada to contract for the total approximate funding.

Travel

No travel is anticipated

  • Kick-off meeting
    Teleconference/videoconference
  • Progress Review Meeting(s)
    Teleconference/videoconference
  • Final Review Meeting
    Teleconference/videoconference

Eligibility

Solution proposals can only be submitted by a small business that meets all of the following criteria:

  • for profit
  • incorporated in Canada (federally or provincially)
  • 499 or fewer full-time equivalent (FTE) employeesFootnote *
  • research and development activities that take place in Canada
  • 50% or more of its annual wages, salaries and fees are currently paid to employees and contractors who spend the majority of their time working in CanadaFootnote *
  • 50% or more of its FTE employees have Canada as their ordinary place of workFootnote *
  • 50% or more of its senior executives (Vice President and above) have Canada as their principal residenceFootnote *

Application guide

Application guide

Evaluation Criteria

The official source of the Evaluation Criteria for this challenge is the Government Electronic Tendering System (Buy and Sell) (https://buyandsell.gc.ca/procurement-data/tender-notice/PW-18-00846769)

In the event of a discrepancy between the information below and the information published on Buy and Sell, Buy and Sell will take precedence.

Part 1: Mandatory and Minimum Pass Mark Criteria

Proposals must meet all mandatory criteria (Questions 1a and 2) and achieve the minimum pass mark for Question 3 in order to be deemed responsive and proceed to Part 2.

Mandatory and Minimum Pass Mark Criteria (Applicant/Bidder's proposal must address)
Question Evaluation Schema

1 a. Scope

Describe your proposed solution and how it responds to the challenge. Include in your description the scientific and technological basis upon which your solution is proposed and clearly identify how your solution meets all of the Essential Outcomes (if identified) in the Desired Outcomes and Considerations section in the Challenge Notice.

Mandatory — Pass/Fail

Pass
The Applicant/Bidder's proposed solution is clearly articulated, within the scope for the challenge and addresses all Essential Outcomes (if identified) in the Challenge Notice.

Fail
There is little or no evidence that the proposed solution is likely to meet the challenge.
OR
The proposed solution is articulated as out of scope for the challenge.
OR
The proposed solution does not address all Essential Outcomes listed in the challenge.
OR
The proposed solution is poorly described and does not permit concrete analysis.

2. Current Technology Readiness Level (TRL)

  1. Indicate the current TRL of your proposed solution. (Drop Down Menu of the Application/Bid Submission Form)
  2. Describe the research and development activities that have taken place to bring the proposed solution to the stated TRL.

Mandatory — Pass/Fail

Pass: The Applicant/Bidder has demonstrated that the proposed solution is currently between TRLs 1 and 4 (inclusive), and provided justification by explaining the research and development (R&D) that has taken place to bring the solution to the stated TRL.

Fail: The Applicant/Bidder has not provided sufficient evidence to demonstrate that the current TRL is between 1 to 4 (inclusive) including:

  1. There is insufficient/no evidence provided for TRL judgment.
  2. The solution involves the development of basic or fundamental research.
  3. The solution is at TRL 5 or higher.
  4. Insufficient/unclear/no justification explaining the R&D that took place to bring the solution to the stated TRL.
  5. The explanation simply paraphrases the description of a given TRL level.

3. Innovation

Describe the novelty of your solution and how it advances the state-of-the-art over existing technologies, including competing solutions.

Point Rated with Minimum Pass Mark

The minimum pass mark for this criteria is 4 points.

0 points/Fail: The Applicant/Bidder has not demonstrated that the proposed solution advances the state-of-the-art over existing technologies, including available competing solutions; OR

The stated advancements are described in general terms but are not substantiated with specific, measurable evidence.

4 points:

  • The Applicant/Bidder has demonstrated that the proposed solution offers one or two minor improvements to existing technologies, including available competing solutions, that have potential to create competitive advantages in existing market niches.

6 points:

  • The Applicant/Bidder has demonstrated that the proposed solution offers three or more minor improvements to existing technologies, including available competing solutions, that together are likely to create competitive advantages in existing market niches; OR
  • The Applicant/Bidder has demonstrated that the proposed solution offers one significant improvement to existing technologies that is likely to create competitive advantages in existing market niches

8 points:

  • The Applicant/Bidder has demonstrated that the proposed solution offers two or more significant improvements to existing technologies, including available competing solutions that are likely to create competitive advantages in existing market niches and could define new market spaces; OR
  • The Applicant/Bidder has demonstrated that the proposed solution can be considered a new benchmark of state of the art that is clearly ahead of competitors and that is likely to define new market spaces

Part 2: Point-Rated Criteria

Proposals that do not achieve the overall minimum score of at least 55 points out of a possible 110 points (50%) will be declared non-responsive and given no further consideration.

