The landscape of IAM/IDV is changing rapidly. It is no surprise that the way we do identity online using centralized systems is broken. Some believe the solution is to implement blockchain-based identity schemes. While this is well-intentioned, the best approach is to use the blockchain as a root of trust while keeping everything else off-ledger. Couple this approach with implementation of open standards and you have the ideal architecture to solve the identity problems of the future.
Key takeaways:
Self-sovereign identity is the solution to the current problems with fraud and identity.
Self-sovereign identity should be architected to use blockchain as little as possible and be able to integrate into existing systems.
Self-sovereign identity is being adopted right now and is ready to go.
The U.S. Department of Homeland Security (DHS) has supported Self-Sovereign Identity technologies such as Decentralized Identifiers (DIDs) and Verifiable Credentials for several years. Now, a number of companies have been selected to work with DHS on implementing digital versions of identity documents such as the Permanent Resident Card (Green Card). In this use case, the issuer of Verifiable Credentials is USCIS (United States Citizenship and Immigration Services), and the verifier is TSA (Transportation Security Administration). The overall objective is to make use of SSI technologies in order to increase security and efficiency as well as user control and transparency. Another key parameter of the project is that all technical components must be interoperable and based on standardized interfaces.
When European citizens will be acting in the online Digital Single Market, it is clear that trust and security but also data protection plays a vital role. A way to achieve this is to combine (Self Sovereign) eIdentities, Strong Authentication and Trust Services. Lots of work has been done in the last few months on ESSIF (The European Self Sovereign Identity Framework), including on how this could be given legal certainty through alignment with eIDAS. Though still in evolution, a clear picture is starting to emerge of how such a trusted ESSIF eco-system could be established moving forward. This presentation intends to give –based on Erik’s involvement in EBSI/ESSIF-- an update of how SSI and eIDAS could converge and lead to a working European SSI (Trust) Framework and eco-system.