What is SSI & DID?


Self Sovereign Identity is a new cryptographic technology that enables individuals and organizations to assert their own identity. The self sovereign identity is private and not disclosed.


Decentralized Identifiers are identifiable endpoints belonging to a SSI, and can be shared with the world. For example documents, wallets, smart contracts or programmable agents.

The basic concept of SSI:

  • You start with an empty digital wallet.
  • What you accept into it is up to you.
  • What you share from it is up to you.
  • Whether anyone trusts or accepts what you share from it is up to them, & depends on the reputation of who issued it to you.

Timothy Ruff
GP, Digital Trust Ventures

Self-Sovereign Identity changes the game

Digital identity is an infrastructure necessary to do most everything on the Internet. And while there have been many solutions through the years, It remains a problem.
Companies own the digital identities of the people that use their services. Centralized databases are a security risk for cyberattacks; not to mention the low integrity of stored data, and users have little to no control of how their data is secured. From business perspective digital identities are a huge administrative overhead, highly costly and a permanent potential risk (in case of data breach).
Self-Sovereign Identity technologies give individuals and companies the ability to control and manage their own digital identifiers. This technology is gaining momentum as it solves previously unsolvable challenges. With the emergence SSI open standards, a new layer of the internet emerges for the identity of people and organizations. SSI represents a new paradigm -- it changes the identity game completely.
Any company that collects, stores or sells personal information can potentially be revolutionized using SSI technology.

  • • SSI builds on the past, while solving for the future Digital identity has been a problem from the beginning of the internet. Kim Cameron of Microsoft, one of the pioneers of user-centric identity efforts over the past 10 years said “The internet was not built with an identity layer.” The Internet Identity Workshop began convening about user-centric identity and the potential for an identity layer as early as in 2005. Over a decade of work has gone into trying to solve the challenge of making a real working identity layer that doesn’t outsource digital identity provision to a corporation and is built on a set of standards not owned by any organization. The Hydraledger's breakthrough in SSI in 2020 mean that individuals can be in control of their own identifiers that are resolvable at internet scale.
  • • Introducing a new technology layer of the internet The current Open Systems Interconnection model (OSI) of the internet stack has 7 layers, 1) Physical, 2) Data Link, 3) Network, 4) Transport, 5) Session, 6) Presentation and then 7) Application. IOP Stack technologies are so fundamentally new that they create a whole new layer for individuals and users. In this layer, identifiers are managed and owned by individuals and companies. Verifiable credentials can be issued to the identifiers, which can then be shared with any number of services they might interact with.
  • • Open Standards make it true Self-Sovereign Identity There are more than 10 emerging standards that enable true SSI. The most important standard, at the center of all others, is the Decentralized Identifiers (DID) Standard. It’s critical that companies use DIDs as described in the standard to ensure interoperability. Any organization not using standardized DIDs cannot leverage the power of the interoperable standards. Protocols are both freeing and constraining. IOP's DID standard is W3C conform and our accompanying format for DID Documents clearly state how to format a DID Doc and support universal resolution. At the same time the DID standard allows newly documented methods to be added. This supports innovation in how to Create, Read, Update, Delete (CRUD) operations on target systems.
  • • Blockchains are used, but in not the way you know Blockchains used for cryptocurrency exchanges solve the double spend problem. Their simple system of identifiers is a ledger of public keys. Decentralized Identifiers (DIDs) and the accompanying DID Documents enable individuals to share abstract identifiers (DIDs) with an associated public key and a resolution end-point. This supports the ability to message and transact with the DID owner. The transacted data (like a passport copy for example) is unlikely put on blockchain (although you could). DIDs are hashed references to your data, that only you can fully operate.
  • • Potential to reduce Data Security Risk The Public Key Infrastructure that underlies SSI provides a significant improvement by providing a secure encrypted tunnel of communication between an institution and its customers. Banks, Insurances and Governments are some of the early adopters of SSI not because they want to support “individuals owning their own identity” but because the security profile of the technology is so much higher than the current technology available to them with various forms of two factor authentication.
  • • Co-opetition & collaboration is the new way of doing business Standards are a common infrastructure that competitors develop so they can compete based on the products build upon them. This is good for all of us. Common standards ensure the technology is interoperable. For example a verifiable credential issued by one company’s software is viewable in any number of individual wallet vendors’ products and is readable by the verifiers’ software, even if it was created by a different vendor then the issuer. This interoperability is a critical feature for governments and creates new markets where companies develop competing products and services.
  • • Smartphones are a key piece of the revolution SSI couldn’t exist a decade ago it uses now common smartphones and cloud storage to solve difficult user interface problems related to key management. Smartphones support SSI wallet applications, making it easy for us to create and store thousands of Decentralized Identifiers (DIDs), and manage personal information. You can have multiple wallet apps on your phone to manage your relationships. Software agents that live in the cloud can securely store and manage your SSI. You store your SSI yourself, you don’t have to rely on the company’s database security to ensure your SSI doesn’t get into the hands of a hacker.
  • • It’s not just about the identity of people SSI is often talked about in the context of supporting identity for people; however it is very useful for Non-Person Entities (NPEs). There are two types of NPEs that operate as legal persons: corporations and nonprofit organizations. These organizations file papers and have articles of incorporation registered and stored. In the case of international trade, we need a clear understanding of the identity of objects, owners and transporters. In these situations, it’s critical identity information be globally available and trusted.
  • • SSI is real today Although still an emerging technology, IOP claims to have the first production-ready SSI solution on the market.