Self-Sovereign Identity (SSI) Archives

cheqd meta-analysis finds the Self-Sovereign Identity market is worth over $550 billion

LONDON, March 9, 2022 /PRNewswire/ — cheqd, a technology company enabling individuals and organisations to take full control of their data, has conducted a meta-analysis, as part of a new whitepaper, estimating the potential of the Self-Sovereign Identity (SSI) market to be over $550 billion annually. This staggering figure reflects the full value of people’s data and its usages. It is based upon areas of opportunity including finance, compliance (KYC), gaming, NFTs, the Metaverse, Official ID, and E-Commerce amongst others.

The whitepaper, entitled ‘Self-Sovereign Identity; How big is the market opportunity?’ aims to address the lack of clarity on the total addressable market value for SSI, establishing a credible baseline that can then be iterated upon by the community.

SSI is an emerging user-centric concept for exchanging authentic and trusted data, including people and organisations, in a more secure manner. The estimated figure of $550 billion affirms cheqd’s belief in the scale and value of SSI technology, which has already seen an exponential increase in tangible use cases in 2021 and 2022, proving foundational to the implementation of NHS Staff Passports as well as the IATA Travel Pass.

The current identity model is controlled by third-party providers who generate the majority of the value from this data. This centralised structure brings with it a host of security threats, laying open the potential for hackers to target companies’ data siloes on mass scales or trick individuals into giving away their passwords. In the United States alone, identity theft losses cost $502.5 billion in 2019 and increased to $712.4 billion in 2020. In the UK, annual UK-issued debit and credit card identity thefts reached a value of £29.7 million in 2020.

cheqd aims to redress these structural markets issues by inverting data ownership, allowing individuals to create a single profile that they control and share with companies as and when they choose.

cheqd CEO, Fraser Edwards comments, “When the Economist described data as the new oil, it was not wrong. This whitepaper confirms our sense of the increasing utility and relevance of SSI and digital identity, but also lays out, for the first time, the sheer scope and tangible value of the technology. It is undeniable that SSI can revolutionise the ways individuals and companies exchange data across industries as diverse as finance, gaming, and travel. We are proud to stand at the forefront of this transformation, giving people ownership of their digital lives and putting them in control for the first time.”

Click here to read the whitepaper in full; cheqd’s methodology has been published in detail so that all market participants are able to use the data for their own calculations.

For enquiries, please contact:

Alexandra Santos
[email protected]
07972 854508

Understanding the SSI stack through 5 trends and challenges

Co-authored by Alex Tweeddale (Governance & Compliance Lead), Ross Power (Product Manager), and Ankur Banerjee (CTO/co-founder)

In the early months of 2022, the team at cheqd conducted two surveys diving into self-sovereign identity (SSI) and digital identity in Web 3.0. We analysed responses from a general audience as well as from an expert audience to tease out key trends.

This second article, following on from our first article, focuses on trends and key takeaways from the deep-dive survey that was shown to an expert technical audience of self-sovereign identity (SSI) vendors.

Specifically, this article will focus on trends and challenges that can be drawn from looking at each Layer of the SSI technical stack.

Key technical trends identified in digital identity / Web 3.0 in cheqd’s deep dive survey

What do we mean by the SSI technical stack? The best example of what we mean by this ‘stack’, is shown by the Trust over IP Model which splits into a distinct Technology Stack and a Governance Stack. The Technology Stack looks at Public Utilities, Peer-to-Peer Communication, Credential Exchange and Technology Application Ecosystems, which are all essential components of a functional SSI ecosystem, and will be the focus of this analysis (shown in Figure 1 below). Governance is also a vital component for real-world SSI use cases and should be the focus of future work and research.

Figure 1: the Trust over IP Technology Stack

We will use the ToIP classifications to split up the survey responses into how they correspond with each specific technical Layer. Through this, we will reach a set of conclusions and five trends around the entire technical stack, top to bottom.

Introduction

From our deep dive survey we have drawn 5 distinct trends across the layers four of the stack:

Trend 1: (Layer 1) Hyperledger Indy is still the most supported Layer 1, but there are signs it may be losing its dominance
Trend 2: (Layers 1, 2, 3) Aries-based SDKs are dominant, correlating with Indy at Layer 1
Trend 3: (Layer 2) OIDC SIOP may be starting to catch up with DIDComm in terms of a peer-to-peer connection layer
Trend 4: (Layer 3) The lack of harmonisation on Credential type/exchange standards is more stark than ever
Trend 5: (Layer 4) Ecosystem adoption could be driven by stronger commercial models and payment rails

All five trends culminate in one main challenge:

Interoperability and harmonisation is lacking at each layer of the stack, which is a barrier for adoption

In addressing this challenge, respondents indicated that cheqd could help boost adoption:

Since large-scale interoperability is not yet a selling point, SSI may benefit from new commercial models and payment rails to kickstart and incentivise adoption

To show the workings of how these conclusions were drawn, we will go through each trend individually and explain how the trend has developed and how challenges have emerged from the trends, using evidence in the form of data collected from our survey.

Finally, it is important to make clear that when we set out to gain a better understanding of what our community and our SSI partners wanted, we did not enter with a specific agenda or set of assumptions we were hoping to prove. That said, we are thrilled to see the direction we’re moving in at cheqd is generally supported by the data we collected.

Buckle up!

Trend 1: Hyperledger Indy is still the most supported Layer 1, but there are signs it may be losing its dominance

#Layer1

DID methods are the set of rules and instructions used for interacting with a specific Layer 1 Public Utility in order to write, update and resolve DIDs on that Utility. There are over 100 distinct DID methods already, with increasing diversity in the approach the did methods take.

We asked our respondents what DID methods they currently support or plan on supporting in 2022. The most prominent supported DID Methods amongst our respondents were Indy-based DID Methods, as well as specifically the Sovrin DID Method. This is most likely because Indy and Sovrin have been largely the only options for functional, identity-specific use cases.

did:ethr has also been around for a long time, however, due to being based on Ethereum, identity use cases have never been the main priority of Layer 1. For this reason, Ethereum and did:ethr have not gained the same amount of attention or traction within the identity sphere as Ethereum has across the rest of Web 3.0.

