there simply hasn’t been a way for us to be easily recognized by those with whom we already have a relationship.
SSI promises exactly that,
Traditional, “siloed” identity is the simplest of the three models: an organization issues to you (or allows you to create) a digital credential that you can use to access its service.
typically established through the use of shared secrets, usually in the form of a username and a password, but sometimes extending to other “secrets” such as your birthday, mother’s maiden name, PINs, and so on. Sometimes shared secrets are augmented with additional factors such as physical tokens or biometrics.
typically stored within the organization’s data “silo,” a scenario that repeats for every organization, app, or website you log into. As a result, this model requires you to create and manage separate credentials for each relationship.
oldest digital identity relationship model and by far the most commonly used today.
helps the organization manage compliance, liability, and other risks by “keeping subjects close,” keeping data in-house, and directly controlling all the actors and workflows, which reduces risk when compared to relying on a third-party identity provider
breach of an organization using siloed identity can be catastrophic, exposing the personal data of millions.
siloed identity model has the worst customer experience of the three identity models
requires organizations to treat customers like strangers at the beginning of each interaction
With siloed identity, each organization must become somewhat of an identity and security expert, which can be a challenge for churches, local governments, schools, credit bureaus, and, frankly, most organizations. The result: over $4 trillion in annual fraud-related costs worldwide
Model #1: Siloed / Traditional
Model #2: Third-Party IDP
The IDP relationship model adds a third-party company or consortium to act as an “identity provider” (IDP)¹ between you and the organization or service you’re trying to access. The IDP issues the digital credential, providing a single sign-on experience with the IDP which can then be seamlessly used elsewhere, reducing the number of separate credentials you need to maintain.
you log in to the IDP, which then “federates” your login to the service you’re trying to access using protocols such as OAuth, SAML, or OpenID Connect. Trust between you and the IDP is maintained in the same manner as in siloed identity — typically through shared secrets — and may be fortified with additional factors to provide a higher level of assurance to the organization. Identity data is centralized in the IDP.
With social login, one of these tech giants serves as your IDP, but this option is acceptable only in lower-trust environments such as e-commerce, and not in high-trust environments such as banking.
simplifying authentication, reducing usernames and passwords, and improving customers’ experiences. In high-trust environments the IDP model has the potential to do the same — if it can garner more widespread adoption.
primary downside of the IDP model concerns high-trust applications, because a third party is inserted into the middle of every interaction, saying “Trust me.”
ceding of control and transfer of liability required in this three-way trust model is quite thorny. This is why, despite years of ongoing government efforts in the U.S. (NSTIC) and the U.K. (Gov.UK Verify), this model has not achieved significant adoption for high-trust, cross-context applications, such as using a bank credential at more than one bank
forces users to create a new relationship with a potentially unfamiliar IDP, separate from and in addition to the organization with which they’re trying to interact
IDP becomes a large trove of personal information, storing credentials and other data for all its clients’ employees and customers. The IDP also determines the limitations of data structures and schema and must maintain direct connections with all network participants, inhibiting flexibility and scalability. And as we’ve seen in the recent Facebook scandal over Cambridge Analytica, it is the IDP that sets the policies and goes about enforcing them (or not).
SSI begins with a digital “wallet” that contains digital credentials. This wallet is similar to a physical wallet in which you carry credentials issued to you by others, such as a passport, bank account authorization, or graduation certificate
SSI begins with a digital “wallet” that contains digital credentials. This wallet is similar to a physical wallet in which you carry credentials issued to you by others, such as a passport, bank account authorization, or graduation certificate, except these are digitally signed verifiable credentials that can cryptographically prove four things to any verifier:
Who (or what) is the issuer;
To whom (or what) it was issued;
Whether it has been altered since it was issued;
Whether it has been revoked by the issuer.
SSI begins with a digital “wallet” that contains digital credentials. This wallet is similar to a physical wallet in which you carry credentials issued to you by others, such as a passport, bank account authorization, or graduation certificate, except these are digitally signed verifiable credentials that can cryptographically prove four things to any verifier:
Who (or what) is the issuer;
To whom (or what) it was issued;
Whether it has been altered since it was issued;
Whether it has been revoked by the issuer.³
You can also carry self-signed credentials in your wallet, such as your preferences, opinions, legally binding consent, or other attestations you’ve made about anything.
You can also carry self-signed credentials in your wallet, such as your preferences, opinions, legally binding consent, or other attestations you’ve made about anything.
can be issued and digitally signed by any person, organization, or thing and used anywhere they are trusted
Organizations can choose to trust only credentials they have issued, credentials issued by others, or some combination, according to their security and compliance needs
To exchange digital credentials securely and privately, one peer — any person, organization, or thing — can establish a direct, encrypted connection with another peer. This connection can remain persistent (as opposed to session-based) at the option of each peer.
You control what you share with others, whether an entire credential, part of a credential (called “claims”), or zero-knowledge proofs (ZKP) derived from a credential (explained below).
As in the real world, issuers can revoke credentials they’ve issued, but you’ll still possess them and they can continue to be useful, just as an expired driver’s license can be used to prove your age. With verifiable credentials, however, a new recipient will know when you present it whether or not it has been revoked, without needing to contact the issuer.
shared secrets can be replaced with cryptographically secure, digitally signed credentials, you can exchange far stronger credentials, and more of them
authentication can occur out of band, you can open an app and already be signed in, or call your bank’s customer service without answering silly questions about your birthday, mother’s maiden name, SSN, and other personal info.
Private communication channel
authentication is mutual, when you get a suspicious call or message from someone, you can know for sure who it is, because you can authenticate your bank as strongly as they can authenticate you
out-of-band connection between SSI peers is private and secure — no intermediaries, encrypted end to end — it can be used for communication of any kind: text, voice, video, data sharing, and more
secrets can be replaced with cryptographically secure, digitally signed credentials
out-of-band connection between SSI peers
authentication happens passively behind the scenes, customers can be recognized and no longer treated as strangers at the beginning of each interaction, enabling a rich customization of each and every touchpoint
Because a bank, for example, can choose to accept only digitally signed credentials it has issued, SSI is no different than siloed identity from a liability perspective, meaning financial institutions and companies in other high-trust industries can utilize SSI without legal or compliance concerns.
can choose to accept only digitally signed credentials it has issued
ny person, organization, or thing can issue any kind of credential to any other person, organization or thing (“multi-source”)
shared with any other person, organization, or thing, and the authenticity of which can be immediately and easily verified (“multi-verifier”)
even spam becomes much more difficult
no tech giants needed as intermediaries
SSI has the important ability to strongly prove legal identity when desired, or enable trustworthy pseudonymity or anonymity when preferred
slowly replacing email as a means of communication; and educating and training staff, customers, and others
With bitcoin, for example, if you lose your private keys you lose your money, period. There is no “forgot password” option. SSI solutions will need a crutch analogous to password recovery if they are to become widely adopted
“On the internet, nobody knows you’re a dog,” the famous New Yorker cartoon says
SSI is not a single breakthrough but many
only in science-fiction movies have we seen the types of user experiences that SSI will make possible