Otentik’s Role
Otentik is the first accredited operator under the Visible Digital Seal International Council (VDSIC). We manage our VDS network by maintaining official lists of accredited service providers. We define and enforce specific policies—covering security, technical and operational requirements—that these providers must meet. Our policies also govern the creation, assignment and usage of unique VDS identifiers, ensuring that each identifier is generated, signed and published in accordance with those requirements and used correctly. We oversee all trust service providers to ensure ongoing compliance. By facilitating interoperability, communicating transparently, and strictly complying with VDSIC requirements, we enable integration and trust across the global VDS network.
Foundation
Founded in 2011, Otentik emerged from the convergence of three key factors: the need for low-cost, reliable information verification on paper documents, strong public sector leadership seeking a solution, and a small company with a significant vision.
At Otentik, we empower governments, industries, and individuals to operate in a world built on trust. The Otentik Trust Network establishes the governance principles, trust frameworks, and control mechanisms necessary to ensure the authenticity and legitimacy of the billions of objects, goods, and documents we interact with daily.
Key principles
Our approach is built on several key principles:
- Trusted Identity: Verifying the identity of entities certifying information (organizations, departments, individuals) to the highest standards.
- Proven Legitimacy: Ensuring the certifying party has the legal, regulatory, or moral authority for the specific information being certified.
- Longevity & Resilience: Developing standards so information remains verifiable over extended periods.
- Privacy-by-Design: Balancing transparency with privacy by limiting access to relevant parties while enabling audits, and avoiding the processing of sensitive information directly on the network whenever possible.
- Online or Offline Operation: Providing resilience in offline environments with the option for online enhancements.
Authenticity and Legitimacy
While counterfeiting and forgery can occur, the Otentik Trust Network is designed to ensure that all fraudulent attempts fail validation. Its robust governance and root trust list ensure validated information is both authentic and legitimate.
Authenticity is ensured by verifying the information’s origin and guaranteeing its integrity. This relies on high Identity Assurance Level (IAL) electronic signatures from vetted, certified Trust Service Providers (TSP). These providers meet standards like eIDAS and WebTrust for CA.
Legitimacy goes beyond just the signature. It involves verifying that the issuer has the legal, regulatory, or moral authority to certify the specific information. Our TSPs handle this verification at the local level when necessary.
VDS Technology & Standards
The Otentik VDS evolved significantly from the 2D-Doc VDS, a solution financed by the French Ministry of Interior and ANTS to address the problem of paper document fraud, particularly for sensitive documents like those used for passports. Operational since 2012 in France for proof of addresses, 2D-Doc laid the groundwork, and the Otentik network supports both technologies.
The Visible Digital Seal (VDS) is central to the network – a cost-effective, often RFID-compatible 2D barcode applied to items. It carries trustworthy, electronically signed data to detect tampering and confirm issuer authenticity and legitimacy. The network supports multiple VDS specifications (PKI, blockchain) and Certified Electronic Verification (CEV) via barcodes or RFID.
Use Case Approach
We adopt a use case centric approach, believing business needs drive technology. Experts define the specific requirements for a use case, which Otentik’s technology translates into machine-readable XML descriptors. This includes defining data schemas, validation policies, legitimacy verification processes, and even presentation layers, ensuring seamless processing and compliance for issuers and readers.
Chain of Trust and Validation
The chain of trust is fundamental: every element on the network is electronically signed and verified up to the root of trust defined in the Otentik-managed TSL (covering VDS, descriptors, certificates, etc.). In addition, each VDS is validated against the specific policies set out in its use case descriptor.
Broad Compatibility
The Otentik VDS is compatible with numerous barcode technologies (Datamatrix, QR code, PDF417, etc.) and RFID tags with persistent storage, embodying our foundational principles of authenticity, legitimacy, longevity, privacy-by-design, and online/offline support through efficient and secure implementation.
Team Members
Gille BARRE
President
Zbigniew SAGAN
Standards expert
Jean-Louis REVOL
Technology Advocacy Lead