...
To understand this definition, let’s first take a step back: have you ever thought about what’s happening to your data right this moment? Think of the hundreds of accounts you’ve created throughout your lifetime and the personal information you provided these businesses: full name, birth date, address, credit card number, home address, etc. Currently, these businesses store and manage your information in their databases, and you have no control over what they do with it and who they share it with. Spooky, huh?
These authentication methods of authentication are based on centralized models, characterized by users having to give up their personal information repeatedly times without control.
These models are not just an inconvenience for users , but for organizations as well. Public and private entities concentrate millions of records and sensitive user information in their databases, making them very attractive desirable targets for hackers and . They must invest lots of money in security systems, GDPR compliance, and very complex authentication processes to combat cyberattacks and identity fraud.
Big tech companies attempted to tackle some of these issues by developing federated models of identity management models: single sign-on authentication methods such as those of Google or Facebook (iei.e. “Log in with Google”).
On the one hand, this model can drastically improve user experience by allowing users to sign up instantly, but on the other, it exacerbates privacy and security risks by further centralizing user data in their databases.
Then comes the self-sovereign identity (SSI), or decentralized identity paradigm, which promises to give users back control of their data, and businesses peace of mind. How is this possible?
...
This user-centric identity model enables users to manage their personal information and access all digital services via one single identity, password-free. |
|---|
...
The SSI ecosystem
...
Digital relationships and transactions rely upon trust, but with the abrupt launch into a fully digital world, this trust has weakened as traditional authentication methods became have become less reliable. In an effort to To limit identity fraud, businesses need to must request more and stronger proofs substantial proof of identity (scans of ID documents, second-factor authentication codes, dedicated authentication apps, etc.), and users suffer more complex onboarding processes.
...
Issuers: Entities that are authorized to issue specific Identity credentials such as universities (issuing student IDs and academic diplomas), governments (national IDs, driver’s licenses, passports, birth certificates, certificates of car ownership), financial institutions (credit scores), hospitals (medical records), employers (employee cards), etc.
Users (holders): Individuals or organizations subject to such Identity credentials. That is, the credential owners , who store, manage, and share these credentials through the use of a digital ID Wallet.
Verifiers: Verifiers are service providers that require identity verification and authentication for to access to their services (iei.e. banks, retail stores, insurance companies, hospitals, universities, etc.).
The backbone of SSI
Decentralized computing architectures provide the backbone to the ground-breaking SSI technology.
...
In real life and online, users need to identify themselves and do so through identifiers, which can be passport numbers, usernames, emails, telephone numbers, and more. In today’s world, these identifiers are issued and registered by centralized bodies such as government agencies, email providers, and telecommunication providers. Decentralized Identifiers are just that, decentralized, portable identifiers that are not tied to any centralized registry or identity provider; instead, rather they pertain to the owner or subject and are registered in a Distributed Ledger Technology (DLT) or Blockchain. In an SSI ecosystem, Issuers, Users, and Verifiers are all represented by one or more DIDs.
...
Blockchain/DLTs connect the SSI ecosystem through simple activities: storing DIDs and enabling decentralized public key infrastructures Public Key Infrastructures (PKIs).
PKIs are composed of a set of cryptographic keys, a public key (stored in the blockchain) tied to a private key (stored held by the user on their phone); this setup allows entities to verify the legitimacy and ownership of verifiable credentials. If one sends a credential claiming it was signed (issued) by an Authority, only the Authority’s public key published on the blockchain will verify the signature.
...
A user-centric Digital Identity model has extensive benefits for individuals and businesses alike. In the short term, the implementation of Decentralized Identities lays down a means to reduce administrative and compliance costs as well as and operational costs related to security for public administrations and online service providers.
Some of the benefits of implementing SSI technology include the following:
Decreased Identity fraud (identity theft) through the elimination of by eliminating centralized databases & passwords and with the introduction of introducing tamper-proof verifiable credentials and government-grade secure ID Wallets.
Improved conversion rates/reduced onboarding abandonment rates through one-click onboarding and authentication processes that enhance customer experience. Customers can forget about lengthy Know-Your-Customer (KYC) forms that force them to manually fill in the required information manually.
Increased efficiency for organizations, as resources are no longer used to manually verify individual credential authenticity and legitimacy manually.
New revenue streams with the issuance of verifiable credentials.
Boosted privacy & security through the use of advanced cryptography and DLTs.
Nonetheless, the SSI vision and philosophy go beyond instant benefits for the economy and, and in the long term, aims to provide a solution to the 1 billion people who do not have any type of identification and the 3.4 billion without a digital self.
...
On June 3, 2021, the European Commission took a firm step toward digital identity with the announcement of the construction of a single European digital identity. For this purpose, a proposal was presented to amend the existing eIDAS regulation to be fully aligned align with the principles of decentralized identity.
...
At GATACA we’re ready to make this a reality. Are you ready for a new identity model?
| Info |
|---|
Get started with your SSI journey for free if you have not yet created an account in Gataca Studio. → Start here. |