Interestingly, looking at the responses on a more granular level, the majority of the companies that support any of the alternatives to did:indy and did:sov also support one of did:indy or did:sov.

Only 3 out of the 37 respondents supported did:web or did:key without also supporting did:sov or an Indy-based method, for example.

This does suggest that for SSI vendors, did:sov and did:indy are the first DID Methods to be looked at and supported, before expanding to other alternatives afterwards. did:web and did:key both make sense in this regard, as they are off-ledger options for anchoring DIDs, which is arguably much more practical for testing environments or Proof of Concepts since nothing written into the DID is immutable.

Of the ledger-based alternatives, there is not currently a clear frontrunner, although did:ion is probably the alternative gaining the most momentum, as it is the main supported Utility for the VC-JWT Interop Profile between the likes of Mattr, Microsoft, Ping and Workday — working alongside the Decentralised Identity Foundation (DIF).

ION uses a protocol called Sidetree to store DIDs in temporary storage, as well as within IPFS / MongoDB, in order to rollup and batch DID operations to the main blockchain (Bitcoin in ION’s case), which makes it more operationally cost-efficient.

One DID Method that we did not include but was brought up within the comments and ‘other’ sections is did:ebsi. This is a ledger that we do expect to gain much more traction over the coming months and years, especially as the European Blockchain Services Infrastructure (EBSI) has begun releasing conformance criteria for European Digital Identity Wallets, mandating support for did:ebsi. We would expect to see an increase in uptake of specifically did:ebsi off the back of this body of work.

In terms of analysis here, it is important to stress that diversity at Layer 1 is by no means a bad thing. The emergence of new methods to compete with did:indy and did:sov should be encouraged, especially if such approaches comply directly with the W3C DID Core specification. The DID Core Spec was not written to be a rigid standard; rather, it promotes innovation, extensibility and flexibility — meaning that it is possible to innovate to a certain degree at the DID layer without compromising interoperability. We hope that in the next year, did:cheqd will become another name on the above list.

In terms of making interoperability more seamless here, we would push for the community to strengthen the DID Method Test Suite in order to better highlight the degree to which DID Methods interoperate and what functionality exists within each individual DID Method.

Trend 2: Aries-based SDKs are dominant, correlating with Indy at Layer 1

#Layer1, #Layer2, #Layer3

Software Development Kits (SDKs) are less talked about than they should be. In fact, SDKs are pivotal to interoperability because they enable third parties to carry out functions such as establishing connections, issuing Verifiable Credentials and verifying the Decentralised Identifiers within the Credential, against a Layer 1 Public Utility and DID Method(s).

Hyperledger Aries was initially designed to be an agnostic set of Protocols (Request For Comments ‘RFCs’) for carrying out SSI-based operations. These Protocols, however, and a lot of the Hyperledger Aries SDKs, have since been designed to work specifically with Hyperledger Indy — which is why, largely, there has been a dominance of Indy-based Layer 1s and Indy-based DID methods.

This was shown within the survey results, with the largest proportion, 35.1%, of respondents using Aries Cloud Agent Python (ACA-Py); and secondly, 27.0% of the respondents using Evernym’s VDR Tools SDK (tied to Hyperledger Indy).

As a trend here, it is likely that Aries SDKs will remain dominant, especially as there is ongoing work to decouple the dependence between Aries and with Indy. We see decoupling Aries from Indy as a vital part of building a more interoperable SSI technical stack.

At cheqd, we are also planning to support this work by helping expand one of the main Aries Frameworks to support cheqd, and therefore, multiple Layer 1s other than Indy-based networks. Once Aries or any SDK is able to communicate with a variety of Layer 1s and route requests to specific DID Methods accordingly, this will be a key milestone for SSI.

On this slightly different topic, we were surprised to see Aries Framework JavaScript and Aries Framework Go with such a low adoption vector (both 10.8%), especially as most companies indicated that they use JavaScript/TypeScript or related frameworks as their primary language for development, as seen in the graphic below:

The skew towards ACA-Py may simply be down to the fact that much more work is being done on the project. Looking at the Contributions over the last 2 years, ACA-Py is far ahead of the likes of Aries Framework Javascript just in terms of general contributions and commits, with roughly four times more activity over a sustained period.

Figure 2: ACA-Py Contributions

Figure 3: Aries Framework JavaScript contributions

What perhaps this result does show, is that there is no standout SDK for SSI yet, even within Aries, different implementations of Aries may be useful for different purposes, with pros and cons within each implementation.

This may also explain why Indy is the most utilised Layer 1, as Aries is currently the main SDK to use alongside it. Until this tie is severed, we do not see this changing in most SSI implementations.

Trend 3: OIDC SIOP may be starting to rival DIDComm in terms of a peer-to-peer connection layer

#Layer2

Layer 2 in the SSI stack is all about creating secure connection channels between different parties in identity transactions. If you think of Verifiable Credentials for the contents of a letter, Layer 2 provides the Envelope and the Postal Service.

Figure 4: Peer-to-peer communication envelope

Through the use of a peer-to-peer communication channel, Verifiable Credentials or messages can be sent securely between parties, in a way which is completely off-chain. This is often a concept that newcomers to SSI do not fully understand since most uses of blockchain have peer-to-peer transactions take place on-ledger.

The survey results showed that the Layer 2 protocol is relatively split between two frontrunners DIDComm (v1 and v2) as well as Self-Issued OpenID Provider: OpenID Connect (SIOP OIDC).

73.7% of respondents ranked DIDComm v1 and v2 as being either the most or second most important protocol here. This demonstrates that it is a clear leader in the community for how to create trusted communication channels between wallets and agents. This is also supported by interoperability profiles such as WACI-DIDComm.

