Digital Certificates: Embedding the LEI to uphold trust in the system
The Global Legal Entity Identifier Foundation (GLEIF) has developed a digital strategy centered on two methods for cryptographically binding the Legal Entity Identifier (LEI) to its organization: Digital Certificates and Verifiable Credentials. These methods aim to enhance trust and transparency in the digital economy.
Understanding Digital Certificates
A digital certificate, or public key certificate, is issued by a qualified trust service provider with government-issued qualifications. This certificate ensures the authenticity and data integrity of an electronic signature and its accompanying data. Under the EU regulation eIDAS (electronic Identification, Authentication, and trust Services), digital certificates play a crucial role in elevating the status of electronic signatures to qualified electronic signatures, essential for conducting public and private transactions within the EU.
Using cryptography, a digital certificate contains information linking it to its owner and includes the digital signature of the trust entity that verifies the content's authenticity. As organizations in Europe prepare to embed their LEIs within financial reports per the European Single Electronic Format (ESEF) requirements, GLEIF urges them to include an LEI in the electronic signatures of signing officers to enhance document authenticity and integrity globally.
The Role of LEIs in Digital Certificates
Embedding LEIs in digital certificates ensures that the certificates are easier to manage, aggregate, and maintain, thereby increasing transparency across the digital identity ecosystem. GLEIF has demonstrated this by embedding its own LEI in the digital signatures within its Annual Report 2020. This practice addresses the growing complexity and cost of maintaining digital certificates, which can undermine the trust system they are designed to create.
Addressing Digital Certificate Challenges
Digital certificates, despite their widespread use and legislative support, have not entirely solved the issues of digital identity. Certificates are not unique, information can become outdated, and revocation remains problematic. Additionally, multiple schemes exist simultaneously, making certificates issued under one country's local scheme potentially unusable in another.
GLEIF, in collaboration with the International Standards Organization (ISO), has standardized the process of embedding LEIs into digital certificates at the point of issuance. This standardization, aligned with the ISO 17442 standard, enhances certificate handling efficiency, data accuracy, and overall trust in the digital marketplace.
Introducing Verifiable LEIs (vLEIs)
To address these challenges, GLEIF has pioneered the verifiable LEI (vLEI), a new form of digitized organizational identity that meets the global need for automated authentication and verification of legal entities across various industries. Verifiable Credentials (VCs), an open standard for digital credentials, place the credential holder at the center of the identity ecosystem, giving control over identity attributes. The vLEI governance model establishes GLEIF as the digital 'root of trust' and ensures the integrity of the trust chain.
The Impact of vLEIs
The vLEI addresses the urgent need for automated digital verification of business legal identities, enabling a 'zero trust security' approach essential in combating cybercrime. This system allows for non-repudiable identification data on legal status, ownership structure, and authorized representatives, which can be used in various digital business activities, such as:
Approving business transactions and contracts
Onboarding customers
Transacting within import/export and supply chain networks
Submitting regulatory filings and reports
By facilitating digital trust between legal entities globally, the vLEI enables entities to interact, innovate, and collaborate across borders without the need for ongoing manual verification processes.
Conclusion
The integration of LEIs into digital certificates and the introduction of vLEIs represent significant advancements in the digital trust system. By standardizing LEI integration, GLEIF enhances the reliability and efficiency of digital identity verification, contributing to the stability and security of the global digital economy. Embracing these innovations will help businesses navigate the complexities of digital identity management, ensuring authenticity, reducing costs, and fostering trust in the digital marketplace.









