Machine Economy Deep Dives: Digital Identities Part IV

It’s all about trust

written and researched by Moritz Julian and Carolina Soto

With the advancement of technology and the increasing awareness of people around privacy and data ownership a new solution has come to the table.

The increasing digitization of everyday transactions has made Identity Management the access gateway to the world. As a consequence, there’s an ever-growing data pool containing users’ personal details, raising concerns around data privacy, identity theft, and data breaches.

In our previous Deep Dive Series articles (I and II) we briefly discussed how blockchain can be the underlying infrastructure for identity management and provide intrinsic trust to all parties involved. In its article ‘The trust machine’, The Economist described blockchain as a potent technology that

“lets people who have no particular confidence in each other collaborate without having to go through a neutral central authority. Simply put, it is a machine for creating trust”.
Photo by Andy Kelly on Unsplash

Identity management exists because of the lack of trust.

By using public blockchains, the underlying trust infrastructure can be available to everyone in the ecosystem. No third parties owning individuals’ personal information, instead, individuals controlling it with self-sovereign identities. With blockchain, users can register themselves without relying in a third party and share their attributes using public keys.

The state-of-the-art of identities, ergo self-sovereignty, conceives identity management with the highest degree of interoperability between vendors and the highest degree of data ownership and control by the user. While it’s true that decentralized ledger technologies like blockchain can enable self-sovereign identities, there’s many companies out there who claim to have the one technology, while, in fact, they don’t.

For an identity to be self-sovereign it should comply with 10 principles which are not so easily achievable without — as Chris Jagers from Learning Machine puts it — “a blockchain-based social infrastructure”.

10 principles of self-sovereign identity by Christopher Allen

So, who is who in the blockchain-based digital identity ecosystem?

To make things easier we have taken Learning Machine’s categorization model for the ecosystem and added some more relevant players in this space. The model takes vendor agnosticism (Y axis) and control by individual (X axis) to group companies depending on their degree of each variable.

For example, an identity solution that makes a user strongly rely in one vendor (low interoperability and persistence) and that doesn’t give him control over his claims (low portability) is located in the bottom left of the graph. While another solution that allows full control by the user with a private key, without third party interference (fully vendor agnostic) is located in the top right corner of the graph — categorized as self-sovereign.

Blockchain-based digital identity ecosystem

Going into detail, companies in quadrant 1 (Proof of existence) like Bitnation and Block Notary use the blockchain to timestamp a document and verify that it hasn’t changed since a particular point in time. While Bitnation claims to offer a DYI governance solution timestamping marriage certificates, land titles, birth certificates, among others, Blocknotary timestamps any media file and generates an immutable and independently verifiable record of existence. While both companies provide independence to the user, the claim control by the user remains low. Proof of existence solutions can’t neither tell an altered document from a real one, nor issue any claims.

Companies in quadrant 2 (Vendor as a notary) provide both proof of existence — time stamping — and are able to issue identity documents (e.g. a diploma) supporting personal claims. ascribe and Dipl help users prove authenticity and existence of their creative work (similar to trademarks) and their degree diplomas, respectively. Contrary to ‘proof of existence’ companies, ‘vendor as a notary’ companies have users depending on their servers for verification, hosting and access to claims.

Quadrant 3 (Know your customer) is where most companies who claim to do self-sovereignty but don’t really offer vendor independence are located. And it’s easy to understand why. Solutions in this space like Civic and SecureKey provide a platform (mobile app) where users can input their claims and have them verified by a robust network of participating institutions such as the Civic Secure Identity Ecosystem or Canada’s major banks — in SecureKey’s case. But these verified claims are only useful for the user within the network. So, the more companies participating in one digital identity network, the stronger it is. Therefore, despite companies developing KYC solutions being useful in many cases, they shouldn’t be mixed up with companies who can provide verifiable claims that can be used outside a particular network.

Companies developing self-sovereign identity solutions are located in quadrant 4. They enable claim ownership and portability by the users, meaning no dependency upon a vendor for viewing, sharing or verifying these claims/attributes. The Sovrin Foundation is a pioneer in this space and was “established to govern the world’s first self-sovereign identity (SSI) network”. It can be truly self-sovereign by using open source standards to support the larger decentralised application community, and providing users with a public and a private key to share their attributes with third parties while keeping their information safe. Quadrant 4 ensures that vendor agnosticism and control by the user are at its highest. Solutions in this space will enable trusted interactions to occur between individuals, institutions, and businesses.

The forthcoming landscape of identity management is all about empowering individuals to take their information with them — wherever, whenever — shifting the trust business away from the Big Four.

Photo by Bernard Hermant on Unsplash

The paradigm shift to digital identities has created new opportunities for technological development and shifted control to the user. Its evolution from centralized, to federated, to user-centric, and finally, to self-sovereign has changed the way individuals, businesses and governments interact with each other.

Identity was a problem never solved via the internet of copies (world wide web, HTML protocol) and it’s still evidently missing an identity layer to allow both machines and individuals to interact with each other. While federated identity players like Google, Facebook, Amazon and Microsoft — aka the big four — provided individuals with access to the wonders of the internet, it came with a big cost. Yet, we now have the opportunity to change it.

At the innogy Innovation Hub we believe in the power of distributed ledger technologies (DLTs), like blockchain, to provide an enduring solution for global identity. We regard the power of ownership and data regulation as a cornerstone of the current and future digital society, where the trust business of identity management is replaced by the trust machine: the blockchain.

Stay tuned for the Part V of our Digital Identity Deep Dive series with insights from pioneers in this space!

📖 Last but not least, thanks for great thoughts, inspiration, content and data (aka sources — check these out for further reading, too)

👏🏼 If you enjoyed reading this piece leave us a clap or comment below. We are curious to hear your thoughts!

🤖 We are the machine economy team of the innogy Innovation Hub and believe in a future that is decentralized and enabled by machine-to-machine transactions.

💌 This is only the beginning! There will be more “deep dives” in future, so make sure to follow our Medium channel to stay updated. See you soon!

💡 If you are a startup working in the field of digital self-sovereign identities or are just curious about the topic, feel free to contact us! &