AWS Partner Network (APN) Blog

Riverside County California Digitizes Public Records Validation with AWS Blockchain Technology

By Srikanth Challa, Director, Global Sales, Blockchain – Infosys
By Vikrama Adethyaa, Sr. Partner Solutions Architect – AWS

Infosys-AWS-Partners
Infosys
Connect with Infosys-2

People around the world are familiar and comfortable with use of mobile phones, social networks, and digital technologies for remote interactions.

Most commercial sector organizations are transforming digital customer interactions to provide convenient and personalized experiences. People also expect the same experience when interacting with government agencies.

As part of the State of California’s larger technology vision, Riverside County—the fourth largest county in the state and 10th largest in the U.S.—wanted to deliver citizen-centric services through secure, effective, and innovative technology solutions.

However, Riverside County faced several challenges including a rapidly-changing digital technology landscape, privacy rules, threats of data theft and misuse, and managing and establishing the trustworthiness of resident records.

As with other government agencies trying to reduce the risk of data breaches, the County needed to architect decentralized records management systems connected through a distributed network.

This post discusses the County’s pilot solution using blockchain technology from Amazon Web Services (AWS) to enable any individual or organization to remotely validate the authenticity of a digital credential issued by the Riverside County Assessor-County Clerk-Recorder. The current process used in-person or mail authentication only.

The primary goal of the pilot is to modernize the Riverside County Assessor-County Clerk-Recorder Office’s paper-centric operations and meet citizen expectations through a new digital-centric approach.

Infosys, an AWS Premier Consulting Partner and Managed Service Provider (MSP), helped prioritize the use case and identify the participants and their interactions. Design-thinking workshops were conducted to validate the to-be process flows with the stakeholders and their legal, technical, and economic feasibility.

Infosys deployed the pilot solution and is partnering with the County to propagate the solution: onboarding more departments, agencies, and counties, as well as customizing the solution to fit more use cases.

The new platform will improve the security and data privacy of identities, credentials, and personally identifiable information (PII). It also solves paper records storage issues and enables different departments and agencies in the County to collaborate, thus minimizing duplication of effort.

Present Scenario and Challenges

“Trust is the cornerstone of every relationship.” This is also true for the interactions that take place between citizens and their governments.

Although paper is still the preferred medium of some government offices to create, store, and prove authenticity or establish the “trust” element of records, paper-centric processes are manual, time-consuming, and expensive.

Many state regulations still require outdated and inefficient procedures that rely on manually-generated paper records using “security paper” to establish the trustworthiness of the record.

The common practice is to authenticate a particular document by using security papers, wet signatures, or office seals. However, with easy access to specialty papers globally and things like advanced printers and editing software, these types of authentication processes often create avenues for fraud and don’t guarantee authentic sources of information.

There is a clear need for a common platform where valid credentials can be issued digitally, bypassing paper-centric processes, and where proof-of-record verification can be done by any individual or organization in real time.

Government departments and agencies are responsible for storing and maintaining an extraordinary amount of data including public records. However, issues of data security and privacy in the paper-centric approach limit the ability of governments to share data across departments and agencies.

Because citizens expect greater transparency and faster delivery of their record requests, integration and access are paramount.

Interacting with the government is often inconvenient for citizens because of redundant paper-centric operations across multiple agencies and departments. In many cases, citizens and businesses must wait until the physical copy of their proof-of-records or credentials are generated and authenticated, highlighting inefficiencies in the process and diminishing their experience.

Obtaining a physical official record can take weeks through the postal service, or hours traveling to government offices and waiting in the lobby for in-person services.

Many governments today are embarking on digital transformation projects to meet the growing expectations of citizens for digital interactions. Unfortunately, too often the continued use of legacy tools and paper-centric processes make these user interactions cumbersome and frustrating, not to mention vulnerable to fraud.

As part of the Digital Government Strategy of the U.S. Department of State, federal, state, and local government agencies are tasked with building a 21st century digital government that delivers better digital services to the people.

For Riverside County, the time for digital transformation is now.

“As Riverside County’s Assessor-County Clerk-Recorder, we are not just in the business of record keeping, record issuance, and valuing properties,” says Peter Aldana, Assessor-County Clerk-Recorder at County of Riverside. “We are in the business of providing the most convenient, timely, secure, and cost-effective services to our customers possible.

To achieve this, we need to advance our digital transformation strategy, and partner with industry experts and leaders like AWS and Infosys Public Services.”

Blockchain – The Paradigm Shift

We have seen multiple examples of how blockchain technology delivers solutions to government departments as they embark on their digital transformations.

