Back to All Posts
When People Can Share Verifiable Attributes, Everything Changes
October 24, 2016
President/CEO Doug Burke wanted to share this article with you about SSI (single sovereign identity) and the importance of members having verifiable attributes online. As you can imagine, the toxic mix of cyber fraud and members doing more banking online is creating a need for a better way for people to identify themselves online - that they "really are who they say they are." Take a look at this article by Phil Windley, Enterprise Architect at BYU "In the physical world, people carry credentials to prove to others that they have certain attributes or hold certain privileges. Online, this is not possible. For example, a driver's license contains attributes like name, address, and date of birth that have been validated by the Driver's License Division. The driver's license is widely viewed as trustworthy. Consequently, people use driver's licenses for purposes other than driving. For example, a school or pharmacy can easily verify that a license belongs to the person presenting it, and confirm the validity of the license without ever contacting the Driver's License Division directly. In other words, in the physical world, people hold and are the conveyors of their own trustworthy attributes (called claims? by identity experts). These attributes can be used when needed and without prior agreement. Online, such interactions are only possible through pre-arranged integrations between the APIs of specific computer systems. Identity systems in use today include federation for business-to-business credential sharing, and social login for consumer authentication1. Neither of these offers a foundation upon which third-party claim issuers can easily build services that allow for the kind of ad hoc attribute sharing that happens in the physical world. Consequently, entities who want to rely on attributes from many parties have to perform integrations with all of them. This is slow, complex, and costly, so it typically happens only for high-value applications. Decentralized identity systems, like Sovrin, have built-in support for third-party claims that function in the same way physical credentials work: they're presented directly by the identity owner. The identity owner can use a claim from one party to disclose attributes to another party without those parties even having a relationship, much less a technical integration2. Claims can be used in ad hoc situations, just as they can in the physical world, allowing individuals to function as integration points. When you can instantly trust what someone says about themselves, workflows and integrations are dramatically simplified. There are other benefits to owner-provided attribute sharing. First, when owners share attributes, the receiver automatically gains consent to use the attributes for the requested purpose. This significantly reduces liability. Second, when the owner is part of the process, they can check the accuracy of the attributes as theyâ€™re being shared, resulting in better data. Owner-provided attributes are a powerful driver that will push decentralized identity systems well beyond the current uses of federation and social login. Businesses can reduce or even eliminate API integrations and manual verification processes, and instead trust what's presented to them by customers, because the claims can be verified. Customers become the source of what's true about them. Businesses will find great value in this, driving adoption by individuals as customers are brought into decentralized identity systems through day-to-day business activities."
Read the original article on windley.com here
- See Self-Sovereign Identity and the Legitimacy of Permissioned Ledgers for more on the difference between self-sovereign identity systems and social login.
- See How Sovrin Works for details on how claims can be received, stored, and shared as verifiable disclosures.
You will be directed outside the cusn.com website.
Would you like to continue?