Please note, the challenge has been updated as of October 7, 2019. The closing date for this challenge has been extended to November 7, 2019 at 14:00 ET and the Desired outcomes and Considerations have been amended
The Treasury Board Secretariat of Canada (TBS) and Shared Services Canada (SSC) are seeking a standardized method to issue and rapidly verify portable digital credentials across many different contexts, thereby reducing human judgement error, increasing efficiency and ensuring digital credential veracity using cryptography.
Challenge sponsor: Shared Services Canada (SSC) and Treasury Board Secretariat of Canada (TBS)
Funding mechanism: Contract
Opening date: August 29, 2019
Closing date: November 7, 2019 14:00 Eastern Standard Time
Please refer to the tender notice for this challenge on Buy and Sell.
This challenge is seeking a portable secure digital credentials (self-sovereign identity) solution held by individuals that can be independently, cryptographically and rapidly verified using emerging distributed ledger standards and an approach that may give rise to a global digital verification platform. For many contexts, ranging from applying for a job to transiting checkpoints for aviation security, paper documents remain the predominant way to prove key attributes about an individual, such as their name, date of birth, academic/professional qualifications, or security clearance. While these attributes might be presented in digital form, there are no widely adopted or standardized methods to issue and rapidly verify digital credentials across many different contexts. There exists no current capability to digitally verify without dependencies on centralized or low-latency network platforms (or both).
Note: The operational solution will be required to store all personal information within Canada
Desired outcomes and Considerations
Essential (Mandatory) Outcomes
Proposed solutions must:
- Create User-centric Verifiable Digital Credentials able to operate on a national or global interoperable verification platform;
- Protect the privacy and identity of the user at all times* (see note);
- Incorporate the following emerging and/or mature specifications for interoperability that have been funded, tested and/or championed by the United States of America Department of Homeland Security:
- Decentralized Identifiers (Standards Development Organizations: World Wide Web Consortium (W3C) or Decentralized Identity Foundation),
- Verifiable Credentials (Standards Development Organization - W3C); and
- Demonstrate the feasibility of the specifications described above in support of creating, transmitting and storing verifiable digital credentials using wallet or agent reference implementations. These reference implementations may include but not are limited to: Blockcerts, Hyperledger Indy Aries
- Adhere to applicable policy instruments, guidelines and frameworks, including but not limited to:
- Requirements specified in the Treasury Board Directive on Identity Management; and
- Conformance Criteria specified in the Public Sector Profile of the Pan-Canadian Trust Framework.
*Note: In relation to protecting privacy and identity of the user, the bidder is expected to demonstrate, in the proposal, knowledge and application of relevant controls as outlined in applicable guidance, including but not limited to CSE ITSP.30.31 published at https://www.cse-cst.gc.ca/en/system/files/pdf_documents/itsp.30.031v3-eng_0.pdfIt is also expected that the bidder demonstrate, in the proposal, sufficient knowledge to enumerate relevant threat agents and mitigation approaches
Proposed solutions should:
- Give issuers and recipients ownership of their official records that can be cryptographically signed and presented anywhere to verify credential provenance and ownership.
- Give issuers and recipients autonomy over how they use their records and verify digital credentials. For example, if issuers decide to switch vendors later on, they retain full access and use of their digital certificates.
- Give relying trusted third parties the ability to verify any record independently, in independent fashion, for free and independent of any software vendor or issuing institution. Relying parties can easily verify any digital credential through widely available technology such as a web browser or a mobile phone. Verification is based on open and interoperable approaches.
- Provide leading-edge digital credential security to enable the global trust economy that are cryptographically signed thus enabling third parties to verify their provenance and ownership.
- Demonstrate the components of self-sovereign identity:
- decentralized and portable;
- demonstrated control of attributes; and independence from a centralized registry, identity provider, or certificate authority.
- Demonstrate multiple partnerships and interoperability with other companies within verifiable credential ecosystem.
