CollaboGate And Tessera Technology Experiment To Build World’s First Decentralised IoT Platform


CollaboGate Japan has formed a business alliance with Tessera Technology to begin development and verification of a “decentralised IoT platform”.

Both CG and TSSR will work on a proof-of-concept project that intends to build a “decentralized IoT platform” that smoothly connects people and things, and a “smart concierge” that enables the contactless economy by utilising “UNiD” decentralised ID platform developed by CG and TSSR’s expertise in embedded system development on microcontrollers (MCUs) with strong security function provided by Renesas.

The game-changer to shape a contactless economy

  • More needs for contactless

To prevent the spread of COVID-19, it has become important to avoid “human contact,” and “non-contact” has more significance in consumer behaviour. Due to the increase of Stay-at-home Economy and “contactless consumption outside of your home” to be derived by innovations, the market size of Contactless Economy in APAC will reach $11 trillion in total, double the current level *1. Specifically, shift to contactless transactions is becoming more active such as smart branches for BSFI, virtual concierge at healthcare and government services, digital orders at restaurants, and automated reception at offices and hotels.

  • Decentralised IoT platform meets the contactless needs

In order to replace a variety of tasks that used to be done face-to-face with non-face-to-face methods using technology, digital data and hardware need to be designed to be synchronized well. For example, IoT devices must be able to correctly identify, authenticate, and authorize users, automatically verify the data applied for, consider user privacy, and ensure the security of unattended IoT devices. A decentralised IoT platform that meets these requirements is needed for a smooth transition from the face-to-face to the non-face-to-face system.

Also Read: Blockchain Boom – Top 10 Cryptocurrencies Today

Aim of this alliance

Upon these market needs above, CG, the provider of Japan’s first decentralised ID platform “UNiD”, and TSSR, a company with strong expertise in IoT device software development, have formed a business alliance to develop a decentralised IoT platform to utilise the robust hardware-based security functionality of the Renesas’ MCUs to meet the growing need for transactions without human contact and to verify prototypes. In this project, we will build a prototype of a “smart concierge” with an identity verification function for use in BFSI, healthcare, government, and access management at offices, hotels, factories, and logistics warehouses.

Model use cases

1.Service provider issues credentials (identity verification information, usage permit) to the user’s mobile wallet.

2.The user sends the credentials stored in the wallet to the IoT device.

3.The IoT device verifies the credentials and opens/closes the gate.

4.Access log is sent to the cloud server.

  • Enables contactless and secure access

In the current Internet system, it is difficult to automatically verify the data provided by users without a trusted third party. In reality, the manual verification process of the data is still necessary for businesses. By introducing a decentralised identity mechanism to IoT devices, we can build a mechanism that allows them to autonomously verify the data provided by users. This will enable the safe and quick delivery of services of their needs.

For example, users can check in to hotels, accommodations, and other lodging facilities and unlock their rooms by simply carrying their mobile app. It can also streamline the validation and entrance for live music, concerts, baseball, football, and other sports, as well as theme park facilities. The system is also expected to enable contactless operations and efficiency that have been conducted face-to-face, such as the efficient management of office visitors, logistics warehouses, medical and educational facilities.

  • Achieve high IoT security

IoT devices that are connected to the network are subject to security risks such as hacking and identity theft. For example, the access IDs and passwords hard-coded into IoT devices are vulnerable if they are left as default settings or are easy to guess. In fact, there was a case where a large number of IoT devices were illegally accessed and used as a botnet to launch DDoS attacks.

For this reason, security by the PKI standards has significant advantages over the password method. However, the conventional PKI standards using CA certification authorities require manual management of many certificates for each IoT device. In addition to being a very time-consuming task, there are risks such as the leakage of private keys managed by the service operator. In addition, the time and effort required to renew certificates lead to the use of certificates with a long expiration date, which causes vulnerabilities. Thus, the conventional PKI standards have problems in terms of cost, operation, and security.

By introducing a decentralised ID mechanism to IoT devices, first, a key pair is generated within the IoT device, then the public key corresponding to the digital signature is registered in the decentralized PKI network. Anyone from the network can reference this public key, and a cloud server communicating with the IoT device can retrieve this public key and verify the digitally signed data. This is expected to eliminate the need for manual verification, increase security strength, and significantly reduce the operating costs of IoT devices.

  • Enabling privacy-preserving data transactions

Against the backdrop of the changing and growing awareness of privacy among individuals and the global trend of privacy protection regimes such as GDPR and CCPA, a separation between holding data and using the data is becoming a prerequisite for building trust for companies that have customer contact. In Japan, the Act on the Protection of Personal Information is scheduled to take effect in April 2022, and the handling of personal data via IoT devices will require system design based on the same consideration of individual privacy. Decentralised IoT platforms provide a mechanism that enables IoT service providers to provide the desired services without retaining unnecessary personal information. It provides a mechanism for safe and smooth authentication and data transactions between humans and IoT devices based on personal consent, utilising a mechanism where individuals control their personal information.