Self-Sovereign Identity (SSI) ensures secure and trustworthy digitization. Users can self-sovereign their digital identity and credentials such as ID cards or certificates to applications. The European SSI ecosystem breaks dependencies on monopolists and gives us the freedom to shape the digital future with confidence and speed.
Contents
What is Self-Sovereign Identity (SSI)?
Time, IT security, privacy, and convenience are the key aspects when implementing new processes or operations of IT services in companies and on the Internet. The main obstacles are processes that either require a great deal of explanation or, due to their simplicity, are security-prone and dependent on external monopolists. Therefore, processes are required that, on the one hand, guarantee a high level of IT security and, on the other hand, can be implemented efficiently and autonomously.
The concept of Self-Sovereign Identity (SSI) is increasingly emerging as the process of choice for enterprises, IT service providers, and users, as it is not only secure and efficient but also allows self-determination in the release of sensitive data.
Currently, centralized ID providers such as Google and Facebook dominate the management of identity data of very many IT services around the world, which leads to a great dependence on society, companies, and users in terms of the progress of digitalization. They also use sensitive personal data for their own advertising purposes. or make it available to other companies in order to make money from it. This weakens the privacy of users and has consequences in terms of acceptance. Self-Sovereign Identity (SSI) will help to solve these problems.
Process SSI
With Self-Sovereign Identity (SSI), users control and own their digital identities and other verifiable digital credentials without relying on a central authority, such as Facebook or Google, to do so. They are therefore completely independent of third-party entities and decide completely autonomously who is provided with which identity data, as all identity data is stored exclusively with them in the SSI wallet.
This enables a simple, flexible, secure, and trustworthy exchange of tamper-proof digital credentials between users and applications.
SSI involves three actors (issuer, owner, and verifier) who interact together with the SSI blockchain infrastructure. Each of these actors has a defined important role.
Issuer (Issuer).
In the SSI ecosystem, there are issuers who hold verifiable digital credentials such as certificates of identity (ID card, company or service ID card …), driver’s licenses (car/motorcycle, airplanes …), certificates (high school diploma, bachelor’s degree, master’s degree … ), confirmations (authenticity confirmation, vaccination confirmation, …) qualifications (license to practice medicine, nurse, master painter …), powers (official authority, residence authority …), qualifications (further education certificates, personal certificates …).
Issuers are, for example, residents’ registration offices, road traffic offices, schools and universities, companies, professional associations, authorities, qualification organizations, or TÜVs. The digital proofs are digitally signed by the issuers.
Anyone who wants to verify this digital proof can determine whether the integrity and authenticity of the digital proof is in order, but also whether the issuer is genuine.
With Self-Sovereign Identity, the verifiable public keys, revocation lists, and other meta-information are enshrined in the SSI blockchain and can be easily accessed by the verifiers.
Essential to this process is that issuers are both authorized and trusted. In addition, the transfer of verifiable digital credentials between the issuer and the users’ SSI wallet must be encrypted.
Verifier (acceptance point).
The acceptance points in this SSI ecosystem need verifiable digital evidence to use and further process the presented digital evidence in a process or application (off- or online). Ideally, this is done completely automatically.
For this purpose, the application can use the cryptographic and meta information from the SSI blockchain to verify the authenticity of the digital evidence. It is essential that the transmission of the verifiable digital evidence between the owner and the verifier is encrypted.
Owner (Holder)
The holder usually has a corresponding SSI app on their mobile device, which stores an SSI wallet with the digital evidence. It is also possible to use a cloud agent. This is particularly useful for backup scenarios. Owners can request all verifiable digital proofs from the corresponding issuers and store them in their own SSI wallet.
It is possible to send only certain fields or derived information of a digital proof to the verifier, i.e. only the one required piece of information. This feature is implemented using zero-knowledge proof protocols.
Blockchain at Self-Sovereign Identity (SSI).
The SSI blockchain infrastructure is a decentralized blockchain network with IT security and trustworthiness mechanisms, where information of issuers and for issuing proofs as transactions is stored in a tamper-proof way. This means that on this basis, the actors are able to verify the authenticity, origin as well as the integrity of the digital proofs without the SSI blockchain knowing the owners or the issued proofs.
