What is Self-Sovereign Identity? #AllYouNeedToKnowAbout OmniOne Series
#AllYouNeedToKnowAboutOmniOne Series aim at providing a full set of information about OmniOne, from its origin to the way it works.
In this first post, let’s review the origin of OmniOne and in particular, the concept that has nurtured its creation: Self-Sovereign Identity (SSI).
At the origin, there is SSI
While there is no official definition about it, we can understand Self-Sovereign Identity as the concept that aims at giving users control back over their identity. While this idea seems to be quite utopian, we technically have the ability to makes it possible by for example, enabling identity owners to store their personally identifiable information on their own device, so their data are not stored on central servers controlled by independent entities.
The idea of Self-Sovereign Identity has been nurtured by an article that served (and still serve) as the SSI manifesto wrote exactly five years ago by Christopher Allen. In the Path to Self-Sovereign Identity, the Executive Director and Principal Architect of Blockchain Commons explained the history of digital identity while laying out principles for creating a new type of identity, based on individual control and human rights: Self-Sovereign Identity.
Why do we need SSI?
Through this foundational article, Christopher Allen actually expressed a need that We (as the regular users of internet that We are) are increasingly perceiving: proving our identity online remains one of the challenges that has been left unsolved.
Instead, proving our identity online has been following a path from centralized identity to federated identity, enough for logging in to the early-stage internet’s websites but increasingly risky at a time when impersonation fraud and forgery are becoming increasingly frequent. In particular, the latter is fueled by the transition to a digital world where data is considered as the new oil. In that regard, our personal data are exploited by companies collecting it, which urge the need to (re)build a web that will provide further sovereignty to individuals.
It’s no surprise that Christopher Allen recently declared that he wrote his foundational article with the aim to “address a problem that was growing year by year: Facebook was increasingly controlling our access to the online world, and Google was increasingly correlating all of the information about us.” Not only these big tech giants are benefiting from our personal data but they also do create massive data silos that are vulnerable to malicious hackers when stored in centralized servers.
SSI as the solution?
While the challenges above are well-known, users have not been provided with proper tools to protect themselves when accessing to the current web…until some governments drafted and released regulations aiming at protecting users’ data against companies looking for exploiting them. Thus, data regulation such as General Data Protection Regulation (GDPR) has emerged in 2018 paving the way for the development of related regulations in other countries.
The regulation tends to help individuals to get further rights over their data but there is still a long way to go before providing users with a full ownership over their personal information, enabling them not only to be fully protected against malicious hackers looking for attacking central servers where data are stored or against profits made by tech giants when exploiting the data (even if this profit is now reduced due to regulators).
That’s where the Self-Sovereign Identity comes in. Following the definition above, applying SSI shall enable individuals to be the owner of their identity at any stage of their journey on the web. In other words, SSI shall empower users during their digital interactions from entering the address of a website on a browser to approve a financial transaction with a service provider. Thus, in a web where participants are all playing according to the SSI-rules, personal data would not be siloed, malicious hackers would not find interest in hacking data base for personal data and regulators (and private sectors) would not have to spend time (money) to prevent these risks by establishing related laws.
How to enable SSI?
There are no technologies officially associated to SSI. That said, the identity community is increasingly recognizing the importance of two technologies in the Self-Sovereign Identity architecture: Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs). While both have been developed under the umbrella of W3C, their roles in the SSI ecosystem are crucial given that they provide an identifier system along with the ability to make claims in an interoperable and self-sovereign manner.
Further explanation will be provided regarding Decentralized Identity in the next post.
“How do DIDs meet the requirements of self-sovereign identity? DIDs address many of the principles of self-sovereign identity, but particularly control, access and portability. A user has personal authority over their identity, and in fact can create multiple, contextual identities to avoid correlation; a user knows all the data associated with the DID; and a user can use the DID in different contexts as they see fit. That is a big change from something like Facebook Connect, where a third-party could suddenly and arbitrarily remove a user’s access to a variety of websites. DIDs built upon the full set of self-sovereign identity principles can go far beyond that, allowing a user total understanding of the identity they are putting forth and what information it provides to other people.”
Source: https://www.coindesk.com/self-sovereign-identity-five-years-on
OmniOne, a Self-Sovereign Identity-oriented technology
To address the challenges that faces identity industry while applying a technology that can address many of the principles of Self-Sovereign Identity, trust platforms are needed in a world where digital interaction tends to become more prominent than physical interactions. Consequently, OmniOne comes from the willingness to help transition from a service-centric identity to the self-sovereign identity paradigm, empowering anyone to control their identity in a highly secure manner while providing mutual benefits to the participants of its ecosystem.