Self-Sovereign Identity: What’s the Big Deal?

Written by affinidi | Published 2021/07/06
Tech Story Tags: self-sovereign-identity | verifiable-credentials | data-privacy | data-security | digital-identity | what-is-a-digital-identity | verifiable-credential | good-company

TLDR Self-Sovereign Identity (SSI) is an emerging philosophy that allows you to determine where your data is stored and how it’s used. SSI is implemented through something called verifiable credentials, which are tamper-proof digital credentials that can be verified cryptographically through a machine. Verifiable Credentials are digitally signed by the issuing authority and encrypted by the holder's private-public key pairs. The issuer generates a VC, digitally signs using its private key, and encrypts the data using its public key. The holder can choose to save VC in a custodial wallet or another decentralized wallet.via the TL;DR App

Do you know where your digital credentials like your full name, date of birth, phone number, government ID, and other Personally Identifiable Information (PII) are stored online, and how they are used?

For most of us, the answer is a NO.

In that case, how can you protect your data from unauthorized and malicious use? The simple answer, unfortunately, is you can’t, as is evident from the millions of records that get stolen every year.

Besides your credentials, do you know that thousands of companies collect your data such as your browsing history, shopping behavior, and even the way you hold and swipe your smartphone? All these are used to create your digital profile for targeted advertising, for hiring decisions, and more.

So, the big question is - how can you stop yourself from becoming a digital profile?

The simple answer - Self-Sovereign Identity.

Self-Sovereign Identity (SSI) is an emerging philosophy that allows you to determine where your data is stored and how it’s used. In essence, you own your data and control everything around it.

How does self-sovereign identity work?

Self-sovereign identity solutions provide a unified data and identity experience, regardless of the type of interaction.

Let’s understand this with an example. Let’s say, you’ve stored your full name, date of birth, and a government ID in a digital identity wallet, which is nothing but a place to securely store your credentials. This wallet is owned and maintained only by you, that is, only you know the credentials required to access this wallet and the information stored in it.

Now, you head out to buy some alcohol and the storekeeper wants to verify that you’re over 18 years of age. All that you have to do is share your date of birth digitally from your identity wallet to the shopkeeper’s system. In turn, this system verifies your age, deems you to be eligible to buy alcohol, and accordingly, the shopkeeper sells it to you.

Let’s take another situation. You’re traveling by air and have to prove your identity at the airport. In this case, you simply share your government ID digitally from your wallet. The airport authorities verify your identity and allow you to board the plane.

Similarities

Some of the similarities between the two situations are:

  • No physical identity is involved, so there’s no question of losing it
  • You only reveal what the other person wants to know. This is called selective disclosure
  • Your information is not stored anywhere by the verifying entities
  • You have complete control over how and with whom your data is shared
  • They are authentic as these credentials are digitally signed by the issuing authority.
  • It’s hassle-free for you and the verifier, as the entire verification process takes only a few minutes
  • From a verifier’s standpoint, the data you’ve shared is trustable and valid, as they are digitally signed and protected by cryptographic signatures.

Thus, SSI provides a secure and unified identity experience across all situations.

How does SSI Work?

Now, you might wonder how SSI works.

Well, SSI is implemented through something called verifiable credentials, which are tamper-proof digital credentials that can be verified cryptographically through a machine.

Entities in a Verifiable Credential There are three parties involved in VCs, and they are:

  • Issuer - The organization issuing your credentials like government departments, universities, and even startups
  • Holder - This is the owner of the data, which is you.
  • Verifier - This is the entity verifying your data to allow access to services

Workflow of a Verifiable Credential

Let’s see how it all comes together.

  • Firstly, the issuer and the holder agree and create a unique set of private-public key pairs. The issuer generates a VC, digitally signs using its private key, and encrypts the data using the holder’s public key.
  • This VC is sent to the holder who can decrypt it using its private key.
  • Next, the holder can choose to save the VC in a custodial wallet like the one offered by Affinidi or another decentralized wallet.
  • When needed, the holder compiles a set of VCs like date of birth, government ID, etc into a verifiable presentation that is digitally signed with the holder’s private key and encrypted using the verifier’s public key.
  • When the verifier receives this verifiable presentation, it decrypts using its private key and validates the digital signature of both the issuer and the holder using their respective public keys to ensure the authenticity of the issuer and the holder. ‘
  • Once verified, the holder gets access to the services offered by the verifier.

