Image: Danielle MacInnes (@dsmacinnes) on unsplash.com

Becoming an OrgBook BC Issuer

If you’re reading this, you probably hold or use information about BC organizations that benefits citizens, other organizations, your teams, and others. Maybe you issue permits, or authorize the holding of information, or notify the public when certain processes are completed.

Whatever the situation, as long as you’re a public sector organization you should consider becoming an OrgBook BC Issuer.

What is an issuer?

An issuer, in the case of OrgBook BC, is simply an organization that provides—”issues”—their organization-related data to OrgBook BC in the form of Verifiable Credentials.

For example, perhaps you are responsible for issuing licenses to BC businesses, or approving part of a BC organization’s operation in some way. As an issuer, those licenses or approvals form the basis of “credentials” that you “issue” to OrgBook BC. These credentials then show up when people search OrgBook BC for the relevant organization.

Benefits of becoming an OrgBook BC issuer

Benefits for your organization

  • Highly available data: even if your website or team are not available, your OrgBook BC data can still be accessed
  • Proven data security and integrity, improving your reputation: even if you already make your data publicly available, using OrgBook BC will demonstrate you’ve taken extra steps to help ensure the data is well sourced and accurate
  • Reduced work for your team answering data queries: OrgBook BC will always have the latest, most accurate public data from your organization
  • Highly portable data: OrgBook BC uses open standards that are the future of data trust and security, and so your efforts in becoming an OrgBook BC issuer will ensure real time information to both the private and public sector
  • Stakeholders get a clear demonstration of your data being visible and accessible, a key part of improving your organization’s transparency
  • Sharing your data becomes easier and more standardized, saving you time and money
  • Save time and money by creating automated workflows that use OrgBook BC validated data.

Benefits for citizens

  • Trustworthy: citizens can trust the information that’s presented, because there are anti-tampering and security measures in core parts of the service
  • Up to date: changes to organization’s data are reflected in OrgBook BC extremely quickly, including expired or revoked credentials
  • Easy to access: searching OrgBook BC is as simple as using a normal website search tool, making it instantly familiar to a large audience
  • Collated information: OrgBook BC provides citizens with a single way to get multiple insights about an organization, saving them time and energy in their searches.

Benefits for your partners

  • Demonstrate your embrace of the latest secure technologies, showing you are using your partners’ information in a highly practical and useful way
  • Provide a consistent, standards-based way for your partners to access your latest data (through the OrgBook BC APIs).

Being an issuer ensures you have full control of the information published on OrgBook BC. Remember that OrgBook BC is based on open standards, increasing the chance that your integration efforts now will have future benefits and payoffs. VCs will become a more important part of all our lives, and more and more government systems will use these technologies, so integrating with OrgBook BC puts you ahead of the game.

How it works to be an issuer

The diagram below shows how you, as an issuer, will get your data into OrgBook BC.

First, your teams will set up software called an “agent”. An agent has two roles:

  1. Watches your organization’s data for any updates that should be on OrgBook BC.
  2. Issues VCs to OrgBook BC based on that updated data.

The organizations and the issued credentials—from you and other issuers—are held in OrgBook BC’s “wallet”, a secure enclave. Those VCs can then be accessed by the OrgBook BC website’s search feature, or through an API (a software feature) that provides that data to other websites, apps and services.

Note that all issued VCs are public. You don’t have to issue all your data to OrgBook BC, but what is issued to OrgBook BC can be accessed by anyone.

Look at the green region of the diagram. This is the security magic of the VCs technology behind the scenes, a combination of extensive work by BC Gov and other contributors around the world. Because of it, the wallet—and all the communication between OrgBook BC and the issuers—is extremely secure. As mentioned earlier, someone couldn’t “hack into” the OrgBook BC wallet and change the data, because it’s all cryptographically secured.

The details of the technologies are available elsewhere for extensive reading, but the takeaway message is that with them, OrgBook BC becomes a trustworthy, reliable source for all its data.

Architecture of OrgBook BC, including a Verifiable Credentials Ecosystem at its core, where issuer agents issue to a secure wallet inside OrgBook BC.
OrgBook BC architecture.

Step-by-step process of becoming an issuer

Becoming an issuer is a combination of:

  1. understanding your business processes, and
  2. getting your technology team up to speed with the right concepts and tools.

Here’s the broad process involved.

The process diagram for issuing to OrgBook BC. Decide what data to issue, test the OrgBook BC issuer technology, prepare to go live, get approval (in parallel) from BC registries, and then after launch, communicate your changes to others.

How long does it take? It’s as quick as your teams can learn and move. The whole process can take just a few weeks if everything runs smoothly.

Your technical teams will need to integrate your systems into OrgBook BC. They’ll need to be (or become) somewhat familiar with technologies and concepts such as VCs, Docker containers, and so forth. However, once you’re onboard as an issuer, most of that complexity ends. And throughout, the OrgBook BC team will always be available to help.

Let’s look at a step-by-step overview of becoming an issuer.

In these pullouts throughout this section we’ll look at an example of how a permit-issuing government office gets set up as an OrgBook BC issuer.

Step 1: Decide what data to issue

The surprising first step in becoming an issuer is that you may need to know your own organization, and specifically its business processes, even better.

Starting questions are:

  • What data “should” be in OrgBook BC?
  • What specific changes to your data should cause an update to OrgBook BC?

