Enabling Secure Digital Identity for Organizations

Enabling Secure Digital Identity for Organizations

By Karla McKenna, Global Legal Entity Foundation (GLEIF)


We all may be surprised to learn that the internet, with its original implementation not meant to become so widely used as the Worldwide Web that we know today, was not built with any security. However, with the increase in digital transactions over the internet, across geographies and domains, the need for secure identification of parties involved in these transactions has become more important. 

Issues with current digital identity tools and solutions have been considered and analyzed and the ‘identity’ industry has devised a new approach to digital identity management. Thanks to advances in distributed ledger/blockchain technology, digital identity management with the additional feature of decentralized identity verification now is possible. Based on a concept known as self-sovereign identity (SSI), this new approach to authentication and verification of digital identity began as a means by which a person, the identity holder, has control of his/her personal data over how, when, and to whom that data is revealed. This approach is set to transform the nature of identity management and how person-to-entity, or entity-to-entity, interactions take place in the digital world. It can address the need for automation in verification while maintaining data privacy and confidentiality.

The Legal Entity Identifier (LEI) plays a key role in this process, particularly in the context of secure digital identity for organizations. So the Global Legal Entity Identifier Foundation (GLEIF), manager of the Global LEI System in which the ISO 17442 standard has been implemented, continues its work that each business worldwide should have only one global identity and this should include a digital identity by expanding the ISO 17442 standard. This Part 3 dedicated to leveraging the LEI in digitally signed credentials that are not only tamper-resistant but capable of being verified in a decentralized manner. Chaining of the vLEI Credentials in the vLEI Trust Chain using Authentic Chained Data Container credentials (ACDC credentials) allows for the provenance of verifiable LEIs (vLEIs) to be traced back to GLEIF as both the Root of Trust for the vLEI Trust Chain as well as to the entity, under regulatory oversight, that ensures the operational integrity of the Global LEI System. 

This addition to ISO 17442 expands the standard to enable LEIs to be used in both the recent innovation of credentials based on decentralized digital identity as well as X.509 public key certificates as outlined in ISO 17442-2:2020, Financial services - Legal Entity Identifier (LEI) – Part 2: Application in Digital Certificates. As with standard X.509 digital certificates, vLEIs will leverage ISO/TC 68, Financial services, Subcommittee SC 8, Reference data for financial services, ISO 5009:2022 Financial services – Official Organizational Roles – Scheme for Official Organizational Roles standard. Combining LEIs with official organizational roles is a key enabler for digital identity management for organizations and persons acting on behalf of organizations.


A note about the author: Karla McKenna is Head of Standards of the GLEIF and Managing Director of GLEIF Americas. She also wears several hats under ISO/TC 68, including:

  • GLEIF category A liaison Member of Delegation
  • Convenor, ISO/TC 68/AG 2 (Standards Advisory Group)
  • Convenor, ISO/TC 68/AG 3 (Standards Best Practices Advisory Group)
  • Working Group Chair, ISO/TC 68/SC 8/WG 9 (ISO 5009 Official Organizational Roles)