Self-sovereign identity (SSI) is a movement that claims digital identity should be just as legitimate and nuanced as a person’s human identity, while being accessible to all, privacy-preserving, and not reliant on a single government or corporation. It was originally conceived by idealists seeking to provide people more autonomy and control of their digital relationships. Over the past decade, the world has seen a shift from legacy on-premise software to the cloud, creating tremendous value/innovation on the one hand (Salesforce, Veeva, Twilio, etc) and centralization/surveillance problems on the other (Facebook, Google, etc). Talking about cloud, a Web 2.0 technology, in the context of a Web 3.0 technology like SSI may seem unrelated. However, the combination of cloud with SSI can offer much needed usability and benefits compared to more traditional delivery models and otherwise decentralized systems.
TL;DR:
- Cloud-native software done right can deliver more benefit than its on-premise/locally-hosted alternative while reducing costs and risk.
- Organizations should understand the trade-offs between cloud and local deployments for self-sovereign identity specifically for individuals and organizations.
- Any who pursue a cloud solution for SSI should seek well-architected platforms that take advantage of cloud-native functionality.
- Trinsic is a modern platform that provides a full-stack SSI platform leveraging the best of cloud and local elements.
Key benefits of cloud
In multi-tenant cloud software, all new features are pushed to all customers simultaneously, creating a virtuous R&D cycle and enabling engineering resources to focus on innovating rather than supporting previous releases (analysts estimate that up to 80% of on-prem software vendors’ R&D spend is on maintaining old versions/products).
Cloud software can utilize platform-specific functionality (Azure KeyVault or AWS Lamda), which can’t be equally represented across a myriad of different hardwares, databases, or operating systems. In addition, hosting, security, and compliance costs can be amortized across all customers rather than reinventing the wheel for each new deployment.
With a subscription or usage-based pricing model, the vast majority of revenue from a given customer will come to the vendor far in the future, causing SaaS companies to rely heavily on customer retention for survival. The incentive therefore is to provide fantastic customer service to existing customers, not exclusively seek out new ones. Cloud-based solutions are also much, much easier to provide satisfactory support due to the other reasons listed.
Generally speaking, SaaS companies seek to align pricing with value. That way, the software provider only receives revenue when the customer creates value. SaaS companies are incentivized to remove barriers to entry and help their customers receive value because doing so is the only way the SaaS company will scale.
Cloud software is architected to ensure that new features can be introduced with no downtime, cost, or disruption to their customers. This is possible because there are common variables for infrastructure and installations without the variability (OS, databases, hardwares, etc.) a customer’s own environment introduces.
Cloud-based solutions are typically more secure than self-managed ones—especially in highly-regulated industries¹, because any security failures risk the vendor’s reputation and potentially data of all customers at once. This creates a strong incentive to make stability, security, and data privacy a core competency of the platform.
Cloud-native software scales much better than on-prem software because as more resources are needed, more resources can easily be utilized. AWS, Azure, and other cloud platforms utilize usage-based payment models that accommodate for spikes in usage and make building redundancy into the product straightforward.
Historically, large organizations (e.g., Coca-Cola) have had no choice but to build and maintain large IT divisions (instead of—you know—making beverages). This is becomingly increasingly unnecessary with cloud technologies. Every company can specialize in their expertise and focus on their business—vendor and customer alike.
Concerns with cloud
Entrusting another organization with your sensitive data is no easy task—20 years ago, Salesforce struggled at first to get companies to entrust their customer lists to the cloud. But by 2020, most security professionals believe data is safer in the cloud than on-premise. It also appears the severity of on-premise software breaches is higher than cloud-based².
Having access to and control over the source code of your software means that customizations can be made—as long as the licensing agreement allows it. While this is advantageous for some use cases, it can be costly to implement and unclear whether/how the customizations will interact with or potentially break other components of the software.