In the SSI ecosystem, several different SSI blockchain networks can be integrated in the sense of network-of-networks. This makes the ecosystem simple, scalable, and efficient for implementation in different areas.
Application examples of Self-Sovereign Identity
Optimization of the process of a car rental
Anyone who has ever rented a car knows the situation when we want to rent a car: The employee of the car rental company needs a perceived eternity to check the ID, driver’s license, and credit card, copy them and enter the data in the PC. With Self-Sovereign Identity (SSI), this process would be greatly simplified and shortened:
Once at the counter, a QR code is scanned by the customer. Then, the digital evidence (ID, driver’s license, credit card, vouchers …) is released by the customer and made available to the car rental company so that it can process it directly in an automated manner. The rental contract can then be digitally signed, for example, and the handover of the car key (as a physical or digital key). Quasi simultaneously, the processes run securely and trustworthily in the background.
Optimizing the hotel check-in/access control process in the company
Arriving at the hotel, the guest is asked to scan a QR code. Afterward, the digital proofs are released by the customer, for example, personal ID and company ID. This allows the hotel to verify and accept the guest’s affiliation with a company and the delivery address for the invoice. The usual registration form is then automatically generated and forwarded, and registration is thus completed within seconds.
SSI works in a very similar way for access control in companies: Authorizations and affiliations are checked and registered as soon as you enter, without the need for a gatekeeper.
SSI ecosystem for digital identities in the future – pros and cons
The SSI ecosystem will only be accepted and used by users if they trust the operations. For this to happen, the technologies, as well as the companies involved, must be trustworthy.
An important trustworthiness mechanism is the appropriate use and storage time of digital evidence by users. For this, it is essential that after the digital evidence has been verified and the content has been used, the application must delete it immediately when there is no longer a need. Permanent storage is no longer necessary, and the user can only generate the proof again within seconds if there is a (new) need.
Business and societal relevance of an SSI ecosystem for digital identities.
The aspects mentioned below demonstrate the business and societal relevance of an SSI ecosystem.
1. Digitization and acceptance by citizens
Digitization is highly relevant to business, as the use of new technologies helps to simplify procedures and make processes more efficient. As such, it represents an important factor in maintaining competitiveness. In principle, many users would like to see processes and procedures simplified through the use of digital technologies, for example, at the city administration, at banks/insurance companies, when shopping online, etc.
Users want to be able to make all these routine applications quickly, easily, and smoothly via the Internet. However, more and more users are suspicious about the use of their data because they do not know where their personal data is going and what is being done with it. Despite their skepticism, users are also willing to build trust.
In doing so, they expect companies to act both responsibly and trustworthy when using new technologies, because only when users realize that their trust is justified will they accept and use new technologies and IT services.
2. Economic relevance of an SSI ecosystem for digital identities
Processes carried out manually and existing media disruptions are the reason for inefficient processes and thus impair the potential for optimal productivity. Based on this, the economic and political relevance of accelerated digitization can be derived.
Use cases show, for example, how the optimization of supply chains can be implemented by means of digitization, in that important proofs can be processed simply, quickly, securely, and trustworthily using IT technology. The implementation of digital identities and proofs has a high economic benefit for the application companies.
3. Technological sovereignty
Technological sovereignty is an increasingly important factor, since in the short to medium term the value-added share of IT as well as the Internet and thus data is increasing enormously in all industries. For free, independent, and full use in the sense of opportunities to shape our society, competence building must be driven forward in a targeted manner in important key industries and key technologies must be developed.
Only in this way is it possible to counter potential risks that may arise from dependencies on market leaders and countries of origin. To this end, it is necessary to reduce dependencies and make the use of technologies that will be relevant in the future sovereign and trustworthy.
Summary
Self-Sovereign Identity (SSI) ensures faster, more secure, and more trustworthy digitization. Users can self-sovereign their identity and other digital proofs to applications. The SSI ecosystem breaks dependencies on monopolists and gives us the freedom to shape the digital future more independently.
Information Security Asia is the go-to website for the latest cybersecurity and tech news in various sectors. Our expert writers provide insights and analysis that you can trust, so you can stay ahead of the curve and protect your business. Whether you are a small business, an enterprise or even a government agency, we have the latest updates and advice for all aspects of cybersecurity.
