SlideShare a Scribd company logo

Introduction+to+OCI+ppt_0322.pdf

N
NandiniSinghal16

The document provides an overview of the Open Credentialing Initiative (OCI). It introduces OCI as an open ecosystem that supports the pharmaceutical industry in complying with the Drug Supply Chain Security Act (DSCSA) requirements through the use of verifiable credentials. It describes some of the challenges posed by the DSCSA, particularly around verifying the authorized trading partner (ATP) status. The roadmap outlines OCI's plans to drive adoption of credentialing solutions for DSCSA compliance over time through pilots, standards development, and industry collaboration.

Engineering
1 of 37
Download to read offline
1 OPEN CREDENTIALING INITIATIVE Enabling trusted digital interactions in pharmaceutical supply chains
© 2022 Open Credentialing Initiative - All Rights Reserved Agenda 2 OCI Introduction The DSCSA Challenge Roadmap 1 Appendix 2 3 4
© 2022 Open Credentialing Initiative - All Rights Reserved 3 OCI Introduction The DSCSA Challenge Roadmap 1 Appendix 2 3 4
© 2022 Open Credentialing Initiative - All Rights Reserved What is OCI? 4 An open ecosystem supporting the pharmaceutical industry in complying with DSCSA requirements by 2023 with available solutions developed in industry-wide pilots
© 2022 Open Credentialing Initiative - All Rights Reserved Advantages of OCI Architecture 5 Every OCI member is committed to adopting and supporting OCI architecture, guidelines, and trust frameworks to support industry collaboration
© 2022 Open Credentialing Initiative - All Rights Reserved 6 OCI works closely with stakeholders to promote interoperability and DSCSA application We work with... • HDA to integrate OCI ATP Credentials in PI Verifications processed by VRS • GS1 US to include the optional use of the OCI ATP Header in the GS1 US Guideline for using the Lightweight Messaging Standard for PI Verification • PDG to recognize the OCI architecture as the standard for establishing ATP status in appropriate DSCSA digital transactions • AAM requested to recognize the OCI architecture • Trading Partners and Solution Providers to adopt and onboard • FDA to establish awareness that a solution for the ATP requirement is available and validated by compliance teams
© 2022 Open Credentialing Initiative - All Rights Reserved 7 What does the OCI do? • Incubates industry-wide adoption of non-proprietary credentialing solutions • Defines conformance and interoperability criteria • Coordinates and maintains frameworks and guidelines for software architecture • Applies open standards (GS1, W3C and DIF) • Addresses needs of all stakeholders along the pharmaceutical supply chain • Facilitates pilots to explore credentialing for and beyond DSCSA requirements • Publication of all technical work on dedicated GitHub account: https://github.com/Open-Credentialing-Initiative
© 2022 Open Credentialing Initiative - All Rights Reserved 8 From PoC to OCI Jan 2020 Mar 2020 Apr 2020 Feb 2021 Apr 2021 ATP Proof of Concept Test the credentialing and identity technology in a controlled environment. ATP Pilot Identity and ATP credential issuance process. Trading Partner to Trading Partner use of credentials in existing PI Verification for Saleable Returns. Open Credentialing Initiative Establish the technical governance, specifications, and guidelines for long-term success. Oct 2021 Adoption Validation of OCI solution by first VRS providers and trading partners. Specification ⭐ Launched in April 2022 as incubator project of the Center for Supply Chain Studies (C4SCS)
© 2022 Open Credentialing Initiative - All Rights Reserved 9 OCI Structure OCI Steering Committee OCI Messaging and Communications WG ATP Credentialing for DSCSA Program Steering Advisors Policy & Architecture WG Programs under Exploration Pharmaceutical and Medical Device Recalls (.med) Customer / Supplier Onboarding (C4SCS) Dynamic Information Access (C4SCS)
© 2022 Open Credentialing Initiative - All Rights Reserved 10 The Current OCI Ecosystem Trading Partners • Novartis • Atlantic Biologicals • Lilly • Bristol-Myers Squibb* • Johnson & Johnson* • AmerisourceBergen* * Status for committed companies where the legal process to join is pending Interested in joining? Please visit us on oc-i.org and join OCI by signing our charter. Membership is free for trading partners. Credential Issuer Integrators • SAP • Tracelink • rfxcel • RxScan • Navitas • .Med Early Adopter Program • Legisym • XATP • .Med Wallet Provider • Spherity • XATP Supporters • HDA • GS1 US Credential Issuer • Center for Supply Chain Studies • Novartis • Johnson & Johnson • Bristol-Myers Squibb • AmerisourceBergen • Apotex • Cardinal Health
© 2022 Open Credentialing Initiative - All Rights Reserved 11 OCI Introduction The DSCSA Challenge Roadmap 1 Appendix 2 3 4
© 2022 Open Credentialing Initiative - All Rights Reserved 12 U.S. Drug Supply Chain Security Act (DSCSA)
© 2022 Open Credentialing Initiative - All Rights Reserved 13 Securing the drug supply chain all the way by Nov 2023 Manufacturer Wholesaler Dispenser Wholesaler Prevent harmful drugs from entering the supply chain Detect harmful drugs that have entered the supply chain Respond rapidly when harmful drugs are found Dispenser Patients Patients
© 2022 Open Credentialing Initiative - All Rights Reserved 14 DSCSA states 4 key requirements to be realized by 2023 Key Requirements (under section 582 of the FD&C Act) apply to Manufacturers, Repackagers, Wholesale Distributors and Dispensers (Pharmacies) Authorized Trading Partners Product Tracing Verification (Serialization) Product Identification DSCSA
© 2022 Open Credentialing Initiative - All Rights Reserved 15 DSCSA requires vetting of indirect Trading Partners