Some cloud-based softwares are so far superior to their substitutes that they can create monopolies that centralize power and unfairly exploit their position in markets. It should be noted that centralization has massive benefits—but it’s important that there is interoperability, open source alternatives, and healthy competition to avoid a bad situation.
The benefits and concerns present with cloud technologies are just as true for SSI as they are for other types of software.
Cloud in the context of SSI
When designing SSI architectures, cloud or local implementations can be made for both organizations and individuals; see the following graphic for more detail.
Trinsic seeks to leverage the best parts of both local and cloud-based approaches to create the best SSI platform on the globe. As such, we’ve created a platform for organizations in the cloud and provide an SSI wallet for individuals that leverages a local wallet.
Trinsic's platform
Trinsic’s cloud platform consists of the following products. You can get started free and enjoy robust documentation and support for each.
- Trinsic Studio: An easy-to-use web interface for managing credential exchange with no code. Also serves as the mechanism to acquire API keys and manage billing for paid plans. Try it yourself free, and issue a credential in less than 5 minutes!
- Provider API: Our newest API enables developers to programmatically provision issuer and verifier cloud agents. Learn more about the provider API in the recent launch announcement.
- Credentials API: Our core API enables developers to have a turnkey way to issue, verify, and manage verifiable credentials on any Hyperledger Indy network. Check out our documentation or one of our reference applications to get started.
- Wallet API: An API for creating and managing cloud wallets on behalf of credential holders. It’s the backend of our Mobile SDK, which you can read more about in our recent post about building your own SSI wallets. Get started with the API by checking out the documentation.
Trinsic has built the first end-to-end, cloud-native, hyper-scalable cloud architecture for self-sovereign identity. Not only can you programmatically issue verifiable credentials, but you can programmatically create credential issuers. (Which can themselves issue credentials!) We utilize certain cloud-native functionality to achieve this.
By utilizing a cloud-native secure key management service, we ensure encryption keys can only be accessed by backend servers associated with those keys. Nobody at Trinsic has access to encryption keys.
Open source implementations use SQLite databases within the wallet, which has scalability limitations. We substitute these wallets for globally-distributed databases specifically built for scale. These also enable advanced indexing and querying.
Proper architecture ensures information from one organization can’t be accessed by another organization and that wallets that live in the cloud are secure.
Our services can be deployed in data centers in most geolocations around the world, ensuring regulatory compliance.
Uptime guarantees and SLAs up to 99.99%.
If required, your organization can control its own keys, while keeping the agent software hosted in the Trinsic cloud.
We leverage an analytics infrastructure capable of handling millions of events per second, enabling real-time analytics and insights.
Note some of the above features are only available on our Enterprise Plan. If you have specific questions, please contact us.
Trinsic Wallet
The Trinsic Wallet is the world’s most popular interoperable SSI wallet, supported free forever. The wallet lives on the device and key management is done by leveraging the operating system backup of the device (ie., iCloud backup for iOS devices). We also offer an encrypted cloud backup service. Learn more about the Trinsic Wallet here.
Although our own mobile app doesn’t utilize the Wallet API, some of our partners have built mobile apps using the Wallet API. Get in touch if you’d like to learn more.
Reducing honeypots
Self-sovereign identity will improve security around the world and hopefully make identity theft entirely obsolete, but not for the reason most people think.
Many believe that this is because SSI decentralizes storage of personal data. Instead of PII honeypots that become targets for hackers because millions of people’s data can be stolen from one breach (see: Equifax), SSI information is stored in end-users’ wallets on their phones so a breach would only expose one person’s data.
Right? Well…sort of.
One important reason that SSI will reduce identity theft is by reducing our world’s dependence on knowledge of secrets and increasing dependence on possession of secrets. Imagine a future where applying for a bank account in the USA requires a social security number (SSN) in a verifiable credential. By proving possession of the credential, I’m allowed to open an account. Even if a hacker discovered my SSN, they couldn’t open an account in my name because possession of the credential is necessary, not just knowledge of the identifier.