The overall minimum score is determined by adding the Applicant/Bidder's scores from the following questions together (1b, 3, 4-13).

Point-Rated Criteria (Applicant/Bidder's proposal to address)
Question Evaluation Schema

1b. Scope

Describe how your proposed solution addresses the Additional Outcomes (if identified) in the Desired Outcomes and Considerations section in the Challenge Notice. If no Additional Outcomes are identified in the Challenge Notice, text entered in this section will not be considered.

If no Additional Outcomes are identified in the Challenge Notice, Bidders/Applicants will receive 10 points

  • Insufficient or no information provided to demonstrate that the solution will address any of the Additional Outcomes. 0 points
  • Information provided clearly demonstrates that the solution will address some (<50%) of the Additional Outcomes. 5 points
  • Information provided clearly demonstrates that the solution will address most (50% or more) of the Additional Outcomes. 8 points
  • Information provided clearly demonstrates that the solution will address all (100%) of the Additional Outcomes. 10 points

4. Phase 1 Science and Technology Risks

Identify potential scientific and/or technological risks to the successful development of the proof of concept and how they will be mitigated in Phase 1?

  • Insufficient or no information provided to demonstrate that the Applicant/Bidder has considered potential risks and mitigation strategies and/or information provided contains significant gaps. 0 points
  • Information provided demonstrates that the Applicant/Bidder has considered some potential risks and associated mitigation strategies but there are minor gaps in risks and/or associated mitigation strategies. 5 points
  • Information provided clearly demonstrates that the Applicant/Bidder has sufficiently considered the risks and defined associated mitigation strategies. 10 points

5. Benefits to Canada

Describe the benefits that could result from the successful development of your solution. Applicants/Bidders should consider the potential benefits using the following three categories:

  1. Innovation Benefits: Expected contribution towards the enhancement or development of new industrial or technological innovation within your firm. Assessment factors could include: potential spillover benefits, creation of intellectual property, impact on productivity of the new technology, etc.

  2. Economic Benefits: Forecasted impact on the growth of Canadian firms, clusters and supply chains, as well as its expected benefits for Canada's workforce. Assessment factors could include: number of jobs created, number of high-paying jobs, project-related revenue growth, etc.
  3. Public Benefits: Expected contribution to the broader public, including inclusive business and hiring practices (e.g., gender balance), investment in skills and training and environmental best practices. Assessment would consider the degree to which the Applicant/Bidder demonstrates that the solution is expected to generate social, environmental, health, security or other benefits to Canada. Assessment factors could include: solution-related environmental benefits, investment in local communities and solution-related impact on Indigenous communities.
  1. Innovation Benefits
    • Benefit not identified or insufficient claim of benefit. 0 points
    • Benefit has marginal increment or limited justification. 1.5 points
    • Benefit is significant and well justified. 3 points
  2. Economic Benefits
    • Benefit not identified or insufficient claim of benefit. 0 points
    • Benefit has marginal increment or limited justification. 1.5 points
    • Benefit is significant and well justified. 3 points
  3. Public Benefits.
    • Benefit not identified or insufficient claim of benefit. 0 points
    • Benefit has marginal increment or limited justification. 1.5 points
    • Benefit is significant and well justified. 3 points

6. Phase 1 Project Plan

Demonstrate a feasible Phase 1 project plan by completing the table.

Include:

  • Project milestones;
  • project activities under each milestone;
  • time required to complete each milestone (e.g., days, weeks and/or months);
    • (Indicate if any milestones and activities will be completed concurrently)
  • total time required to complete the project; and
  • key success criteria.

Note: Phase 1 cannot exceed 6 months and TRL 4.

  1. Insufficient or no information provided to demonstrate a feasible project plan for Phase 1 and/or the project plan exceeds the maximum duration indicated in the Challenge Notice. 0 points
  2. Project plan for Phase 1 is conceivably feasible but not clearly demonstrated and/or includes gaps. 5 points
  3. Information provided clearly demonstrates a feasible project plan for Phase 1. 10 points

7. Phase 1 Project Risks

Identify potential project risks (eg. Human resources, financial, project management, etc) to the successful development of the proof of concept and how they will be mitigated?

