It seems that all of our affairs have in one way or another now become digitized. A term that only a month ago stood more for an “added value” has now become a new standard. However, using digital services is still not as easy as it should be.
For every new digital service they want to use, users still first need to sign up. And even though online application forms are becoming more user-friendly in this aspect, this does not change the fact that entering the same information over and over again, validating emails and memorizing new passwords can soon become tiresome and time-consuming. Autofill function can help in some cases, but it is seldomly compatible with all the data we give, which means users still have to double-check and replenish the forms.
Another problem that comes up with every new login and password we receive is that keeping them safe and in order can become messy. Users are encouraged to choose their passwords and usernames carefully, however by doing so, they also tend to forget them. It is even more dangerous, but also common, that we use the same password-username combination for different services or store the combinations on the computer. This can almost read as an open invitation for hackers to misuse our data.
Some digital services however, offer users the possibility that they login with the identity they use to access some of the most popular platforms such as Facebook, Twitter or Google. This seems like an ideal solution, but keep in mind that doing so users also give these services an access to the personal data Facebook, Twitter or Google have on them. This is why you first need to ask yourself what are you prepared to share and is this kind of exchange really secure?
In many countries, including ours, there is also a possibility for users to access public digital services with some kind of version of a personal digital certificate. However, user first needs to install the certificate to each device he/she is using, meaning that one cannot usually not use it on a mobile device nor a public or work computer without first facing many complications.
The common denominator to all of the above is that users give away sets of their personal information each time they interact with different providers. Even more: their digital identity doesn’t even exist independently from these systems, and represents a compilation of various information that different organizations store on them.
The solution to the challenges addressed above exists within a concept known as a self-sovereign identity, or in short SSI. From a technical perspective, SSI represents a new paradigm of online identity management, allowing users and also (business) entities to manage their personal information by storing them locally on their own devices, and then selectively granting access to others.
Rather than allowing control over personal data to each service provider, SSI solutions are designed to give freedom and control of their privacy back in the hands of individuals. This is the reason such digital identities also aren’t locked into any given platform not controlled by any operator. They remain portable and interoperable across platforms so that they can allow each user to move from a service to service, and from one operator to another, freely and whenever they choose to. Compared to identity management in use today, SSI solutions also no longer need to refer to other trusted authority or third-party intermediary operators to validate these claims.
In short, SSI eliminates the effort of collecting personal information that has already been gathered elsewhere. A blockchain based ID system adopts a user-centric approach, meaning it gives users far more freedom and privacy when interacting with online services. This is why you just may be wondering why companies need SSI as much as people? Here is the answer!
But first, look at an example: If a user wants to sign up for a new bank account online today, he will first be asked to provide a series of information such as a picture, valid ID, social security number, date and place of birth and other, similarly sensitive information. Only after a KYC provider, acting as a third-party intermediary, confirm and therefore verifies that the person is indeed the one they claim to be and that the information they have provided is true, one will be able to use the service. What is more, by becoming their new client, the bank will also be given a responsibility to digitally protect the user’s data. This is not a case with SSI.
As are you, the majority of businesses is also increasingly depending on electronic data to manage their daily operations, which leads them to store and transfer a growing number of sensitive information online. This is becoming a huge liability!
However, an identity system your business and others, including governments and institutions can trust, can actually enhance your operational capabilities without making you responsible to administer it. In other words, you can still access the data you need to complete transactions with the users without having to keep it in large collections. What is more, once a claim has been verified for one purpose, it can be reused several other times.
This is why SSI is a perfect fit for any digitally-aware business that wants to succeed in this precise moment in time, when digitalization is becoming increasingly necessary, and yet the processes connected with it still far too lengthy and complex, as the covid-19 crisis has confirmed.
But, to truly get there, businesses first need to adopt a different mindset by understanding that giving up user data in the end actually pays off! We are here to help you with that, whereas our solutions which we are building on top of the Aceblock blockchain framework are here to help you easily implement blockchain technology into your business.
As mentioned before, SSI is a concept and the road toward true SSI (which requires global standards and cross-border governance) is still long. However, a functional digital identity system is becoming a new prerequisite for a digitally connected world.
For all entrepreneurs who want to be the first ones in their industry by best meeting the demands and expectations of their customers, we have developed the ultimate and a fully-working SSI solution. Meet AceID, a portable identity on blockchain technology with which any holder can present verifiable credentials everywhere online. It gives users the ability to decide who, why and for how long they share their personal data with, and gives you a room to create a trustworthy, fast and effective business platform that strengthens the confidence in services you provide.
Choose AceID to improve on:
AceId is a secure authentication protocol that combines the following concepts: self-sovereign identity (SSI), data access management controlled and recorded via blockchain, end-to-end encryption and verification. These elements guarantee each user has a complete control over who they share their data with, and for how long.
A first-time user needs to input his/her personal information (name, date of birth, ID number etc.) into their own mobile digital wallet. Afterwards, each time he/she wishes to access a certain web service, this process is no longer necessary, and only a QR code authentication suffices to interact with a service.
The user`s data is stored locally on /her device, and remotely on the AceSpace storage, where all the content is encrypted. What AceID actually stores on a blockchain is just the reference to the data and all of the permission actions related to them,
Since the blockchain is generally public, anyone can get information about the existence of the link. However, it is impossible to see what kind of data are stored on a given address. The data can be seen and read only with a user`s private key used for their decryption.
To access an online service, a website displays a QR code. Each time the registered user scans the QR code, he/she can choose which pieces of information they allow to be shared, and confirm their choice by pressing “Authorize”. The result of this last action logs them into a website.
Due the fact the personal data is not stored directly on a blockchain, the user can easily make changes, such as deleting or adding the data. Each time the user interacts with a business or changes the permissions, the mobile application reacts in real-time.
The user keeps his/her personal information locally. Prior to sending the data to the AceSpace storage, they are encrypted with the user`s private key, making sure no one can read or change them.
Perhaps quarantine time has offered you the best time to start thinking about new ways to reach out and offer more benefits to your customers?