Background and Context
This challenge intends to determine the feasibility and characteristics of developing a national or global interoperable verification platform that can be used to independently verify digital credentials issued by a dynamic set of trusted issuers, and used by a broad and diverse population of users. This can be tested in a context, such as aviation security where there are many actors and authorities operating across many organizational and geographical boundaries. Building on these standards, the goal is to prove that a decentralized, interoperable digital verification ecosystem can be built that can be used by many independent issuers, operators, and most importantly users, by means of open-source libraries and standards-based capabilities. In order for a new technology to gain adoption, it must be made accessible through easy-to-use and widely available software and ubiquitous infrastructure such as Blockchain, Distributed Ledger Technology (DLTs) and Self-Sovereign Identity (SSI). A government could potentially leverage these and develop a ubiquitous infrastructure with enhanced transparency and auditing of public service operations, greater visibility into multi-party business operations, and automation of paper-based processes to improve delivery of services to organizations and citizens. There exists a common need to issue entitlements, attestations and certifications for a variety of purposes including travel, training, education, affiliation, organizational identity and delegated authority and more. Current issuance processes are often paper based, non-interoperable and are susceptible to loss, destruction, forgery, and counterfeiting. While there is a diversity of contexts, there are many common needs across different departmental and agency contexts with a potential use of interoperable implementations of Blockchain, DLTs and SSI that also support the growth and availability of a competitive marketplace of diverse technology implementations for government and industry to draw upon to deliver cost effective and innovative solutions. For many contexts, ranging from applying for a job to transiting checkpoints for aviation security, paper documents remain the predominant way to prove key attributes about an individual, such as their name, date of birth, academic/professional qualifications, or security clearance. While these attributes might be presented in digital form, there are no widely adopted or standardized methods to issue and rapidly verify digital credentials across many different contexts. There exists no current capability to digitally verify without dependencies on centralized or low-latency network platforms (or both). In addition, there is a potential need for self-sovereign identity, which is the concept that people and businesses can store their own identity data on their own devices, and provide it efficiently to those who need to validate it, without relying on a central repository of identity data.
Maximum value and travel
Maximum contract value:
Multiple contracts could result from this Challenge.
The maximum funding available for any Phase 1 Contract resulting from this Challenge is $150,000.00 CAD (plus tax) including shipping, travel and living expenses, as applicable, for up to 6 months.
The maximum funding available for any Phase 2 Contract resulting from this Challenge is $1,000,000.00 CAD (plus tax) including shipping, travel and living expenses, as applicable, for up to 12 months. Only eligible businesses that have completed Phase 1 could be considered for Phase 2.
This disclosure is made in good faith and does not commit Canada to contract for the total approximate funding.
No travel is anticipated
- Kick-off meeting
- Progress Review Meeting(s)
- Final Review Meeting
Solution proposals can only be submitted by a small business that meets all of the following criteria:
- for profit
- incorporated in Canada (federally or provincially)
- 499 or fewer full-time equivalent (FTE) employeesFootnote *
- research and development activities that take place in Canada
- 50% or more of its annual wages, salaries and fees are currently paid to employees and contractors who spend the majority of their time working in CanadaFootnote *
- 50% or more of its FTE employees have Canada as their ordinary place of workFootnote *
- 50% or more of its senior executives (Vice President and above) have Canada as their principal residenceFootnote *
The official source of the Evaluation Criteria for this challenge is the Government Electronic Tendering System (Buy and Sell) (https://buyandsell.gc.ca/procurement-data/tender-notice/PW-18-00846769)
In the event of a discrepancy between the information below and the information published on Buy and Sell, Buy and Sell will take precedence.
Part 1: Mandatory and Minimum Pass Mark Criteria
Proposals must meet all mandatory criteria (Questions 1a and 2) and achieve the minimum pass mark for Question 3 in order to be deemed responsive and proceed to Part 2.
1 a. Scope
Describe your proposed solution and how it responds to the challenge. Include in your description the scientific and technological basis upon which your solution is proposed and clearly identify how your solution meets all of the Essential Outcomes (if identified) in the Desired Outcomes and Considerations section in the Challenge Notice.
