Crossing Silos With Self-Sovereign Identity

As the digital revolution took hold, billions of dollars and countless hours were spent by organizations around the world creating user databases. After a while, these organizations realised that they had many databases in many different departments, all containing details of the same users. So they spent billions of dollars and countless hours trying to create a “single view of the user/customer”, attempting to join up these databases or create an even bigger uber-database.

Yet from the user’s perspective, digital identity still looks broken.

Vendors capitalised on this need, creating ever-more elaborate solutions and deploying ever-more complex projects that never seem to end. They rename them, from “customer relationship management” to “customer data platforms” as fashions change. As a “victim” of several of these well-intentioned projects during my time working in the technical departments at large companies, I can attest first-hand how energy-sapping and distracting they can become. They also come with a big opportunity cost that prevents the creation of really great products that users might actually want to buy.

Yet from the user’s perspective, digital identity still looks broken. We still have to jump through hoops to prove who we are, and we have to completely re-identify ourselves even when we are dealing with the same brand because one department can’t talk to another department. It’s not just a technology problem – it might even be illegal for one branch of a company to share data with another.

And yet the average person already has a “single customer view” of themselves. It’s in a filing cabinet or folder or drawer at home in the form of pieces of paper like insurance policies, bank statements and receipts from the companies they deal with.

What is lacking is a digital equivalent of these credentials.

How about turning the whole thing upside down? Why not stop building ever more costly internal silo-integration systems or customer data platforms, and instead just give the user digital versions of the paper documents you already give them? When you combine this with a simple way for the user to securely store and share this information, the user can now instantly log back in without usernames or passwords, show they already have an account with you, or verify themselves when signing up for a new product.

This is how digitally verifiable credentials work. In the same way as with paper documents: the user is able to hold and keep these digital versions themselves, and share them when they want to. This brings a number of big advantages:

  • Private & consented data sharing: because a user is able to share digital data with an organization directly, securely, privately and with consent, a number of regulatory issues are resolved.
  • Verifiable: When a credential is presented by a user, the recipient (“verifier”) is able to confirm who issued it to the user, that is was issued only to that user, that it hasn’t been changed and hasn’t been revoked.
  • Standardization: while these credentials can be for anything, issued by anyone, the way they are cryptographically protected, exchanged and verified is standardized and useable worldwide.
  • Selectively disclosable: Rather than sharing all the details in a credential, you are able to share just one attribute, or take attributes from multiple credentials and share them all in one go (like two proofs of address and a proof of citizenship, for example).
  • Backup: digital credentials can be backed up and restored in case of loss. No need for a fireproof safe.

Let’s look at an example of a multinational company with many business units and departments. Each department simply gives the customer a digitally verifiable credential confirming their relationship. The mortgage team gives the customer a credential detailing their mortgage. The insurance team gives the customer a credential detailing their insurance policy. It’s all rather like sending the customer pieces of paper, but digital, standardized, and cryptographically verifiable. Just like in their paper filing cabinet, the customer now has a digital record, that they control, of all their relationships with this global company.

When the customer then applies for a new product like a car loan from the same company, the company simply asks the customer “to speed up your application, please confirm the details of other products you have from us”. The customer’s phone goes “ping” and they see the request, already filled in with data from the credentials they already have. The customer sends this “proof” directly and securely to the car loan department who can verify the source and authenticity of the data instantly.

The customer becomes the integration point. The customer is the new “customer data platform”.

There are even more advantages of this approach:

  • The customer now has a valuable set of digital credentials that they can use anywhere else, to prove their address, age, that they have a bank account and so on to anyone, anywhere.
  • You can eliminate usernames and passwords, as the customer can use the credentials an organization gave them to identify themselves when they call in, walk in or log in.
  • Secure 1–1 messaging and data exchange is also built. As the customer and the organization can securely identify each other, and they have a private communication channel between each other, new types of relationship become possible.

[With self-sovereign identity,] the customer is the new “customer data platform”.

The result is that you go from enormous multi-million dollar integration and CRM projects, to small, fast, departmental implementations of simple credential issuing and verifying APIs. Organizations can use the same open-source technology to handle 2-factor authentication, new customer onboarding, returning customer authentication, new product sales, consent management, and secure customer communications. This is a strategic solution, not a tactical one.

This is the capability that Evernym is building. Evernym uses the Sovrin Network and Protocol to create a new type of verifiable digital relationship that has never been possible before. Evernym’s software enables enterprises to plug into Sovrin, opening up a new world of secure, trusted relationships that turn the old world upside down. To find out how you can get started designing a single view of the customer, go to https://evernym.com/accelerator.

Andrew Tobin
About the author

Andrew Tobin (European Managing Director, Evernym) is a technology strategist. He has a history of delivering innovative technology solutions to complex business problems in the converging worlds of banking, mobile, and identity markets. He has built payment networks, created a mobile bank, run a £billion mobile messaging platform, and been deeply involved in the design and creation of self-sovereign identity network Sovrin and its underlying Hyperledger Indy technology.

Don’t miss a post

Get decentralized identity resources straight to your inbox.

Self-sovereign identity for banks