At first sight, privacy and strong identity seem inherently at odds. Indeed, if users are strongly identified during a transaction, then privacy is non-existent. Nevertheless, there exist mechanisms that can reconcile privacy and strong identity, either by trusting an online identity provider (IDP), or by using cryptographic mechanisms such as anonymous credentials. The former approach, made popular by technologies such as SAML, OpenID Connect, and Facebook Connect, has the disadvantage that the IDP forms a single point of failure in terms of privacy and security, because it can impersonate and track its users online. The latter approach has the disadvantage that users have to rely on trusted hardware such as smartcards to protect credentials from compromise and from illegitimate sharing. OLYMPUS will take a radically new approach offering the seamless user experience of online IDPs, but without their drawbacks. Namely, OLYMPUS will pioneer the concept of distributed oblivious identity management, where the role of the IDP is split over multiple authorities, so that no single authority can track or impersonate their users. By exploiting advanced techniques based on threshold cryptography, the OLYMPUS framework will let users maintain unlinkable identities with different service providers while using standard devices and a single password or biometric. By leveraging existing eID solutions to create a strong link to physical identities, and by integrating into existing frameworks to ease adoption by service providers, OLYMPUS will establish a secure and interoperable European identity management framework. Its practical feasibility and relevance will be demonstrated in two pilots. The first combines the framework with soft identity proofs to build a mobile driver license application that can be used for offline purchases of restricted goods. The second use case will leverage pseudonymous identification in the financial world to simplify online credit application

Against the background of the regulation 2014/910/EU on electronic identification (eID) and trusted services for electronic transactions in the internal market (eIDAS), the FutureTrust project aims at supporting the practical implementation of the regulation in Europe and beyond. For this purpose the FutureTrust project will address the need for globally interoperable solutions through 1) basic research with respect to the foundations of trust and trustworthiness, with the aim of developing new, widely compatible trust models or improving existing models, 2) actively driving the standardisation process, and 3) providing Open Source software components and trustworthy services as a functional base for fast adoption of standards and solutions. FutureTrust will demonstrate positive business cases for the reliance on electronic signatures, sealing services, and long-term authenticity of data and documents, all with a focus on accountability, transparency and usability. For a subset of use cases, carefully selected for relevance and visibility, the FutureTrust consortium will devise real world pilot applications for the public and private sector with a focus on legally significant global electronic transactions in between EU member states and with non-EU countries. The FutureTrust project will in particular develop a comprehensive Open Source validation service as well as a scalable preservation service for electronic signatures and will provide components for the eID-based application for qualified certificates across borders, and for the trustworthy creation of remote signatures and seals in a mobile environment. Furthermore, the FutureTrust project will extend and generalize existing trust management concepts to build a “Global Trust List”, which allows to maintain trust anchors and metadata for trust services and eID related services around the globe.