In our digital landscape, where personal data flows through networks like currency, the concept of self-sovereign identity (SSI) emerges as a beacon of empowerment and privacy. But what is SSI, exactly, and why should you even care?
What is self-sovereign identity?
Imagine having a digital wallet that keeps your identity safe – your age, educational information, driving licence, certifications, bank accounts, insurance coverage, concert tickets and membership passes – like a stack of virtual cards. SSI allows you to manage these cards yourself and decide who will be allowed to receive the data stored on them. Would you like to learn how it works? Then keep reading.
In traditional systems, third parties control and track our identities. These identity providers store our identities with relevant attributes and associate them with means for authentication. If you are using features like ‘Log in with your Google account’, then Google knows who you are and confirms your identity to the service you would like to access. This is convenient, since you only need one set of login credentials as opposed to dozens. But it also comes at a price with respect to privacy, since Google can track every single one of your login instances on the internet.
SSI flips the script. You create your digital identity, complete with a unique identifier, and keep it under your control. No third parties can track you and see when and where you use your identity. Every contact you make is only between you and the service provider you would like to connect with. Verifiable credentials (VCs) are your digital cards. Issuers (like educational institutions, employers, banks, sports clubs, shopping websites or government agencies) confirm your credentials. VCs are collected in your wallet, which is the only place they are stored until you are willing to share them. When you need to prove something (such as your age), you divulge only the information you would like to disclose from the relevant VC (‘selective disclosure’).
Why SSI matters
When you share data from VCs in your wallet, you can rest assured that issuers have verified this data and confirm its correctness. Recipients of information from VCs must verify the integrity of the VCs and the trustworthiness of issuers. To this end, VCs are secured with cryptographic signatures that facilitate fully automated, real-time verification for next to nothing. There is no longer any need for the time-consuming and often manual task of verifying the correctness of the data itself, since the data is guaranteed with the issuer’s signature.
Data owners have complete control over all the data in their wallet, and sharing VCs requires their explicit consent. The GDPR and the FADP are met by default by following the process of data minimization and recipients only requesting the data required for specific use cases (asking for more data than necessary still can get you into trouble).
As the data owner, you benefit twofold from this approach. By sharing VCs, there is no need for manual data entry, making typos and tedious form-filling a thing of the past. For some processes, though, form-filling is not enough. As an applicant, you also need to prove that the data you supply is correct. With SSI, this proof is built right into the VC-sharing process if the VC has been provided by a trustworthy issuer. This makes processes more secure and more convenient for you too.
The sky is the limit
Receiving and sharing your VCs is not limited to industries or countries. SSI is a technology that empowers you to use your VCs when, where and with whom you want. This is true of the digital world and even extends into the physical world, as you can prove your age when buying alcohol from a bricks-and-mortar shop, prove your identity when checking into a hotel or show your driving licence to a police officer.
SSI is not only a solution for individuals, but also for organisations and things. The very first use case was a commercial register that issued VCs to corporations. The possible applications are limitless, and the potential for brand-new business models is huge. Remember: SSI is not just a buzzword. It is a compass guiding us towards a future where owners have complete control over their identities.
Join the SSI revolution – your identity, your rules!
Blognews directly in your mailbox
The Airlock Newsletter informs you continuously about new blog articles.