7. Self-Sovereign Identity (SSI)
Core message: Self-Sovereign Identity (SSI) is the next generation of decentralized, self-managed digital identity. You will hold it, on your own personal digital identity wallet, and only you decide who gets to “see” it and what of it they get to “see”.
​
Our 2-Cents: An area with many competing projects. Widescale international adoption of self-sovereign identity, for personal and business purposes, will be a defining moment in technology use.
Let's break it down...
​
The first model of digital identity was Siloed. Each organisation issued a digital identity credential to a user to allow them to access its services.
​
The second model of digital identity is Federated: digital identity credentials created by third parties that allow users to login to services and other websites (e.g. login with google). This, of course, raises privacy and security concerns.
​
The next model: Self-Sovereign Identity (SSI). You manage your own digital identity. You hold it, on your own personal digital identity wallet, and only you decide who gets to “see” it and what of it they get to “see”. Blockchain technology, Decentralized Identifiers and Verifiable Credentials enable this model of digital identity.
​
Basically, SSI means a person, or an organisation, completely owns, controls and manages their identity online. You are your own identity provider.
11 Key Principles of Self-Sovereign Identity (SSI)
Self-Sovereign Identity (SSI) provides an independent existence and absolute control for its users, who hold the access to their own data. That means no intermediaries owning or sifting through your data: it belongs to you.
​
SSI is transparent (so that you can understand any system or algorithm involved), interoperable (so it integrates well with other systems) and portable (meaning no vendor or device lock-in).
​
SSI offers persistence (the identities will last for as long as you want them to last… no need to worry about Facebook deleting your Instagram account) and protection (erring always on the side of protecting individuals’ freedoms and rights).
​
SSI prioritises consent (users must always agree to how their identity is being used — whether that’s to disclose or restrict data) and minimisation (you should only disclose the data that you need to, supporting privacy as much as you can.)
​
SSI values usability — it’s easy to use, adopt and understand. There are no complex bells and whistles, just the means to share and use the information you want, when you want, and it’s easy to carry around with you.
Technology behind Self-Sovereign Identity
While there are many competing projects, the concept of Self Sovereign Identity is widely held to be based on three main “pillars”:
-
Decentralized Identifiers (DID)
-
Verifiable Credentials
-
Blockchain
Decentralized Identifiers (DID) are free, unique, machine-readable, user-controlled, persistent and anonymous identifiers that are decoupled from the “personal data” about the user they “identify”.
​
Since the generation and assertion of Decentralized Identifiers is entity-controlled, each entity can have as many DIDs as necessary to maintain their desired separation of identities, personas, and interactions.
​
Secure connections are typically created by two or more peers creating and exchanging decentralized identifiers (rather than requiring the assistance of an intermediary “connection broker,” like Google, WhatsApp or an email provider).
​
DIDs provide secure connectivity; they do not by themselves provide trust - that’s where the second layer comes in.
Verifiable Credentials are a way of representing the attributes that we all associate with our identity e.g., a birth certificate issued by a government indicating when/where a person is born.
​
This enables anyone to verify the source, integrity, and validity of any data that is presented to them and to do so robustly and securely. This mechanism uses public key cryptography to digitally sign each data element.
​
The blockchain enables everyone in the network to have the same source of truth about which credentials are valid and who attested to the validity of the data inside the credential, without revealing the actual data.
​
For example, when an identity owner presents proof of their date-of-birth, rather than actually checking the truth of the date of birth itself, the verifying party will validate the government’s signature who issued and attested to this credential to then decide whether he trusts the government’s assessment about the accuracy of the data.
​
By leveraging blockchain technology Self-Sovereign Identity establishes trust between the parties and guarantees the authenticity of the data and attestations, without actually storing any personal data on the blockchain.
​
Advantages of blockchain for SSI:
- no backdoor or admin access for malicious changing of data
- no reliance on a single monopolistic provider that can turn it off
- chronologically ordered so you know you are retrieving current keys
RECOMMENDED READING
RECOMMENDED VIDEOS
RECOMMENDED RESOURCES
YOUR ROUTE TO UNDERSTANDING DEFI
01. Take the Tour | 02. Hear the Experts | 03. Join the Event |
---|