Simple, right? Yet, it can be effective to prevent unauthorized access or use of your data and identity.

SSI: What’s the Big Deal?

So, what’s the big deal about SSI? Why should you care?

Privacy and Control

SSI is everything related to your digital identity. You no longer have to worry about who monitors your data, where it is stored, how it is used, or anything else about your online activity.

With SSI, you can enjoy your privacy and have complete control and ownership over your data.

Highest Standards of Safety

Probably, the biggest advantage of SSI is your data safety as all sensitive information is stored in a wallet that can be accessed only by you.

There’s no more the question of your data sitting in a remote database of a large company waiting to be hacked.

Also, your data is protected through cryptographic signatures that enable real-time verifiability of trustable data.

May Be Built on Decentralized Ledger Technology

SSI solutions may be built on a Decentralized Ledger Technology (DLT) that uses cryptography to store data and digital signatures to verify its authenticity. Further, DLTs create an immutable record that can’t be deleted, and any update made to the data is stored for posterity.

All these features of the DLT create a sense of trust in the verifier’s mind and ensure your data safety and security.

That said, there are also other secure ways of building SSI solutions that don’t depend on DLTs, and regardless of which implementation method you choose, data security is assured.

Selective disclosure

SSI enables you to reveal only the data that needs to be revealed. In our above examples, you only reveal your date of birth to prove your age and nothing else, not even your name!

Further, your date of birth is not stored by the entity, rather it is verified cryptographically to allow you to buy alcohol.

Creates organizational trust

From an organization’s standpoint, SSI helps to create trust in the minds of customers as it empowers them and keeps their data safe. Also, it results in lower costs as companies don’t have to spend a ton of money to safeguard customers’ data.

No Multiple Passwords

It’s hard to find someone who enjoys creating and remembering passwords! And you have to create secure passwords that are long and complex, and you can’t write them down. Worse, you have to create and remember a password for every site you access.

With SSI, you can have freedom from remembering multiple passwords. It’s just one password to access your digital identity wallet where your data is safe and secure.

Summary of SSI’s Key Advantages

Here are some of the key takeaways for you

  • SSI safeguards your data from unauthorized use It gives total control and ownership of your data
  • Secured by cryptographic signatures to enhance the trustability of data
  • Verifies the timestamp of data to ensure its validity
  • Simple to use and does not entail you to remember multiple passwords
  • Supports selective disclosure of data

In all, SSI is the next big technological leap for mankind, and rightly so, given that it has the potential to tackle pressing issues such as online security, privacy, and identity theft.

Affinidi offers the building blocks and tech stack to create SSI-based solutions, Visit our site and follow us on LinkedIn, Facebook, and Twitter.

References

Affinidi. April 27, 2021. Another Data Breach! Can SSI Save Your Data? https://academy.affinidi.com/can-ssi-safeguard-your-information-from-hackers-1b256d3eb6cd

Guest Contributor. February 21, 2019. Behavioral Biometrics: Constructing the Digital You. https://www.dataprivacyandsecurityinsider.com/2019/02/behavioral-biometrics-constructing-the-digital-you/

Jeffrey Dastin. October 11, 2018. Amazon scraps secret AI recruiting tool that showed bias against women. https://www.reuters.com/article/us-amazon-com-jobs-automation-insight/amazon-scraps-secret-ai-recruiting-tool-that-showed-bias-against-women-idUSKCN1MK08G

Affinidi. June 24, 2021. Self-Sovereign Identity: What You Can/Can’t Do With SSI? https://academy.affinidi.com/self-sovereign-identity-what-you-can-cant-do-with-ssi-1284f7227b4e

Affinidi. June 14, 2021. 5 Reasons to Use an Identity Wallet. https://academy.affinidi.com/5-reasons-to-use-an-identity-wallet-c289ba2980cf

Affinidi. March 25, 2021. What are Verifiable Credentials (VCs), Demystified. https://academy.affinidi.com/what-are-verifiable-credentials-79f1846a7b9

Written by affinidi | Empowering individuals & organizations with control of verifiable data to unlock value across platforms & geographies
Published by HackerNoon on 2021/07/06
ABOUTHow hackers start their afternoons. We publish tech stories and build publishing software.

READEntirely free library read by hundreds of millions to learn anything about any technology.

WRITEHackerNoon elevates quality technology writing far and wide across the interwebs.

PARTNERHackerNoon works directly with tech companies to place ads by content relevancy