Self-sovereign identity (SSI) is a movement that claims digital identity should be just as legitimate and nuanced as a person’s human identity, while being accessible to all, privacy-preserving, and not reliant on a single government or corporation.
Many have given their thoughts about this movement. Some have called it the next trillion-dollar market, while others focus on its ability to enable people to take back privacy and interact with more dignity online. At Trinsic we want to add our voice to the conversation, aiming to balance philosophy, technology, and business principles to explain SSI in a way that’s easy to understand.
Trinsic is a leading provider of SSI technology, and the reason is simple: we believe self-sovereign identity will make the world more accessible to people everywhere while adding tremendous value for businesses everywhere. To understand why, we should first unpack what it means for a person to have a digital identity that’s just as legitimate as their real-world identity.
Human identity is a complicated topic—philosophers have been debating it for centuries, and nothing I say will settle those discussions. So I propose here a mental model I’ve used to explain how I think human identity works. I simplify human identity into two parts, both of which are necessary for a person to be a productive member of society.
- Intrinsic identity: This is what we see when we look in the mirror. It’s our gender identity, political identity, or cultural identity. It’s who we are in the context of our relationships with our closest confidants. It’s intrinsic to us and is the truest form of identity.
- Extrinsic identity:¹ This is how others, often institutions, identify us. A driver’s license is the most ubiquitous example. Although intended to prove your eligibility to drive on public roads, it is also how financial institutions, airports, and bars identify you. It works because institutions trust the DMV, and with a driver’s license, you always have the DMV vouching for you. And it isn’t limited to government ID—educational, professional, and membership credentials all work this same way.
Some of the largest social media, blog, and other internet platforms basically exist to help people express their intrinsic identity. But there is (remarkably) still no good way to manage our extrinsic identities digitally. We still use paper documents and plastic cards to access some of the most important services in our lives, subjecting some of the most sensitive and vital aspects of our identity to fraud. It’s frightening that in an increasingly digital world we sometimes have to scan, email, or send photos of these documents to do basic things like qualify for a home or open a bank account.
Self-sovereign identity is the marriage of real identity with the digital world that will ultimately make people’s lives better.² It’s still in its infancy, and there is a long road ahead to truly make digital identity as legitimate and nuanced as a real-world identity. But there are several very promising technology advances of late that represent a huge breakthrough, the most important of which are the advent of digital wallets and the standardization of verifiable credentials. Together, these create a path toward bringing our extrinsic identities online for the first time.
A digital wallet is exactly what it sounds like: a secure digital environment where you can keep important cards (e.g. driver’s license, employee ID card) or currencies. Just like in the real world, this wallet has some important properties:
- The cards in the wallet were given to you by trusted entities (i.e., the DMV issued the driver’s license).
- You can use those cards however you please to prove your identity or other traits.
- The cards are yours; nobody can take them away. The organization that gave you the card may revoke it or let it expire, however.
- No one can even look at the contents of your wallet without your permission, even the wallet provider.
- You can switch out your wallet at will. If you find another wallet, you can switch your cards to the new one relatively painlessly.
Trinsic launched the first interoperable SSI wallet over a year ago, and it has quickly become a favorite—check it out here. But a wallet, whether physical or digital, is just a container. It needs content to be valuable, and the ‘cards’ digital wallets hold are called ‘verifiable credentials’.
Verifiable credentials are the standard way to represent extrinsic identity online. As the primary contents in an SSI wallet, they are generally digital, tamper-proof, non-transferrable, verifiable versions of the cards you’d normally keep in a physical wallet. You can share verified information from these credentials while preserving privacy (like sharing your voter precinct without revealing your address or your credit score without revealing your SSN). Since the credentials are yours, you don’t need a username and password to access them. In a future state, access to services could be based on these credentials so that “identity theft” couldn’t happen just by knowing your SSN and mother’s maiden name.