Although the list of potential applications for blockchain in the public sector is always increasing, here are some of the main drivers of blockchain adoption in the public sector today:

  • Process Complexity and Information Silos: Manual processes are error-prone and arduous, and most government departments rely on manual record generation and verification systems. This often results in redundancy of processes and data, eventually creating information silos which can increase the processing time for a citizen’s request and the cost of government operations.
    .
  • Intermediaries: As a solution to cumbersome government agency processes, third-party intermediaries (brokers/agencies) step in to improve the citizen experience. This adds additional cost to the citizen’s request and often complicates the process, leading to a further delay in meeting demand.
    .
  • Cost-Efficiency: Governments need to fulfill their departmental objectives while responsibly managing scarce resources. Lack of automation and cumbersome paper-centric processes can lead to increased time and cost of compliance while harming citizens’ experience and satisfaction.
    .
  • Fraud and Error: Citizens are on the move, so their day-to-day physical location and even their home or residence can be fluid, requiring creative processes to manage citizen records and data. When citizens move, it becomes more difficult to access records stored in a siloed government ecosystem. The likelihood of errors and fraud also increases because of non-uniform and inconsistent data.
    .
  • Digital Government: On July 1, 2020 California’s Blockchain Working Group delivered their technical analysis, assessment, and recommendation report under the State’s AB 2658. The workgroup was tasked with taking an in-depth look at blockchain technology as a crucial and needed step to empower agencies to start their digital transformation journey.

Blockchain is a decentralized system of records or “ledger” that stores every transaction detail happening in the network.

Transactional data stored in a blockchain is cryptographically secured, which means encoding data using a mathematical algorithmic function that creates an alphanumeric code or “hash.” These transactional data or “blocks” are bound to each other in an unbreakable bond or “chain.”

Blockchain technology supports collaborative networks where participants can see and verify data in a trusted and transparent manner. It also reduces reconciliation needs and process and data redundancies, improving efficiency and minimizing cost.

Blockchain can deliver accuracy and trust among government departments, commercial sector organizations, and public users by facilitating a secure exchange of records and information. Through its cryptographic techniques, only certain metadata and the hash of the public records and credentials are stored and can be retrieved from the blockchain ledger to verify the authenticity of the data.

Blockchain technology has the potential to create a paradigm shift in the way private and public organizations operate today. Using its core strength of trust, unalterable source of truth (immutability), transparency, and privacy, blockchain provides the foundation to the digital-centric processes by making transactions fast, accurate, and secure.

AWS and Infosys Public Services Approach

Infosys Public Services collaborated with AWS to develop the blockchain-based, digital records fulfillment solution for Riverside County’s Assessor-County Clerk-Recorder Office.

To develop this pilot solution, Infosys used Amazon Managed Blockchain, which makes it easy to create and manage scalable blockchain networks using the open-source Hyperledger Fabric blockchain framework.

Figure : Conceptual view of the scalable blockchain network envisioned for Riverside County

Figure 1 – Conceptual view of the scalable blockchain network envisioned for Riverside County.

The objective of this pilot solution is to demonstrate how to bypass the generation of physical paper records using technology to support a fully digital record process from a citizen’s online request. This includes digital delivery of the requested record, while verifying the record’s authenticity and its trusted origin.

The ideal customer experience would be similar to purchasing a product online. In this case, the “purchase” is a record or document. Mirroring ecommerce, citizens can select needed records, authenticate themselves as the secured customer, make the payment, and receive digital delivery of the requested record in a few minutes through an electronic government portal.

Key considerations in the blockchain technology pilot solution include:

How will the citizen know the digitally generated record is official?

The Infosys pilot solution using blockchain is a proof of concept (PoC) for how the technology can be integrated with any agency’s existing internal or outward-facing electronic commerce system. This is accomplished through application programming interfaces (APIs) where the process from service request to digitally fulfilling the request is seamless for the citizen.

For the PoC, user interfaces were developed to illustrate how blockchain records authenticated and certified digital records onto its immutable ledger.

In the first part of the use case, the admin from the County Recorder’s office logs in to the admin portal of the application and completes the request form using the metadata of a particular credential (proof of record), which has been issued by the County Recorder’s office.

On the same page, they can drag and drop the PDF copy of the credential to create the hash (encrypted alphanumeric output of a fixed length). The admin can automatically store this information, including the hash that has been generated into the blockchain, and a success message is displayed.

Only agencies that are participants of the closed blockchain ecosystem can make entries onto the ledger, assuring citizens the digital record obtained is an official record.