© 2022 Open Credentialing Initiative - All Rights Reserved 16 What makes a trading partner authorized? Entity is a Trading Partner when it accepts or transfers direct ownership of a product from or to a manufacturer, third-party logistics provider, wholesale distributor or dispenser. Has a valid license under State law Database of authorities Manufacturer Wholesale Distributor Dispenser, Pharmacy Third-Party Logistic Provider Entity is Authorized when it ... Database of authorities FDA´s drug establishment current registration database Is registered with FDA in accordance with section 510 of the FD&C Act Where can Trading Partners check each others authorized status? Has a valid state or federal license Repackager Clinic
© 2022 Open Credentialing Initiative - All Rights Reserved 17 GLNs do not suffice to identify trading partners in product identifier verification processes Currently, GLN are used to identify Trading Partners. Submitted GLN may ● not be active ● not be associated with the Trading Partner GLN do not ● inform about trading authorization ● ascertain origin of the received GLN Requester VRS Solution Provider PI verification Request Responder VRS Solution Provider Request Message VRS Request Message PI verification Request Response Message PI verification Response Response Message PI verification Response
© 2022 Open Credentialing Initiative - All Rights Reserved 18 OCI’s ATP Architecture
© 2022 Open Credentialing Initiative - All Rights Reserved 19 OCI uses Verifiable Credentials to identify trading partners and verify their authorized status Requester VRS Solution Provider PI verification Request Responder VRS Solution Provider Request Message VRS Request Message PI verification Request Response Message PI verification Response Response Message PI verification Response Verifiable Credential A credential is a digital assertion containing a set of claims (e.g., about a state license or FDA Establishment Identifier) made by an entity about itself or another entity. A subset of identity data, credentials are cryptographically signed and can be verified. Credentials can be used to create selective disclosures of information (known as “verifiable presentations”) to limit personal data exposure. The entity described by the claims is called the subject of the credential. The OCI uses Verifiable Credentials in accordance with the W3C specification: https://www.w3.org/TR/vc-data-model/
© 2022 Open Credentialing Initiative - All Rights Reserved 20 Credentialing introduces cryptographically verifiable trust into the ATP process flow Acquiring the ATP Credential Acquiring and using the Identity Credential Using the ATP Credential Start of cryptographically verifiable trust Trading Partner cryptographically verifiable trust
© 2022 Open Credentialing Initiative - All Rights Reserved 21 ATP Pilot proved feasibility using Credentials in product verifications Info Material • Scalable, interoperable technology • Compliant with DSCSA ATP requirements • Credentialing can be integrated into existing processes with little effort • No update of GS1 standard required • Continued collaboration within OCI to drive adoption of credentialing Main Results Explainer Videos Link Pilot Resources Link DID and VC as Trust Anchors VRS Providers Manufacturers Wholesaler ATP Credential Issuer Wallet Provider Wallet Wallet Wallet Stakeholders
© 2022 Open Credentialing Initiative - All Rights Reserved 22 Architecture for PI Verification using Credentials to check ATP status Details 1 2 3 • OCI-conformant credential issuer verifies organization’s identity and license status • Establishes digital link between organization and digital identifier (DID) by issuing an identity credential • Usage of Digital Wallet and registration of own identifier (DID) in public registry • Verifies authorized status and issues ATP credential Service Provider Requester* Manufacturer Get Requester`s ATP Credential Presentation Routing PI request and responses including ATP Credential Presentation PI Verification Credential Issuer DIGITAL WALLET DIGITAL WALLET Service Provider 1 2 3 *) Wholesaler, dispenser, clinic… DIGITAL WALLET Verify Responders`s ATP Credential Presentation Verify Requester`s ATP Credential Presentation Get Responders`s ATP Credential Presentation ISSUANCE OF IDENTITY AND ATP CREDENTIAL • Trading partner provides credential issuer information to be identified as legitimate organization and authorized trading partner • Usage of digital wallet to acquire, present and verify credentials • Provides VRS API access to digital wallet to allow the creation of credential presentations and verifications • Digital wallet logs all credential presentations and verification transactions • VRS uses OCI open APIs to interact with digital wallet of own customer • Creates ATP credential presentation via API and attaches it to GS1-standardized request or response message • Verifies ATP credential presentation sent to customer
© 2022 Open Credentialing Initiative - All Rights Reserved We can all work with each other! 23 OCI conformance criteria enable interoperability Conformance Criteria for Trading Partners Conformance Criteria for Digital Wallet Providers Conformance Criteria for Credential Issuers Published Conformance Criteria for VRS Planned
© 2022 Open Credentialing Initiative - All Rights Reserved 24 OCI Introduction The DSCSA Challenge Roadmap 1 Appendix 2 3 4
© 2022 Open Credentialing Initiative - All Rights Reserved 25 OCI Roadmap Apply ATP Architecture to tracing requirements Dispenser Pilot 2022 2022 2023 Onboarding dispenser level through their service providers First Credentialing Service offered by Spherity in Partnership with Legisym VRS testing with early adopters New GS1 Guideline Road to industry adoption avoids big bang! Trading partners can onboard now and use Credentialing as option in today’s PI Verifications VRS use credentialing in production DISPENSERS STANDARDS TRACING INTEROPER- ABILITY Drop Shipments Order to cash ADOPTION DSCSA compliance
© 2022 Open Credentialing Initiative - All Rights Reserved 26 ❏ Test drive OCI’s solution by joining the current validation cycle. Register your interest! ❏ Join OCI ❏ Educate your teams ❏ Participate at future events ❏ Contact us at hello@oc-i.org Get involved
