Self Sovereign Identities: The Quest for Decentralized Personal Data Usage
The advent of the Internet has brought about a massive change in the definition of identity as it can take multiple forms depending on the platform the individuals are using. These multiple forms of a user’s identity entail their custody by a centralized platform that is in complete control over the user’s details and virtual identity thereby forcing them to compromise on privacy.
As a solution, the idea of decentralized self-sovereign identities (SSIDs) has been picking steam in recent times. On this regard, RIF Identity provides a ready solution to enable users to gain complete control and ownership of their online identity.
In this blog post, we deep dive into the idea of SSIDs. We explore questions such as what are SSIDs, factors necessitating SSIDs, the advantages of SSIDs and how RIF Identity offers a blockchain-based solution for the management of virtual identities.
Introduction: What are SSIDs?
In layman terms, one can think of SSIDs as a model for managing digital identities wherein the user always has control and ownership over their identity. Users with SSIDs can store their data to their devices and provide it for verification purposes without ever having to rely upon a central data authority.
The underlying ideology behind SSIDs is that every individual is the maker of their own identity. Since SSIDs are decentralized, they do not depend on any central authority to verify their legitimacy which makes them immensely flexible for various use-cases. This is similar to how identities work in the real world. Furthermore, SSIDs include the word sovereign which entails that the users are their sovereign nation and no other entity can control their identity under any circumstance.
Let’s think about an example:
Carlos, who lives in Mexico, received his passport from the Mexican government after going through all legal formalities. The passport allows him to travel seamlessly to any country in the world. However, the use of a passport is not limited to taking international flights. Carlos can also use the passport to book tickets for concerts or attend events that require government identity documents. This does not mean that the Mexican government and the concert organizers have an exclusive business partnership or a legal contract between them. This merely means that the concert organizers trust the authenticity of data displayed on a government ID.
Major Components of SSIDs
In the aforementioned example, Carlos is not dependent on any centralized intermediary to prove to help him prove his identity. He “claimed” his identity using his passport as a “proof” to convince the event organizer to “validate” the credentials. In essence, SSIDs largely revolve around three major components, namely:
A claim is the action of the identity owner or the user to assert their identity. In the example above, Carlos’ act to establish his identity is the claim.
A proof is an instrument or the medium through which a claim can be authenticated. In the example above, Carlos’s passport is proof as it is the instrument that enables him to authenticate his claim to establish his identity.
The act of the validating party when it verifies that the claim is legitimate. In the example above, once the event organizer is convinced of the legitimacy of Carlos’ proof of his identity, they can validate the same by letting him into the concert.
Expanding on the concert example, Carlos has the freedom to decide what identity he wishes to display to the organizer (passport, driving license, etc). At the same time, the organizer has the choice to accept or reject the “claim” presented by Carlos as per his choice.
Although this method of self-sovereign identification is easy to pull off in the real-world through paper or plastic credentials, it has, unfortunately, not been as easy to replicate in the online world.
Centralized Identities Issues
There are myriad issues associated with centralized online identities that have directly contributed to the growing popularity of SSIDs. Some of the most significant of them are the following:
Lack of Physical Interaction
Online identities suffer from the proximity problem as there is no guaranteed way to authenticate the identity of an individual from a distance. There is always a possibility of the user pulling a fraud by providing fake or illegitimate credentials.
For example, a self-proclaimed representative from a user’s bank might send a phishing mail to a customer asking to share their credit card details. Here, the user has no way to identify the legitimacy of the sender unless they speak or meet them in person.
Lack of Privacy
One of the most burning issues today with online identities is that of disregard for user privacy. There have been innumerable instances of tech corporates leaking or selling personal user data to third parties for revenue which has attracted the attention of regulators across the world.
Lack of Consent
Understandably, the lack of privacy stems from the lack of consent toward users. Centralized identity and data repositories store personal user data in the form of email addresses, phone numbers and even personal details such as ID numbers which makes it easier for data-hungry entities to monitor and predict user behavior without necessarily having their consent.
For example, a user might “agree” to the terms and conditions of a social media platform without actually going through the verbose text. This practice, although not technically illegal, is severe enough to be considered ill-intentioned.
Lack of Flexibility
As mentioned earlier, centralized identities are not the most flexible in terms of usage. A user can only use their Google credentials to log in to Gmail but not to Facebook. This lack of interoperability among various platforms is a huge problem for centralized identities and vastly limits their use-cases.