However, 68.4% of respondents also clearly acknowledged the importance of SIOP OIDC. In fact, there may even be a more current trend toward SIOP OIDC, with both the European Commission as well as the VC-JWT Interop Profile recently selecting it as a communication channel over DIDComm v2. This may be because it focuses on bridging Web 2.0 and more federated identity models into the self-sovereign paradigm, through the thoroughly tested and well-trodden path of OpenID Connect.

Through this bridge, there may be a larger adoption vector as there are already millions of OpenID Connect Relying Parties which may be able to access and issue Verifiable Credentials through this model.

Whether DIDComm or SIOP OIDC does come out on top in practice is yet to be seen, however, it is vitally important that both work towards functional compatibility between the two approaches.

This is also understood within the WACI-DIDComm interop profile which states that it is waiting until version 2 of SIOP OIDC before considering adoption into its own interop profile.

Hopefully, after the latter publishes its v2 spec, it will spark a convergence around a particular interop profile, or a combination of the two. A Killer Whale Jello Salad. If you know, you know.

Trend 4: The lack of harmonisation on Credential type/exchange standards is more stark than ever

#Layer3, #Layer4

Credential Exchange

Being issued a set of claims and Verifiable Credentials to your identity wallet and then presenting them to a third party is at the core of SSI. This is what Layer 3 in the technology seeks to achieve.

For SSI to become an interoperable ecosystem, the mechanism that transports one Verifiable Credential to a Holder’s wallet must be able to communicate with a completely different piece of software receiving a Verifiable Credential or Presentation on the end of the Verifier. Yet, currently, the different approaches do not enable Credential interoperability.

In this category, Aries Present Proof (88.3% voted as 1, 2 or 3 in terms of importance), WACI Presentation Exchange (58.8% voted as 1, 2 or 3 in terms of importance) and Verifiable Presentation Request (76.5% voted as 1, 2 or 3 in terms of importance) all score very highly — with Credential Manifest and OIDC Credential Provider being recognised as very important by a smaller segment of the respondents.

The WACI-DIDComm Interop Profile encompasses both the Wallet and Credential Interop work on Verifiable Presentation exchange, alongside Aries Present Proof, as supported means of exchange, on top of DIDComm v2. WACI Pex and Aries Present Proof here work together, tackling slightly different components of Credential and Presentation Exchange and Proofs.

Looking at the data on a more individual basis, it is not surprising that the people who voted SIOP OIDC highly were also the same people who voted OIDC Credential Provider highly. Similarly, the people who voted WACI PEx and Aries Present Proof highly also favoured DIDComm v1 and 2 as the Layer 2 communication envelope.

This separation between, on the one hand, the VC-JWT Interop profile and EBSI which both focus on SIOP OIDC and OIDC Credential provider; and on the other hand, the WACI-DIDComm interop profile which focuses on Aires Present Proof and WACI PEx demonstrates the lack of harmonisation in the industry right now.

Credential type

It will come as no surprise to anyone who has been in the SSI industry for a while that there is a stark lack of agreement on which semantic and syntactic format Verifiable Credentials should take.

Within the survey results, the respondents indicated a very even:

45.9% AnonCreds;
40.5% JSON based VC JWT;
32.5% JSON-LD; and
40.5% JSON-lD with BBS+ signatures.

There has been plenty written on the differences between these Credential types, we will point to Kaliya Young’s work on Credential flavours here.

However, the key point is that this lack of alignment and agreement in technical standards has acted as a barrier to SSI adoption. This response shows directly the split that there is in the community between Credentials types and different standards on this topic.

Here the respondents clearly indicated that both the lack of maturity in technical standards and the limited interoperability afforded by the standards were two of the main barriers to real-world adoption by clients.

Without technical and semantic interoperability, Self-Sovereign Identity can only exist within closed silos or consortiums, rather than as a global model for trusted data.

This is not something that any of us want in the community, and as such, it is important that we work together towards:

Robust technical Standards published by Standards bodies (such as W3C, IETF, ISO) which anyone is able to adopt, in an interoperable fashion
Interoperability profiles, outwards communication and industry dialogue about technology stacks
Middleware to connect any natively incompatible implementations with one another

Through a combination of these three points, we would hope that SSI could converge to a point of interoperability, rather than creating a larger divide.

Layer 5: Ecosystem adoption could be driven by stronger commercial models and payment rails

Quite interestingly, the respondents made it clear that the main driver for the adoption of SSI is currently to reduce the compliance burden on companies and to make it easier to comply with new regulations. It weighed the highest with 65% selecting this option as a driver for interest in SSI amongst their customers.

This is not entirely surprising as there are many regulations are coming into force, or having recently been proposed, which impose strict identity or KYC requirements on businesses, such as the US Drug Supply Chain Compliance Act within product supply chains, eIDAS 2.0 for data sharing in the European Union or the Financial Action Task Forces’ Recommendation 16 Travel Rule within Web 3.0.

Through these regulatory changes, companies are being shoehorned into looking beyond the purview of existing technologies to comply with the expanded scope of these new regulations. Or, in other words, changes in regulation are making SSI adoption more viable, as was selected by 55% of the respondents.

35% of respondents also recognised the potential for revenue streams as a driver for SSI. Similarly, 35% recognise that KYC/KYB is currently too expensive with existing providers. Finally, 35% of respondents see a reduction in costs through greater operational efficiency as being a driver.

These latter three responses indicate that the current customers that SSI vendors are working with are currently more focussed on the compliance benefits of SSI than the potential cost benefits and revenue opportunities.

This response is most interesting when compared to another question we asked on where cheqd’s product roadmap could help our respondents’ customers. Here, 70% highlighted that Payment Rails for Identity would help drive adoption with their customers.

This indicates that functional payment models may increase interest from customers already interested in the compliance benefits. However, it is likely that this is not an existing driver, since the technology to realise the operational and cost benefits, alongside new revenue opportunities is not yet readily available.

