Imagine a world where you can claim your age in the liquor store without showing any form of ID.
How you control your identity by the usage of a mobile decentralizsed IDP
In the shop
What happens when you go to the night-shop, supermarket or liquor store and you still have that ‘babyface’? Yep, they’ll ask you for some kind of ID-card to prove that you’re old enough to buy some booze.
Nowadays you show a card where your birth date is mentioned. But what if you don’t need to show that any more?
In the near future it will be possible to keep your identity to yourself but you still have the ability to prove to the store you’re old enough. How? Well, when you visit that shop, that shop will send a request to your wallet asking for proof. You open up your wall-id app on your mobile and you’ll see the request appearing on your screen. The only thing you need to do is to provide your consent to give that ‘verifiable claim’ (i.e. not your age, but just the proof that you’re old enough to pay that booze) to the shop and you’ll walk out & get that party started.
Behind the scenes
So, for the more nerdy and interested people that are keen to know how that works behind the scenes, let’s find out.
We first would like to give you our strategic view on Self Sovereign Identity (SSI) and how Identity + Access Management can be decentralised.
For those who don’t know that much about SSI, a clear definition is found on eSSIF-lab.
Self-Sovereignty is the characteristic of every party that it is autonomous in managing and operating its own knowledge, particularly in making decisions and deciding how to decide.
But what’s even more interesting is the background of self-sovereignty.
The background of our understanding of 'self-sovereignty' can be found in articles 8-10 of the European Convention on Human Rights (ECHR), that state
The rights of individuals regarding their privacy, and their freedoms to collect, process, store, and express information in a self-sovereign fashion, i.e. in a way that they can decide for themselves. This is without prejudice to Member States' laws that exist to protect their national security, public safety, the economic well-being of the country, health or morals or the rights and freedoms of others, or to prevent disorder or crime.
This important principle has been translated into other laws such as e.g. GDPR and SSI. (more interesting reading on GDRP and SSI)
Technology Principles
Joe Andrieu has translated these principles into technology principles quite well:
A good self‐sovereign identity system will allow individuals to directly influence how companies, governments, and others correlate our interactions across different services and locations by default. It won’t fix all identity problems nor preclude alternative identity approaches, but it will put the individual in control of most uses of identity and give organizations a simpler, easier, more ethical way to use identity to improve how they provide services and products.
Our strategic view is and has been from the founding of the company that if you want your technology to be compliant to SSI, PDS2 and GDPR you need your Identity Provider (IdP) to be decentralised.
The Trust1Connector (our oldest product) is a user managed Identity Broker enabling identity and verifiable claims from your end users AND devices to your application or services.
This year, Trust1Team will launch our newest product: wall-id. wall-id is a library that enables digital wallets to work with a decentralised IdP.
No, it is not yet another mobile wallet. It is an integrable decentralided identity broker on your mobile device, an essential component of mobile wallets that
● keeps your certificates and attestations (i.e. verifiable claims) in your wallet up to date. Also known as Identity Access Management.
● makes integration with applications easy, cheap and fast as it only delivers a verifiable claim which is easy to integrate.
● increases the level of assurance for online transactions. (read more on that topic in our next blog)
● manages and organizes your verifiable claims (attestations) lifecycle
And how does this all work?
Bare with us, we’ll explain it step by step:
1. Setting up your wallet
An end-user needs to fill-up his digital wallet with personal information that can be verified. E.g. your national eID that can be verified against the European Trusted List (EUTL).
Also other information can be added to the wallet as long as this information can be verified against a Trusted List you are good to go. (e.g. your driver's license)
For this onboarding you would need
our Trust1Connector
your smartcard (e.g. eID
a card reader (still for a while unfortunately)
your smartphone
The rest is a dummy proof process and you only need to do this once.
Why once?
A hardware setup during the onboarding process is required because of
strong security constraints upon the creation of an identity or attestation using a traditional Public Key Infrastructure (PKI).
full usability in the long run.
2. Creation of your verifiable claims
When the information is put in your wallet, every time you need an attestation, you just need to consent & your wallet will create verifiable claims (i.e. digital assets) using the principles of Zero-knowledge proof (ZKP) This will be created via a ( blockchain) ledger that will function as your Digital Asset Management System.
Let’s give you a simple example.
Remember the liquor store? Remember proving your age? So, after setting up your wallet (step 1) the information of your eID is now stored in that wallet. So the wallet knows e.g. your birth date. Now comes the neat part: your wallet now can create, based on your birth date, a claim on the ledger that states that you are old enough to drink alcohol. So … this is a “verifiable claim” which can be verified based on your e-ID certificate & will be put in your wallet for your personal use. Your “personal claim” on the ledger is only accessible/readable to you and no-one else. You have your own private vault on the ledger.
3. Your wallet is ready for use
Let's rewind to the definition of self sovereignty: the rights of individuals regarding their privacy, and their freedoms to collect, process, store, and express information in a self-sovereign fashion, i.e. in a way that they can decide for themselves
YOU decide which information you like to put in your wallet
YOU decide which verifiable claims are created on the blockchain ledger. They are derived from your personal information but are not an exact copy of your personal information.
YOU decide when/where you want to share your verifiable claim with. (e.g. a merchant, a government, …)
The only one that can access personal information or verifiable claims on the ledger or your wallet is YOU.
So, now you know our view & the way on how technology should implement Self Sovereignty.
Thinking alike? Let’s talk!