Join Fraser Edwards, Co-Founder and CEO of Cheqd, as he shares about Self-Sovereign Identity (SSI) and its implications on society. We each have segments of our personal data across different organizations and they exist as silos. Cheqd is building a secure network that enables individuals and organizations to fully control their personal data.
What Is Self-Sovereign Identity (SSI)?
💡 Self-Sovereign Identity (SSI) is an approach to digital identity that gives individuals control of their digital identities.
SSI addresses the difficulty of establishing trust in an interaction. In order to be trusted, one party in an interaction will present credentials to the other parties, and those relying parties can verify that the credentials came from an issuer that they trust. In this way, the verifier’s trust in the issuer is transferred to the credential holder. This basic structure of SSI with three participants is sometimes called “the trust triangle”.
It is generally recognized that for an identity system to be self-sovereign, users control the verifiable credentials that they hold and their consent is required to use those credentials. This reduces the unintended sharing of users’ personal data.
- Around 5-6 years ago, he and Ankur, his Co-Founder in Cheqd, were building a biometric system for a UK bank
- Subsequently, he came across the blockchain world through Ethereum hackathons and projects he was involved in while he was at Accenture
- Had the opportunity to participate in the Known Traveller Digital Identity Project, which is a project between Accenture, the World Economic Forum, the Canadian and the Dutch governments
- The project was looking at Self-Sovereign Identity (SSI) to digitize the passport and make international travel seamless
- SSI gives back control and privacy to individuals
- Currently, our data and identity is built around companies/organizations. Whenever we want to access our data, we are actually asking a gatekeeper for access
- SSI flips this notion on its head and asserts that individuals should be the holder of their own data
- From the commercialization side, SSI combines data silos from every single industry onto the individual
How Does SSI Enable Web3?
- When individuals create an account with a centralized exchange, they have to verify their identity
- In a SSI ecosystem, identity verification should be interoperable. No single corporation should have complete control over the user’s identity
- The Trust Over IP Foundation and the Decentralized Identity Foundation aim to prevent any single entity from controlling the entire network or tech stack. They allow everyone to fulfill certain roles in the ecosystem such that they can be swapped out for someone else if they no longer fulfill that function
- From the user’s perspective, the user gets to decide who they engage with and which services they use
Primitives in SSI
- Have 2 main ones:
- Decentralized Identifiers (DIDs)
- Verifiable Credentials (VCs)
- In the SSI context, DIDs can be further differentiated into:
- Public DIDs
- Private DIDs
- Public DIDs are used to identify yourself to anyone
- Private DIDs are used to identify yourself to an individual counterparty
- One individual can have multiple private DIDs to communicate with different individuals. No way to trace someone across the network
- There are multiple DID methods ranging from blockchain-based to web-based, etc.
- Convoluted name for identity data
- Involves saying something about yourself as a statement
- Send it as a VC —> recipient could check that it came from you and that you have stated whatever it was that you said (e.g. saying you are 21 years old without revealing your DOB)
- This whole system can be represented visually through the Trust Triangle
Commercialization Of The Identity Economy
- An example comes from banking KYC
- It costs banks to onboard new users and to perform KYC on them. Hence, they do not offer decent interest rates and services to these users until they have some revenue from them
- With SSI, the user can now use the credential anywhere, even beyond the banking industry which originally verified him/her
“The individual can now go and use that credential anywhere else. And that might not be inside banking. The beauty of SSI in this kind of interoperable stack is that that credential could start being used across any other industry.”
– Fraser Edwards
- Another example comes from consulting. Consultants get onboarded for each client they take. They go through the exact same process for each client, even though their credentials do not change on a regular basis. SSI would be able to reduce the cost and time of repeated onboardings
Their Decision To Build On The Cosmos Stack
- Moved from Hyperledger Indy to Cosmos
- If a user passes someone else their data, they would have no control as to how that data is used
- Similarly, in traditional fiat rails, it is extremely complex to move payments around, even when there’s a contract in place
- When things are done in a tokenized way, it becomes more seamless (e.g. sending USDC instead of using the TradFi payment rails)
- During the time of Sovrin, Hyperledger Indy had a token, but it was not fit for purpose. In addition, they were limited to 4-10 TPS because of their custom consensus algorithm
- This made them look for alternatives
- Cosmos was able to fulfil its business requirements:
- Have a native token
- High throughput
- Availability of existing custodians
- Nascent SSI implementations
- Started in April. Was able to launch very quickly because of the Cosmos platform
Do People Really Want Their Identity To Be On-Chain?
- When individuals write private information on the ledger, it will remain there forever
- The approach that the SSI community has taken is to not put any personal information onto the network
- The only data that should be on the network are public identifiers, schemas for date, and VCs
Thoughts On Worldcoin
💡 Worldcoin aims to provide its cryptocurrency to users in exchange for their retina data. This is to prevent people from claiming the free coins more than once.
- Recording of the biometrics is centralized and operated by one company
- Another issue is that biometrics are not perfect. It is unlike a password where there’s a binary yes or no. It relies on statistical matching
- Possibility of people spoofing the face and iris data to trick the system
- Individuals would lose their privacy when purchases are made using Worldcoin
Could The COVID Passport Be Improved By His Implementation Of SSI?
“Because at the moment, if I turn up to a foreign border that isn’t expecting or doesn’t kind of know the National Health Service in the UK, they probably won’t recognize that COVID passport.”
– Fraser Edwards
- The border forces are looking at better ways of implementing COVID vaccination status checks. Thinks that they will eventually coalesce around a standard process that all countries can agree upon
- Need to have proper interoperability between countries (e.g. credential from the UK working at the Cambodian border)
The Identity Economy And Why It Needs A Token
- Organizations hold the personal data of individuals for a variety of reasons — forced to by regulations, part of their business model, etc.
- For firms that monetize customer data, SSI is a technology that disrupts their revenue model
- SSI technology also reduces the amount of information that organizations need to hold for an individual
“If you look at some of the things that happen right now, like you have organizations that are requesting like the entire passport or the entire driving license, and they really don’t need that. All they need is like, is this the right name? Is it the right face? And or is it the right address? And they don’t need all of the other details on that document.”
– Fraser Edwards
- The industry would move towards minimizing their exposure to being hacked while still complying with regulations and making it easy for the individual
- With a token, actual payment can be made for identity data
- A token also allows the network to be secured through staking
“One of the beauties of Proof of Stake is that as you’re putting that stake up, you are inherently protecting the network whilst doing it in a much more efficient manner.”
– Fraser Edwards
Cheqd In The Context Of The Metaverse
- Users will be able to port their avatars across multiple metaverses and have the flexibility to present whatever identity they want
- Skills, histories, and reputation can be shifted over from one game to another
- In the context of DeFi, individuals normally send a test transaction before sending the actual transaction over. With Cheqd, they can share something as lightweight as a Telegram handle that’s trusted
- In the longer term, he thinks that there will be recurring revenue streams for identity data and people would tokenize that revenue stream to create an entirely new market
This podcast summary was prepared by The Reading Ape in collaboration with Outlier Ventures. The Reading Ape is a humble servant of the written word.
Sign up to