This data reinforces the product direction and roadmap we have laid out at cheqd, which is pleasing to see. We also expand and dive deeper into this specific rationale in our third trend of the General Product Survey response — Trend 3: Privacy-preserving commercial models for digital identity exchange could radically accelerate the adoption of self-sovereign identity.

Key Takeaways

One of our founding principles at cheqd is to build out the network with and for our community. We are confident in the knowledge we have within the cheqd team, but fundamentally, we believe in the wisdom and experiences of those that will be the ultimate beneficiaries of the network; a utility after all is for everyone, and should therefore be designed by everyone.

So, bringing it all together, a reminder of the 5 Trends identified:

Trend 1: (Layer 1) Hyperledger Indy is still the most supported Layer 1, but there are signs it may be losing its dominance
Trend 2: (Layers 1, 2, 3) Aries-based SDKs are dominant, correlating with Indy at Layer 1
Trend 3: (Layer 2) OIDC SIOP may be starting to catch up with DIDComm in terms of a peer-to-peer connection layer
Trend 4: (Layer 3) The lack of harmonisation on Credential type/exchange standards is more stark than ever
Trend 5: (Layer 4) Ecosystem adoption could be driven by stronger commercial models and payment rails

Looking at the trends holistically, they each spiral into one main challenge: interoperability and equivalency at each technical layer is still one of the largest barriers to mainstream SSI adoption — this is an overarching trend in itself.

Resolving this challenge is not as easy as converging around one formal Standard at each layer, or just using “W3C” Standards. This is because companies, governments and consortia each have individual requirements for SSI that cannot be currently addressed by one interoperability profile.

This has led to a degree of short-termism and long-termism within the community.

Vendors with clients knocking on their door and asking for a product tomorrow are swaying towards short-term solutions (such as AnonCreds which contains privacy-preserving revocation and the capability for predicate proofs); whereas, enthusiasts and SSI visionaries are looking at a longer-term vision of harmonisation and wide-barrelled interoperability (such as JSON-LD with BBS+ signatures or even AnonCreds V2 with BBS+).

Both approaches, short-term and long-term, need to be recognised as valid by the broad SSI community; which does not make the resolution a quick fix.

Whether one mature enough Standard does emerge over the next few years, creating a convergence effect; or, we move towards a middleware marketplace between different implementations and standards, we think it is essential to maintain an open conversation about technical stacks and interoperability profiles. It is only by having this conversation that interoperability may be inched closer.

What do these trends mean for cheqd going forwards?

Our immediate focus is to make the cheqd network more accessible and usable by our SSI vendors, whilst offering an opportunity to help educate the wider community and beyond on the need for SSI. Our medium-to-long term focus is delivering new commercial models which will drive ecosystem adoption. We are pleased to see that this focus is also supported by the results that the survey respondents provided. As such, over the past few weeks, we’ve been building an MVP which will act as a launchpad from which we’ll be building out the payment models. This work is largely informed by the results from Trend 2 (Aries-based SDKs are dominant, correlating with Indy at Layer) as we’ve been working on a cheqd Identity MVP which leverages the Veramo SDK (a Javascript SDK), combined with a refactored Cosmos wallet (Lum Wallet) to enable to possible to issue and hold a credential in the SAME wallet as other DeFi activities are performed, using the cheqd DID Method. By offering the ability to hold a Verifiable Credential in the same location as one holds tokens and performs DeFi activities (such as staking and delegating), we see an opportunity to begin demonstrating the intrinsic need for a tokenized network for identity, which in parallel provides us with a starting point from which to build out the payment rails that are clearly desired, beginning with Verifier-pays-Issuer, enabled through our approach to Revocation Registries, coming soon. If you’re at IIW we’d love to share our demo with you. Co-founders Fraser Edwards and Ankur Banerjee will be sharing this on Wednesday, 27th, 13:30–14:.30pm PDT (full details will be on our social and community channels). We’d love to hear your thoughts on our analysis and what this means for your company. Feel free to contact the product team directly — [email protected], or alternatively start a thread in either our Slack channel or Discord.

Understanding the SSI stack through 5 trends and challenges was originally published in cheqd on Medium, where people are continuing the conversation by highlighting and responding to this story.

Data Privacy Digital Identity Verifiable Credentials

SSI for regulatory compliant DeFi

CeDeFi and SSI as Continuums

By Fraser Edwards, CEO & Co-founder at cheqd and Martin Worner, Co-founder at Confio

A continuum can be defined as a model that gradually transitions from one condition to another without abrupt changes. A seamless, natural progression between states. And as we move into a world of Web 3.0, continuums are becoming increasingly important. It may even be possible to argue that the goal of Web 3.0 is one single continuum.

Rather than distinct, standalone ecosystems, Centralised Finance (CeFi) and Decentralised Finance (DeFi) exist on a spectrum, and they are becoming a continuum of one another. CeDeFi, for example, was first coined as a term by Changpeng “CZ” Zhao, CEO of Binance, on the advent of Binance Smart Chain, to describe this coalescence.

Similarly, identity can be modelled as a continuum, from centralised systems, like Identity & Access Management (I&AM) and Customer Relationship Management (CRM), through Federated systems, e.g. login with Facebook or Google, to decentralised or self-sovereign identity, e.g. cheqd, Lissi or IATA travel pass.

Cryptocurrency transfer split for Central, Northern and Western Europe between CEXs and DEXs. Source: Chainalysis.

What we are seeing now, is like two separate bubbles, a coalescence between DeFi and CeFi in one bubble, and Centralised identity and Decentralised Identity in another. Creating a continuum and symbiotic relationship between the transitioning finance and identity worlds. This can best be seen by the flow of European institutional funds, e.g. pension funds, into DeFi.

Combining these continuums into a grid, it is then possible to position protocols, with most of the current DeFi protocols naturally falling into pseudonymous but DeFi area and traditional finance (TradFi) into centralised identity and CeFi (duh!).

