self-sovereign identity

Self-sovereign identity (SSI) is a model for managing digital identities in which an individual or business has sole ownership over the ability to control their accounts and personal data. Individuals with self-sovereign identity can store their data to their devices and provide it for verification and transactions without the need to rely upon a central repository of data. With self-sovereign identity, users have complete control over how their personal information is kept and used.

In all models of identity management, a digital identity requires identifiers, which ensure the user is who they say they are. However, with self-sovereign identity, identifiers do not need an intermediary. This means that a user’s self-sovereign identity can be registered to a claim, such as a block on a blockchain. The person can then share that identifying data when making a transaction with a bank, for example.

With self-sovereign identity, a person can enter an app on their phone where their identity data is stored, then use an identification number and identity information to verify who they are. Self-sovereign identity adds security and flexibility to the user and allows them the ability to share data only when they choose.

Self-sovereign identity concepts

Self-sovereign identity is made up of claims, proofs and attestations:

  • A claim is an assertion of identity made by the user.
  • Proofs are the forms or documents that act as evidence for a claim. So, for example, a proof could be a passport or birth certificate.
  • An attestation, or validation, is when the other party validates the claim is true. Attestations can be stored in the user’s device and are typically machine readable.

Pros and cons of self-sovereign identity

Some pros to using self-sovereign identity include:

  • It is more secure and prevent common attacks to personal data, such as breaches.
  • Data is more private.
  • Users have a higher control over their own data.
  • The process is more efficient.
  • Users do not have to rely on other identity providers who may sell and monetize your data.

Cons of self-sovereign identity include:

  • Users are responsible for their own security.
  • There could be multiple identity platforms, meaning users may have to use multiple apps.
  • Keeping track of personal data and permissions can become complex.
  • Certain data intermediaries may not be able to be removed.
  • Proof data is normally unstructured and could be easily faked.
This was last updated in May 2019

Continue Reading About self-sovereign identity

Dig Deeper on Identity and access management

Enterprise Desktop
Cloud Computing