© 2022 Open Credentialing Initiative - All Rights Reserved 27 OCI Introduction The DSCSA Challenge Roadmap 1 Appendix 2 3 4
© 2022 Open Credentialing Initiative - All Rights Reserved 28 Background on credentials
© 2022 Open Credentialing Initiative - All Rights Reserved 29 Trust triangle I s s u e s C r e d e n t i a l Issuer Holder Verifier P r e s e n t s C r e d e n t i a l Verifies Issuer Signature ID anchored
© 2022 Open Credentialing Initiative - All Rights Reserved 30 From DID to VP did:example:123456789abcdefghi Scheme Method Method-specific Identifier uniquely identified by DID Document resolves to Verifiable Credential (VC) embedded in Verifiable Presentation (VP) embedded in anchored Decentralized Identifier (DID)
© 2022 Open Credentialing Initiative - All Rights Reserved 31 did:example:123456789abcdefghi Scheme Method Method-specific Identifier
© 2022 Open Credentialing Initiative - All Rights Reserved 32 Relationship between DID and VC Verifiable Credential DID inside did:ethr:123456789abcdefghi Scheme Method Method-specific Identifier There’s data inside! Has it been issued by a legitimate issuer? Is this the correct Trading Partner? Is this Credential still in effect? Trade Partner DID Doc DID Public Key Verification Method Service Locations . . . Issuer Credential Revocation Registry Issuer DID Doc DID Public Key Verification Method Service Locations . . . Essential information published openly Credential ID Issuer DID Issuer Name Credential Issuance Date Credential Expiration Date Subject DID Subject Type Subject Name Subject Address Subject Street Subject Locality Subject Region Subject Postal Code Corporate Entity GLN Revocation status Issuer Signature Has this Credential been tampered with?
© 2022 Open Credentialing Initiative - All Rights Reserved 33 Credential Schema support interoperability Schemas are the general structure of the credential. { "@context": { "@version": 1.1, "@protected": true, "IdentityCredential": { "@id": "https://example.org#IdentityCredential-v2.0.0", "@context": { "@version": 1.1, "@protected": true, "id": "@id", "type": "@type", "schema": "http://schema.org/", "issuerName": "schema:legalName", "legalName": "schema:legalName", "parentOrganization": "schema:parentOrganization", "streetAddress": "schema:streetAddress", "addressLocality": "schema:addressLocality", "addressRegion": "schema:addressRegion", "postalCode": "schema:postalCode", "addressCountry": "schema:addressCountry" } } } } Identity Credential Within the OCI ecosystem, the Identity Credential is the Root of Trust upon which issuance of ATP Credentials depends. The due diligence expected of the Credential Issuer is established by OCI, and this due diligence must be exercised prior to issuing an Identity Credential. { "@context": { "@version": 1.1, "@protected": true, "DSCSAATPCredential": { "@id": "https://example.org#DSCSAATPCredential-v2.0.0", "@context": { "@version": 1.1, "@protected": true, "id": "@id", "type": "@type", "schema": "http://schema.org/", "organizationType": { "@id": "schema:additionalType", "@type": "schema:additionalType" }, "identifier": { "@id": "schema:PropertyValue", "@type": "schema:PropertyValue" }, "issuerName": "schema:legalName", "legalName": "schema:legalName", "streetAddress": "schema:streetAddress", "addressLocality": "schema:addressLocality", "addressRegion": "schema:addressRegion", "postalCode": "schema:postalCode", "addressCountry": "schema:addressCountry" } } } } ATP Credential The Credential Issuer performs due diligence on the license status of the trading partner and issue an ATP credential if appropriate. Link to OCI schemas: https://github.com/Open-Credentialing-Initiative/schemas
© 2022 Open Credentialing Initiative - All Rights Reserved 34 Where else are W3C Standard Verifiable Credentials used? Connecting Canadians and Canadian Companies to Government Services. Identity credentials allowing Customers to access services from any Credit Union. NCR’s next-generation retail store architecture.
© 2022 Open Credentialing Initiative - All Rights Reserved 35 OCI Technology Architecture
© 2022 Open Credentialing Initiative - All Rights Reserved 36 Detailed PI Verification roundtrip with OCI 36 WHO Requester VRS GENERATE ATP credential presentation (JWT)1) GS1 Lightweight Messaging Standard for Verification PI Verification Request Body (Payload) Request Header + JWT 1 Responder VRS Digital Wallet Requester VERIFY ATP credential presentation (JWT) of Requester 2 Digital Wallet Responder Request Responder VRS GENERATE ATP credential presentation (JWT) 3 Digital Wallet Responder Response PI Verification Response Body (Payload) Response Header + JWT Requester VRS VERIFY ATP credential presentation (JWT) of responder 4 Digital Wallet Requester Open APIs for VRS providers specified by OCI here. 1) JSON Web Token - OCI uses JWT for wrapping credentials into a verifiable presentation. Used specification: https://w3c.github.io/vc-data-model/#jwt-encoding
© 2022 Open Credentialing Initiative - All Rights Reserved 37 Trading Partner Optional Interface (tbd) Key Management Encrypted Data Storage Messaging DID Driver (ETHR / web) Monitoring Digital Wallet Verification Module DID Trust Anchor Application Layer User & Access Management ATP Monitoring Wallet configuration Credential Issuer Backend Digital Wallet Revocation Registry API Collection for integrators Generate Verifiable Presentation Credential Verify Verifiable Presentation Credential API Collection for Credential Issuer Issue Credential Request Presentation Digital Wallet APIs Credential Issuer Access to Application Layer Request product verification for Saleable Returns Provide restricted access for API authentication Integration Partners OCI System Architecture with Ecosystem Partners Check credential status Issue and maintain credentials Use and verify ATP Credentials on behalf of customers

