In the physical world, you prove your identity using a birth certificate, identity document or driving licence. On the internet, you use a mix of usernames and passwords stored in many unknown locations that often cause privacy and security issues.
The challenges of current identity management systems
The more you transact online, the more digital footprints you leave. Many sites ask you to provide personal and financial information before using their services. This information then gets stored on the internet databases, which can create security as well as privacy issues. Third parties may gain access to your information without your consent. If a hacker gains access to one of these databases, you may become a victim of identity theft.
Organisations want to remain relevant in today’s digital economy. Digital identities, however, are completely siloed and every organisation must become security and identity experts to know who they are interacting with both online and offline. Manual processing of customer information, keeping up with data changes and proving the authenticity of customer documents means that managing all these identities becomes costly, time-consuming and a security nightmare for organisations.
Government bodies must protect a country’s most treasured data. Identity management is therefore becoming increasingly important for governments to protect against cyber threats and to ensure the right users have access to the right information.
Solving this identity problem starts with a ‘self-sovereign identity’ (an SSI), an identity that you create, control, own and maintain as data stored on a smartphone or computer’s hard drive. It is the digital equivalent of your non-digital identities such as birth certificates and passports that you keep in a safe place and share when needed.
When combined with verifiable claims and digitally signed attestations from relevant authorities, this self-sovereign identity enables any person, organisation or entity to interact directly with any other person, organisation or entity – with trust and privacy.
Globally scalable self-sovereign identity requires an open source, decentralised network which no single authority owns or controls: distributed ledger technology known as the blockchain.
The blockchain provides a secure and sustainable solution for identity management issues.
This technology enables unalterable and verifiable digital identities that allow anyone to prove who they are while maintaining their privacy rights. Businesses, healthcare institutions and individuals all stand to benefit from this revolutionary technology’s potential for a sustainable solution. The World Bank estimates 1 billion people worldwide are without formal identities. Digital identities will unlock access to basic and empowering services, from healthcare and education to financial inclusion.
Platforms that protect your identity from theft can be created using the blockchain (see use cases below). Rather than numerous usernames and passwords, you can create an encrypted digital identity and choose who you share it with. Permissioned blockchains allow decentralised registration methods, which means no third party can interfere with your personal information without your consent.
Blockchain technology enables thorough security checks reducing fraudulent activities and saving businesses valuable time and resources.
Civic: Using blockchain technology, Civic has created the Civic app, a digital wallet that bridges your physical and cyber credentials. It will eventually be able to hold not only your verified ID, but other types of personal information you use regularly: credit cards, passwords, ticket information, etc. Your information is secured with blockchain attestations, encrypted and accessible using biometrics. It is usable only with independently verifiable attestations – making it very difficult for anyone to use your data, even if you lost your mobile device.
The Sovrin Foundation: The Sovrin Foundation is a non-profit organisation that allows anyone, regardless of circumstance, access to the Sovrin Network and its utility. This network uses blockchain technology to enable the exchange of cryptographically signed credentials, which could represent things as diverse as an airline ticket or a driver’s licence. No more hodgepodge of usernames and passwords to authenticate yourself. This trust model promotes independence and improves protection from third-party interference, placing you in control of your identity and at the centre of your digital transactions.
Phillip Windley, the author of books, including Digital Identity, and Chairman of the Sovrin Foundation, will be speaking at the BAC19 in Johannesburg. He will be addressing the application of blockchain technology in self-sovereign identity through his topic ‘A Global, Public Network for Self-Sovereign Identity’.
Heather Dahl, a cybersecurity advocate passionate about self-sovereign identity and Executive Director of the Sovrin Foundation, will be speaking about ‘Advancing Identity and Trust Through Diversity’ at the BAC19in Cape Town.
Evernym: Evernym, named ‘Cool Vendor 2018’ by Gartner, has developed the Evernym Accelerator Program that allows organisations to experiment with self-sovereign identity and create proofs-of-concept within hours. The program uses cutting-edge tools and offers expert advice that enable quick learning about self-sovereign identity, and explain why it is gaining traction. The program also gives you access to membership of leading and collaborative ecosystems.
Consent Global: Smart Consent is a decentralised, trust protocol to independently authenticate identity and selectively exchange personal information. It provides a platform for developing new kinds of powerful, trusted personal data applications and services. It is built on the Ethereum Blockchain, and is based on the new standards for self-sovereign digital identity and decentralised authentication.