Distributed, Decentralized, Self-Sovereign Identity: which one and why should you care?

22 April 2021

Digital Identity

Digital identity is an integral part of modern everyday life. The continuous technological advances in this space play a significant role in simplifying and securing online interactions. The principle of digital identity is to provide a digital form of identification, mirroring real-life paper-based identities and transactions. For organisations, digital identity is vital. Providing ways for people to interact with digital services safely, ensuring their data remains secure, is essential to stay competitive against businesses ahead of the game in adopting emerging technology. Staff must be able to log onto accounts, and customers need access to digital services. They might need to check their bank statements, transfer funds, or update account information. Without any form of digital credentials, organisations suffer huge limitations in knowing their employees and customers. How do they know who is behind an account? How are they able to verify their users? How do they store user data? It all ties back to the common denominator – digital identity.

Privacy is an essential component. Organisations need to feel reassured that their systems are robust, and their customer and staff data is safeguarded from outsider and insider threat. Customers and staff also need to feel a sense of control and security over their data and information stored in these systems. As people become more technically aware, users start to feel uncomfortable with the amount of information organisations hold about their identities. How long do organisations hold digital information? Where does the information go once a user no longer holds an account with an organisation?

This sparks the question; how do we find the balance between giving organisations the information they need whilst allowing users to control their data? Decentralized identity is the way forward. Decentralized identity gives organisations a seamless solution in gaining user information and credentials, but only at the request of the user.

Decentralized identity is one term you may come across, but you may also find yourself hearing about distributed identity and self-sovereign identity. These are essentially the same as decentralized identity and will be explained further, but let’s start by exploring the basics of decentralized identity.

What is decentralized identity?

Decentralized identity, or ‘DID’ for short, is a term adopted by Microsoft, and in Microsoft’s words, “the path to digital privacy”. In a world where almost everything is moving to a digital platform, there is nothing more efficient than for people to have a digital location to store their information knowing it is safe and secure. Essentially, tying back to ensuring users are in complete ownership of their data. This new model for digital identity is a complete gamechanger across so many services.

 

 

Let’s take education as an example:

  • An apprentice completes their course and receives a certification.
  • A university student completes their degree programme and receive a diploma.
  • A software developer obtains several accredited certifications after completing their modules.

Imagine these certifications being held digitally. Not on a digital badge, but far beyond this. When applying for a job, the applicant is asked to provide evidence of attested qualifications, proof of right to work, proof of address, and other identifiers. Not a problem – the applicant has all of this stored digitally.

What is Distributed identity?

Distributed identity refers to identity stored in a trusted, distributed location, most likely based on a variant of blockchain technology. This form of DID is created by the user through a regular device or a web-based browser. Once created, the next stage of this process sits with external identity providers. The user will require identity verification from a trusted external identity such as a bank or the government. Having this level of verification ensures your DID becomes more trusted, and therefore more likely to be acknowledged by service providers.

This process ensures users are in full control of their data. The verified credentials they have can be used by services, as permitted so by the user. Instead of a service having full access to a user’s digital identity, they send an identity proof request to the user, and if the user accepts this, services will only have access to particular and specific pieces of data.

What is Self-Sovereign Identity?

Self-sovereign identity (SSI) is a popular movement in identity technology adopted by our partners at Evernym. This term refers to using decentralized identity to allow holders to manage and control their data from birth certificates, business licenses, university degrees, and now COVID-19 test results for safe travel.

Think of the SSI as your digital wallet. In everyday life, you carry your wallet around; this typically holds your bank card, a driver’s license, and a gym card. Now imagine this wallet, but digitally, like your Apple Wallet. No one can see it, limiting the risk of theft. Your personal information is stored in your digital wallet, and specific items in this wallet are given out on your accord. The self-sovereign concept stems from the idea that every individual is in charge of their own identity, which is also Microsoft’s aim through Decentralized identity.

Why should organizations care about decentralized identity technology? The vast business and user benefits

  • With users being in control of their data, the need for centralized databases containing user information becomes significantly less.
  • Customer and user journeys become seamless, with fewer requirements for passwords.
  • With a decrease in stored data, the risk of data breaches and cyber-attacks become a lot less.
  • Organizations don’t hold unnecessary data. Customers are responsible for their digital wallets, meaning a more human-like trust can be developed between the parties.
  • This technology empowers employees with the ability to self-serve and move efficiently between workplaces using verifiable credentials stored in a digital wallet.
  • Staff satisfaction is improved with new digital tools that simplify their ability to get to where they are needed the most.
  • Significant improvement to time onboarding, offboarding, and staff portability across facilities, reducing the burden on HR and support staff.

The current state of decentralized identity

Although DID is sometimes referred to as a concept, Condatis are proud to be part of a small handful of select Microsoft partners currently implementing decentralized identity solutions for clients. We have also developed an OIDC bridge that allows OIDC users and holders of SSI wallets to connect seamlessly, providing a bridge for parties to communicate securely and effectively.

Conclusion

Decentralized identity is the future of digital identity. For users, having a digital wallet ensures information is secured and belongs to them. Many companies are under scrutiny for how they manage their user data, causing customers to be concerned over data breaches and their data being shared without consent. With DID, organizations simply request the specific set of data they need, and with the user’s approval, they can access it – without being responsible for holding the user’s information.

With DID already being implemented, this new and exciting technology is due to shake up the digital identity space. We expect decentralized identity to continue making headway, with more and more sectors and businesses adopting the technology.

Read our latest Sellafield Ltd Press Release

Condatis will be exploring decentralized identity technology using our verifiable credential passport platform to augment and expand identity management capabilities for Sellafield Ltd.