From federated systems to decentralized architecture
In this Evernym webinar they explore the potential for an SSI (Self Sovereign Identity) approach to Government identity systems.
The core difference is a shift from federated systems to one of decentralized architecture.
Andrew Tobin presenting explains this, walking through a federated model from 8m:47s, referencing the eIDAS scheme. An example of the difference is shown from 10m:24s, where he demonstrate the convoluted process required to login to a federated system.
From 12m:10s he then compares this to a decentralized SSI approach, highlighting the fast and ultra-simple method it enables, such as being able to log in without a username and password.
The key strength of the SSI movement and capability is the fact it provides the Identity building blocks for the digital enablement of important organizational and relationship models, such as a ‘VON‘ – a Verifiable Organization Network, and Guardianship in SSI, a way of mirroring the dynamics of relationships when one person has care over another.
Verifying the credentials of organizations and individuals are key to a multitude of use cases – For example in this set of slides John Phillips describes how
Canada: User-Centric Verifiable Digital Credentials Challenge
One of Canada’s foremost experts in the field Tim Bouma identifies the current landscape of SSI-based Government Identity systems in his blog Canada: Enabling Self-Sovereign Identity.
He highlights how many are implementing similar approaches to the UK’s Verify system in terms of centralized or federated models, with SSI adoption being at the very early stage, and in another blog articulates a vision of how this will provide for the ‘Anchors and Rails of a Digital Nation‘.
In Canada the User-Centric Verifiable Digital Credentials Challenge is intended to accelerate this momentum, and grow adoption across many more use cases.
“The Treasury Board Secretariat of Canada (TBS) and Shared Services Canada (SSC) are seeking a standardized method to issue and rapidly verify portable digital credentials across many different contexts, thereby reducing human judgement error, increasing efficiency and ensuring digital credential veracity using cryptography.”
Use Cases and Vendors
The winning vendors are documented here, which lists the use cases they intend to implement and demonstrate:
- Bluink – Demonstrate eID-Me interoperability with Decentralized Identifiers (DIDs), WC3 Verifiable Credentials, and JSON-LD specifications.
- Aviary Tech – Demonstrate how cannabis licensees can use their government issued verifiable credentials to coordinate directly with the federal supply chain, rather than relying on the many integrations currently required.
- SecureKey – Enable users to share verified data from trusted partners including banks, telcos, insurance, and credit agencies. Issuing organizations will be able to create official digital credentials.
- Terrahub – Independently, cryptographically and rapidly verify an individual’s ability to perform a job or enter a site without the need for 3rd party verification.
- TrustScience – Demonstrate how a set of credentials containing the information (e.g., time of hiring, time of termination, employer, employer id, citizen id) along with the metadata are managed in a wallet controlled by a citizen and also be stored by the employer to be transmitted to the Canadian government.
- 2Keys – Demonstrate how issuers of evidence of foundational identity (birth certificates or permanent resident cards) can issue a digital equivalent (verifiable credential) that supports enrolment and delegation processes using verifiable credentials and supports an omni-channel approach to allow a user to present verifiable credentials online or in-person with the ability to cryptographically verify the provenance of the credentials whether connected or offline.
This webinar replay shares detailed demos of all the pilots.