Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

What is Self-Sovereign Identity (SSI)?

Self-Sovereign Identity is a nascent technology combining the simplicity and usability of a single sign-on with advanced cryptography and Distributed Ledger Technologies (DLTs) that provide government-grade secured access to digital services.

To understand this definition, let’s take a step back: have you ever thought about what’s happening to your data?

Think of the hundreds of accounts you’ve created throughout your lifetime and the personal information you provided these businesses: full name, birth date, address, credit card number, home address, etc.

These authentication methods are based on centralized models, characterized by users having to give up their personal information repeatedly without control.

These models are not just an inconvenience for users but organizations as well. These entities concentrate millions of records and sensitive user information in their databases, making them desirable targets for hackers and having to invest lots of money in security systems, GDPR compliance, and complex authentication processes to combat cyberattacks and identity fraud.

Big tech companies attempted to tackle some of these issues by developing federated identity management models: single sign-on authentication methods such as those of Google or Facebook (i.e. “Log in with Google”).

On the one hand, this model can drastically improve user experience by allowing users to sign up instantly, but on the other, it exacerbates privacy and security risks by further centralizing user data in their databases.

Self-sovereign identity (SSI), or decentralized identity paradigm, gives users back control of their data, and businesses peace of mind. How is this possible?

Decentralized technologies have provided the foundation to develop a novel, trust, and global authentication layer for the internet and revolutionize digital relationships and interactions between individuals, organizations, and things.

The SSI ecosystem

Digital relationships and transactions rely upon trust, but with the abrupt launch into a fully digital world, this trust has weakened as traditional authentication methods have become less reliable. To limit identity fraud, businesses must request more substantial proof of identity (scans of ID documents, second-factor authentication codes, dedicated authentication apps, etc.), and users suffer more complex onboarding processes.

SSI attempts to re-establish this trust by increasing security without compromising user experience or privacy. In doing so, the model proposes new methods of interactions and categorizes agents into three main groups:

  • Issuers: Entities that are authorized to issue specific Identity credentials such as universities (issuing student IDs and academic diplomas), governments (national IDs, driver’s licenses, passports, birth certificates, certificates of car ownership), financial institutions (credit scores), hospitals (medical records), employers (employee cards), etc.

  • Users (holders): Individuals or organizations subject to such Identity credentials. That is, the credential owners who store, manage, and share these credentials through a digital ID Wallet.

  • Verifiers: Verifiers are service providers that require identity verification and authentication to access their services (i.e. banks, retail stores, insurance companies, hospitals, universities, etc.).

The backbone of SSI

Decentralized computing architectures provide the backbone to the ground-breaking SSI technology.

DIDs and VCs are two fundamental standards of SSI technology established by the World Wide Web Consortium (W3C), an international organization that generates recommendations and standards for the internet. Both concepts, together with blockchain or Distributed Ledger Technologies, make up the powerhouse of SSI.

What are Decentralized Identifiers (DIDs)?

In real life and online, users need to identify themselves and do so through identifiers, which can be passport numbers, usernames, emails, telephone numbers, and more. In today’s world, these identifiers are issued and registered by centralized bodies such as government agencies, email providers, and telecommunication providers.

DIDs are decentralized, portable identifiers that are not tied to any centralized registry or identity provider. Instead, they pertain to the owner or subject and are registered in a Distributed Ledger Technology (DLT) or Blockchain. In an SSI ecosystem, Issuers, Users, and Verifiers are all represented by one or more DIDs.

What are Verifiable Credentials (VCs)?

Verifiable Credentials (VCs) enable users to finally have trustworthy, tamper-proof, and machine-verifiable digital identity documents.

Think of your passport in a secured, digital ID wallet that you can use to travel, or a digital academic diploma that you can use to apply for a job application without having to personally request the university’s administration to issue an “authentic version” every time a new entity requests it from you. Goodbye administrative headaches!

The role of Blockchain and Distributed Ledger Technologies (DLTs)

Blockchain/DLTs connect the SSI ecosystem through simple activities: storing DIDs and enabling decentralized Public Key Infrastructures (PKIs).

PKIs are composed of a set of cryptographic keys, a public key (stored in the blockchain) tied to a private key (held by the user on their phone); this setup allows entities to verify the legitimacy and ownership of verifiable credentials. If one sends a credential claiming it was signed (issued) by an Authority, only the Authority’s public key published on the blockchain will verify the signature.

Unlike private keys, public keys are stored in the blockchain, enhancing their resistance, resilience, and integrity.

Benefits of SSI

A user-centric Digital Identity model has extensive benefits for individuals and businesses alike. In the short term, the implementation of Decentralized Identities lays down a means to reduce administrative and compliance costs and operational costs related to security for public administrations and online service providers.

Some of the benefits of implementing SSI technology include the following:

  • Decreased Identity fraud (identity theft) by eliminating centralized databases & passwords and introducing tamper-proof verifiable credentials and government-grade secure ID Wallets.

  • Improved conversion rates/reduced onboarding abandonment rates through one-click onboarding and authentication processes that enhance customer experience. Customers can forget about lengthy Know-Your-Customer (KYC) forms that force them to fill in the required information manually.

  • Increased efficiency for organizations, as resources are no longer used to verify individual credential authenticity and legitimacy manually.

  • New revenue streams with the issuance of verifiable credentials.

  • Boosted privacy & security through the use of advanced cryptography and DLTs.

Nonetheless, the SSI vision and philosophy go beyond instant benefits for the economy and, in the long term, aims to provide a solution to the 1 billion people who do not have any identification and the 3.4 billion without a digital self.

SSI Outlook

Europe has positioned itself as one of the most advanced regions globally for Self-Sovereign Identity.

On June 3, 2021, the European Commission took a firm step toward digital identity with the announcement of the construction of a single European digital identity. For this purpose, a proposal was presented to amend the existing eIDAS regulation to fully align with the principles of decentralized identity.

This announcement triggered several key announcements in favor of Self-Sovereign Identity by strategic Member States, such as Germany, Spain, Finland, and the Netherlands.

As we see with European local governments, other nations such as Korea, Ethiopia, Canada, and India are already pioneering this technology in various use cases.

Self-sovereign identity technologies are becoming the linchpin of economic growth. If we think about it, all businesses need to authenticate their users, and with the exacerbation of digital transformation, the need to securely and efficiently authenticate users has become urgent for client satisfaction.

At GATACA, we’re ready to make this a reality. Are you ready for a new identity model?

  • No labels