Cover image for Self-Sovereign Identity

Self-Sovereign Identities

The reason for Self-Sovereign Identities are data breaches and new guidelines to ensure that data owners keep control.

What is a “Self-Sovereign Identity”?

A Self-Sovereign Identity (SSI) restores control over identity data via decentralised identifiers (DID).

Data breaches as well as losses are all over the news. If this involves only a few personal details such as first and last name, the damage is manageable. However, nowadays everyone is digitally omnipresent, often with identical data. We entrust such information to companies, online shops, financial institutions, insurance companies, etc. under the assumption that, due to statutory regulations, it will be processed in accordance with the highest security standards. This approach is referred to as a silo because many different data repositories comprise virtually identical data for different purposes.

If this approach was successful, there would be no serious data losses or the need for regulations to protect personal data.  Unfortunately, we do not live in this ideal world. Therefore, a new concept is called for: Self-Sovereign Identity or decentralised identifiers.

This new concept restores control over identity data to each data owner. For this purpose, a so-called identity wallet (a digital identifier) is used, which collects and stores verified information on its owner from certified issuers (authorities, etc.)

Similar to a real wallet, you are always in control of your assets, e.g. your credit card, your ID card, etc.

In the event this information has to be disclosed to third parties, this can be done selectively, and usage permission can be revoked at any time. Data is not “submitted”, but access is granted instead. By withdrawing permission, the third party has no right to continue using this data. Thus, we have full control over our own data and benefit from a significantly improved protection against data theft and abuse.

Does this solve all problems?

Yes and no. In general, the approach is long overdue and the idea is well-developed at this point in time. If you bear in mind that the focus lies not on the data itself but on how it is processed, you can already anticipate which applications may be realised by means of this approach.

Not only the unfiltered provision is possible, but also the abstraction. A suitable example is the process of age verification: Age verification is required to comply with statutory requirements. Thanks to SSI/DID, however, it is no longer necessary to disclose the date of birth; instead, it is sufficient to answer the simple question: “Is the data owner over 18 years of age?”

The response will be accepted based on the certified data and can be made verifiably accessible via further technologies without necessarily requiring access to the wallet.

Having these possibilities, however, raises the following questions:

  • Which use cases offer actual improvements to us as a company
  • How can we integrate SSI/DID into our business processes?
  • Which potential solutions are currently under development and are promising?
  • What standards might be developing that should be pursued? 
  • How can the wallet be protected?
  • Which manufacturers are involved
  • How can users/data owners who are unfamiliar with technology be introduced to this topic? 

Like every new idea and technology, it has to prove itself in practice. Regarding SSI and DID, this demonstration is now complete. 

Renowned companies actively support the adaptation and acceptance by developing interfaces and integrations.

The right manufacturer for each project

Together with our technology partners, we provide premium products and solutions to optimally meet your requirements. The introduction takes place gradually in manageable project steps which do not overwhelm the organisation or the users.

Logo des IPG Partners Beyondtrust
Logo  des IPG Partners Clearsky Schwarz & Klein
Logo des IPG Partners Imprivata
Logo  des IPG Partners Nexis Schwarz & Klein
Logo  des IPG Partners OneIdentity by Quest Klein
Logo  des IPG Partners PingIdentity Klein
Logo des IPG Partners Saviynt
Logo  des IPG Partners Wallix Schwarz & Klein

Please do not hesitate to contact us!

* required

GDPR
By submitting the data you have entered in our contact form, you give your consent that we may use your information to respond to your enquiry and/or make contact. As a matter of principle, your data will not be disclosed to third parties unless the data protection regulations as from time to time amended justify such transfer or we are obliged to do so by law. You may at any time withdraw your consent with future effect. In the event of such withdrawal, your data will be deleted forthwith. Otherwise, your data will be deleted when we have processed your enquiry, or when the purpose of storage ceases to apply. You may at any time request information regarding your personal data stored by us. You will find further information regarding data protection in the Privacy Policy of this website.

 

We look forward to assisting you!

We support companies in the adaptation and integration of use cases around SSO / DID in connection with IAM processes. Our experts continue to train consistently and are sometimes ahead of their time, especially when it comes to such fundamentally new ideas. IPG has committed itself to the topic as a service for our customers, in particular due to the necessary measures to want or need to consistently improve data security and data protection of personal data.

 

Contact us. 

 

 

Logo von IPG mit weißem Hintergrund - Experts in IAM

Your contact to IPG

info@ipg-group.com