4 reasons why we need Self Sovereign Identities
Dashlane, one of the leading password management solutions, estimates that by 2022, the average american will possess around 300 different web accounts and almost as many digital identities. These identities have a limited scope, they only exist in the context of this service and it is the service that truly possesses the identity. As owners, service providers can unilaterally decide to erase any identity, change its identifier or modify the rules governing their construction, exploitation, or validity.
Self Sovereign Identities (SSI) propose to shift this paradigm and place users at the center of their digital identity. Here are 4 reasons why we need SSI:
1 – Privacy and Control
When we think about our digital identities, we think about profile pictures, funny tweets, witty forum posts, or silly usernames. A carefully crafted presentation of the self, curated for the Internet. But our online activities reveal much more than what we are ready to share.
And so a digital identity is also made of geolocalized posts, leaked data linking different accounts to the same email address, or activity logs that betrays a sleep schedule or the timezone in which we reside.
2 – Security
Data breaches exposed 4.1 billion records in the first six month of 2019 (By Forbes). 2020 saw a 450% increase in attacks involving username and passwords over 2019, resulting in over 1 billion compromised records in the US alone (By ForgeRock).
The current centralized systems represent a juicy target for cybercriminals as they hold the records of thousands, maybe millions of individuals.
As long as the management and protection of personal data remains centralized, users will have to trust that service providers can keep their data safe. This, in turn, represents a huge burden and cost for businesses.
3 – Independance
In december 2020, Google experienced an issue with its authentication system (By The Guardian). The majority of Google Services as well as third parties became unavailable as a result.
This incident reminds us that our digital identity can be tied to the continuous operation of a given company. But the dependency is not solely technical.
The GAFAM (Google, Apple, Facebook, Amazon, and Microsoft) have presented themselves as the identity purveyors of the global Internet. Consequently, the majority of personal data that transits through the Internet is controlled by US-based companies.
This poses a sovereignty as well as a monopoly issue. The GAFAM routinely use their position to impose rules on smaller companies. Application developers, for instance, have to use Apple or Android’s payment system within their apps, pay a 15 to 30%, and obey other rules dictated by the american tech giants.
Furthermore, as local legislations move to regulate them, the GAFAM have engaged in a ferocious lobbying battle to protect their interest. Google, Facebook, and Microsoft each spend over €5,25M a year in EU lobbying (By Transparency International EU). On the other hand, Twitter has caved to the Indian government’s request to censor tweets critical of its handling of the Covid-19 pandemic (By The Verge). It has also suspended a number of accounts. These suspension impact other services that may have used Google, Facebook, or Twitter authentication
4 – Interoperability
Data is not made to be portable. Each information system has their own way of doing things: Formats, identifiers, protocols, etc.
This causes issues when two companies have to work with each other, when a user wants to use several services at once, or when they wish to move from one service provider to another.
Because of the lack of built-in interoperability, there is a high cost associated with collaboration, especially in setting up trust. Secret keys have to be exchanged and provisioned, information must be made to be understandable in both systems, liability has to be discussed, etc.
On the user hand, interoperability means simplicity and freedom. It means being able to move from one provider to another and bringing their data with them. This is called portability. The GDPR made data portability a right for european citizens. Companies still have catching up to do on that front. And the current centralized system is not helping.
Enter Self Sovereign Identities
A more diverse, more decentralized Internet is safer for everyone. Poor security practices and frequent incidents have eroded users’ trust. There is a push for more privacy, more transparency, and more control over what data is collected about us. But the current version of the digital world is not built to carry out this shift.
There are strong arguments as to why such a profound change also makes sense from a business standpoint. As it stands, the management of personal data puts a huge burden on service providers. It costs money to secure, represents a liability for the company, a potential PR risk, etc.
To give their identity back to the individual and break the business’s dependency to identity providers, identities must exist independently from any service. Blockchain technology enables this decentralization.
The term of Self Sovereign Identity has no fix definition. It is rather an assembly of principles. SSI are built around three pillars: Security, controllability, and portability. Under this paradigm, identities are owned and controlled by the entity they represent. They are persistent across services and exist outside of any specific service.
Owners have access to the information associated with their identity and must provide consent before it can be shared. SSI also comes with interoperability between services. Personal data is stored and managed in a decentralized manner, thus increasing its protection.
SSI are novel blockchain-based decentralized identities that are owned by the entity they represent. They ensure the control, privacy, security, independence, and interoperability that are lacking in the traditional approach to digital identity. Through its identity platform, Unikname offers SSI as a service to businesses willing to innovate. Find out more about the business applications of SSI on our website.
Meet Unikname team to get a demonstration and help integration in your project