  1. Insufficient or no information provided to demonstrate that the Applicant/Bidder has considered potential risks and mitigation strategies and/or information provided contains significant gaps. 0 points
  2. Information provided demonstrates that the Applicant/Bidder has considered some potential risks and associated mitigation strategies but there are minor gaps in risks and/or associated mitigation strategies. 5 points
  3. Information provided clearly demonstrates that the Applicant/Bidder has sufficiently considered the risks and defined associated mitigation strategies. 10 points

8. Phase 1 Implementation Team

Demonstrate how your project implementation team has the required management and technological skill sets and experience to deliver the project plan for Phase 1 by completing the table. A member of the implementation team can have more than one role.

Include the labour rates and level of effort for each member. A day is defined as 7.5 hours of work, exclusive of meal breaks. The labour rates and level of effort will be reviewed as part of the evaluation for Question 10.

  1. Insufficient or no information provided to demonstrate that the project team has the required management and technological skill sets and experience to deliver the Phase 1 project plan. 0 points
  2. Information is provided but there are minor gaps in required management and/or technological skill sets and/or experience to deliver the Phase 1 project plan. 5 points
  3. Information provided clearly demonstrates that the project team has the required management and technological skill sets and experience to deliver the Phase 1 project plan. 10 points

9. Inclusivity

If your business were to receive funding from Innovative Solutions Canada, describe what actions (e.g., recruitment strategy, internships, co-op placements, etc.) might be taken in Phase 1 to support the participation of under-represented groups (e.g., women, youth, persons with disabilities, Indigenous people, visible minorities) in the research and development of the proposed solution.

Each bidder/applicant in their response to this question must focus only on describing relevant programs, policies, or initiatives that it currently has in place or would put in place to support the R&D effort in Phase 1. Do not provide any personal information of individuals employed by your company or that of your subcontractors in the response below.

  • No description and/or concrete examples of actions provided that would be taken to encourage greater participation of under-represented groups. 0 points
  • A description and concrete examples of actions to encourage greater participation of under-represented groups provided. 3 points

10. Phase 1 Financial Proposal

Demonstrate a realistic financial proposal for the Phase 1 project plan by completing the table.

  • Insufficient information provided and/or information provided significantly lack credibility. Does not demonstrate a realistic financial proposal for the Phase 1 project plan. 0 points
  • Information is provided but some costs appear to be either over or under estimated for the Phase 1 project plan. 5 points
  • Information provided contains credible elements to clearly demonstrate a realistic financial proposal for the Phase 1 project plan. 10 points

11. Phase 1 Financial Controls, Tracking and Oversight

Describe the financial controls, tracking and oversight that will be used to manage the public funds throughout Phase 1.

  1. Insufficient or no information provided to demonstrate the Applicant/Bidder's ability to manage public funds in Phase 1. 0 points
  2. Information provided is vague and/or contains gaps. The Applicant/Bidder has some controls, tracking and/or oversight in place to manage the public funds in Phase 1. 5 points
  3. Information provided clearly demonstrates that the Applicant/Bidder has strong financial controls, tracking and oversight to manage public funds in Phase 1. 10 points

12. Phase 2 Strategy

Describe a realistic strategy for the prototype development if selected to participate in Phase 2.

Responses should include:

  • anticipated barriers
  • key tasks
  • estimated cost
  • Insufficient or no information provided to demonstrate that the Applicant/Bidder has contemplated a realistic strategy for the Phase 2 prototype development. 0 points
  • Information provided demonstrates a conceivably realistic strategy for Phase 2 prototype development, however there are gaps and/or the strategy is vague. 5 points
  • Information provided demonstrates that the Applicant/Bidder has a clear and realistic strategy. 10 points

13. Commercialization Approach

Describe your overall commercialization approach for the proposed solution.

Responses should include:

  • Target markets (excluding Government of Canada)
  • Non-ISC funding sources
  • Transition to a commercially-ready product or service
  • Any other indicators of commercial potential and commercial feasibility
  1. Insufficient or no information provided to demonstrate that the proposed solution has commercial potential. 0 points
  2. Some information provided to demonstrate that the proposed solution has commercial potential, however there are gaps in the commercialization approach. 5 points
  3. A realistic commercialization approach is provided that demonstrates that the proposed solution has commercial potential. 10 points

Questions and answers

Please refer to the tender notice for this challenge on Buy and Sell.

All incoming questions regarding this specific challenge should be addressed to SIC-ISC@pwgsc.gc.ca

You can also consult the Frequently asked questions about the Innovative Solutions Canada Program.

A glossary is also available.