Lack of Security
The lack of privacy also leads to the lack of security for user credentials which can be exploited by skilled cybercriminals for illicit purposes. The infamous Twitter hack which saw the accounts of high-profile individuals succumb to a carefully orchestrated cyber attack is a prime example that highlights the security risks associated with centralized identities.
The Case for Blockchain for SSIDs
By now, you have a fair idea regarding the urgency of SSIDs to tackle the aforementioned issues through decentralization and cryptography. To date, SSIDs have been rather difficult to achieve due to technological limitations. A major obstacle that has hindered the creation of online SSIDs, has been the unavoidable requirement for centralized data repositories that facilitate the discovery of data. However, blockchain technology holds the potential to eliminate such intermediation.
By leveraging the continually touted characteristics of blockchain such as immutability, transparency and decentralization, SSIDs can be brought alive in the online world to enable people to prove their identities in the same way as they do in the offline world.
In the context of the same example, let’s assume that the Mexican government issues Carlos his passport digitally which has an immutable trail on a public ledger database. As the passport is stored digitally on a public blockchain, there is unquestionable trust concerning its authenticity. Furthermore, the government uses keys linked to its decentralized identifier on the blockchain to digitally sign the document so that anyone who requires it can easily validate that it was issued by the government itself.
Now, when the concert organizer asks Carlos for a government ID, he can simply show his digital passport and the organizer can then verify that the passport has not been tampered with. This mechanism leaves no scope or requirement for a data intermediary who would otherwise have been contacted to verify the authenticity of the passport.
Blockchain-based SSIDs give the user complete control over their identity including the authority to decide who to share data with. This ensures that any data repository is not taking unfair monetary advantage by selling user data to third parties. Quite the contrary, SSIDs enable individuals to directly monetize their personal data if they want to.
SSIDs provide flexibility in the sense that they enable the user to use their identity as and when they require without needing to contact any data intermediary. Unlike the centralized data operators that often end up being unreliable due to a myriad of reasons, a decentralized data repository can be accessed from virtually anywhere in the world regardless of any external factor.
As SSIDs are underpinned by distributed ledger technology (DLT), they are fundamentally decentralized in nature. Rather than being client-centric as in the case of centralized data repositories, blockchain-powered SSIDs foster peer-to-peer (P2P) interaction away from the supervision of any central authority that might be tracking user behavior and habits for their own benefit.
As mentioned earlier, a major problem with virtual identities held under centralized authorities is their limited usage. A Facebook account cannot be used to login to YouTube, and vice versa. This essentially runs against the very basic idea of an identity in the real world where it remains the same no matter what the circumstance. Carlos’s name will always be Carlos regardless of his location.
Consent, under any circumstance, is quite important. In the offline world, no one can force a condition upon you until or unless you readily consent to it. Bob cannot force Maria to drink coffee if she does not want to. However, things get a little blurry when it comes to replicating the idea of consent in the online world. SSIDs solve this as they utilize blockchain technology which means that any authority cannot use an identity document without the user’s consent.
Enabling SSIDs through RSK Smart Contracts
RSK smart contracts differ from the vast majority of competing protocols since they are built on top of the most secure and trusted blockchain network in the world, namely, Bitcoin.
To date, RSK smart contracts have proved their mettle and incredible malleability through their use for a plethora of purposes including decentralized finance (DeFi) developments, allowing developers to create non-fungible tokens (NFTs) and their use across industries such as supply chain management, banking, finance, and healthcare, among others, to improve operational efficiency.
Now, what about SSIDs through RSK/RIF technology?
Although several projects are vying to take the lead in the race for the development of fully-functional blockchain-based SSIDs, few have as many live working products as RIF.
Within RIF’s Ecosystem, RIF Identity aims to become a decentralized and secure DNS-like system. The number of use-cases are endless, including fostering greater financial inclusion and enabling individuals to acquire commercial domains that can be used to interact with decentralized or centralized resources such as web pages or an alias that can be uniquely associated with personal resources, including wallet, storage or communication addresses.
The RIF Ecosystem leverages RSK smart contracts to offer RIF Identity, a comprehensive identity and reputation layer with the ecosystem that provides users and nodes with unified APIs and libraries to seamlessly interact with all major self-sovereign identity protocols.
Essentially, RIF Identity enables users to control their identities to interact with decentralized applications (dApps) and economies while simultaneously building a self-sovereign reputation that will enable users ( particularly those that do not have access to the traditional financial system) to freely participate in tomorrow’s decentralized and democratized economy.