You’ll likely already have your data online, such as in a database. However, if it’s not online, that’s the first step you’ll need to take before becoming an issuer. It will not be practical (nor desirable) to manually enter and update the VCs.

Next, you’ll need to be more specific about what will be in OrgBook BC, and when it’s ready for OrgBook BC. For example:

  • When is a change to your data ready to show to the outside world?
  • Is it after certain approval processes?
  • Does some data need to be abstracted up or grouped in some way, in order to make it more “public friendly”?
  • What data could be added to OrgBook BC, but has little or no public value and could therefore be omitted?
  • Are there any privacy issues that must be resolved before some data can be used?

Diagrams of data flows and approval processes within your organization may help you decide exactly how and when your OrgBook BC issuer agent should be processing data.

Once you know what data is to be shared, it will need to be very clearly specified. For example:

  • What is the size and type of each piece of data you wish to have in OrgBook BC?
  • Does it have limits?
  • Where exactly is it stored right now—how can the issuer agent get access to it?

For Step 1, the permit issuer has an online database of permits issued to BC organizations. They decide that OrgBook BC should know: (a) whether a BC organization has been issued a permit, (b) the permit number, (c) the permit type, (d) the date it was issued, (e) the scope of the permit, and (b) the permit’s expiry date. They decide that an internal approval code for the permit adds little value to OrgBook BC, so will not include that data. They also decide that their permit issuer agent should watch its main database for when a new permit is approved, extended, or revoked, and update OrgBook BC accordingly.

Step 2: Get approval from BC Registries

BC Registries and Online Services, a branch within Service BC and part of the Ministry of Citizens’ Services, are the business owners of OrgBook BC. The core information in OrgBook BC is the company registration data, which is managed by BC Registries & Online Services. The registration data is what the various program verified credentials are issued against. BC Registries & Online Services will need to approve your project and onboarding plan before you can be an OrgBook BC issuer on the live system.

Please reach out to BC Registries and Online Services at bcregistries@gov.bc.ca, and a discovery meeting will be coordinated with your program. In most cases, the onboarding process will be smooth and simple.

For Step 2, the credential issuer completes an intake process with BC Registries and Online Services where they present the data they wish to issue to OrgBook BC, and why, as well as their plans for keeping it up-to-date. BC Registries and Online Services gives permission to the permit issuer to issue their data onto the live system.

Step 3: Test the OrgBook BC issuer technology

This Getting Started tutorial will give your tech teams a starting point for the onboarding process.

However, the general overview is:

  1. Install and test the OrgBook BC “starter kit” issuer on a single computer
  2. Use the starter kit to learn about creating and issuing VCs
  3. Connect your issuer to your database that holds the information you wish to issue, and ensure the issuer gets the right data from it, at the right time
  4. Connect your issuer to the OrgBook BC “dev environment”, and learn about the new processes and steps involved
  5. Prepare a deployment to the OrgBook BC “test environment”, and liaise with the OrgBook BC team to ensure your issuer is submitting the right data
  6. Do final checks before launch on the OrgBook BC “prod[uction] environment”, the live service

For Step 3, the permit issuer’s technical team download, install and test the OrgBook BC “starter kit” issuer, and learn about creating and issuing VCs. They identify some short online VC training courses for key team members to better understand the technology. After adapting the starter kit to their needs, they then contact the OrgBook BC team to let them know about their plans, and start testing how they publish and revoke credentials.

Step 4: Prepare for going live

You’ll need a few parts aligned to be ready for launch:

  • The OrgBook BC team will need to see that your issuer is issuing the right credentials on the test environment, at the right time, and in the right format, so they can approve your ability to issue to the live OrgBook BC system
  • BC Registries approval will need to have been received
  • Ideally, if you are using the API (a software service) to integrate OrgBook BC capabilities into your website or other service for launch, it should be tested and ready, although this can happen after launch.

With all these components in place, and if all teams are happy, you are good to go!

For Step 4, the permit issuer has some back-and-forth with the OrgBook BC team as they resolve some issues with issuing to the dev environment. The permit issuer also runs some tests to ensure their issuer agent is getting the right information from their database, and that it’s triggering an update to OrgBook BC at the right time. With all this complete, the OrgBook BC team reviews the deployment to the test environment, and launch checks are made to ensure the process is working before a deployment to the live environment.

Step 5: Communicate your changes

Congratulations! Your VCs are now in OrgBook BC. What’s next?

  • Communicate the new approach to your teams and partners, so they know what’s happening, where they can access this new information source, and who to contact if they have questions
  • Update your website and other public materials so that citizens and other consumers of your information now use OrgBook BC to find your data
  • Integrate OrgBook BC into your business processes, so that (for example) you update your OrgBook BC agent if something changes with how and when you issue credentials
  • If you didn’t integrate OrgBook BC data into your website before, consider using the API to provide a search facility for the data on your website, simplifying how people can find the information they desire.

For Step 5, the permit issuer holds a meeting with support teams to explain the new OrgBook BC process and website, and emails everyone the OrgBook BC link so they know where to direct most information requests from now on. An extra governance step is also added to the permit issuing processes, to ensure that the tech team is notified about any changes to permit issuing so they can reflect those changes in the OrgBook BC issuer agent.

What’s next? How do I start?

Want to start the process? Got questions about becoming an issuer? Contact the OrgBook BC team.

Also, your technical teams can install and explore the issuer software immediately by following the Getting Started tutorial.

Also In This Section

Contact

Need to speak to someone in the BC community about Digital Trust? Get in touch.

Contact