The Continuum Catalyst

The regulatory landscape for DeFI is, without doubt, the catalyst and root cause of this continuum. This is because of the pressure that a decentralised cryptocurrency ecosystem has put on traditional, centralised financial regulations.

The problems are threefold:

Decentralised Exchanges (DEXs) and Decentralised Autonomous Organisations (DAOs) generally have no liability infrastructure or accountable persons, in the instances of fraud, theft or phishing;
Anonymous or pseudonymous transactions supported by coin-mixing/tornado cash protocols can make money laundering difficult to prevent and easier to obscure than in the physical world. Similarly, their pseudo-anonymous identifiers make it difficult for users to demonstrate a sufficient level of understanding of the risks involved in different protocols and transaction types.
The global, cross-border, cyberspace-located nature of transactions and interactions in the cryptocurrency world, act at odds with the distinct jurisdictional scope of national law.

The motivation for regulators pushing for identity is to establish whether the entity behind a platform falls under their jurisdiction or the investor is resident in their jurisdiction. This ensures that the regulators meet their obligations and terms of reference. They cannot ignore entities or residents in their jurisdiction who act in an unsupervised environment.

Furthermore, global regulators have acknowledged that a law on its own is not sufficient to regulate the industry and have resorted to regulating the technical architecture protocols must have in place, mandating increasingly complex identity requirements onto who uses any CeFi or DeFi protocol. Identity requirements, which largely, can only be accomplished by using a decentralised approach, to complement the privacy and pseudonymity-first approach of DeFi.

The most commonly cited identity requirement on CeFi and DeFi is the Financial Action Task Force (FATF) Virtual Assets and Virtual Asset Service Providers, Recommendation 16: the Travel Rule. This has imposed a requirement on Virtual Asset Service Providers (VASPs), such as exchanges or custodians, to store personal information of both parties to transactions greater than $1000 US.

For Exchanges, as an example, the following information is required:

Owing to this requirement, the identity continuum has been viewed as a trade-off between privacy and regulatory compliance, e.g. full anonymity or pseudonymity would not meet the Travel Rule requirements. Yet, while this may seem binary at first thought, i.e. data is either provided or not, we are starting to see innovations creating different ways of achieving this data sharing without directly compromising user privacy.

Whilst the likes of Aave ARC have used centralised solutions to achieve this, there is a movement towards decentralised or SSI solutions across both individual and corporate identity. The likes of Notabene, Centre, Bloom and Shyft are already looking into how to reuse KYC’d data, through Self-Sovereign Identity and the interplay between Verifiable Credentials (VCs) and Decentralised Identifiers (DIDs) to enable access to VASPs without compromising user privacy. Similarly, Coinbase, Circle, Anchorage and Robinhood have formed the TRUST consortium to tackle the same issue in a privacy-preserving way.

Echoing the above, James Taylor, CBO at Unizen says, “DeFi needs to adopt Self-Sovereign Identity in order to onboard banks and TradFi institutions. Verifiable Credentials and Zero-Knowledge Proofs are novel applications that complement the existing compliance framework and retain user’s sovereignty.”

cheqd, eIDAS and the Travel Rule

Due to the continuum of decentralised identity and finance, there is an emerging overlap between the amendments to the European Identification and Trust Services (“eIDAS”) Regulation and a resolution to the Travel Rule friction, tending towards SSI standards.

eIDAS was a Regulation that came into force in 2016 to create a more seamless way of identifying, authenticating and verifying people and businesses in a cross-border setting. It enables organisations to rely on digital signatures and proofs, rather than solely on physical documentation. Recently, there has been a push within the European ecosystem to extend the scope of eIDAS to incorporate Verifiable Credentials into the remit of the eIDAS model, through initiatives such as eIDAS Bridge.

Through an updated eIDAS framework, the sharing of Verifiable Credentials and Verifiable Presentations will satisfy legal requirements for KYC checks and identity checks. This presents a very real opportunity for DeFi protocols seeking regulatory compliance to skip centralised or federated systems, keep their decentralised ethos and protect their user’s privacy. There is a further incentive for DeFi as identity is key to preventing the proceeds of crime from flowing into the financial systems. Additionally, the pseudo-anonymous nature of DeFi creates an adversarial environment where cheating others is widespread as seen for example by front-running or wash trading, and by establishing identity it becomes possible to ascertain who is indulging in the adverse behaviour and remedies can be made. Thus taming DeFi through accountability gives greater confidence to prospective investors and opens DeFi to wider adoption.

How does this work?

Since only one of: physical address, national identity number, customer identity number or date and place of birth is required, it is possible to meet the Travel Rule with only name, account number (wallet address) and a customer identification number. Through a process we set out below, data can be verified by a DeFi protocol without creating another data silo. Importantly, this also will make it possible, albeit onerous and costly, to investigate wrongdoing such as funds routing from hacks.

We have laid out how this works in the diagram and steps below:

If the DeFi protocol supports it, anyone (individual or organisation) can create a pool or contract with defined KYC requirements. These KYC requirements could range from:
1. Blacklisting to prevent certain geographies from participating;
2. Full checks of documents;
3. Zero-knowledge proof checks for certain criteria.
An individual or organisation will need to receive a Verifiable Credential for going through a normal KYC process once, likely with a reputable VASP, or trusted entity such as a bank, law firm, insurance company etc.
The individual or organisation will be issued a secure, verified digital version of their KYC’d data, likely a passport, driver’s licence or certificate of incorporation.
As part of interacting with the DeFi protocol’s pool, they are required to fulfil the KYC criteria. And, since the data in a Verifiable Credential is, by its very nature, verifiable and certified, it can be checked extremely quickly to avoid introducing more barriers.
The user will provide a Verifiable Credential for their name, wallet address and customer identification number from the VASP to the DeFi pool.
Assuming they fulfil the requirements, the individual or organisation can interact with the pool.
Depending on the policy, the pool may make use of Zero-Knowledge Proofs (ZKPs), see below.

