identitii Overlay+

identitii Overlay+ is revolutionising financial messaging with key features that address the biggest pain points of the financial industry.


It uses a private blockchain and tokenisation to allow banks and corporates to exchange rich information and documentation over existing and emerging payment networks, regardless of the restrictions these networks place on the amount or type of data that can be exchanged.

Overlay+ creates a unique, tamper-proof audit trail of rich information that can be expanded, searched, permissioned and securely shared with internal teams or external organisations. Data is presented in a timeline, making it simple to review the history of a transaction, document or other form of information exchange.

Overlay+ can provide additional insight into information on any transaction, enabling banks to Know Your Transaction. It enhances visibility into the purpose and origin of a transaction, reduces payment rejections, delays and false positives, improves financial crime compliance and streamlines information exchange.

How Overlay+ Works

1. Connect your operational databases to Overlay+

Your operational databases are connected to Overlay+ via RESTful APIs and mapped to identitii data schemas to enable data exchange. Overlay+ has numerous integration options to match the ideal implementation for your business situation.

2. Implement robust and configurable policies for information exchange

Define detailed policies for information exchange with identitii’s robust permissions model. In identitii’s system, all information remains private unless an affirmative permission is explicitly granted to a trusted counterparty. identitii’s system maintains an active record of the granting and revocation of every permission.

3. Track and manage transaction information with identitii tokens

identitii’s tokens link identitii’s information layer with your existing platforms. identitii tokens are globally unique identifiers issued through distributed consensus. Tokens can track transactions and information exchange across internal systems, as well as between financial institutions.

identitii tokens power track and trace

identitii tokens are globally unique identifiers that have been generated by a contract on the distributed ledger. These
tokens flow within existing payment network messages, and link legacy payment messages with the rich information stored in the identitii layer.

identitii tokens:
a) provide a pointer to the record of transaction information identitii tokens can flow freely within legacy and new
payment networks, allowing institutions to link a transaction to the rich information accessible via Overlay+. identitii’s technology can be integrated without requiring changes to the operation of existing systems.
b) enable track-and-trace functionality identitii tokens allow a financial institution to track and trace a transaction both within their organisation and through a payment chain.
c) identitii tokens can be used to consolidate references from transaction processing systems, document collection
channels, and customer engagement platforms. This facilitates the processing of transactions that may rely on
information available from multiple sources.

Features & Benefits

Features Benefits

Secure Data Exchange

Overlay+ provides a secure data layer to both payment networks and internal repositories of data, enabling the sharing of customer and transaction-related documents between financial networks.

Rich data can be sent over ACH, SWIFT, RTGS and emerging settlement technologies, with every interaction time-stamped and recorded to establish a provable, documented history of any transaction at any time.

Private Blockchain

Overlay+ uses a private blockchain to enable timestamping and verification that establish a provable history of document contents. Organisations can ensure their documents are not modified without their knowledge, as everything is recorded on a decentralised ledger.

Unified View of Data

A user-friendly interface removes all the noise to ensure agents have the right information at the right time. Employees are empowered to make informed decisions on the spot.

Temper-proof Audit Trail

Data redundancy and controlled access keep data secure and accessible for permissioned parties. The Overlay+ private blockchain maintains the information, so that audits can be performed at any time.

Real-Time Third Party API Integration

Overlay+ integrates seamlessly with third party systems via API. Deep integration with Microsoft Outlook and other email clients enables information to be shared without actually sending data over unsecure email channels. A real time data stream from Robotic Process Automation leader Blue Prism provides live monitoring and an unalterable record of any automated activities that have formed part of the decision process. Dow Jones Factiva and global LEI database integration also simplifies information gathering and search into a single system for sanctions checks, customer due diligence and AML and KYC compliance.

OCR, Structured Data Storage & Enterprise Search

Overlay+ integrates with OCR providers, turning unstructured documents into structured information. Overlay+ can store information associated with a transaction, including documents and supporting data, separately to the transaction. This information is indexed and searchable, linking information previously stored across multiple systems.

Tokenised Data Exchange

Tokenisation is the process of replacing sensitive data with unique identification symbols, in this case Identitii Tokens. These retain the essential information about the data without compromising its security. The exchange of Identitii Tokens is what enables Overlay+ to give financial institutions and corporates complete confidence in the security of their data as it is exchanged either internally or with external counterparties.

Seamless Integration with Legacy and Emerging Systems

For a secure, verifiable & permissioned data layer to work, it has to be cross-compatible with other legacy systems, as well as those emerging in the industry. Overlay+ works as a layer on top of internal systems or networks and can be deployed either in the cloud or on premise.

Core Components

User Interfaces

Provides a user interfaces to bank officers and customers. Includes our timeline view that allows an officer to quickly view all the events and information associated with a transaction.

Connectors

Bridges external systems to the Overlay+ core. Examples include SAP, Oracle, IMAP, and SAA.

API’s

Internal and external facing API’s provide a simple interface to Overlay+. identitii provides a Java SDK with examples to ease integration.

Converters

Converts data between various formats, for example SWIFT RJE to ISO20022.

