Twelve German entities initiated a joint project to jump-start the adoption of self-sovereign identity solutions in Germany. The organisations understand that online identity can’t be solved with silo solutions, nor with a federated approach. This is especially true for platform providers, which struggle to get initial adoption should they also participate in the market.
On the 3rd annual blockchain day of the Deutsche Bahn (the biggest German railway company) Helge Michael from the Main incubator presented the project. He illustrated the status quo of online identity by emphasizing the problems, which users and cooperates struggle with.
These include, but are not limited to:
· Frequent data breaches due to the centralized storage of user credentials (Honey Pot).
· Entity-centered design, which requires a user to re-enter identity information with every single sign-up.
· Lock-up of users into ecosystems of prominent surveillance capitalists (e.g. Sign-in with facebook).
· Fragmented market of identity providers without interoperability.
· High compliance and user access management costs for companies.
The twelve entities involved in the project include:
Commerzbank, Deutsche Bahn, esatus AG, Creditreform, Hasso Platner Institut, Boniversum C, Main Incubator, comdirect, Bundesdruckerei, ING, Commerz Real and Authada.
The twelve entities include major financial institutions, SSI specialized start-ups as well as the German federal printing office (Bundesdruckerei), which is responsible for physical identification cards in Germany. The entities behind LISSI support open source initiatives, which use standardized processes and identifiers to grand every entity and individual equal access to the new identity framework. Prominent examples of these SSI implementations include the Hyperledger Indy and Aries with the Sovrin Foundation, Jolocom, uPort, the ERC-725 Alliance and Selfkey among others.
The LISSI project is welcoming new partners to join them to collectively work on a better identity framework, which is not only user-centered, but also grants agency to individuals to manage their own credentials. For request contact them via email@example.com.
Presentation by the Bundesdruckerei — German federal printing office
A representative of the Bundesdruckerei also presented a prototype implementation of SSI powered by Jolocom. The vision is to have a digital twin of existing physical identification documents such as the birth certificate or a driver license. This is in alignment with the official blockchain/identity strategy of the leading political party in German.
The process can be illustrated in three steps:
1. Creation of the identity: A decentralized identifier (DID) is written into some sort of DLT (distributed ledger technology) like a blockchain. No personal information is stored on this public dataset, which links the DID to the holder without further information.
2. Verification of the identity: A government authority is proofing the validity of the request in person. A user can verify the authenticity of the government agency, since it has an unique DID on the public DLT/Blockchain.
3. Usage of the identity: Once verified a user can create new DIDs for every registration and independently proof that the government verified his identity. Service providers can verify this proof by checking the signature of the proof with the public DID of the government authority.
For the demonstration the following platforms and standards are used:
Ethereum mainnet, EC Signature secp256k1, IPFS, DIDs, Jolocom and verifiable credentials(VCs). Both DIDs and VCs are specified by the W3C.
The path forward:
The concept of SSI will require more work to be ready for the mass market. Current implementations are rather simple, but already grant a sneak peek in what’s coming. It’s good to see that multinational cooperates actively participate in standardization efforts. Now is the time for businesses to evaluate existing market solutions and their fit into existing business structures. Early movers will enjoy reduced compliance costs, administrative efforts as well as new market and sales opportunities.
Nevertheless, in order to be archive mass adoption a great effort in education will be necessary. While we already see support from official bodies like mentioned Bundesdruckerei, the success of the concept requires political will and legislative support.
Decision makers need to address the omnipresent problem of online identity. Now more than ever! Our society can’t afford to wait until further data breaches and other negative consequences of the current business standards will spark interest of users into new solutions.
We should not wait until every last credit card information is available in the darknet! Governments and EU grants need to increase their support for open source initiatives and educational efforts in these topics. The current budget of 25 million € of the Innovation and Networks Executive Agenc (INEA) only reserves 1 million for public education purposes.
Edit [22.10.2019]: The European Commission launched the European Blockchain Services Infrastructure (EBSI), which includes SSI as one of the four use-cases.
Feel free to subscribe to my YouTube channel should you be interested in the topic.
Note: This blog-post solely represents the opinion of the author.
Own your keys