Recommended

OpenAthens Conference 2018 - Don Thibeau - OpenID Connect
OpenAthens Conference 2018 - Don Thibeau - OpenID ConnectOpenAthens Conference 2018 - Don Thibeau - OpenID Connect
OpenAthens Conference 2018 - Don Thibeau - OpenID Connect
OpenAthens
 
PCI-DSS for IDRBT
PCI-DSS for IDRBTPCI-DSS for IDRBT
PCI-DSS for IDRBT
Shanmugavel Sankaran
 
PCI DSS Compliance Checklist
PCI DSS Compliance ChecklistPCI DSS Compliance Checklist
PCI DSS Compliance Checklist
ControlCase
 
DQS India_Overview_final.pptxjuhijijijiji
DQS India_Overview_final.pptxjuhijijijijiDQS India_Overview_final.pptxjuhijijijiji
DQS India_Overview_final.pptxjuhijijijiji
anshtrivedi4
 
GP-PCI-DSS-prodsheet
GP-PCI-DSS-prodsheetGP-PCI-DSS-prodsheet
GP-PCI-DSS-prodsheet
Marco Villacorta Olano
 
Secrets for Successful Regulatory Compliance Projects
Secrets for Successful Regulatory Compliance ProjectsSecrets for Successful Regulatory Compliance Projects
Secrets for Successful Regulatory Compliance Projects
Christopher Foot
 
apidays New York 2022 - Discussing the significance of API standardization, D...
apidays New York 2022 - Discussing the significance of API standardization, D...apidays New York 2022 - Discussing the significance of API standardization, D...
apidays New York 2022 - Discussing the significance of API standardization, D...
apidays
 
apidays Paris 2022 - API design best practices, Ryan Clifford & Ros Bennis, F...
apidays Paris 2022 - API design best practices, Ryan Clifford & Ros Bennis, F...apidays Paris 2022 - API design best practices, Ryan Clifford & Ros Bennis, F...
apidays Paris 2022 - API design best practices, Ryan Clifford & Ros Bennis, F...
apidays
 

Recommended

OpenAthens Conference 2018 - Don Thibeau - OpenID Connect
OpenAthens Conference 2018 - Don Thibeau - OpenID ConnectOpenAthens Conference 2018 - Don Thibeau - OpenID Connect
OpenAthens Conference 2018 - Don Thibeau - OpenID Connect
OpenAthens
 
PCI-DSS for IDRBT
PCI-DSS for IDRBTPCI-DSS for IDRBT
PCI-DSS for IDRBT
Shanmugavel Sankaran
 
PCI DSS Compliance Checklist
PCI DSS Compliance ChecklistPCI DSS Compliance Checklist
PCI DSS Compliance Checklist
ControlCase
 
DQS India_Overview_final.pptxjuhijijijiji
DQS India_Overview_final.pptxjuhijijijijiDQS India_Overview_final.pptxjuhijijijiji
DQS India_Overview_final.pptxjuhijijijiji
anshtrivedi4
 
GP-PCI-DSS-prodsheet
GP-PCI-DSS-prodsheetGP-PCI-DSS-prodsheet
GP-PCI-DSS-prodsheet
Marco Villacorta Olano
 
Secrets for Successful Regulatory Compliance Projects
Secrets for Successful Regulatory Compliance ProjectsSecrets for Successful Regulatory Compliance Projects
Secrets for Successful Regulatory Compliance Projects
Christopher Foot
 
apidays New York 2022 - Discussing the significance of API standardization, D...
apidays New York 2022 - Discussing the significance of API standardization, D...apidays New York 2022 - Discussing the significance of API standardization, D...
apidays New York 2022 - Discussing the significance of API standardization, D...
apidays
 
apidays Paris 2022 - API design best practices, Ryan Clifford & Ros Bennis, F...
apidays Paris 2022 - API design best practices, Ryan Clifford & Ros Bennis, F...apidays Paris 2022 - API design best practices, Ryan Clifford & Ros Bennis, F...
apidays Paris 2022 - API design best practices, Ryan Clifford & Ros Bennis, F...
apidays
 
Risk Factory: PCI - The Essentials
Risk Factory: PCI - The EssentialsRisk Factory: PCI - The Essentials
Risk Factory: PCI - The Essentials
Risk Crew
 
Startup InsurTech Award - iCede
Startup InsurTech Award - iCedeStartup InsurTech Award - iCede
Startup InsurTech Award - iCede
The Digital Insurer
 
Kantara Workshop at CIS
Kantara Workshop at CISKantara Workshop at CIS
Kantara Workshop at CIS
kantarainitiative
 
Validation strategies for cloud-based EDCs: more innovation, less effort
Validation strategies for cloud-based EDCs: more innovation, less effortValidation strategies for cloud-based EDCs: more innovation, less effort
Validation strategies for cloud-based EDCs: more innovation, less effort
Veeva Systems
 
PCI PIN Security & Key Management Compliance
PCI PIN Security & Key Management CompliancePCI PIN Security & Key Management Compliance
PCI PIN Security & Key Management Compliance
ControlCase
 
Compliance 101 HITRUST Update.pdf
Compliance 101 HITRUST Update.pdfCompliance 101 HITRUST Update.pdf
Compliance 101 HITRUST Update.pdf
AmyPoblete3
 
Best Practices and Points to Consider for Small-Medium Bio-Pharma Companies
Best Practices and Points to Consider for Small-Medium Bio-Pharma CompaniesBest Practices and Points to Consider for Small-Medium Bio-Pharma Companies
Best Practices and Points to Consider for Small-Medium Bio-Pharma Companies
Covance
 
Open Banking and Payment Service Directive
Open Banking and Payment Service DirectiveOpen Banking and Payment Service Directive
Open Banking and Payment Service Directive
Lac Vuong
 
Implementing a Global Unique Device Identification (UDI) Solution: Regional U...
Implementing a Global Unique Device Identification (UDI) Solution: Regional U...Implementing a Global Unique Device Identification (UDI) Solution: Regional U...
Implementing a Global Unique Device Identification (UDI) Solution: Regional U...
Greenlight Guru
 
PCI DSS 4.0 Webinar Final.pptx
PCI DSS 4.0 Webinar Final.pptxPCI DSS 4.0 Webinar Final.pptx
PCI DSS 4.0 Webinar Final.pptx
ControlCase
 
Third Party Network Webinar Slide Deck 110718 FINAL
Third Party Network Webinar Slide Deck 110718 FINALThird Party Network Webinar Slide Deck 110718 FINAL
Third Party Network Webinar Slide Deck 110718 FINAL
DVV Solutions Third Party Risk Management
 
PositiveID Investor Presentation
PositiveID Investor PresentationPositiveID Investor Presentation
PositiveID Investor Presentation
RedChip Companies, Inc.
 
Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...
Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...
Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...
FinTechLabs.io
 
The MediLedger - Blockchain solutions for Pharma companies
The MediLedger - Blockchain solutions for Pharma companiesThe MediLedger - Blockchain solutions for Pharma companies
The MediLedger - Blockchain solutions for Pharma companies
robinruet
 
Pistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
Pistoia Alliance European Conference 2015 - Stuart Robertson / ExostarPistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
Pistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
Pistoia Alliance
 
Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892
Risk Crew
 
Looking Forward to PCI DSS v4.0
Looking Forward to PCI DSS v4.0Looking Forward to PCI DSS v4.0
Looking Forward to PCI DSS v4.0
Kriangkrai Chumsaktrakul
 
Protecting Payment Card Data Wp091010
Protecting Payment Card Data Wp091010Protecting Payment Card Data Wp091010
Protecting Payment Card Data Wp091010
Erik Ginalick
 
PCI DSS v4 - ControlCase Update Webinar Final.pdf
PCI DSS v4 - ControlCase Update Webinar Final.pdfPCI DSS v4 - ControlCase Update Webinar Final.pdf
PCI DSS v4 - ControlCase Update Webinar Final.pdf
ControlCase
 
Trust Your Supplier - trust your product in the supply chain
Trust Your Supplier - trust your product in the supply chain Trust Your Supplier - trust your product in the supply chain
Trust Your Supplier - trust your product in the supply chain
Mohan Venkataraman
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
Asutosh Ranjan
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . ppt
DineshKumar4165
 

More Related Content

Similar to Introduction+to+OCI+ppt_0322.pdf

Risk Factory: PCI - The Essentials
Risk Factory: PCI - The EssentialsRisk Factory: PCI - The Essentials
Risk Factory: PCI - The Essentials
Risk Crew
 
Validation strategies for cloud-based EDCs: more innovation, less effort
Validation strategies for cloud-based EDCs: more innovation, less effortValidation strategies for cloud-based EDCs: more innovation, less effort
Validation strategies for cloud-based EDCs: more innovation, less effort
Veeva Systems
 
Implementing a Global Unique Device Identification (UDI) Solution: Regional U...
Implementing a Global Unique Device Identification (UDI) Solution: Regional U...Implementing a Global Unique Device Identification (UDI) Solution: Regional U...
Implementing a Global Unique Device Identification (UDI) Solution: Regional U...
Greenlight Guru
 
Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892
Risk Crew
 
Protecting Payment Card Data Wp091010
Protecting Payment Card Data Wp091010Protecting Payment Card Data Wp091010
Protecting Payment Card Data Wp091010
Erik Ginalick
 

Similar to Introduction+to+OCI+ppt_0322.pdf (20)

Risk Factory: PCI - The Essentials
Risk Factory: PCI - The EssentialsRisk Factory: PCI - The Essentials
Risk Factory: PCI - The Essentials
 
Startup InsurTech Award - iCede
Startup InsurTech Award - iCedeStartup InsurTech Award - iCede
Startup InsurTech Award - iCede
 
Kantara Workshop at CIS
Kantara Workshop at CISKantara Workshop at CIS
Kantara Workshop at CIS
 
Validation strategies for cloud-based EDCs: more innovation, less effort
Validation strategies for cloud-based EDCs: more innovation, less effortValidation strategies for cloud-based EDCs: more innovation, less effort
Validation strategies for cloud-based EDCs: more innovation, less effort
 
PCI PIN Security & Key Management Compliance
PCI PIN Security & Key Management CompliancePCI PIN Security & Key Management Compliance
PCI PIN Security & Key Management Compliance
 
Compliance 101 HITRUST Update.pdf
Compliance 101 HITRUST Update.pdfCompliance 101 HITRUST Update.pdf
Compliance 101 HITRUST Update.pdf
 
Best Practices and Points to Consider for Small-Medium Bio-Pharma Companies
Best Practices and Points to Consider for Small-Medium Bio-Pharma CompaniesBest Practices and Points to Consider for Small-Medium Bio-Pharma Companies
Best Practices and Points to Consider for Small-Medium Bio-Pharma Companies
 
Open Banking and Payment Service Directive
Open Banking and Payment Service DirectiveOpen Banking and Payment Service Directive
Open Banking and Payment Service Directive
 
Implementing a Global Unique Device Identification (UDI) Solution: Regional U...
Implementing a Global Unique Device Identification (UDI) Solution: Regional U...Implementing a Global Unique Device Identification (UDI) Solution: Regional U...
Implementing a Global Unique Device Identification (UDI) Solution: Regional U...
 
PCI DSS 4.0 Webinar Final.pptx
PCI DSS 4.0 Webinar Final.pptxPCI DSS 4.0 Webinar Final.pptx
PCI DSS 4.0 Webinar Final.pptx
 
Third Party Network Webinar Slide Deck 110718 FINAL
Third Party Network Webinar Slide Deck 110718 FINALThird Party Network Webinar Slide Deck 110718 FINAL
Third Party Network Webinar Slide Deck 110718 FINAL
 
PositiveID Investor Presentation
PositiveID Investor PresentationPositiveID Investor Presentation
PositiveID Investor Presentation
 
Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...
Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...
Open Banking UK “Identity Product” Internals #fapisum - Japan/UK Open Banking...
 
