Digital Identity Ecosystems

The European Union is creating an eIDAS compatible European Self-Sovereign Identity Framework (ESSIF). The ESSIF makes use of decentralized identifiers (DIDs) and the European Blockchain Services Infrastructure (EBSI).

There is a lot of uncertainty in the upcoming EU regulations (eIDAS2). What kind of problems can we expect in the current and future way of working and how can we mitigate that? Which standards are needed to adhere to the new regulations? The financial sector has the opportunity to pro-actively influence infrastructure and regulation. TNO is working together with ABN AMRO, Achmea and ING on this topic.

Self-Sovereign Identity (SSI)

Self-sovereign identity (SSI) is an approach to digital identity that gives individuals control of their digital identities. SSI addresses the difficulty of establishing trust in an interaction. In order to be trusted, one party in an interaction will present credentials to the other parties, and those relying parties can verify that the credentials came from an issuer that they trust. In this way, the verifier's trust in the issuer is transferred to the credential holder. This basic structure of SSI with three participants is sometimes called "the trust triangle".

In an SSI system, holders generate and control unique identifiers called decentralized identifiers. Most SSI systems are decentralized, where the credentials are managed using crypto wallets and verified using public-key cryptography anchored on a distributed ledger. The credentials may contain data from an issuer's database, a social media account, a history of transactions on an e-commerce site, or attestation from friends or colleagues.

Goals & Objectives

Currently banks develop their own apps for digital transactions. These include mitigating measures to reduce risks of illicit transactions. EU Regulations (eIDAS2) could result banks having to accept third party apps for digital transactions. Banks could lose control on risks they now mitigate in their proprietary apps.
 

Proof of Concept and Pilot phase

The introduction of the EDIW will have great benefits for individuals and businesses in Europe. To name a few: it will open up the currently localised market for digital services in the EU, and it will enable individuals to interact fully digitally with organisations, replacing the current hybrid form where information with high assurances has to be supported with physical evidence (passports, qualifications, etc.). Furthermore, institutions will receive verified information about their customers, which will enable them to further digitalise processes, saving on operational costs and improving customer satisfaction. However, despite the obvious benefits, the introduction of the EDIW also raises some concerns. These concerns are broadly explained in a position paper. We also created 2 in-depth articles that give a detailed look at the concerns and potential solutions. See the downloads below.

Exploit phase

In the upcoming exploit phase we aim to create a demonstrator that mitigates the concerns that are explained in the papers and introduces new features that are not possible with the current EDIW toolbox and legislation. The demonstrator will use open source software called EASSI adapted to the ideas that are stated in the papers.