Self Sovereign Identities
Last updated
Last updated
Why do we need SSI? 👀
Our current digital identity systems are flawed because they often rely on centralized entities or identity providers (IDPs), putting users’ identities at risk if these entities revoke access.
SSI (Self-Sovereign Identity) addresses this problem by giving control back to users and creating a more equal ecosystem.
Single Sign-On (SSO) services often lock users within their own ecosystems, limiting control over their identities.
The call for a new framework, known as Self-Sovereign Identity (SSI), has emerged, granting individuals autonomy over how their personal data is shared and utilized. In this paradigm, users become the self-administrators of their own identities, offering more than just a means of logging into services.
Who are the actors?
SSI involves three key actors: the Holder (user), the Issuer (credential authority), and the Verifier (credential verifier).
Users collect and store verifiable credentials in their digital wallets, establish secure connections with verifiers using cryptographic keys, and share selected credentials to prove their identity.
Blockchain plays a crucial role in SSI infrastructure. DIDs (Decentralized Identifiers) can be registered on blockchains, offering tamper-resistant, trustable data sources.
Blockchains provide a solution to the challenge of trusted data without relying on a central authority, enabling the adoption of verifiable digital credentials in SSI. Different types of blockchains (permissionless, permissioned, hybrid) can support SSI equally effectively.
Verifiable Credentials
Within this framework lies the concept of the “trust triangle,” involving the issuer (e.g., the government), the holder (the identity subject), and the verifier (e.g., a bank).
Consider an example like Know Your Customer (KYC) in banking: you can receive a verified credential from the government, which you can then present to the bank as proof of identity.
What qualifies a person can range from attributes like gender and height to first-party data or third-party verified credentials such as passports and diplomas. Notably, the credentials themselves are not stored on the blockchain; instead, only the Decentralized Identifier (DID) is stored, while the identity data resides in decentralized data stores.
DIDs represent real-world identities, such as passport numbers and email addresses, with legal and practical implications. They serve as identifiers for verifiable, self-sovereign digital identities, controlled by the holder. DIDs are independent, globally unique identifiers that do not rely on centralized registration authorities. They point to DID documents containing additional information.