The MediLedger - Blockchain solutions for Pharma companies
The MediLedger - Blockchain solutions for Pharma companiesThe MediLedger - Blockchain solutions for Pharma companies
The MediLedger - Blockchain solutions for Pharma companies
 
Pistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
Pistoia Alliance European Conference 2015 - Stuart Robertson / ExostarPistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
Pistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
 
Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892
 
Looking Forward to PCI DSS v4.0
Looking Forward to PCI DSS v4.0Looking Forward to PCI DSS v4.0
Looking Forward to PCI DSS v4.0
 
Protecting Payment Card Data Wp091010
Protecting Payment Card Data Wp091010Protecting Payment Card Data Wp091010
Protecting Payment Card Data Wp091010
 
PCI DSS v4 - ControlCase Update Webinar Final.pdf
PCI DSS v4 - ControlCase Update Webinar Final.pdfPCI DSS v4 - ControlCase Update Webinar Final.pdf
PCI DSS v4 - ControlCase Update Webinar Final.pdf
 
Trust Your Supplier - trust your product in the supply chain
Trust Your Supplier - trust your product in the supply chain Trust Your Supplier - trust your product in the supply chain
Trust Your Supplier - trust your product in the supply chain
 

Recently uploaded

Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Call Girls in Nagpur High Profile
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Dr.Costas Sachpazis
 
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
SUHANI PANDEY
 
Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...
Christo Ananth
 
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
ranjana rawat
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
ranjana rawat
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Call Girls in Nagpur High Profile
 
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
Kamal Acharya
 
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
roncy bisnoi
 

Recently uploaded (20)

Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . ppt
 
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdf
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)
 
UNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular ConduitsUNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular Conduits
 
Thermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptThermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.ppt
 
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
 
Unit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfUnit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdf
 
Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...
 
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
 
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Walvekar Nagar Call Me 7737669865 Budget Friendly No Advance Booking
 

