[Money20/20] Self-Sovereign Identity Takes Digital Identity Spotlight

Money20/20’s “Digital Identity & Biometrics” track kicked off Sunday on an ambitious note, with Purple Tornado’s Heather Vescent introducing attendees to the concept of Self-Sovereign Identity.

Vescent is the co-author, together with Kaliya Young, co-founder of the Internet Identity Workshop and the Personal Data Ecosystem Consortium, of the recent report, “Your Guide to Self Sovereign Identity“. The basic, central idea in SSI is to bring in a third party as an identity verifier. For example, if you want to confirm your identity to a bank, but you don’t want to share a lot of sensitive personal information, this third party can verify you, and then confirm to the bank that yes, you are indeed who you’re claiming to be. And with all of this being transacted on blockchain, it’s fully auditable, leaving no place for fraudsters to hide.

The potential for biometrics here is obvious, with fingerprint or face data stored on a device or the cloud, and used to authenticate an individual who essentially remains anonymous to the party requesting authentication.

It’s an approach that a few organizations are already pioneering, and government authorities are starting to dip in their toes, as well. In her talk, Vescent revealed that she has been working with government authorities in the Canadian province of British Columbia to leverage SSI technology for a virtual credential system, called the “Verified Organizations Notebook”, that business owners can use to confirm their regulatory licenses. She also noted that in the US, the Department of Homeland Security’s Science and Technology Directorate is already making considerable R&D investments into SSI standards, adding that it’s quite possible that in the near future, government agencies will be actively using SSI to do business with companies in the private sector.

In the world of financial services, meanwhile, the rise of blockchain-based SSI means enhanced security even as less data is shared between a customer and a financial services provider. And when biometric authentication is thrown into the mix, almost no Personally Identifiable Information will need to be shared.

(Originally posted on FindBiometrics)