Mandatory — Pass/Fail
2. Current Technology Readiness Level (TRL)
Mandatory — Pass/Fail
Pass: The Applicant/Bidder has demonstrated that the proposed solution is currently between TRLs 1 and 4 (inclusive), and provided justification by explaining the research and development (R&D) that has taken place to bring the solution to the stated TRL.
Fail: The Applicant/Bidder has not provided sufficient evidence to demonstrate that the current TRL is between 1 to 4 (inclusive) including:
Describe the novelty of your solution and how it advances the state-of-the-art over existing technologies, including competing solutions.
Point Rated with Minimum Pass Mark
The minimum pass mark for this criteria is 4 points.
0 points/Fail: The Applicant/Bidder has not demonstrated that the proposed solution advances the state-of-the-art over existing technologies, including available competing solutions; OR
The stated advancements are described in general terms but are not substantiated with specific, measurable evidence.
Part 2: Point-Rated Criteria
Proposals that do not achieve the overall minimum score of at least 55 points out of a possible 110 points (50%) will be declared non-responsive and given no further consideration.
The overall minimum score is determined by adding the Applicant/Bidder's scores from the following questions together (1b, 3, 4-13).
Describe how your proposed solution addresses the Additional Outcomes (if identified) in the Desired Outcomes and Considerations section in the Challenge Notice. If no Additional Outcomes are identified in the Challenge Notice, text entered in this section will not be considered.
If no Additional Outcomes are identified in the Challenge Notice, Bidders/Applicants will receive 10 points
4. Phase 1 Science and Technology Risks
Identify potential scientific and/or technological risks to the successful development of the proof of concept and how they will be mitigated in Phase 1?
5. Benefits to Canada
Describe the benefits that could result from the successful development of your solution. Applicants/Bidders should consider the potential benefits using the following three categories:
6. Phase 1 Project Plan
Demonstrate a feasible Phase 1 project plan by completing the table.
Note: Phase 1 cannot exceed 6 months and TRL 4.
7. Phase 1 Project Risks
Identify potential project risks (eg. Human resources, financial, project management, etc) to the successful development of the proof of concept and how they will be mitigated?
8. Phase 1 Implementation Team
Demonstrate how your project implementation team has the required management and technological skill sets and experience to deliver the project plan for Phase 1 by completing the table. A member of the implementation team can have more than one role.
Include the labour rates and level of effort for each member. A day is defined as 7.5 hours of work, exclusive of meal breaks. The labour rates and level of effort will be reviewed as part of the evaluation for Question 10.
If your business were to receive funding from Innovative Solutions Canada, describe what actions (e.g., recruitment strategy, internships, co-op placements, etc.) might be taken in Phase 1 to support the participation of under-represented groups (e.g., women, youth, persons with disabilities, Indigenous people, visible minorities) in the research and development of the proposed solution.
Each bidder/applicant in their response to this question must focus only on describing relevant programs, policies, or initiatives that it currently has in place or would put in place to support the R&D effort in Phase 1. Do not provide any personal information of individuals employed by your company or that of your subcontractors in the response below.
10. Phase 1 Financial Proposal
Demonstrate a realistic financial proposal for the Phase 1 project plan by completing the table.
11. Phase 1 Financial Controls, Tracking and Oversight
Describe the financial controls, tracking and oversight that will be used to manage the public funds throughout Phase 1.
12. Phase 2 Strategy
Describe a realistic strategy for the prototype development if selected to participate in Phase 2.
Responses should include:
13. Commercialization Approach
Describe your overall commercialization approach for the proposed solution.
Responses should include:
Questions and answers
Please refer to the tender notice for this challenge on Buy and Sell.
All incoming questions regarding this specific challenge should be addressed to SIC-ISC@pwgsc.gc.ca
You can also consult the Frequently asked questions about the Innovative Solutions Canada Program.
A glossary is also available.