What is self-sovereign identity (SSI)?
Self-sovereign identity (SSI) places data control with the individual. Identity information (credentials) are issued by a trusted party (e.g., Government department) and stored on an individual’s device (typically a “wallet” app). When an individual accesses a service that requires proof of eligibility, he or she consents to share the credential proof needed for that transaction.
Why is self-sovereign identity important?
Everyone has personal data on the internet. As more people use more online services, more personal data is stored in directories and databases. This personal data is of value and attractive to hackers and there have been many high-profile cases of identity data attacks and breaches.
Self-sovereign identity helps address this by placing the responsibility for personal data management with the individual. He or she keeps their data in a personal data store (a wallet) and grants access to this data to a consuming service for a limited and specific purpose. If the individual takes steps to protect his or her personal data store – as they should for sensitive online services, e.g., online banking – the user reduces the risk of his or her data being used for fraudulent purposes.
How does self-sovereign identity work?
Self-sovereign identity works by storing credentials in an individual’s personal data store (wallet). The individual then chooses to share this data in support of a specific transaction. One example is where an individual needs to prove he or she is over 18 years of age where buying an age-restricted product – e.g., buying alcohol online. In this case, the individual saves the credentials required (e.g., information from a Government-issued identity document, such as a passport or driving licence) to their identity wallet. In the transaction, the online retailer challenges the individual to prove he or she is over 18 and sends a notification to the individual’s wallet app. The individual chooses to share proof of age from the trusted issuer (Government department) and can complete the transaction.