What is self sovereign identity?
Discover how the blockchain helps us protect our data.
In his latest book, "21 lessons for the 21st century", Yuval Noah Harari exposes what for him is "the most important question of our era": ¿How to become owners of our own data? In this book, the author visualizes a near future where the value of data will eclipse that of other goods such as land and machines. In his opinion, data will be the most important asset in this new era that is already beginning.
Nowadays this is already having a reflection: the growing value of companies whose business is based on data. In the last weeks a video has been made viral in which the value of the old retail or industrial brands is being surpassed by the big technological companies, which accumulate, process and use huge amounts of data from their users, more or less explicitly depending on the case. (For more information, SEE HERE the methodology used for the valuation of the brands).
Not to be left behind, large companies in the other sectors could begin to join this phenomenon. For example in the automotive sector: since last year, cars have already activated 4000 daily mobile lines behind the backs of telecommunications operators.
Nowadays, all this user data is accumulating in the databases of the different companies. The existence of these centralized silos carries risks, because they can be misused without our control, and they also become easy targets for hackers. In 2018, one of these technology companies, Facebook, was involved in an information leak scandal that affected more than 87 million people: the English firm Cambrige Analytica obtained relevant information from users and used it without consent to influence electoral processes in several countries.
In recent years, a series of initiatives are emerging that seek to respond to the need to return ownership of data to people, through a concept called Self Sovereign Identity or SSI.
The self sovereign identity aspires to make us the owners of all our information, without intermediaries, not only to be able to access our own information when we need it, but also to choose who to give access to and who can monetize this information. Meaning, for example, that we do not have to use centralized authorization services to access the Internet like Google or Facebook. Instead we would use our SSI to validate our identity without having to depend on third parties. And for example, this will allow a doctor or hospital access to our data when we want it.
The best way to implement a self sovereign identity system is through blockchain technology, in which by definition there are no intermediaries. The SSI systems use blockchains so that the decentralized identifiers can be consulted without involving a central directory. That allows users to test things about themselves using decentralized and verifiable credentials.
Blockchain also allows solving other types of problems related to centralized silos. For example, it does not make much sense that we have to enter our data again and again in each of the platforms with which we want to interact. One of the fundamental principles of self sovereign identity is portability (See the ten principles of SSI by Christopher Allen).
To see how SSI works in blockchain, let's consider some examples below.
Consider the example of an employer requiring the engineering degree to a candidate for a job. The university is the issuer of the certificate and provides the user, the certificate holder, with a digital representation of its engineering degree. The university uses keys linked to its decentralized identifier in blockchain to sign the title, and anyone who obtains it can validate that it was issued by the university. The user has a wallet on his mobile device to store his certificates, and can use keys linked to a decentralized identifier that he controls in blockchain to endorse the digital title. When the employer needs to check if he is an engineer, the candidate can present the digital title: the employer can verify that it has not been modified, that the university issued it, and that the user is the one who presents it.
This use case, the student's wallet, has already been developed to credit the MIT titles with the Blockcerts application.
One of the most interesting experiences in this regard is taking place in the Swiss city of Zug. At the end of 2017, this city officially launched an ID issued by the administration based on Ethereum: an opportunity for its residents to register to obtain a decentralized digital identity.
Since then, Zug residents have been able to use electronic services such as online voting, provide proof of residency, and more recently a service to SHARE BICYCLES. The latter case represents an opening to a wide range of opportunities for "verified" citizens (or residents) to access private sector services. The key is to return the control of personal data to the user: users can not only verify that people who access their bicycles are reliable people ("Zug residents"), but they retain control of data through a service of decentralized identity.
In this article we have cited only a couple of examples of an infinite number of potential use cases. The most relevant will be those that can generate a new value for the consumer and their data: perhaps in the world of tomorrow, all the content that we create on the Internet could be monetized in our favor instead of the technological platforms.