Skip to main content

Decentralized digital identity and credentials

Or, what is SSI?

"Self-sovereign identity" or "SSI" refers to a decentralized approach in which individuals do not have to rely on a centralized third-party to use their identity. Instead, they can securely store their identity credentials on their personal devices using encryption technology. They can also selectively share personal data with trustworthy bodies or service providers.

Digital relationships and transactions are based on trust, but traditional authentication methods have become less reliable, featuring honeypots of valuable data prone to cyber crime. In order to curb identity fraud, organizations such as public administrations and private companies must require stronger identity credentials. This results in increasingly complex onboarding processes for users.

SSI seeks to restore trust by increasing security without compromising user experience or privacy. Instead of relying on the creation and maintenance of hundreds or thousands of different accounts with every business or service provider, SSI reconfigures the way digital relationships are structured. The SSI model proposes new interaction methods and categorizes the participants in the "trust triangle" into three primary roles: issuer, holder, and verifier.

The Trust Triangle

Trust triangle

Issuer

Organizations authorized to issue credentials, such as:

  • Governments: identity cards, driving licenses, passports, birth certificates, certificates of residence, debt collection register extracts, etc.
  • Employers: employee cards, employment certificates, etc.
  • Businesses: loyalty cards, discount cards, gift certificates, etc.
  • Financial services: credit cards, loan approvals, proof of insurance, etc.

SSI technology enables issuers to rapidly issue user-friendly, highly secure digital identity credentials to electronic wallet holders in a vendor-agnostic, open ecosystem driven by standardized protocols and sector-specific governance.

Holder

People who have proof of identity. Holders of digital identity credentials and other proofs can store and manage them in their digital identity wallet and share them fully or partially as they choose. Requesting and accepting credentials from issuers, storing them, and sharing them with different verifiers is both secure and user-friendly with SSI technology.

Verifier

Service providers requiring verifiable digital identity credentials in order to offer their services to the credential holder. Verifiers are able to rapidly and securely authenticate holders via SSI protocols and open standards. The authentication of the credential is done without needing to interact with the issuer in any way, making the SSI-based approach vendor-agnostic: issuer, holders, and verifiers do not need to be on the same vendor platform in order to have trusted interactions.

What does Procivis One do?

Procivis One enables your organization to implement SSI technology into existing business processes and platforms whatever the use case: issuing, holding, verifying, or any other credential lifecycle event. Because it does this via SSI protocols and open standards, it ensures interoperability with any other SSI platform. And because Procivis One is built for modularity and extensibility, it doesn't lock you in to any particular tech stack; new technologies are being added regularly. See our supported technologies.

Design of Procivis One

Secure identity and credential verification processes are challenging: in-person and paper-based methods are slow and costly, while digital methods — requiring either direct account-based management or dependence on 3rd-party identity providers — rely on centralized databases prone to data breach, tedious and error-prone account/password management, and offer a riskier trust-decision for businesses than non-digital methods.

Decentralized digital identity and credential systems inspired by the SSI paradigm offer a trustable identity layer in digital form, through the use of a stack of technologies. SSI makes in-person identity methods faster, more cost-effective, and more secure, and injects existing digital identity processes with tamper-evident, fraud-resistant, machine-verifiable credentials. SSI offers cryptographically-secured digital credentials that can be issued, held, and verified in a cost-effective and efficient way.

But SSI is still a young technology: the protocols, formats, and technology stacks shaping their real-world use are still developing and there is no single, clear path for a unified protocol to be adopted yet. Current offerings tend to be tightly bound to particular stacks of protocol and standards, limited in integrations, bound to one particular server type, or built with PoCs and demos of VC technology in mind, unable to scale in enterprise systems with high-performance requirements.

Procivis One is built from the ground-up to solve these problems, benefiting from over 7 years of experience with SSI and digital identity systems. Based on in-depth analysis of past SSI architectures and solutions, Procivis One provides a solution with the key features required for real-world use. Its modular design enables different protocol and format stacks to be used, and new protocols and format stacks to be added seamlessly as the digital identity and credential landscape develops. It's built to perform efficiently and reliably at scale wherever it is deployed, with support for different integration pathways to offer everything from specialized integrations to end-to-end solutions for any use case.