Figure 2: Generating hash of a record, and storing the hash in blockchain ledger.

Figure 2 – Generating hash of a record, and storing the hash in blockchain ledger.

How will the entities receiving a digital record confirm it is official?

Records that are digitally issued can be authenticated by entities or agencies apart from the issuing agency by using an internet-hosted verification portal.

Using the closed-blockchain, anyone can visit a public portal hosted by the Riverside County Assessor-County Clerk-Recorder to check the authenticity of the digital copy (PDF) that was issued by the agency.

The website allows the user to drag and drop a digital record file to calculate the hash, which the application matches with the stored version in the blockchain ledger.

Figure 3: Authentication of records by matching the hash.

Figure 3 – Authentication of records by matching the hash.

How will Riverside County ensure digital records are delivered only to authorized entities?

The pilot solution enables reporting and audit log features in the admin portal. Admins can use the reporting feature to view and export the list of records and credentials that have been processed, as well as the corresponding hashes stored in the blockchain ledger along with the timestamps.

The audit feature can also be used by admins to check the instances a particular credential has been downloaded or processed for verification, and any anomalies on the ledger.

Figure 4: Audit and reporting features of the solution.

Figure 4 – Audit and reporting features of the solution.

High-Level Architecture

The pilot solution uses an Amazon Managed Blockchain platform that runs all the Hyperledger Fabric components, including the peer node, certificate authority (CA), and ordering service, within an Amazon Virtual Private Cloud (VPC).

Amazon Cognito is used to manage user authentication and authorization in the web application. Amazon API Gateway receives the request from the web application, which is then forwarded to the use-case-specific backend service. Blockchain transactions are invoked by an AWS Lambda function that interacts with the blockchain network using Fabric SDK.

All of the application-specific components are deployed in multiple AWS Availability Zones (AZs) to ensure high availability of the solution. Elastic Load Balancing is used to distribute incoming traffic across the AZs. The solution also uses AWS Secrets Manager to securely store and retrieve the credentials required to transact on the blockchain network.

Figure 5: High-level deployment architecture.

Figure 5 – High-level deployment architecture.

Customer Benefits

Enhanced Citizen Experience

The credential validation process becomes more efficient because validation can be done online by anyone. From a user’s perspective, the credential verification process during any service completion will be mostly contactless and paperless.

Lower Operational Cost

The solution reduces redundancy and streamlines the credential verification process. Eventually, this will help reduce the cost of compliance by enabling automated validation and eliminating paperwork.

Increased Process Efficiency

The solution accelerates service completion time by any government department. It also ensures data integrity by making sure the credentials contain trusted and error-free information.

Improved Transparency

Any individual user or organization can independently verify the digital copy of the credentials from a public website. By being extendable to the departments or agencies of other county governments that are credential issuers and verifiers, the solution can multiply the benefits of transparency across the states.

Increased Data Security

A blockchain-based public records management solution removes the need to maintain large pools of data, which may attract potential hackers. By decentralizing the credential verification system, the risk of data theft or manipulation becomes almost zero.

Greater Trust

The solution will offer “privacy by design” and complete control to the individuals over their credentials. The blockchain ledger doesn’t store any personal information from the credential, and the issuing authority doesn’t need to store the whole digital credential. Rather, the metadata and hash of the credential get stored in the blockchain.

Users can store credentials in their local devices. If required, they can even share credentials with a third party, who can check the authenticity of the digital copy of the credential, making the system more trustworthy.

The Path Ahead

Although the initial pilot solution focuses on the proof-of-records issued by Riverside County’s Office of the County Assessor-County Clerk-Recorder, the blockchain network can integrate additional government departments across the state of California.

Through this solution, departments or agencies can remove paper-centric processes and convert them to digital-record processes that can be trusted and verified. There will be no rip-and-replace of the existing core systems where the source of truth resides, and security and privacy will not be compromised. Existing IT systems will connect with the blockchain network using APIs.

Multiple departments and agencies can build a consortium that will strengthen the security of the blockchain ecosystem. This will establish standards for sharing data, and collectively drive change at the legislative level to modernize laws and regulations for the future.

.
Infosys-APN-Blog-CTA-1
.

Infosys – AWS Partner Spotlight

Infosys is an AWS Premier Consulting Partner and MSP that helps enterprises transform through strategic consulting, operational leadership, and co-creation of solutions in mobility, sustainability, big data, and cloud computing.

Contact Infosys | Partner Overview

*Already worked with Infosys? Rate the Partner

*To review an AWS Partner, you must be a customer that has worked with them directly on a project.