Zero-knowledge proofs

Using Zero-Knowledge Proofs (ZKPs), it is possible to perform checks on an organisation or individual without having to process the underlying data. As examples:

It would be possible to check that an individual or organisation has been successfully KYC’d by a trusted organisation for other information such as the user’s address, age or national identity number.
It is possible to check an individual is over a certain age without needing their date of birth.
It would be possible to check the risk or credit profile of the user without disclosing the underlying information;
- E.g. Institutional or accredited investors could trade all DeFi, new retail may trade lending, swapping but not highly leveraged futures.
Similarly, it would be possible to exclude an organisation based on an excluded country list without needing to know exactly which company they are incorporated in.

Regulatory Authorities

Through the model above, any regulatory authority could request access to the pool of details (which would not contain any information on address, national identity number or date and place of birth). Due to the eIDAS regulatory changes, this would be sufficient for valid identity verification and reporting by the DeFi protocol. If the Regulatory needed to request the underlying data, it would have to request this from the original issuer, making it extremely time-consuming to even secure a single individual’s data as well as reducing the number of copies in circulation.

Corporate SSI

Whilst the example above focused on individuals due to the simplicity of the Travel Rule, where this is likely to come into its own is institutions/companies. Bodies like the Global Legal Entity Identifier Foundation (GLEIF) are already building out SSI implementations (e.g. their virtual legal entity identifier vLEI) to give companies digital identities. This will mean that due diligence/onboarding, mergers & acquisitions and other processes are simplified and improved compared to working through paper documents or at best, easily counterfeited PDFs.

The direction of travel (rule)

There is a clear trend to enable regulatory compliant DeFi, both to be compliant with regulations and avoid prosecution or having to move jurisdictions but also to widen access to entities/individuals with stronger counterparty risk requirements. Our expectation is that the markets could split into two, with institutions flowing into regulated markets whilst individuals remaining anonymous/pseudonymous.

We would also like to state that while this architecture is possible, it does not mean that it should be adopted since we know a large majority of the DeFi community prize their anonymity/pseudonymity and we hope there will always be protocols to support them.

However, it provides a template for any protocol to implement this approach (if they wish and see demand) without having to recreate the architecture.

The key is that as regulation is applied or regulatory compliant DeFi becomes a larger sector, we do not create more data silos and we want to maintain privacy as far as possible.

Coalescing

As we have caveated above, this model should not be imposed upon protocols. However, it does provide a route towards regulatory compliance for those who wish for one with the potential upshot of drastically widening access to DeFi whilst protecting individuals.

To contribute to enabling regulatory compliant DeFi cheqd has joined the CeDeFi Alliance. CeDeFi Alliance is a non-profit organisation kickstarted by Unizen and JUN Capital in order to bring the leading teams from CeFi and DeFi for mass adoption of Distributed Ledger Technology. We are excited to announce that cheqd is joining the CeDeFi Alliance for spearheading the growth of SSI under robust policy frameworks.

The Alliance will reach out to Government Industry Groups on Blockchains and Regulators for creating a compliant policy framework that allows every Individual and Organisation to use CeDeFi Technology with confidence in its full legitimacy.

We would love to hear the community’s thoughts on this, especially everyone’s expectation of the market direction over the coming months and years.

And for anyone building in this space, please get in touch, we would love to hear from you. Drop either [email protected] or Toby ([email protected]) a note and we’ll be straight back to you.

Otherwise, make sure to join our community on Telegram, Twitter or Discord – take your pick!

Data Privacy Digital Identity Verifiable Credentials

Top 5 trends in Decentralised Self-Sovereign Identity and Privacy-preserving Technology in Web 3.0 (2022)

Co-authored by Alex Tweeddale (Governance & Compliance Lead), Ross Power (Product Manager), and Ankur Banerjee (CTO/co-founder)

In the early months of 2022, the cheqd team conducted two surveys diving into self-sovereign identity (SSI) and digital identity in Web 3.0. We analysed responses from a general audience, as well as from an expert audience, to tease out key trends in how identity plays a role in decentralised systems and Web 3.0.

The first article focuses on trends and key takeaways that we derived from combining a general survey and a deep-dive survey, where the respondents were a blend of experts from our list of 45+ partners as well as general audience members through outreach we did on our social media channels on Twitter, Telegram, and LinkedIn.

In a future article, we will deep-dive into the technical and industry-standard topics in self-sovereign identity (SSI), from an extended survey that was shown to an expert audience on the two topics.

Overall, we had 114 completed respondents to the general survey (with a completion rate of 65.8% with a confidence level of 95% for the trends and conclusions drawn from this survey. We describe the methodology and statistical analysis of survey respondents in more detail at the end of this article. We’ve also included links to the anonymised, aggregated responses for those interested in diving deeper into the data.

Read cheqd’s meta-analysis reasoning that the self-sovereign digital identity market size could be worth $500 billion or more.

Key Trends in Digital Identity from cheqd’s survey

Trend #1: Maintaining privacy and control of their own data is of paramount importance to web users
Trend #2: Users — and the companies/organisations where they want to use self-sovereign identity — have vastly different motivations
Trend #3: Privacy-preserving commercial models for digital identity exchange could radically accelerate the adoption of self-sovereign identity
Trend #4: Identity is a foundational building block for DeFi and Web 3.0
Trend #5: Healthcare, Social Media, and Government use cases lead the pack among “traditional” sectors where SSI can be applied

Trend #1: Maintaining privacy and control of their own data is of paramount importance to web users

PEOPLE DO NOT FEEL IN CONTROL OF THEIR DATA

An overwhelming majority — 68% — felt that they had limited/no control over their personal data, and what happens once it’s shared with companies. Perhaps not unsurprisingly, given the composition of our survey respondents, a lot of them believed that self-sovereign identity (SSI) — a new paradigm in portable and interoperable digital identity — would be the default method of handling digital identity in a 5+ years time horizon.

