In our digital landscape, where personal data flows through networks like currency, the concept of self-sovereign identity (SSI) emerges as a beacon of empowerment and privacy. But what is SSI, exactly, and why should you even care? 

What is self-sovereign identity?

Imagine having a digital wallet that keeps your identity safe – your age, educational information, driving licence, certifications, bank accounts, insurance coverage, concert tickets and membership passes – like a stack of virtual cards. SSI allows you to manage these cards yourself and decide who will be allowed to receive the data stored on them. Would you like to learn how it works? Then keep reading.

In traditional systems, third parties control and track our identities. These identity providers store our identities with relevant attributes and associate them with means for authentication. If you are using features like ‘Log in with your Google account’, then Google knows who you are and confirms your identity to the service you would like to access. This is convenient, since you only need one set of login credentials as opposed to dozens. But it also comes at a price with respect to privacy, since Google can track every single one of your login instances on the internet.

SSI flips the script. You create your digital identity, complete with a unique identifier, and keep it under your control. No third parties can track you and see when and where you use your identity. Every contact you make is only between you and the service provider you would like to connect with. Verifiable credentials (VCs) are your digital cards. Issuers (like educational institutions, employers, banks, sports clubs, shopping websites or government agencies) confirm your credentials. VCs are collected in your wallet, which is the only place they are stored until you are willing to share them. When you need to prove something (such as your age), you divulge only the information you would like to disclose from the relevant VC (‘selective disclosure’).

 

Why SSI matters

When you share data from VCs in your wallet, you can rest assured that issuers have verified this data and confirm its correctness. Recipients of information from VCs must verify the integrity of the VCs and the trustworthiness of issuers. To this end, VCs are secured with cryptographic signatures that facilitate fully automated, real-time verification for next to nothing. There is no longer any need for the time-consuming and often manual task of verifying the correctness of the data itself, since the data is guaranteed with the issuer’s signature.

Data owners have complete control over all the data in their wallet, and sharing VCs requires their explicit consent. The GDPR and the FADP are met by default by following the process of data minimization and recipients only requesting the data required for specific use cases (asking for more data than necessary still can get you into trouble).

As the data owner, you benefit twofold from this approach. By sharing VCs, there is no need for manual data entry, making typos and tedious form-filling a thing of the past. For some processes, though, form-filling is not enough. As an applicant, you also need to prove that the data you supply is correct. With SSI, this proof is built right into the VC-sharing process if the VC has been provided by a trustworthy issuer. This makes processes more secure and more convenient for you too.

The sky is the limit

Receiving and sharing your VCs is not limited to industries or countries. SSI is a technology that empowers you to use your VCs when, where and with whom you want. This is true of the digital world and even extends into the physical world, as you can prove your age when buying alcohol from a bricks-and-mortar shop, prove your identity when checking into a hotel or show your driving licence to a police officer.

SSI is not only a solution for individuals, but also for organisations and things. The very first use case was a commercial register that issued VCs to corporations. The possible applications are limitless, and the potential for brand-new business models is huge. Remember: SSI is not just a buzzword. It is a compass guiding us towards a future where owners have complete control over their identities.

Join the SSI revolution – your identity, your rules!

Blognews directly in your mailbox

The Airlock Newsletter informs you continuously about new blog articles.

Subscribe blognews

Information for you

-Our whitepapers-

Executive View: KuppingerCole - Airlock Secure Access Hub for applications and APIs

This KuppingerCole Executive View report provides an architectural and functional overview of the Airlock Secure Access Hub, an integrated platform for secure access management - a multicloud-native security tool for web applications, APIs and beyond.

 

Fill out the form now and receive Executive View!

Whitepaper: Security for cloud-native applications

You can read about how companies can ensure the security of web applications and APIs in Kubernetes in the white paper "Security for cloud-native applications", which was created in collaboration between heise and Airlock.

 

Request whitepaper

Whitepaper: Zero Trust is a journey

The ongoing digital transformation of the world is progressing and having a profound impact on our personal and professional lives in ways that were difficult to imagine just a few years ago.


This white paper discusses the effects of continuous digitalization and its impact.

Request free of charge

Off to DevSecOps

In this white paper, you will learn the most important insights into how you can implement DevSecOps successfully and efficiently, which security components are required for this and the advantages of a microgateway architecture.

 

Request free of charge

Airlock 2FA - Strong authentication. Simple.

Double security - this is what two-factor authentication offers in the field of IT security.


Find out more about strong authentication and the possibilities offered by Airlock in our white paper.

Download for free

Further whitepapers

We provide you with free white papers on these and other topics:

 

  • Successful IAM projects
  • compliance
  • Data protection (DSGVO)
  • Introduction of PSD2
  • PCI DSS requirementsPCI DSS requirements
Request free of charge