Interchange

Interchange provides the interface for third parties, affiliates to request and provide enriched information about transactions. Further, it governs the exchange of information with third parties, for example mapping SWIFT BIC’s to their blockchain identities and verifying their role in a payment chain.

Permissioned Data Store

Append only data store that stores metadata and document payloads. This component connects to existing on-site databases (such as Oracle, FileNet) and ensures only permitted users are provided with data, and stores an audit trail in the DLT.

Distributed Ledger

A blockchain that stores the token database, the audit trail of information and exchanges, and the identities of participants on the network. Importantly, no human readable information is stored on the blockchain, instead the audit trail acts as a companion to the source information stored in the Permissioned Data Store to provide an immutable, verifiable audit trail.

Overlay+ is built to be secure from the ground up

identitii combines application design, the latest encryption standards, and distributed ledger technology to provide security-in-depth across a truly distributed information network.

1

Sensitive information is stored on-premises using traditional database security best practices. identitii has connectors to modern enterprise databases such as Oracle, MSSQL and FileNet.

2

All information is associated with an identitii token which acts as a globally unique reference for the transaction

3

The information is used to create a signed hash, a cryptographic string that proves the holder of the private key used to sign it had this information at a point in time. This signed hash is placed on the blockchain, and the transaction ID associated with the ledger entry is stored against the data. The transaction ID can be used to prove at what point in time this information was held.

4

The public keypair is stored on the DLT in an identity tree, a data structure that allows the sending party the ability to encrypt the information that can only be readable by the recipient, and allows the recipient the ability to verify the signature of the sender to ensure it was sent by that organisation. This distributed PKI is robust enough to allow revocations but still hold the history of authorisation.

identitii Data Container

Signed hash of information
Financial institution public key
DLT transaction ID
identitii token
Sensitive Information (Passport, contract, etc.)
Legend


Stored on-chain
Stored on-premises

Architecture

Compatibility & Technical Stack

Oracle Enterprise Edition 11g, 12c
IBM MQ 7.5, 8, 9
RedHat Enterprise Linux 7.2
PostgreSQL 9.6

identitii Product

APPLICATION

Reference Implementation

GO 1.8 HYDRA 0.7.7 GRAFANA 4.2

MIDDLEWARE

Reference Implementation

Messaging: Rabbit MQ 3.6.6

Custom implementation

Messaging: We can support any middleware using AMQP 0.9 or 1.0. – WMQ 7.5, 8 et 9.01

PERSISTENCE

Reference Implementation

DB: SQL Server 2016, PostgreSQL, Oracle 11g – 12c

File: POSIX File System, FIleNet in development

Metrics: InfluxDB version 1.2.1

Custom implementation

DB: Require dedicated DB but can be on shared infrastructure
(e.g. DB on shared SQL Server instance, DB on Oracle Grid)

File: other options require analysis

Metrics: could feed events into Bank interface – e.g. via webservices, messaging protocols

DISTRIBUTED LEDGER

Reference Implementation

Ethereum v4

OPERATING SYSTEM

Operating System

Ubuntu Server 16.04.2 LTS on Red Hat Enterprise Linux (RHEL)
6.7 and 7.2

Architecture

x86 (64-bit)

RAM

8 GB

CPU

4 Cores

Disk Storage

256 GB

Number of units

4-6 depending on volume to cover high availability, fail over and disaster recover

Sample Reference Implementation 1

CUSTOMER UI VM
HYDRA 0.7.7
identitii
Executables (GO 1.8)
RABBIT MQ 9
MQ Manager
REDHAT 7.2
64 bits / 4 CPUs / 8 Go
BANK OP UI
HYDRA 0.7.7
GRAFANA 4.2
identitii
Executables (GO 1.8)
RABBIT MQ 9
MQ Manager
REDHAT 7.2
64 bits / 4 CPUs / 8 Go
CORE COMP VM
INFLUX DB 1.2.1
PostgreSQL 9.6.3
identitii
Executables (GO 1.8)
RABBIT MQ 9
MQ Manager
REDHAT 7.2
64 bits / 4 CPUs / 8 Go
ETHEREUM VM

ETHEREUM V4

REDHAT 7.2
64 bits / 4 CPUs / 8 Go

Sample Reference Implementation 2

CUSTOMER UI VM
HYDRA 0.7.7
identitii
Executables (GO 1.8)
IBM WMQ 9
MQ Manager
REDHAT 7.2
64 bits / 4 CPUs / 8 Go
BANK OP UI
HYDRA 0.7.7
GRAFANA 4.2
identitii
Executables (GO 1.8)
IBM WMQ 9
MQ Manager
REDHAT 7.2
64 bits / 4 CPUs / 8 Go
CORE COMP VM
INFLUX DB 1.2.1
ORACLE 12c
identitii
Executables (GO 1.8)
IBM WMQ 9
MQ Manager
REDHAT 7.2
64 bits / 4 CPUs / 8 Go
ETHEREUM VM

ETHEREUM V4

REDHAT 7.2
64 bits / 4 CPUs / 8 Go

The sizing of VMs (CPUs, RAM, Storage, SAN attachments) should be tweaked once business activity has been estimated.

To download a PDF version of this solution guide please click here