An introduction to Self-Sovereign Identity

At our 2018 Australian Payments Summit we heard from John Phillips, of 460degrees, a passionate advocate working to raise awareness and execution of Self-Sovereign Identity (SSI).

We recently sat down with John to discuss SSI, and how he believes it could benefit both the payments industry and financial sector.

Can you describe Self-Sovereign Identity and how you got involved?

The best description I have heard came from a talk by fellow SSI evangelist, Drummond Reed at Evernym who defines SSI as a “lifetime portable identity for any person, organisation, or thing that does not depend on any centralised authority and can never be taken away".

I’d seen many poorly managed identity and access management solutions in my career across education, finance and e-commerce; the idea of doing this well resonated very strongly with me. I can think of very few things that would be better to be known for, than leaving a positive impact on a global scale for digital identity.

What was it about Self-Sovereign Identity that resonated so strongly?

The aim of the global SSI movement is to make the fundamental building blocks for digital identity freely available. This is achieved using the growing publicly available catalogue of open source software and standards. Companies can then build their own services and business models on top of these building blocks.

Where do you think the greatest benefits for our industry can be realised?

Existing mechanisms to establish sufficient trust are often localised to a single organisation and are not transferable, portable or extensible. Moreover, they don’t generally preserve privacy, minimise disclosure or reflect ownership responsibilities. SSI aims to change that on a global scale.

Once we agree on common, open standards, for the basic building block level, there is the opportunity to take away the unnecessary friction, privacy erosion, and lack of interoperability that exists within the current fragmented systems.

I see three key areas where SSI can assist the payments industry and financial sector.

  1. Managing Risk – Risk can be minimised for all participants while continuing to meet regulatory and service provision requirements across a range of compliance areas such as KYC, Anti-Money Laundering and Counter-Terrorism Financing.
  2. Managing Privacy – Providing the appropriate level of privacy to parties. We are seeing this overseas with the introduction of the EU General Data Protection Regulation (GDPR), and in Australia through the implementation of the Consumer Data Right (CDR).
  3. Managing Trust – Providing a transparent service that all participants "trust", that is, trust in who is involved and that the process will deliver the outcomes they expect.
Where do you think the Self-Sovereign Identity movement is headed?

Several SSI implementations have already begun to appear around the world. For example, in the commercial sector, CULedger is used as a global utility to provide Know Your Customer (KYC) checks. Government bodies have also started implementing SSI solutions: My Data in Finland, the British Columbia Verifiable Organisational Network in Canada, digital birth certificates in Illinois in the USA, and in certain vertical sectors, like health, in the UK with Truu ID, a trusted digital identity for doctors.

These are pockets, but it once they can connect globally, we can achieve the network effect. Identity, like payments, is a network business and similarly requires the collaboration of many organisations and jurisdictions to function effectively.

We already have the potential to use a global utility for identity – through the Sovrin Network. You can also implement SSI in a single, standalone sense.

When SSI really becomes powerful is when you can connect these pockets of implementation – that’s when the true potential of portability and interoperability is realised!

Thanks to John for spending the time with us today!

If you’d like to comment on the future of Digital Identity in Australia, the Australian Payments Council is currently consulting and accepting submissions on its 2019 Payments Plan. Since 2015 the Council has had a strong focus on developing a Digital Identity Trust Framework.