What Is Self-Sovereign Digital Identity?
Identity comprises big data. In many ways, the accumulation and storage of authentic identities for scrutiny by powerful analytical tools and algorithms can produce a host of statistical categories. Identity, whether abstract or detailed, can be sorted by age, race, nation, religious affiliation, health updates, spending habits, money trails, website visits to products and services, and so much more, to the advantageous benefit of big tech and other businesses. It also raises concerns about privacy and security problems.
Identity, e. al.
In the field of psychology, identity refers to personal traits, personality, beliefs, and other attributes. Sociology defines identity to include culture, history, religion, and traditions. A legal identity can be the natural person, the company, a partnership, or a group of persons collectively identified as one lawful person. Identity is evolving during the course of time as a person’s continuous and dynamic social interaction and response to environmental factors invariably affects and changes a person.
While a person holds a single and unique identity, he can possess different personas according to context. One can be a strict supervisor at work, a dependable friend to peers, or a loving parent at home. Personas are important as it authenticates an identity to a particular system.
A person can have an indefinite number of attributes that may be impermanent and not necessarily unique to a person. It is used to categorize individuals according to class such as inherent attributes like gender, weight, height, abilities, or handicaps. Impermanent attributes may be assigned to a person which can be revoked by third parties such as citizenship or nationality for reasons of either order or category.
Identifiers are references assigned to a person without the intention of describing a person. Identifiers are assigned by third parties for contact tracing such as a social security number, fingerprints, iris scan, face recognition, or a simple username, which are means to authenticate an individual’s identity. A person may be allowed more than one identifier like pseudonyms to authenticate their separateness from another who may possess identical identifiers. Two criteria are applied for purposes of identity management:
1) Unicity- no two people should have the same identifier; and
2) Singularity – no one person should have more than one identifier in one domain. A person can only have one social security number, a bank account number, or a passport number, in the same way, that no one should more than one social security number, a bank account number, or a passport number.
On the other hand, identifiers can be assigned by the person himself such as cryptographic-based keys that render accessibility to a cryptocurrency wallet. Unicity for that matter is applied here to a high degree whereas, singularity cannot be guaranteed.
Early Identity Models
The first digital identity model was too siloed, where a person uses different specific credentials to different specific organizations to access their services. This resulted in a poor user experience. After the siloed model came the federated digital identity designed by third parties so that a person logging in with Google, for example, may have his Facebook already logged in at the same time. The outsourcing of identities for federated use created privacy and security concerns, though most would not have cared as big tech became arbitrators of trust. But the disruptive effects of the emerging blockchain technology introduced decentralized identifiers and verifiable credentials that gave birth to the latest model of identity: the self-sovereign digital identity.
Self-Sovereign Digital Identity
This third model of identity gives the person sovereignty over the management of their identity. The person is given the power to control their credentials and digitalized assets in digital diplomas, digital passports, tokenized property deeds and titles, and tokenized currencies in pound, euro, or dollar, all of which are stored in crypto wallets and accessed only by cryptographic keys via their mobile apps. What is more, there are no third parties or intermediaries involved to verify ownership as transactions are peer-to-peer on an immutable ledger.
Self-sovereign digital identity intends to preserve the owner’s right over the selective disclosure of his identity regardless of issuers. Moreover, owners should retain control over their personal identity, sensitive personal information, different persona, identifiers, and other representations of their identity. This means achieving control to grant to whomever they wish to allow access to or provide the pieces of their identity.
The process of achieving self-sovereign digital identity is still far off but what is important is that it has already started. Blockchain technology is only over a decade old and peoples’ understanding of anything crypto is still nursery. But looking at the realities of life such as the migration phenomena in Europe leaving large numbers of people without formal identities only underscores the urgent need for self-sovereign digital identity. Centralized identity management systems can lock or revoke identities where identity owners have no control over. Self-sovereign digital identity ideation proposes real person hold control over the possession of their identities in an ever accessible and interoperable platform that is navigable at any time of their own choosing.