A few years have passed since Christopher Allen’s vision of Self-Sovereign Identities. What has remained of the original vision of “SSI” and in which direction is the current development going? E-ID specialist Prof. Dr. Annett Laube starts our series on the E-ID in parallel with the public consultation.
In 2017, Christopher Allen published his vision of a Self-Sovereign Identity (SSI). At its core are 10 principles that should be fulfilled if you want digital identities that are trustworthy and at the same time protect the privacy of the individual. The goal was an identity system that balances transparency, fairness, public support and individual protection. In his vision, Christopher Allen sees users as responsible for creating and managing their own identities (this is called “user control“). The prerequisite for this is interoperability and portability of identities, so that they can be transported from one system to another (e.g. from laptop to smartphone) and used everywhere. Real control over the identity is only possible if the holder is informed about every use of his identity and its attributes and ideally also has to agree (i.e. give his “consent“). In this ideal form of SSI, each user can add personal information and facts himself as assertions and then have them confirmed with other persons or organisations (so-called verifiers). In this way, self-declared attributes become confirmed information (verifiable credentials) and form the trust basis of the identity.
The focus of SSI is the protection of the individual. The use of cryptographic protocols is intended to ensure that misuse of the identity is made impossible, the user is protected from financial and other losses, and human rights violations are prevented. Transparency of the SSI infrastructure and systems, i.e. disclosure of the algorithms and code used, is necessary for this. Almost more important is the use of independent algorithms that are resistant to censorship and violence for identity authentication. This identity authentication (login) should always be decentralised, directly at the service using it, i.e. without the use of a central component. Inherent should also be data economy, i.e. a user should only ever have to disclose the minimum amount of information about him/herself that is necessary for the use of a service or the fulfilment of a specific task.
Christopher Allen’s vision led to an explosion of ideas, technologies and also standards. Of particular note is the W3C Credentials Community Group (see W3C Standards Roadmap). But after the initial euphoria, it quickly became clear that most users are simply overwhelmed with the self-administration of identities. The high complexity of the necessary SSI infrastructure, from ID wallets to agents and hubs to the decentralised registers (distributed ledgers/blockchain)(see also this article) makes access to the new SSI technology difficult. In addition, there are still some unresolved research questions, such as user-friendly key management, identity recovery in case of loss, establishing trust in the identity and confirmations, governance of the entire system.
Nevertheless, there are more and more SSI solutions entering the market. But how do these solutions fulfil the principles set out by Christopher Allen? Due to the often lack of user competence, the focus is now shifting to ease of use and accessibility of the technology. This approach comes at a price. When the user delegates control to frameworks and agents, it is often at the expense of privacy. The components that act on behalf of the user often have full access to the users’ personal data and are involved in many of the user’s actions. Central gateways that store identity information and, in some cases, attribute confirmations in a registry (usually a distributed ledger) are potential collection points for user information.
Distributed ledgers and blockchains distribute the stored information internally to several decentralised nodes, but from the outside they are a central data pot. Christopher Allen’s original vision has now been replaced in December 2020 by 12 new principles for SSI ecosystems that describe a user-centric approach. A user gets the identity from an identity service and stores it locally with him. Storing the identity data locally ensures that the identity service is never involved when the user uses his identity or the confirmed attributes (this achieves a parallelism with the real world, where you get your ID or passport from the state, keep it in your pocket and the state does not know when and where the identity document is used) By limiting the principles to an SSI ecosystem, some open issues such as trust establishment and governance can be more easily resolved.
Especially when using existing trust relationships, e.g. through a customer relationship, for an SSI solution. For example, one could imagine that an SSI ecosystem is established for the digital higher education landscape, where Switch acts as a trust anchor and regulating authority. Other examples of such ecosystems are, for example, public transport (as a replacement for the SwissPass) or healthcare. With the new principles and especially with current SSI implementation, points such as transparency, portability and interoperability must be critically examined. The disclosure of algorithms and code used is a prerequisite for long-term trust in a solution. A new problem of SSI ecosystems is the interoperability between them, as one often wants to use common identities and especially ecosystem-specific attributes in other contexts, i.e. other SSI ecosystems possibly based on other SSI technologies. Standardisation is only at the beginning.
Wishes for the future
So today’s SSI solutions are on the “right track” towards more user control and privacy. However, one should not lose sight of the original vision and remain open to all developments in this direction.
The Federal Department of Justice and Police (FDJP) has launched a public consultation phase. The result is to serve as the basis for the Federal Council’s decision on the direction to be taken. This decision is to be announced at the end of 2021.
Three possible technical scenarios are assumed:
- E-ID solution using self-sovereign identity
- E-ID solution using a public key infrastructure
- E-ID solution using a central state identity provider
The FDJP also poses three central questions:
- What are the three most important requirements for a state E-ID as a digital ID?
- Which use cases of the E-ID are in the foreground?
- What are the benefits of a national infrastructure that enables the state and private individuals to issue and verify digital proofs (e.g. E-ID, digital driver’s licence, employee ID cards, educational certificates)?
On 14 October, the public consultation will be closed with a “conference”. All information on the consultation can be found here.