The other reason that hacking is reduced is that each wallet is encrypted using separate keys. In addition to breaching enterprise security systems, a hacker would need to individually decrypt each wallet, which increases the costs to hack cloud-based SSI services exponentially.
So while it’s true that SSI will reduce the occurrence of centralized honeypots of data, the real benefit is that it reduces the value of the data inside the honeypot and increases the cost to access that data, which in turn reduces the incentive to hack it.
Self-sovereignty means key ownership
A philosophical belief of many in the SSI community is that self-management of encryption keys is necessary for SSI. This is especially true of people from other blockchain communities where possession of a single key means possession of money (and loss of the key means loss of the money). When it comes to SSI, the issue is different for individuals and organizations.
Individuals
As it relates to individual people,the issue is nuanced. To date, totally decentralized key management technologies have not been widely adopted because they introduce additional inconveniences for end-users. So naturally, a spectrum exists to accommodate users who value convenience. As mentioned in a Medium post in response to critiques about key management technologies for SSI:
"The degree of inconveniences, security, and user-control depend on the implementation. The simplest key management solution is a complete custodian model. Coinbase has done a great job doing this for cryptocurrencies. A hybrid model could also be employed (this is the one used in the Trinsic Wallet today); a user can back up an encrypted copy of their wallet to a secure cloud or export the wallet to keep in storage of their choosing. Completely decentralized solutions indeed require a great deal of technical knowledge and/or inconvenience but importantly exist for those who don’t want to rely on anyone other than themselves to safeguard their data."
That being said, any cloud-based/custodian wallet solution must enable the end-user to export their wallet from the cloud into a wallet where they control the keys. Otherwise, the vendor has total control over the user’s identity – and that isn’t self-sovereign.
Organizations
Organizations are organized under the laws of a particular jurisdiction and governed by individual people. Unlike natural persons, organizations do not have unalienable rights or dignity. Put simply, people are self-sovereign, organizations are not. Therefore, the ideals that apply to individuals apply differently to legal entities.
To drive this point home, organizations cannot manage their own keys no matter how much they want to because they are inanimate, socially-constructed legal entities. The best those legal entities can do is to enter into legal agreements to employ qualified natural persons to manage the keys on their behalf. Alternatively, an organization can enter into a legal arrangement with another firm, including a SaaS provider, to manage keys on its behalf.
Your decision
We recommend utilizing a cloud-native³ SSI platform, just as your organization (and you as an individual) surely utilize the cloud for other solutions. If cloud isn’t right for you, we recommend you explore the open source reference implementations. They are a free way to install working software on-prem, although it can take a significant development/expense to make it scalable and secure.
Trinsic’s cloud platform is available for anyone to try out free at studio.trinsic.id. Our Enterprise Plan, tailored specifically for the stringent cloud requirements of enterprises, can be found on our pricing page www.trinsic.id/pricing or by contacting us.
- Professionals in highly-regulated enterprises (in life sciences, finance, government, education, etc.) believe cloud is actually safer than on-prem and have therefore employed a cloud-first strategy, requiring special approvals for any on-prem softwares.
- Take for example the WannaCry or NotPetya ransomware viruses. In 2017 and 2018, they brought organizations like Merck, Maersk, and the NHS to their knees costing billions of dollars in revenue loss and recovery costs. While they were reeling from the impact, one shining light was the fact that their cloud-based solutions were not infiltrated.(https://www.logicworks.com/blog/2017/05/wannacry-public-cloud/).
- It should be noted that there is a difference between a cloud-native, multi-tenant architecture, and a traditional on-premise software solution deployed and hosted in the cloud. In many ways, hosting deployable software somewhere other than on-premise can give you the worst of both worlds—you are paying for the high development costs of a product that works across hardwares/clouds/OS/etc., but you don’t get the benefits of customization or control. And since it’s not cloud-native, security becomes trickier—products built to accommodate more hardwares/databases/OS will inevitably have more attack vectors than a native solution (think: security of a PC vs a Mac).
