We explain the concept of SSI and why the shift to decentralized data models based on blockchain is key to protecting digital identity
What is an SSI digital wallet?
The key piece to enable control and autonomy over our verifiable credentials and attributes of digital identity with security and privacy
We have all wondered at one time or another with a certain annoyance whether it is really necessary to register and share our personal data over and over again.
There are countless services and transactions that we manage digitally daily: electricity, water or gas supplies; bank accounts; Social Media; purchases on ecommerce platforms, to name just a few examples. And with each user registration, we share personal data, attributes and identifiers of our identity, and we no longer have control over them.
Digital identity must - or should - be a self-sovereign identity, i.e., each individual should have control over his or her identity and the information he or she shares. And, at the same time, it should be decentralized to provide autonomy and to guarantee data protection.
Our article "Self-sovereign Identity, what is it and why do we need it", explains in a didactic way and with everyday examples the meaning and components of self-sovereign Identity (SSI). There, we underline that there is a growing trend calling for the recovery of control over personal data and, in this context, we describe the role of blockchain technology in achieving this goal.
Present and future of self-sovereign identity (SSI)
The idea of self-sovereign identity -this means a self-managed and decentralized digital identity- is not just a minority claim, as it is strongly supported by companies and governments. In June 2021, the European Commission announced its new proposal for a secure and trusted digital identity. Ursula von der Leyen, President of the EC, stated:
“Every time an App or website asks us to create a new digital identity or to easily log on via a big platform, we have no idea what happens to our data in reality. That is why the Commission will propose a secure European e-identity. One that we trust and that any citizen can use anywhere in Europe to do anything from paying your taxes to renting a bicycle. A technology where we can control ourselves what data is used and how."
The interest in improving digital identity management through the application of the SSI model using blockchain is not new. In 2018, 27 member states (including Spain), Liechtenstein and Norway already signed a declaration to create the European Blockchain Partnership (EBP) to develop the European Blockchain Services Infrastructure or EBSI.
Designed under five principles - public and permissioned, scalable, open, sustainable and interoperable - the EBSI network will enable data exchange between countries in a simple way, and improve access to trans-European services.
Spain has been very active, especially in the case of "European Self-Sovereign Identity (ESSIF)", as well as in the use case "Diploma", through which a citizen will be able to present the verifiable credentials of their degrees in any European University or company that requests it. At Wealize we work with the EBSI standards, as well as with those proposed by the Alastria Foundation.
Spain is a leader in the approach of SSI initiatives. In this framework, the role of Alastria is specially relevant. At Wealize we collaborate with this non-profit association that already since 2017 promotes the digital economy through the development of blockchain technologies. It offers its ID_Alastria model for use in digital services, even beyond the blockchain technology itself and inspired by the Self Sovereign Identity (SSI) concept.
So, for those of you who have made it this far, what is a self-sovereign identity digital wallet?
The SSI digital wallet is the key tool to make self-management of digital identity a reality
Digital wallet and self-sovereign identity go hand in hand. Their linkage allows us to move from continuous user registrations on the Internet, in which we share personal data without knowing with whom, to the trust and convenience of keeping and carrying our verifiable digital identity credentials in our digital wallet to share them, and stop doing so, whenever we want.
Strictly in terms of the connection between digital wallet and self-sovereign digital identity, we can define in simple words wallet as an application that is installed on the cloud or on our mobile devices to store and share verifiable credentials and attributes of our digital identity. Verifiable credentials certify in a trusted way that a person is the holder of certain attributes linked to his or her identity.
Therefore, being the wallet the tool to self-regulate our identity in the digital world, it is also the tool that enables us to interact digitally both with companies and private services, as well as with public administrations. This means that issuers, holders and verifiers of the SSI ecosystem use the digital wallet to interact.
In other words, the self-sovereign digital identity wallet is like our leather pouch in which we carry our verifiable credentials - our identity documents, such as driver license, ID card or health insurance card - to get access to different services and prove that we are who we say we are -. And as it happens with our leather purse we are the owner and have control over the SSI wallet. The wallet is the digital tool for regaining control of our identity, for really owning our attributes and identity credentials.
And there is more, let's imagine you want to access a bar, you must be of legal age. The SSI digital wallet allows us to prove that we are 18 years old or older without having to report our exact age or provide more data. This is called zero knowledge proof or protocol.
In short, with an SSI digital wallet we can share our identity attributes fully, partially, or simply answer with a yes or no, without providing further details.
This was explained by Margrethe Vestager, the Vice-President of the Commission in 2021: "Unlike what happens today, we will only share the necessary information, not a set of data such as name and surname, place of birth or personal identification document number." She clearly alluded to improving privacy protection.
The contribution of blockchain technology: decentralization to ensure data security and privacy
The security and privacy of the data we keep and share with an SSI digital wallet are key. Simply put, we want our wallet to be secure and private. And we want everything in it to be secure and private too.
