Lives get increasingly linked to apps, online services, and devices used to access a world of products and shared experiences. Without reservation millions of users interact with each other and businesses in ways not imaginable just a few decades ago. As a result online profiles where personal information is shared get created currently not reflecting decentralised self-sovereign identity. Rather a centralised identity data system controlled by third parties currently exists.
With the buzz of online activity, a mass of information flows between users, businesses and devices at a rapid rate. However, this information sharing includes personal data often compromised by security breaches, referred to as ‘leaks’. Consequently these data ‘leaks’ cause unnecessary stress through exposure that can damage users personally or financially.
A right to a self-sovereign identity
Every user has a right to a secure online identity owned and managed by them to mitigate these risks.
Currently, third parties hold and control a user’s digital identity influencing their online engagement from purchasing movie tickets and apps to cups of coffee these transactions get recorded and regulated by businesses users transact with.
Transactions between consumers and businesses require meticulous attention to ensure the exchange of data maintains privacy and security for all parties. Therefore, a rules-based decentralised self-sovereign identity system can give users and organisations increased data control. Furthermore, improved control and robust security will build trust between all stakeholders, improve service delivery and keep users safe.
Decentralisation is key to self-sovereign identity
Decentralisation transfers control and decision-making from a third-party service provider to a distributed network. Without a doubt this distributed network gives users control over managing their digital profiles making it self-sovereign.
Self-sovereign means people control their digital identity and associated verifiable credentials during these transactions not relying on service providers like Facebook and Google (think: sign in with Google) to store and share personal information with others. Consequently, with a self-sovereign identity, users exist online independently from these service providers sharing information with them at will.
Identifying people in a digital context
Decentralised self-sovereign identity uses digital identifiers and independent, self-owned, verifiable credentials to facilitate trusted data exchange. To clarify, verifiable credentials are identity claims such as proof of workplace and residence, memberships or university degrees. Users access and control these credentials using a secure digital wallet stored by them on a smart device.
Organisations, apps, and services can request and verify digital identities using these identifiers for various reasons by gaining access to the wallet.
Digital information gets protected using blockchain technology, distributed ledgers and key cryptography.
Blockchain technology is a highly secure, decentralised ledger recording transactions across a peer-to-peer network. As a result the blockchain tracks assets (like Bitcoin) in a business network allowing users to initiate and confirm transactions without any central clearing authority, like a bank.
A distributed ledger is a shared database between multiple users in which they maintain and update a synchronised copy of data positively managed and controlled by the person owning the information.
A cryptography key is a line of numbers and letters used within an encryption algorithm for altering data to appear random. For example, like a door key, it locks (encrypts) data and only someone with the correct key can unlock (decrypt) that data.
A real-world scenario of self-sovereign identity
Janice works at Bright & Sparks, which introduced a verifiable credential solution. This solution gives Janice a better way to prove she is an employee at Bright & Sparks.
After providing her employer a username and password to their network, she requests proof of employment verifiable credentials. Bright & Sparks certifies Janice’s identity and sends her a signed verifiable credential that Janice stores in her digital wallet as part of her self-sovereign identity.
In conclusion, online users have been waiting to control their digital information not relying on third-party providers using that information for their gain. Consequently a decentralised self-sovereign identity facilitates meeting this need safely and efficiently.
One day there will be no printing a proof of residence or copying and certifying of ID books to prove who we are. This technology will remove many barriers and frustrations in purchasing and consuming products by making online engagements seamless and satisfying. Decentralised self-sovereign identity is a data privacy game changer.