zkPass
zkPass User's Guide
zkPass User's Guide
  • Getting Started
    • 🔊Introduction
      • What is zkPass?
      • How does it work?
      • How zkPass can help you
      • What's Ahead
    • 🌤️Service-based Proof System
      • Main Features
      • zkPass Workflows
      • Deployment Options
        • Public-Cloud Hosting
        • Private-Cloud Hosting
        • On-Premise Hosting
    • 🗝️Key Concepts
      • User Data
      • DVR
      • zkPass Proof
  • Core Components
    • 🏛️Service Architecture
      • RESTful API Web Service
      • zkPass Query Host
    • 👥zkPass Client Roles
    • 🤝Trust Models
      • Data Privacy Trust Model
      • Data Integrity Trust Model
      • Computation Integrity Trust Model
    • 👩‍💻zkPass Module
  • Use Cases
    • 🩸Employee Onboarding
      • “Blood Test Result” User Data
      • "Employee Onboarding" DVR
      • zkPass Integration
      • Call Sequence
    • 🚘Loan Application Screening
      • “BCA Customer Profile” User Data
      • Loan Screening DVR
      • zkPass Integration
      • Call Sequence
    • 🛒Sharing OIDC Users Securely
      • "ShopSphere ID Token" User Data
      • "ShopSphere Account Holder" DVR
      • zkPass Integration
        • Integration Guidelines for ShopSphere OIDC Provider
        • Integration Guidelines for Krisna Service
        • Integration Guideline for ShopSphere App
      • Call Sequence
  • FAQ
    • How is verifiable computing implemented by ZKP?
  • Glossary
    • Client-based Proof System
    • DVR
    • User Data
    • zkPass Proof
Powered by GitBook
On this page
Export as PDF
  1. Use Cases
  2. Sharing OIDC Users Securely

"ShopSphere ID Token" User Data

When a ShopSphere user has successfully logged into the ShopSphere e-commerce site, the user will receive the ShopSphere ID token from ShopSphere’s backend system. The ID token contains various personal information about the user.

Take, for example, Jane Doe, who is an account holder with ShopSphere, and her ID token is structured in the following manner:

{
  "iss": "http://oidc-provider.shopsphere.com",
  "sub": "auth0|123456",
  "aud": "client_id_58347",
  "exp": 1311281970,
  "iat": 1311280970,
  "name": "Jane Doe",
  "_name_zkpass_public_": true,
  "firstName": "Jane",
  "lastName": "Doe",
  "gender": "female",
  "birthdate": "2000-10-31",
  "driverLicenseNumber": "DL00718256",
  "email": "janedoe@live.com",
  "picture": "http://live.com/janedoe/me.jpg"
}

As demonstrated by the above ID token, the user data contains sufficient information needed for determining the “ShopSphere Account Holder” requirement. However, the profile also contains extraneous sensitive attributes that hold no relevance for the “ShopSphere Account Holder” assessment. Transmitting the full profile to Krisna would not only result in superfluous data transfer but also introduce considerable risk to customer privacy. Once stored in Krisna’s server database, such data becomes susceptible to a myriad of security vulnerabilities, ranging from advanced persistent threats (APTs) to unauthorized data access and insider attacks. This escalates the probability of data exfiltration events.

PreviousSharing OIDC Users SecurelyNext"ShopSphere Account Holder" DVR

Last updated 1 year ago

🛒