Blockchain technology is positioned as one of the main alternatives to guarantee security and privacy. In the article we mentioned at the beginning, "Self-sovereign Identity, what is it and why do we need it", we explained the role of blockchain in giving people control of their digital assets and guaranteeing data security and privacy:
"Self-sovereign digital identity systems make use of blockchains - distributed ledgers - so that decentralized identifiers can be searched without relying on a central directory. The technology itself does not solve the problem around digital identity, but it does provide the missing link to make use of cryptography. In this way, people can authenticate themselves using reliable and decentralized credentials..."
"SSI (Self-Sovereign Identity) systems use decentralized identifiers (DID) to identify people, organizations or things. These DIDs provide the cryptographic basis for the system and can be used without a central administrative system having to manage and control the DIDs."
This image shows a use case for Self-Sovereign Identity in the Healthcare industry, which we will describe later, and which reflects the approach presented above.
Wealize has contributed to several projects that link self-sovereign identity and digital wallets. One of them within the framework of a partnership agreement between Alastria and the Andalusian Healthcare Service (SAS). The objective was to prove the feasibility of a universal vaccination card accessible from mobile phones, as we explained in "SSI and Blockchain in the Healthcare Industry".
In addition, this universal vaccination card had to be able to be shared with a third party in a reliable and secure way. To do this, a decentralized and self-sovereign digital identity model had to be implemented, in our case, Alastria ID, implemented in the Alastria T Network and compatible with any Blockchain network that meets the requirements of the Ethereum Enterprise Alliance. Among those are the aforementioned Alastria T Network, as well as Quorum, Hyperledger Besu and even the Blockchain network implemented by EBSI.
Another case is Inside ID, included in the Data Culture in Human Trafficking project, aimed at the implementation of data culture in human trafficking and led by the Universidad Pontificia Comillas and UNICEF. At Wealize we developed a proof of concept of a blockchain-based application for the collection, analysis and exchange of personal data.
The app developed for Inside ID puts the person at the center of the process, who receives verifiable credentials issued by trusted organizations; decides with whom to share their information and when to stop sharing it; and, ultimately, can manage their digital identity easily from their mobile through a wallet.
Another case is Gimly ID, a decentralized digital identity and verifiable credentials project anchored on the EOSIO blockchain and funded by the Ontochain program. The three main objectives were SSI for legal purposes, the storage of testimonial credentials and the generation of self-allegation credentials. From Wealize we created a mobile digital wallet in React Native, available for Android and iOS, that allows users to self-manage their digital identity.
Driving the digital identity wallet from the EU institutions with eIDAS -electronic IDentification, Authentication and trust Services-
Though it is in its early stages, self-sovereign identity is already a reality. In fact, we have been the first in many of the blockchain projects of SSI and wallets. The efforts of foundations such as Alastria, the impetus of the EU and the commitment of private companies, including ourselves, mean that SSI is already a matter of the present if we want to move into the future.
In this regard, it should be emphasized that the new regulation on electronic identification eID framed in the European regulatory scheme eIDAS, will be mandatory for EU Member States. Therefore, by the end of 2023, beginning of 2024, they will have to provide citizens with a digital identity wallet with which they will be able to perform the following actions:
- Access public services and request, for example, a birth or medical certificate, or communicate a change of address.
- File their income tax return.
- Apply for a place in a public or private university in any Member State.
- Open a bank account.
- Store a medical prescription that can be used anywhere in Europe.
- Validate the age online/offline without having to share/show the national identity card.
- Check into a hotel.
- Rent a car using a digital driving license.
eIDAS regulation also applies to companies requiring "strong" authentication schemes
This new regulation will also be mandatory for the private sector, specifically for those online services that need to implement "strong" authentication tools.
This includes the industries of transportation, energy, banking and financial services, insurance, health, telecommunications and education, as well as the major online platforms: Google, Apple, Facebook and Amazon.
At Wealize we have worked on wallets and self-sovereing digital identity using blockchain and biometrics. And we started doing it when decentralized digital identity models were still in development.
In this post we have focused on the role of wallets for self-management of personal data with privacy and security. The use cases deal also with this idea. However, the functionalities of a wallet go beyond the management of digital identity and verifiable credentials. This means a wallet allows us to issue, hold and verify other digital assets apart from our credentials.
This is the case of the next-generation wallet we are developing for LTO Network. The goal of our work is the creation of a mobile digital wallet, not only to store and manage digital identity credentials, but also cryptocurrencies and NFT2.0 properties of LTO Network, a decentralized and highly efficient network used worldwide by companies, institutions such as the UN, the Dutch government and others.
This opens the door to the creation of a universal wallet that includes the storage and management of digital currencies and credentials, a wallet with which we can perform any activity and transaction, which effectively allows us to interact in the digital world with companies and institutions with guarantees of autonomy, privacy and security.
If you need help in creating a digital wallet tailored to the requirements of your organization, we will be happy to talk with you about the best way to help you.
Wallets, NFTs, smart contracts, infrastructure for DAOs and web3 are some of the blockchain-based digital products in which we have a lot of experience. And for SSI cases, this background is extended with biometrics and AI. Tell us what your challenge is and we will design the best digital solution to overcome it.