Obviously, in a lot of scenarios people have to give their data to a company. For example, when buying a product from a Shopify store, a customer needs to give Shopify / the store their name and address (so that they can send the items bought).

An SSI solution doesn’t automatically solve the problem of whether a company decides to take someone’s personal/business data, and repurposes it. What it does offer a possibility of is to make asking for fewer correlatable data points or cloaked data points and make that the norm. This is a principle called data minimisation.

What do does ‘data minimisation’ mean?

Data minimisation means collecting the minimum amount of personal data that you need to deliver an individual element of your service. It means you cannot collect more data than you need to provide the elements of a service…

- Derived from UK Information Commissioner’s Office (ICO) guidance

Source: DuckDuckGo “Spread Privacy” blog

Two good examples of data minimisation in active usage are Apple’s Hide My Email and DuckDuckGo Email Protection: both offer the ability to hide the real email addresses as well as remove trackers that could leak personal data. Albeit these offerings are not built using SSI, it demonstrates a path forward that people will adopt privacy-preserving solutions when it is offered to them.

Companies hide trackers in your emails that can capture personal information. Source: DuckDuckGo “Spread Privacy” blog.

Self-sovereign digital identity expands this concept beyond just email addresses and enables data portability across different companies, industries, and even geographies — for far more types of personal/business data. Techniques such as selective disclosure allow people to control what they share and minimise it in a fashion that moves data ecosystems towards giving people more control over their data.

“For far too long, blanket terms of service agreements have forced consumers to either ‘agree’ to all of a company’s conditions or lose access to a website or app entirely…No negotiation, no alternative, and no real choice.”

— Rep. Lori Trahan (D-MA)

EXISTING DATA PROTECTION REGULATION IS NOT GOOD ENOUGH

66% of our respondents said they don’t feel existing data privacy regulations are sufficient to give people control of their data. This is no surprise when we consider that regulations such as GDPR have resulted in more compliance on part of companies…but with limited effect, on the control a person can exercise.

Screenshot of ToS;DR home page

It’s extremely common even under the scope of GDPR that people are prompted to accept long-winded terms of service, where they blindly grant access to companies to their personal data that they understand little about.

This situation has gotten ridiculous enough, to the extent that it has spawned projects such as ToS;DR (“Terms of Service; Didn’t Read”), where community volunteers annotate ToS policies into a more digestible format; and the Terms-of-service Labeling, Design and Readability Act (TLDR Act, a nod to the term “too long, didn’t read”) to legally compel companies to provide more tangible controls to people.

Trend #2: Users — and the companies/organisations where they want to use self-sovereign identity — have vastly different motivations

MOTIVATIONS OF USERS ARE LARGELY CENTRED AROUND CONTROLLING THE PRIVACY AND ACCESS TO THEIR DATA

We asked our survey respondents why did they, personally, care about self-sovereign identity. The choices presented here were based on commonly-quoted reasons the team at cheqd had heard during working during the past five years in the space of self-sovereign identity.

Some of the choices presented were directly beneficial to them, such as the privacy of personal/company data, which was ranked as the top reason for their interest in SSI by 62.3% of all respondents.

While the overall ranking disproportionately skewed towards privacy and control of their data, personal control (ranked 2nd overall) and efficiency gains (ranked 3rd overall) were the next closest motivations. Control and efficiency are things that both users — and the companies/organisations they interact with — care about.

Portability, better inclusivity, and technological innovation brought the middle of the pack with relatively similar spreads. Given the demographics of our respondents, there was a slight uptick at 1st/2nd ranks for concepts such as tech innovation and decentralisation than others.

Scope for commercial gains/profits had low ranks at position 1 or 2 (still higher than both innovation and inclusivity), with a big bump around 5th rank — a bit more on this later.

WHY WOULD COMPANIES/ORGANISATIONS BOTHER WITH PRIVACY-PRESERVING DIGITAL IDENTITY?

Stating that people in our survey wanted SSI is a tad obvious…and hopefully we’ve also shown through examples outside of the sphere why people care about and adopt privacy-preserving digital identity. But why would the companies that these users interact with care?

To dig into that question, we asked our expert audience of executives and industry experts from digital identity companies why their own existing/prospective clients cared about SSI.

Reducing compliance risk was chosen by far by more than 2/3rds of the respondents who answered this question (70% of respondents), which is undoubtedly aided by clearer regulatory frameworks that promote privacy-preserving digital identity (55% of respondents). (We cover the evolution of the use cases and regulatory frameworks later in Trend 5.) Tied in the second spot was a desire to stay ahead of the curve by adopting new technology (also at 55%), which contrasts with the relatively-low ranking of “technological innovation” as a factor from a user perspective. Reduction in costs, cost of existing identity verification providers, or generating new revenue was selected by fewer respondents, which could be due to an existing lack of solutions that enable this in the space.

Other reasons we heard from our expert audience on why their clients care about SSI…

“Providing new privacy enhanced experience for end users”
“Overcome surveillance capitalism”
“Increased trust and removing friction”
“End-to-end transparency & correlatability for compliance use cases; protecting business confidentiality”
“A recognition that the public favors solutions that value their privacy.”

IF EVERYONE WANTS SELF-SOVEREIGN IDENTITY, WHY ISN’T IT BEING ADOPTED MORE WIDELY?

The wide range of partners we have here at cheqd allowed us the opportunity then to flip the previous question and ask our expert audience what the biggest blockers they have heard from their clients in being able to consider SSI adoption.

The picture that emerges is an impression — whether justified or not — of technical standards not being mature enough (60% of respondents) and lacking/limited interoperability with products of other SSI software or existing enterprise systems (55% of respondents). To be fair, this is a clear rallying cry for the self-sovereign identity software industry: the developer experience of integrating, for example, Sign-in with Apple takes only a few lines of code, but implementing an SSI solution could take dozens to hundreds of person-hours of effort.

