How Self-Sovereign Identity might impact payments and customer experience

Not only are these processes unwieldy and time consuming – often requiring the individual to fill in lengthy forms and provide digital scan of valid IDs and proofs of address – they are also increasingly fraught with concerns about data security. The organisations holding this data may be hacked, putting users at risk of identity theft or payments fraud. Meanwhile, despite warnings about best practice, people struggling to remember large volumes of complicated credentials often use the same passwords for multiple systems, thereby making themselves vulnerable to hackers.

Enter self-sovereign identity (SSI). While definitions vary, SSI is based on the idea that individuals and organisations can own and control their own digital identities. Instead of having a digital identity managed by a service provider, users can store their personal information on their own devices, and decide what data to share for specific interactions.

“At a basic level, SSI could securely store personal information such as an individual’s date of birth and address, or a verified copy of their passport,” says Scott Bushell, VP of experimentation and innovation at Barclaycard. “But in future, SSI could also be used to store data relating to an individual’s qualifications, professional affiliations, medical records, payment and banking information, or any other information they might choose to share with another organisation. There are a huge number of use cases that can be tested.”

SSI has particular significance in the area of payments, where the ability to prove the identity of individual users is essential – but securing the necessary proof often comes at the cost of a smooth customer experience.

The concept of SSI revolves around the idea of decentralisation, with blockchain enabling credentials to be accessed without the need for a central certification authority. Other important concepts in the world of SSI include portability and persistence. In other words, it should be possible to store identities in multiple locations or transport them to different jurisdictions. Identities should also be long-lasting – although equally users should have the right to get rid of a digital identity if they so choose. And of course, a digital identity needs to be interoperable with the numerous platforms users may interact with.

Last, but definitely not least, a high level of security is essential: if people are to take control of these sensitive credentials, they need to be confident that no one else can access them. Likewise, the parties seeking identity confirmation will need confidence in SSI security. As such, banks – already keenly focused on the need to verify identity effectively – are likely to have an important role to play in providing trust within an SSI framework. 

There is now significant momentum behind SSI, with several major finance and tech companies exploring its potential and creating proof of concepts. This development offers some compelling solutions to the problems faced by businesses and users in managing their online identities.

What’s more, SSI has considerable potential when it comes to improving customer experience: users may be able to register with a single click, instead of having to fill out lengthy forms. And as well as eliminating the need to manage numerous complicated passwords, SSI may also provide greater confidence for those concerned about the way in which their data is used and managed. 

“In the context of online payments, SSI has the potential to drive big improvements in the user experience,” says Bushell. “Currently a customer might have to complete two journeys when buying online – one to register their details with the merchant and another to make a payment. With SSI, we can streamline this process so it occurs in one simple data exchange.”

Alongside an improvement in customer experience, SSI will also help merchants to mitigate against the risk of fraud or data input errors.

Recognising the importance that SSI is likely to play in the payments and ecommerce market, Barclaycard Payment Solutions has recently teamed up with SSI specialist Evernym in a 12-month accelerator to explore the benefits of SSI.

In 2016, Evernym created Sovrin, the world’s only global public utility for SSI ^[1] (Evernym donated the code base to the Sovrin Foundation but is now simply a user). By taking advantage of Hyperledger Industry, an open source blockchain framework, Sovrin enables users to establish trust using ‘verifiable claims’ – in other words, verified statements about the user’s identity, such as proof of address or proof of age. Businesses can receive the proof they need from users without storing their customers’ personal data on their systems.

“With access to Evernym’s insight, tools and expertise, we are really able to speed up our learning about Sovrin and SSI. And most importantly, we can rapidly develop real solutions that solve real customer and business problems,” said Ed Black, Barclaycard director of innovation & product.

Other notable developments include a digital directory of public, verifiable data issued by government authorities about businesses in British Columbia. The directory uses Sovrin’s network to issue, store and share authoritative data, which the government of the Canadian province sees as fundamental for its move towards a fully digital economy.

This is just the beginning of the journey for SSI. GDPR has sharpened people’s attention on the dangers inherent in handling personal data, while data theft is a real and pressing issue. There’s also a growing recognition that unwieldy sign up and authentication processes are not ideal from a customer experience perspective. As such, the coming months are likely to see a growing focus on the benefits of SSI, with more organisations embarking on pilots and collaborations that will demonstrate the real-life applications of this technology.