lissi — Let’s initiate self-sovereign identity
This article covers two SSI projects, which were presented in Oktober 2019 in Frankfurt. Please visit the lissi website for official and updated information.
lissi: Let’s initiate self-sovereign identity
Twelve entities initiated a joint project to jump-start the adoption of self-sovereign identity solutions for Europe. While most of the entities come from Germany, they aim to built an transnational identity ecosystem. The organisations understand that online identity can’t be solved with silo solutions, nor with a federated approach. This is especially true for platform providers, which struggle to get initial adoption should they also participate in the market.
On the 3rd annual blockchain day of the Deutsche Bahn (The German railway company) Helge Michael from the Main incubator presented the project. He illustrated the status quo of online identity by emphasising the problems, which users and cooperates struggle with.
These include, but are not limited to:
· Frequent data breaches due to the centralized storage of user credentials (Honey Pot).
· Entity-centered design, which requires a user to re-enter identity information with every single sign-up.
· Lock-up of users into ecosystems of prominent surveillance capitalists (e.g. Sign-in with facebook).
· Fragmented market of identity providers without interoperability.
· High compliance and user access management costs for companies.
The twelve entities involved in the project include:
Commerzbank, Deutsche Bahn, esatus AG, Creditreform, Hasso Platner Institut, Boniversum C, Main Incubator, comdirect, Bundesdruckerei, ING, Commerz Real and Authada.
Lissi includes financial institutions, SSI specialized start-ups as well as the German federal printing office (Bundesdruckerei), which is responsible for physical identification cards in Germany. The entities behind LISSI support open source initiatives such as Hyperledger Indy and Aries, the W3C and the Dwhich use standardised processes and identifiers to grand every entity and individual equal access to the new identity framework.
Four years ago, Christopher Allen wrote the 10 principles of SSI. So it’s still a young concept, but the roots take us back 20–30 years to the first Internet Identity Workshops. Fast forward to 2020, lissi could finally be the infrastructure we were looking for so long to gain control and empowerment of citizens.
The lissi project is welcoming new partners to join them to collectively work on a better identity framework, which is not only user-centered, but also grants agency to individuals to manage their own credentials. For request contact them via firstname.lastname@example.org.
Presentation by the Bundesdruckerei — German federal printing office
A representative of the Bundesdruckerei also presented a prototype implementation of SSI powered by Jolocom. The vision is to have a digital twin of existing physical identification documents such as the birth certificate or a driver license. This is in alignment with the blockchain/identity strategy of the leading political party in German.
The process can be illustrated in three steps:
1. Creation of the identity: A decentralized identifier (DID) is written into some sort of DLT (distributed ledger technology) like a blockchain. No personal information is stored on this public dataset, which links the DID to the holder without further information.
2. Verification of the identity: A government authority is proofing the validity of the request in person. A user can verify the authenticity of the government agency, since it has an unique DID on the public DLT/Blockchain.
3. Usage of the identity: Once verified a user can create new DIDs for every registration and independently proof that the government verified his identity. Service providers can verify this proof by cross-checking the signature of the proof with the public DID of the government authority.
For the demonstration the following platforms and standards are used:
Ethereum mainnet, EC Signature secp256k1, IPFS, DIDs, Jolocom and verifiable credentials(VCs). Both DIDs and VCs are specified by the W3C.
The path forward:
The concept of SSI will require more work to be ready for the mass market. Current implementations are rather simple, but already grant a sneak peek into the future of online identity. It’s good to see that multinational corporations actively participate in standardization efforts. Now is the time for businesses to evaluate existing market solutions and their fit into existing business structures. Early movers will enjoy reduced compliance costs, administrative efforts as well as new market and sales opportunities.
Nevertheless, in order to achieve mass adoption a great effort in education will be necessary. While we already see support from official bodies like mentioned Bundesdruckerei, the success of the concept requires political will and legislative support.
Decision makers need to address the omnipresent problem of online identity. Now more than ever! Our society can’t afford to wait until further data breaches and other negative consequences of the current business standards will spark interest of users into new solutions. The other options of identity solutions will downgrade human nature as described in my most recent blog-post.
We should not wait until every last credit card information is available in the darknet! Governments and EU grants need to increase their support for open source initiatives and educational efforts in these topics. The current budget of 25 million € of the Innovation and Networks Executive Agency (INEA) only reserves 1 million for public education purposes.
Edit [22.10.2019]: The European Commission launched the European Blockchain Services Infrastructure (EBSI), which includes SSI as one of the four use-cases.
Feel free to subscribe to my YouTube channel should you be interested in the topic.
Disclaimer: This article solely represents the opinion of the author.