The central idea behind RIF Identity is to give users the SSIDs that would hand them complete control over their data and empower them to decide who should have access to different levels of personal data. The solution also gives users complete control over their online reputation, enabling them to interact with various marketplaces and platforms with enough freedom to move amongst them without compromising their track record, contacts and social value.
For further information, we invite you to visit RIF Identity’s Commitment to Enable Self Sovereign Identity.
RIF Identity is helping the Argentine gas regulator, Enargas, to simplify the gas distribution process via decentralized digital identities. Earlier this year, Enargas approved a blockchain-based natural gas distribution system called Gasnet to automate the country’s existing cumbersome gas distribution system that involves excessive paperwork leading to inefficiency and waste of resources. The platform enables frictionless registration and certification of documents to guarantee data accuracy by leveraging the immutability and transparency of blockchain technology.
Gasnet also aims to solve a plethora of operational problems that currently plague the Argentine gas and energy distribution industry. By providing users with immutably and self-sovereign digital identities, Gasnet ensures a greater degree of transparency and traceability on the critical processes of the gas ecosystem. Additionally, the platform provides users with numerous other process-oriented benefits including certification of gas installations and tracking of complaints from end-users.
Besides streamlining the gas distribution process by making it more transparent and cost-efficient, Gasnet also aims to make it easier for Enargas to enforce better regulatory compliance oversight in the Argentine gas ecosystem.
RIF Name Service (RNS)
RNS, short for RIF Name Service, is a decentralized identity service that uses the RSK blockchain to enable users to have a human-friendly readable address on any blockchain. The RNS can be used to identify personal details including payments, identities, storage and communication addresses in the form of readable domain names.
RNS is useful as it essentially changes the tough-to-read and impractically long alphanumeric blockchain addresses into easily readable ones. While at the surface level this just looks like a matter of convenience, the actual benefits are far beyond. For instance, let’s suppose that John wants to urgently send his sister Elise some bitcoin (BTC). However, at the time of sending BTC to his sister, John unknowingly mistypes the recipient’s bitcoin address which results in the permanent loss of the funds. The difficulty to read blockchain addresses thus offers huge scope for address mismatch that could prove to be financially disastrous if the user is not careful enough.
RNS solves this notorious issue by offering users easy-to-read blockchain addresses. A user, in our case, John, by using RNS, can save Elise’s bitcoin addresses as “Elise BTC” to eliminate any risk of sending BTC to a wrong address. Easily-readable blockchain addresses provided by RNS also open a window of opportunity for widespread adoption of digital assets as it makes the entire process of sending cryptocurrencies much easier. In a nutshell, it can be said that ease of use is the central idea behind RNS’s mission statement that seeks to reach the unbanked and non-technical individuals in order to include them on decentralized economies.
Features of RNS
Ease of Use
RNS makes blockchain technology and cryptocurrency easy, and consequently, more mainstream. RNS can be used within the RIF ecosystem across RIF Payments, RIF Storage, RIF Communications and other RIF Services to provide end-users with a seamless experience.
RNS promotes interoperability as it does not differentiate among different blockchain networks while assigning addresses. Users can choose any of the prominent blockchain protocols such as Bitcoin and Litecoin (among others) and have their customized and easy-to-use blockchain address on it.
Being powered by RSK smart contracts, ensures unparalleled security for RNS domains and addresses.
Last but not the least, acquiring a domain via RNS is extremely cost-efficient.
RNS has multiple utilities in the blockchain economy which means that it can be used for multiple purposes by different entities. For instance, consider the example of DIDI, a project powered by RSK and backed by several other influential corporations that seeks to develop SSIDs for slum dwellers in Argentina who might not necessarily have access to banking services or any government identity documents.
DIDI leverages RNS to help the target audience build their social reputation via verifiable credentials and SSIDs. By having a decentralized identity verification tool at their disposal, the users are not required to approach any central data repository to verify their credentials. Rather, they can simply use their SSIDs to prove their claims to their identity and enjoy various government benefits. This way, DIDI not only helps the underprivileged to have ready access to basic human necessities but also ensures that they become a part of the formal economy.
Replicating sovereign identities on the Internet was a distant dream before the arrival of blockchain technology. The various cons associated with centralized data repositories are reason enough to warrant a radical shift in the way user identities are managed. RIF Identity has already embarked on its journey to bring positive socio-economic changes to the society by giving individuals control over how they manage and use their identities.