What is self-sovereign identity, and how does it work?

Written by:

Elizabeth Melton

6 minutes

Not a day goes by that data isn’t mentioned in the news. Whether it’s in the context of a significant data breach (like UnitedHealth's, which affected 'maybe a third' of US citizens) or the loss (and now potential return) of third-party cookies, it’s constantly at the forefront of our news cycle. The thing is, it’s probably not going away any time soon.

The rise in cyber crime has only accelerated due to digital transformation, the rise of eCommerce, and the pandemic. And these attacks don’t only affect big companies; they affect individuals as well.

But the emergence of blockchain and the development of self-sovereign identity give us hope that, eventually, users will regain control over their data. In this post, we’ll explain what self-sovereign identity (SSI) is, its benefits, and share a few examples of SSI in practice.

What is self-sovereign identity?

Self-sovereign identity (SSI) is a digital identity that is managed and maintained by an individual. Digital identities contain unique identifiers, such as mailing addresses, phone numbers, driver’s licenses, birth certificates, proof of citizenship, or college degrees. As you might expect, much of this data is confidential, so people are hesitant to share it with anyone and everyone. Rather than hoping companies won’t store or share your data, SSIs allow you to control who gets to see your identifying data and when. This level of control and ownership enables individuals to interact in the digital world with the freedom and trust that they do in the physical world.

Public identifiers of an SSI are stored on the blockchain, a decentralized network of independent servers. Not only does this make it tough to tamper with anyone’s identity, but it also makes it easier to view and disclose selected components of an SSI via a digital wallet. For example, you can share just one part of your SSI, like your social security card, to a single third party, on one application.

How do SSIs work?

SSIs work by establishing a digital, peer-to-peer channel between an ID Issuer and an ID Owner. An SSI provider establishes a secure connection to upload their identity information to a digital wallet. This wallet then gets stored on the blockchain in a distributed ledger making it extremely tough to hack. To unlock the digital keys that guard that data, you must provide a digital signature, such as a fingerprint or Face ID.

Once you’ve authenticated into the app, you can decide who to share pieces of your identity information with. Only the receiver you’ve specified will be able to view the documents you’ve opted to share (and only those documents). And on the back-end, not even the SSI provider knows what is being exchanged, keeping your private information entirely private.

What are the main benefits of self-sovereign identity?

Now that you have an idea of what self-sovereign identity is and how it works, let’s dive into some of its benefits:

  • Security — According to the Pew Research center, more than 60% of people in the US are concerned that their information will be used by companies and governments. But if SSIs are widely adopted, people can selectively share whatever information they want to with any business, organization, or government agency they want to without the risk of it being tampered with or used inappropriately.
  • Privacy — With how much we share over the Internet, there’s a lot of room for identity exposure. But in person, individuals can release only the information they approve of certain validators to receive. Plus, a cryptographically secure, distributed ledger records every transaction, preventing modification and creating a running history of every party with which an individual has shared data.
  • Ease of use — With SSIs, you no longer have to carry around various pieces of paper or retrieve obscure documents when you’re preparing for a loan, registering for the bar exam, or even applying for a library card. Instead, you can just carry around your phone, authenticate into your SSI app, and share required information.
  • Fewer bottlenecks — Today, you have to identify yourself multiple times to access certain information. For example, you have to provide a code or physical proof of identity to unlock your phone and then re-identify yourself to access every other sensitive app on it. To provide proof of identity in person, you typically need two forms of identification, like your passport and driver’s license. But with SSIs, you only need to sign in once to unlock an entire suite of identity data, breaking down barriers and eliminating the bottlenecks we see at the DMV, banks, and more.
  • Enforce domain boundaries — To participate in many activities or complete various transactions, individuals must live in a particular zip code, be a certain age, or meet other specific requirements. SSIs can map across domain boundaries to verify these types of identity conditions ahead of time.
  • Economic value — Self-sovereign identity is still fairly new. But as more and more people get interested in it, the demand for new SSI technology will skyrocket. McKinsey estimates that online identities could unlock the economic value equivalent of 6% of GDP in emerging countries and 3% of GDP in developed countries by 2030.

