Identifying yourself online and proving that you are who you pretend to be is extremely difficult in our time and day. For many online transactions, it would be much easier if consumers could identify themselves as simply and securely as possible – for example to banks or authorities, when shopping online, or when proving their age in a situation where an age restriction applies. With the existing centralised identity systems, privacy suffers.
There is also an uncomfortable dependence on big-tech companies like Google, Apple, etc. regarding security and ease of authentication, and it seems like a more sustainable solution is called for.
To increase users' trust in digital identities, the self-sovereign identity (SSI) concept was developed. SSI is an ecosystem which offers complete transparency for consumers about the use of their digital identity, where they can determine for themselves which identifying features are shared with which organisations and services.
Self-sovereign identity aims to enable citizens to securely store and manage their identity data in a special ID wallet, i.e., on their smartphones. Users can then individually display their ID when signing a contract or using a service. The system is based on a three-party model: users send their data to a trustworthy ID service provider (issuer) who issues them with a corresponding certificate. When users identify themselves for a bank, authority, or service provider using this certificate, the issuer can then confirm the authenticity of the certificate on request.
From individual digital identity providers and consortia to major players like Microsoft, there is broad industry support for SSI, which presents a good opportunity for use. ID wallets and payment wallets both have extremely high security requirements, which, in turn, provides a further opportunity for development, as it is plausible for these two types of wallets to converge.
Unique opportunities are becoming available for banks and financial service providers since they have a large number of customer relationships and enjoy the trust of their customers. This can prove an excellent starting point for them to position themselves as digital identity and SSI providers.
Lastly, public institutions see self-sovereign identity as a promising way to meet existing regulatory requirements – whether for KYC (Know Your Customer) or for authentication to PSD2 regulations. At the same time, SSI also guarantees data protection.
The challenges lie in the fact that the approaches to SSI, so far, have each pursued a local focus and there are few interoperable pilot projects.
As an example, Netcetera has implemented an SSI-based proof of concept to create the basis for further product development.
A variety of verifiable identification documents can be stored in the app, including an ID card, a driver's license, or a health insurance card. Users can then use the app to prove their identity for various online transactions. The integration of biometrics, such as fingerprint and face ID, is also among the app features.
Raffael Grob is Senior Product Manager at Netcetera and leads the team developing the Netcetera Identity product. Raffael Grob has two decades of experience in the identity sector, which he has applied in providing identity solutions for numerous industries and companies. He studied business information science at the HWZ Hochschule für Wirtschaft Zürich. Above all, he is passionate about and committed to identity products that leverage current and future market trends such as self-sovereign identity solutions.
Netcetera is a global software company with cutting-edge IT products and individual digital solutions. More than 2,000 banks and issuers, and 150,000 merchants rely on their digital payment solutions and globally certified 3-D Secure products. Founded in 1996, Netcetera has 800 employees across Europe, Asia, and the Middle East.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now