In an era of constant digital threats and fraud, the area of data security is becoming increasingly important. Securing our digital identities, passwords, biometrics, and transactions is becoming crucial. Until recently, for authentication, we relied on the so-called "something you know," which mainly involved remembering a password and username. If the user forgot the password, we asked for their childhood pet's name or favorite color. It must be admitted that this was not an ideal method of verification due to the fleeting nature of memory and the possibility of unauthorized persons discovering the password. We then moved on to "something you have" – for example, code cards for authorizing transactions, but this method also proved unreliable (the card can be lost/stolen/code obtained fraudulently). With the implementation of the PSD2 directive, we are increasingly combining the previous two methods with "something you are," i.e., using biometric markers for authentication while maintaining the previous two methods. Single sign-on with a password and login, followed by biometric verification, is becoming more common. Nuggets has taken it a step further. They have combined biometrics with blockchain for the authorization and authentication of transactions and users. The platform stores login data, personal data (first name, last name, home and correspondence addresses, etc.), and biometric markers in the blockchain to prevent unauthorized access or enable controlled and user-managed access.

Currently, the average user has about 50 different accounts. Eliminating the need for them to remember passwords or logins and enabling single sign-on using facial scans or fingerprints, along with securing their data with blockchain, seems to be a necessity for creating modern, user-friendly digital services. Nuggets utilizes the open W3C credential standard and zero-knowledge proof (ZKP), which means that the user can prove their identity without providing any personal data. The platform also offers flexibility by allowing the introduction of additional security measures, such as a PIN.

By utilizing a biometrically verified digital identity based on an immutable blockchain connected to a payment source, Nuggets eliminates the risks of fraud and identity theft. Perhaps most importantly, the identifier ensures that the person logging in is the rightful owner, and the service connecting the user with their bank operates in a secure environment. In the case of verified identifiers on both sides of the transaction, payment requests made outside of established channels cannot and will not be processed. This protects both parties involved in the transaction.

From a legal perspective, the platform complies with GDPR and meets the requirements of the PSD2 directive. It is modular (verified login, transaction, or ID) and its integration via API is simple and secure. By utilizing open standards such as verifiable credentials (VC) from W3C, decentralized identifiers (DID), DIDComm Messaging (DIDComm), and the Key Event Receipt Infrastructure (KERI), Nuggets truly enables global interoperability as a Self-Sovereign ID (SSI).