Examples of SSI at work

SSIs can revolutionize the way that we safeguard our data, and we already see that at work:

Rabobank

Rabobank, a popular Netherlands bank, has been developing its SSI strategy since 2016. Since then, they’ve introduced self-sovereign identity in several aspects of their business: consumer banking, mortgages, and human resources. Rabobank has created a “Know Your Customer” application to give customers directly verifiable data sets that they can share with third parties. Rabobank can also leverage this application to onboard customers to other Rabobank products, like a mortgage. Rather than going through the time-consuming process of verifying documents from various sources, they can request access to relevant data and approve loans almost immediately. And Rabobank’s candidates and employees are encouraged to use SSIs as well. In this way, they can share access to certificates, assessments, diplomas, and other work-related credentials during hiring, onboarding, and performance review processes.

Barclays

Barclaycard, in collaboration with Everym, has been exploring SSI for secure customer onboarding and payment validation in the retail sector. This initiative aims to improve the security and efficiency of transactions, particularly in card-not-present scenarios, thereby enhancing customer trust and reducing the likelihood of fraud.

Mastercard and Microsoft

The two giants launched a next-generation identity solution to enhance online shopping security and reduce digital fraud back in 2022. The partnership integrated Mastercard's Digital Transaction Insights with Microsoft's Dynamics 365 Fraud Protection, leveraging advanced AI to improve real-time scam detection and decision-making processes. Taking an SSI strategy provided a secure and seamless shopping experience for the shopper while optimizing transaction approvals, reducing fraud losses, and supporting GDPR and other data protection regulations.

Canadian Government

The Canadian government has also been using self-sovereign identity to reduce red tape. Hyperledger Indy, a project spearheaded by the British Columbian authorities, is meant to streamline the tax preparation process for business owners. Instead of managing three different tax numbers and navigating three different levels of bureaucracy (local, provincial, federal), business owners can use SSIs to consolidate their information, verify their credentials, and submit tax documents all at once. Hyperledger Indy is meant to serve as a stepping stone for building SSI into professional associations, organic or kosher food certifications, public health department checks, and more.

Other potential applications of SSI

You can apply SSIs to virtually any peer-to-peer or peer-to-organization relationship. Take patient identity management, for example. Sharing only certain parts of patient health records with certain people can help maintain HIPAA compliance and increase interoperability between healthcare systems. Wider self-sovereign identity adoption can also help enforce other privacy laws such as CCPA and GDPR.

Beyond that, SSIs can assist marginalized or often overlooked populations, such as farm workers who are applying for government assistance or starting the immigration process. Using SSIs, farm workers can present their credentials to receive monetary assistance, education grants, telehealth services, food, and immigration services. Giving farm workers control over their digital identities allows them to store and retrieve past work history securely. When applying to jobs, farm workers can simply transfer the necessary information to the employer for verification.

Taking back control over identity data

We leave digital breadcrumbs behind whenever we browse and shop on the internet, reply to emails, use social media, or install smart devices like Amazon Alexas. Most of these everyday internet activities or everyday appliances are marketed as a convenience. However, we aren’t made readily aware of how our data from those devices are collected, stored, used, or secured. The power isn’t in the hands of the user; it’s in the hands of whoever has the data.

But SSIs can change all that. You dictate who can see your information. You dictate how the information is used. And you dictate exactly how much of your identity you share. Giving individuals control over their data can change the way we think about healthcare, banking, the job market一the possibilities are virtually endless.

Check out our blog to learn more about how SSI technology is being applied to public services, immigration, and farm work.

Related Articles

​​Ready to start your digital transformation journey?

By sending this form I confirm that I have read and accept the Privacy Policy.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Julette Martinez

CEO, Farm Worker Organization