Introduction+to+OCI+ppt_0322.pdf

  • 1. 1 OPEN CREDENTIALING INITIATIVE Enabling trusted digital interactions in pharmaceutical supply chains
  • 2. © 2022 Open Credentialing Initiative - All Rights Reserved Agenda 2 OCI Introduction The DSCSA Challenge Roadmap 1 Appendix 2 3 4
  • 3. © 2022 Open Credentialing Initiative - All Rights Reserved 3 OCI Introduction The DSCSA Challenge Roadmap 1 Appendix 2 3 4
  • 4. © 2022 Open Credentialing Initiative - All Rights Reserved What is OCI? 4 An open ecosystem supporting the pharmaceutical industry in complying with DSCSA requirements by 2023 with available solutions developed in industry-wide pilots
  • 5. © 2022 Open Credentialing Initiative - All Rights Reserved Advantages of OCI Architecture 5 Every OCI member is committed to adopting and supporting OCI architecture, guidelines, and trust frameworks to support industry collaboration
  • 6. © 2022 Open Credentialing Initiative - All Rights Reserved 6 OCI works closely with stakeholders to promote interoperability and DSCSA application We work with... • HDA to integrate OCI ATP Credentials in PI Verifications processed by VRS • GS1 US to include the optional use of the OCI ATP Header in the GS1 US Guideline for using the Lightweight Messaging Standard for PI Verification • PDG to recognize the OCI architecture as the standard for establishing ATP status in appropriate DSCSA digital transactions • AAM requested to recognize the OCI architecture • Trading Partners and Solution Providers to adopt and onboard • FDA to establish awareness that a solution for the ATP requirement is available and validated by compliance teams
  • 7. © 2022 Open Credentialing Initiative - All Rights Reserved 7 What does the OCI do? • Incubates industry-wide adoption of non-proprietary credentialing solutions • Defines conformance and interoperability criteria • Coordinates and maintains frameworks and guidelines for software architecture • Applies open standards (GS1, W3C and DIF) • Addresses needs of all stakeholders along the pharmaceutical supply chain • Facilitates pilots to explore credentialing for and beyond DSCSA requirements • Publication of all technical work on dedicated GitHub account: https://github.com/Open-Credentialing-Initiative
  • 8. © 2022 Open Credentialing Initiative - All Rights Reserved 8 From PoC to OCI Jan 2020 Mar 2020 Apr 2020 Feb 2021 Apr 2021 ATP Proof of Concept Test the credentialing and identity technology in a controlled environment. ATP Pilot Identity and ATP credential issuance process. Trading Partner to Trading Partner use of credentials in existing PI Verification for Saleable Returns. Open Credentialing Initiative Establish the technical governance, specifications, and guidelines for long-term success. Oct 2021 Adoption Validation of OCI solution by first VRS providers and trading partners. Specification ⭐ Launched in April 2022 as incubator project of the Center for Supply Chain Studies (C4SCS)
  • 9. © 2022 Open Credentialing Initiative - All Rights Reserved 9 OCI Structure OCI Steering Committee OCI Messaging and Communications WG ATP Credentialing for DSCSA Program Steering Advisors Policy & Architecture WG Programs under Exploration Pharmaceutical and Medical Device Recalls (.med) Customer / Supplier Onboarding (C4SCS) Dynamic Information Access (C4SCS)
  • 10. © 2022 Open Credentialing Initiative - All Rights Reserved 10 The Current OCI Ecosystem Trading Partners • Novartis • Atlantic Biologicals • Lilly • Bristol-Myers Squibb* • Johnson & Johnson* • AmerisourceBergen* * Status for committed companies where the legal process to join is pending Interested in joining? Please visit us on oc-i.org and join OCI by signing our charter. Membership is free for trading partners. Credential Issuer Integrators • SAP • Tracelink • rfxcel • RxScan • Navitas • .Med Early Adopter Program • Legisym • XATP • .Med Wallet Provider • Spherity • XATP Supporters • HDA • GS1 US Credential Issuer • Center for Supply Chain Studies • Novartis • Johnson & Johnson • Bristol-Myers Squibb • AmerisourceBergen • Apotex • Cardinal Health
  • 11. © 2022 Open Credentialing Initiative - All Rights Reserved 11 OCI Introduction The DSCSA Challenge Roadmap 1 Appendix 2 3 4
  • 12. © 2022 Open Credentialing Initiative - All Rights Reserved 12 U.S. Drug Supply Chain Security Act (DSCSA)
  • 13. © 2022 Open Credentialing Initiative - All Rights Reserved 13 Securing the drug supply chain all the way by Nov 2023 Manufacturer Wholesaler Dispenser Wholesaler Prevent harmful drugs from entering the supply chain Detect harmful drugs that have entered the supply chain Respond rapidly when harmful drugs are found Dispenser Patients Patients
  • 14. © 2022 Open Credentialing Initiative - All Rights Reserved 14 DSCSA states 4 key requirements to be realized by 2023 Key Requirements (under section 582 of the FD&C Act) apply to Manufacturers, Repackagers, Wholesale Distributors and Dispensers (Pharmacies) Authorized Trading Partners Product Tracing Verification (Serialization) Product Identification DSCSA
  • 15. © 2022 Open Credentialing Initiative - All Rights Reserved 15 DSCSA requires vetting of indirect Trading Partners
  • 16. © 2022 Open Credentialing Initiative - All Rights Reserved 16 What makes a trading partner authorized? Entity is a Trading Partner when it accepts or transfers direct ownership of a product from or to a manufacturer, third-party logistics provider, wholesale distributor or dispenser. Has a valid license under State law Database of authorities Manufacturer Wholesale Distributor Dispenser, Pharmacy Third-Party Logistic Provider Entity is Authorized when it ... Database of authorities FDA´s drug establishment current registration database Is registered with FDA in accordance with section 510 of the FD&C Act Where can Trading Partners check each others authorized status? Has a valid state or federal license Repackager Clinic
  • 17. © 2022 Open Credentialing Initiative - All Rights Reserved 17 GLNs do not suffice to identify trading partners in product identifier verification processes Currently, GLN are used to identify Trading Partners. Submitted GLN may ● not be active ● not be associated with the Trading Partner GLN do not ● inform about trading authorization ● ascertain origin of the received GLN Requester VRS Solution Provider PI verification Request Responder VRS Solution Provider Request Message VRS Request Message PI verification Request Response Message PI verification Response Response Message PI verification Response
  • 18. © 2022 Open Credentialing Initiative - All Rights Reserved 18 OCI’s ATP Architecture
  • 19. © 2022 Open Credentialing Initiative - All Rights Reserved 19 OCI uses Verifiable Credentials to identify trading partners and verify their authorized status Requester VRS Solution Provider PI verification Request Responder VRS Solution Provider Request Message VRS Request Message PI verification Request Response Message PI verification Response Response Message PI verification Response Verifiable Credential A credential is a digital assertion containing a set of claims (e.g., about a state license or FDA Establishment Identifier) made by an entity about itself or another entity. A subset of identity data, credentials are cryptographically signed and can be verified. Credentials can be used to create selective disclosures of information (known as “verifiable presentations”) to limit personal data exposure. The entity described by the claims is called the subject of the credential. The OCI uses Verifiable Credentials in accordance with the W3C specification: https://www.w3.org/TR/vc-data-model/
  • 20. © 2022 Open Credentialing Initiative - All Rights Reserved 20 Credentialing introduces cryptographically verifiable trust into the ATP process flow Acquiring the ATP Credential Acquiring and using the Identity Credential Using the ATP Credential Start of cryptographically verifiable trust Trading Partner cryptographically verifiable trust
  • 21. © 2022 Open Credentialing Initiative - All Rights Reserved 21 ATP Pilot proved feasibility using Credentials in product verifications Info Material • Scalable, interoperable technology • Compliant with DSCSA ATP requirements • Credentialing can be integrated into existing processes with little effort • No update of GS1 standard required • Continued collaboration within OCI to drive adoption of credentialing Main Results Explainer Videos Link Pilot Resources Link DID and VC as Trust Anchors VRS Providers Manufacturers Wholesaler ATP Credential Issuer Wallet Provider Wallet Wallet Wallet Stakeholders