Finally being able to manage our extrinsic identities digitally through digital wallets and verifiable credentials will have a huge impact on people and enterprises (more on that below). But there are other technologies that will work in harmony with verifiable credentials to create a truly self-sovereign identity solution. We’re watching technologies like personal data stores/hubs/pods, linked data, sidetrees, decentralized storage, and more to make our SSI offering more robust.
Self-sovereign identity has huge implications for businesses as well. Between my roles as chair of the “Business of SSI” Task Force at the Sovrin Foundation and as CEO of Trinsic, I’ve spoken to hundreds of business leaders about the impact verifiable credentials will have on their business. Today there are over 100 companies and developers using Trinsic to build solutions across more than 10 industries. It takes ingenuity to identify how SSI can improve your bottom line (and by the way, our team is happy to help). I’ll list a few examples below to get your creative juices flowing.
- Improved conversion: Current technologies force companies to make a trade-off between assurance and conversion. With SSI, companies are removing friction to onboard new users instantly in high-value environments where simple CAPTCHAs aren’t sufficient like banking, insurance, healthcare, and others.
- New engagement: Where could additional trust help you better engage with your stakeholders? B2C cases include banks who are using digital government IDs to open bank accounts without the painstaking average 24-day KYC onboarding process, retail companies verifying military, teacher, and student status, and everything in between. There are lots of B2B cases too, from supply chain companies certifying audit compliance for industrial facilities to medical software integrations for streamlined insurance claims verification.
- Verifications:³ Any time verifications are costly or important, SSI can help. Despite billions spent on identity verification per year, still billions are lost due to fraud. SSI enables a much better ID verification process, not just for legal identity but for any trait.
- Risk: If your business is holding passwords, social security numbers, credit card numbers, or other high-value PII, you’re at risk of a data breach. SSI can reduce your risk by letting you avoid collecting, storing, protecting, and maintaining toxic PII. You could, for example, verify a credit score without collecting an SSN or confirm a voter precinct without an address.
- Compliance: PCI compliance was an important driver of growth of third-party payments processors like Stripe and PayPal over the last decade. Likewise, data protection regulations like the GDPR, CCPA, and a myriad of others are driving adoption of SSI.
Self-sovereign identity will unlock enormous valuable opportunities in all markets around the world. No industry will be left untouched by its impacts. Hundreds of companies have begun experimenting with the technology and several have gone to production. The easiest way to get started is to head to https://studio.trinsic.id/ and begin playing around in our free sandbox. Follow our tutorial to walk through an example of how it works. Here you’ll be able to issue credentials, set up wallets in the cloud or on your device, and verify credentials with the click of a few buttons. If you’re not sure where to get started, how SSI could apply to your industry, or if you just want to chat, schedule a call with our team here.
1. It’s worth noting that there is overlap between these two kinds of identity. It’s possible to obtain an extrinsic credential that represents one’s intrinsic identity. Someone who identifies deeply and personally as a Republican may or may not be a card-carrying, official member of the Republican party. And many transgender people know they belong to a gender separate from that which is displayed on their government ID. The point is that one kind of identity doesn’t trump or determine the other, but they may be linked.
2. Eventually, SSI will give people a super simple way to do the following and more:
- Protect sensitive identity information like SSN and birthdates to reduce the likelihood and impact of identity theft
- Securely prove your identity or things about yourself in a way that institutions can trust
- Maintain privacy and reduce the ability for corporations or nefarious actors to track you without your consent
- Conveniently get access to services you need without usernames and passwords
3. It’s also interesting when your workflow is complex and requires validation from multiple third parties. For example, imagine if something as complex as handling a car accident (licensing, registration, vehicle, and insurance information are all required to be shared and verified) could be done with the click of a button. I know the officer who handled the last car accident I was involved in would be eternally grateful—he was doing data entry from paper documents into the laptop on his motorcycle for an hour in the hot sun! With SSI it could have been handled in minutes, and he could have been out making the community safer for that hour.