self sovereign identity

on the internet, nobody knows you’re a dog. self-sovereign identity can allow this dog to participate in the secure commerce and activity of the internet without ever needing to establish its humanity.

trusted third parties are the most common mode of identity verification. email is a common mode of verification, with the email verification loop establishing ones control over an email address. this implicitly trusts the email provider, which is the third party in this example. direct verification from other parties, for example facebook, twitter, etc are also common. this approach has the advantage of being relatively easy to implement and so long as the third parties are incentivized to be trustworthy, it is also relatively secure.

this third party approach breaks when the infrastructure (ISP’s, email providers, etc) is compromised, also when the risks the individual or the service provider are very high. I am using relative terms here to indicate that the threat levels are relative to ones risks along many different dimensions, and nothing absolute can be said, aside from the reliance on the third party to do behave in a way that benefits the two parties who wish to establish identity between one another.

a brilliant solution exists in the concept of self-sovereign identity. this allows the individual to leverage the properties of systems like blockchains to establish their identity to second parties. this concept will ultimately form the basis for much of the commerce that passes through the digital universe.