  • 22. © 2022 Open Credentialing Initiative - All Rights Reserved 22 Architecture for PI Verification using Credentials to check ATP status Details 1 2 3 • OCI-conformant credential issuer verifies organization’s identity and license status • Establishes digital link between organization and digital identifier (DID) by issuing an identity credential • Usage of Digital Wallet and registration of own identifier (DID) in public registry • Verifies authorized status and issues ATP credential Service Provider Requester* Manufacturer Get Requester`s ATP Credential Presentation Routing PI request and responses including ATP Credential Presentation PI Verification Credential Issuer DIGITAL WALLET DIGITAL WALLET Service Provider 1 2 3 *) Wholesaler, dispenser, clinic… DIGITAL WALLET Verify Responders`s ATP Credential Presentation Verify Requester`s ATP Credential Presentation Get Responders`s ATP Credential Presentation ISSUANCE OF IDENTITY AND ATP CREDENTIAL • Trading partner provides credential issuer information to be identified as legitimate organization and authorized trading partner • Usage of digital wallet to acquire, present and verify credentials • Provides VRS API access to digital wallet to allow the creation of credential presentations and verifications • Digital wallet logs all credential presentations and verification transactions • VRS uses OCI open APIs to interact with digital wallet of own customer • Creates ATP credential presentation via API and attaches it to GS1-standardized request or response message • Verifies ATP credential presentation sent to customer
  • 23. © 2022 Open Credentialing Initiative - All Rights Reserved We can all work with each other! 23 OCI conformance criteria enable interoperability Conformance Criteria for Trading Partners Conformance Criteria for Digital Wallet Providers Conformance Criteria for Credential Issuers Published Conformance Criteria for VRS Planned
  • 24. © 2022 Open Credentialing Initiative - All Rights Reserved 24 OCI Introduction The DSCSA Challenge Roadmap 1 Appendix 2 3 4
  • 25. © 2022 Open Credentialing Initiative - All Rights Reserved 25 OCI Roadmap Apply ATP Architecture to tracing requirements Dispenser Pilot 2022 2022 2023 Onboarding dispenser level through their service providers First Credentialing Service offered by Spherity in Partnership with Legisym VRS testing with early adopters New GS1 Guideline Road to industry adoption avoids big bang! Trading partners can onboard now and use Credentialing as option in today’s PI Verifications VRS use credentialing in production DISPENSERS STANDARDS TRACING INTEROPER- ABILITY Drop Shipments Order to cash ADOPTION DSCSA compliance
  • 26. © 2022 Open Credentialing Initiative - All Rights Reserved 26 ❏ Test drive OCI’s solution by joining the current validation cycle. Register your interest! ❏ Join OCI ❏ Educate your teams ❏ Participate at future events ❏ Contact us at hello@oc-i.org Get involved
  • 27. © 2022 Open Credentialing Initiative - All Rights Reserved 27 OCI Introduction The DSCSA Challenge Roadmap 1 Appendix 2 3 4
  • 28. © 2022 Open Credentialing Initiative - All Rights Reserved 28 Background on credentials
  • 29. © 2022 Open Credentialing Initiative - All Rights Reserved 29 Trust triangle I s s u e s C r e d e n t i a l Issuer Holder Verifier P r e s e n t s C r e d e n t i a l Verifies Issuer Signature ID anchored
  • 30. © 2022 Open Credentialing Initiative - All Rights Reserved 30 From DID to VP did:example:123456789abcdefghi Scheme Method Method-specific Identifier uniquely identified by DID Document resolves to Verifiable Credential (VC) embedded in Verifiable Presentation (VP) embedded in anchored Decentralized Identifier (DID)
  • 31. © 2022 Open Credentialing Initiative - All Rights Reserved 31 did:example:123456789abcdefghi Scheme Method Method-specific Identifier
  • 32. © 2022 Open Credentialing Initiative - All Rights Reserved 32 Relationship between DID and VC Verifiable Credential DID inside did:ethr:123456789abcdefghi Scheme Method Method-specific Identifier There’s data inside! Has it been issued by a legitimate issuer? Is this the correct Trading Partner? Is this Credential still in effect? Trade Partner DID Doc DID Public Key Verification Method Service Locations . . . Issuer Credential Revocation Registry Issuer DID Doc DID Public Key Verification Method Service Locations . . . Essential information published openly Credential ID Issuer DID Issuer Name Credential Issuance Date Credential Expiration Date Subject DID Subject Type Subject Name Subject Address Subject Street Subject Locality Subject Region Subject Postal Code Corporate Entity GLN Revocation status Issuer Signature Has this Credential been tampered with?
  • 33. © 2022 Open Credentialing Initiative - All Rights Reserved 33 Credential Schema support interoperability Schemas are the general structure of the credential. { "@context": { "@version": 1.1, "@protected": true, "IdentityCredential": { "@id": "https://example.org#IdentityCredential-v2.0.0", "@context": { "@version": 1.1, "@protected": true, "id": "@id", "type": "@type", "schema": "http://schema.org/", "issuerName": "schema:legalName", "legalName": "schema:legalName", "parentOrganization": "schema:parentOrganization", "streetAddress": "schema:streetAddress", "addressLocality": "schema:addressLocality", "addressRegion": "schema:addressRegion", "postalCode": "schema:postalCode", "addressCountry": "schema:addressCountry" } } } } Identity Credential Within the OCI ecosystem, the Identity Credential is the Root of Trust upon which issuance of ATP Credentials depends. The due diligence expected of the Credential Issuer is established by OCI, and this due diligence must be exercised prior to issuing an Identity Credential. { "@context": { "@version": 1.1, "@protected": true, "DSCSAATPCredential": { "@id": "https://example.org#DSCSAATPCredential-v2.0.0", "@context": { "@version": 1.1, "@protected": true, "id": "@id", "type": "@type", "schema": "http://schema.org/", "organizationType": { "@id": "schema:additionalType", "@type": "schema:additionalType" }, "identifier": { "@id": "schema:PropertyValue", "@type": "schema:PropertyValue" }, "issuerName": "schema:legalName", "legalName": "schema:legalName", "streetAddress": "schema:streetAddress", "addressLocality": "schema:addressLocality", "addressRegion": "schema:addressRegion", "postalCode": "schema:postalCode", "addressCountry": "schema:addressCountry" } } } } ATP Credential The Credential Issuer performs due diligence on the license status of the trading partner and issue an ATP credential if appropriate. Link to OCI schemas: https://github.com/Open-Credentialing-Initiative/schemas
  • 34. © 2022 Open Credentialing Initiative - All Rights Reserved 34 Where else are W3C Standard Verifiable Credentials used? Connecting Canadians and Canadian Companies to Government Services. Identity credentials allowing Customers to access services from any Credit Union. NCR’s next-generation retail store architecture.
  • 35. © 2022 Open Credentialing Initiative - All Rights Reserved 35 OCI Technology Architecture
  • 36. © 2022 Open Credentialing Initiative - All Rights Reserved 36 Detailed PI Verification roundtrip with OCI 36 WHO Requester VRS GENERATE ATP credential presentation (JWT)1) GS1 Lightweight Messaging Standard for Verification PI Verification Request Body (Payload) Request Header + JWT 1 Responder VRS Digital Wallet Requester VERIFY ATP credential presentation (JWT) of Requester 2 Digital Wallet Responder Request Responder VRS GENERATE ATP credential presentation (JWT) 3 Digital Wallet Responder Response PI Verification Response Body (Payload) Response Header + JWT Requester VRS VERIFY ATP credential presentation (JWT) of responder 4 Digital Wallet Requester Open APIs for VRS providers specified by OCI here. 1) JSON Web Token - OCI uses JWT for wrapping credentials into a verifiable presentation. Used specification: https://w3c.github.io/vc-data-model/#jwt-encoding
  • 37. © 2022 Open Credentialing Initiative - All Rights Reserved 37 Trading Partner Optional Interface (tbd) Key Management Encrypted Data Storage Messaging DID Driver (ETHR / web) Monitoring Digital Wallet Verification Module DID Trust Anchor Application Layer User & Access Management ATP Monitoring Wallet configuration Credential Issuer Backend Digital Wallet Revocation Registry API Collection for integrators Generate Verifiable Presentation Credential Verify Verifiable Presentation Credential API Collection for Credential Issuer Issue Credential Request Presentation Digital Wallet APIs Credential Issuer Access to Application Layer Request product verification for Saleable Returns Provide restricted access for API authentication Integration Partners OCI System Architecture with Ecosystem Partners Check credential status Issue and maintain credentials Use and verify ATP Credentials on behalf of customers