Blockchain: Tamper-Proof, Direct and Efficient
Global digitalisation has been on fast-forward over the last couple of years and has introduced society to new routines such as remote work, online consultations and home-schooling. This has given rise to new needs, including the desire for digital equivalents of printed documents like driving licences and ID cards. Many people still physically carry around these items in their wallets. This should be about to change thanks to Germany’s Federal Ministry for Economic Affairs and Climate Action’s showcase projects. Leading the charge is the ID Wallet app, which provides a “basic ID”.
This ID issued by Germany’s Bundesdruckerei (the printing agency of the German federal government) can be used to verify your identity online. Additional documents, such as your driving licence, can also be stored in the ID Wallet app. The concept behind it all is known as self-sovereign identity (SSI), which offers its users a decentralised, self-determined way to identify themselves. But what does SSI mean? What are the prerequisites? And how does it benefit citizens? The full run-down on self-sovereign identity is in the blog article below.
SSI gives you complete control over your data
SSI stands for self-sovereign identity. It is the basic prerequisite for a modern e-government and the future of personal identification documents, POSTIDENT identification and “visits” to government offices. To make this possible, the SSI approach follows a decentralised strategy based on blockchain in the last expansion step (ambition level 3). This gives users full access to their personal digital identity, which they can manage autonomously without being dependent on a central identity service provider.
Turning identifying features into verified credentials
How exactly does this work? Let’s look at the three roles of user, issuer and verifier. Firstly, users can have any number of attributes – such as their credit rating, national identity document or driving licence – certified by the entity responsible for each attribute. The issuer checks the validity of the information via blockchain and signs it cryptographically. The data then become verified credentials and are ready to use. Subsequently, the user can store the credentials on their smartphone themselves – independently and in a decentralised manner. This is what Germany’s ID Wallet app, for example, was developed for. It is the tool that makes it possible to manage and use digital identification documents in the ecosystem in the form of a digital wallet. Users can now make their personal data available to third parties or a verifier whenever they need to. This verifier in turn checks the ID against the signature procedure and the source provided by the issuer. The benefit for users: they have complete control over their data, so they make all the decisions about their digital IDs and nothing is released without their approval. As a result, the SSI concept ensures that data in digital identification documents can be exchanged securely and efficiently with third parties.
eIDs will make opening an account fast and compliant with data privacy regulations
The future of opening an account is available flexibly 24/7, with no need to wait for an employee to be free to carry out the POSTIDENT or video identification that has been the norm. All users have to do is send the eID stored on their smartphone to their bank. The bank then accesses the decentralised blockchain infrastructure and begins verification: Can the correct public key that was assigned to the ID upon its issuance actually be found on the verified credential? Which issuer has the right of revocation and was this right exercised? If all the information is correct and the ID has not been revoked, nothing stands in the way of the user opening their new account.
Ecosystem for digital identities as a prerequisite
For SSI technology to work without user-tracking but with a high degree of interoperability, a user-friendly ecosystem for self-managing digital identities is needed. Ideally, it would be jointly developed by the government and companies working together and made available to citizens from one central source. This is because, in addition to public authorities that issue sovereign identity documents, businesses will also be able to contribute many applications that are relevant to day-to-day life. So the ecosystem will serve as a central platform that is open to a growing number of identification documents and partners.
It will create a sustainable infrastructure that goes beyond merely exchanging identity-related data. It also involves authentication and authorisation data, such as granting access to buildings or to websites using single sign-on. It will provide interfaces with existing standards like OpenID Connect as well as connectivity of sovereign ID documents, with the aim of encouraging acceptance and popularity.
Innovation competition to test the ecosystem
The concept of self-sovereign identity has already arrived in the German economy. Under an innovation competition known as the “Secure Digital Identities” showcase programme, the Federal Ministry for Economic Affairs and Climate Action is funding no fewer than four approaches to test an open and user-friendly ID ecosystem in model regions. The projects are entitled ID-Ideal, IDunion, ONCE and SDIKA. Since the launch in April 2021, these projects give the users located in each showcase region – which may span a city or several German federal states – a way to identify themselves digitally with their smartphones. Specific use cases vary across projects.
In addition to this, the German government launched the ID Wallet app last autumn. In an unexpected rush within the first 72 hours, the app was successfully downloaded over 300,000 times. However, security experts voiced concerns, and the app was temporarily taken out of app stores. After some reworking, a new version with additional use cases should be available in spring 2022.
But Germany isn’t the only place facing teething problems. Many trial-and-error approaches are being pursued in Europe in attempts to create the most user-friendly SSI possible that also protects users’ privacy. In the European Union, these efforts converge under the European Blockchain Services Infrastructure (EBSI) initiative. It is pursuing the same goal of creating an infrastructure for the public sector. With all this underway, it remains to be seen which initiative will make its mark as the forerunner in the European arena. But one thing’s for sure: digital wallets are coming and they will make smartphones an even firmer fixture in people’s daily lives.