That might be slightly unfair as a comparison to make, or comparing apples to oranges since SSI goes far beyond what a simple single sign-on achieves. But the reality is that enterprise clients are, in all likelihood, actually comparing it to Apple’s (or Facebook’s / Google’s / traditional identity verification providers’) developer experience at a surface level.

This neatly brings us to the rest of the top 5 blockers: unclear understanding of return-on-investment for investing in SSI solutions (55% of respondents), lack of knowledge of the benefits SSI brings among decision-makers (50% of respondents), and lack of commercial/business models (30% of respondents). These all broadly fit into the theme of being able to articulate the business value of why SSI is beneficial. Educating stakeholders is a common refrain that comes up in the free-text responses.

Our purpose here in showing these answers is not to cast a shadow of doom-and-gloom on the prospects that self-sovereign identity has. Instead, we wanted to transparently highlight the areas the industry experts themselves have identified as spots where the whole sector could improve. We’re assessing and responding to this data ourselves at cheqd to see where we could improve.

Going back to the general survey for a second, it’s interesting to note that a larger portion of the general audience thinks the technical standards in SSI are mature enough for widespread use (28% agree, 38% neutral) compared to the results we saw from blockers faced by the expert audience.

Once again, an overwhelming portion of respondents (61%) agreed that Web 3.0 / blockchain apps need integrated digital identity solutions. They are also passionate that there aren’t any alternatives besides SSI they strongly believe in.

There is one thing that more than 70% of respondents from our expert audience agreed would have the biggest impact in driving the adoption of SSI among their enterprise customers: payment mechanisms for digital identity exchanges. Onwards to Trend #3…

Trend #3: Privacy-preserving commercial models for digital identity exchange could radically accelerate the adoption of self-sovereign identity

One of the core hypotheses behind cheqd’s inception is that a lack of commercial models — which are privacy-preserving as well — is hampering the lack of SSI adoption. We described this in The business models of identity as follows (excerpted):

… the time and resource cost an issuing/verifying organisation incurs must not be ignored for a viable and sustainable self-sovereign identity ecosystem.

For instance, government-issued credentials should be made free / as cheap as possible to acquire as they are funded through taxes and/or one-off fees. This is crucial as government-issued credentials are often the genesis of trusted data in many industry contexts.

However, in other scenarios where an issuing/verifying organisation is not a publicly-funded organisation, we do see an unmet need for compensating organisations that carry out the work of verifying digital identity. These organisations are the root of trust that make SSI credentials held by an identity subject more trustworthy and have greater utility.

In that blog post, we described this as the flywheel for SSI adoption: trustworthy digital credentials that are cheaper to consume and produce compared to the current costs of KYC/KYB verification services will, over time, increase the volume of credentials in circulation and hence drive these costs down for all users and companies to make consumption cheaper and easier.

The virtuous cycle of SSI adoption, accelerated by viable commercial models

As we saw in Trend #2, maintaining the privacy of users while they interact with companies is something that people deeply cared about. After all, if the gains that were gained from adopting self-sovereign identity were compromised by correlating payments recorded on an immutable ledger, these benefits are washed away. Obviously, cheqd will be designing and building with this in mind!

70.3% of respondents from the expert audience agreed with our internal thinking that privacy-preserving payment mechanisms for identity exchange would have a large impact on driving SSI adoption. The challenge, so far, has been models that achieve value exchange while maintaining privacy in transactions.

The Sovrin whitepaper in 2018 proposed a payment mechanism called holder-pays-issuer; an example of this is when I pay a government agency a fee to be issued a passport document. There’s a direct exchange of value here since it costs the government agency some money to process the request.

This model can also be extended to verifier-pays-holder; an example of this would be if I charged a bank that wants to KYC me for access to a copy of a digital passport credential. These two models clocked in at about 32–41% of respondents believing holder-pays-issuer or verifier-pays-issuer would have a large impact.

However, our hypothesis here at cheqd has always been that while there may be some credentials where people are willing to “buy” them (paying to get the credential) or where companies would be willing to “buy” the rights to have a peek at a holders’ wallet, it would be hard to convince all people in an ecosystem to change their behaviour towards this.

What we believe is a more viable commercial model is one where verifier-pays-issuer, i.e., the recipient of the information pays the person who created the credential. 62.2% of the expert audience respondents said verifier-pays-issuer would have a “large impact” on SSI adoption.

We don’t take it lightly that establishing such a model is hard to do while maintaining privacy. Our methodology here is to not create a locked credential — as that breaks interoperability and portability — but to allow issuers to charge for access to the revocation status of a credential.

Drivers licenses as an example of verifier-pays-issuer

I could show my drivers license to at a grocery store to prove my age when buying alcohol. Since the checkout staff only care about deriving my age from the date of birth, they don’t need to care whether the drivers license is actually valid (e.g., it could have been “cancelled” if it was reported as stolen) as long as it is document that was issued by a competent authority. This is analogous to showing a Verifiable Credential, where the recipient can see that the credential is cryptographically untampered.

However, if I took the same drivers license to go rent a car, the car rental agency would likely way to check if the license was issued by a competent authority and that it wasn’t otherwise disqualified/revoked (e.g., reported as stolen, revoked due to dangerous driving, etc). This is analogous to presenting the Verifiable Credential and being able to read it being free, with the receipient/verifier having the option of paying for a revocation status check. The revocation status here is an attribute of the drivers license document controlled by the issuer, and not an attribute of the license holder themself.

It’s important to clarify here that there is no one-size-fits-all, and we don’t plan on mandating any particular price point for credentials on the cheqd network. Instead, we believe that some credentials will likely be free to consume as well as check revocation statuses for, some will be charged out by holders of the credentials, and some will be “free” to present with an additional charge to check revocation status.

On that point, we recognise that having stable-pricing mechanisms is important for this economy of function. 40.6% of respondents said stable pricing would make a large impact, with 45.9% saying it would make a moderate impact. This aligns with our thinking in terms of how we plan on handling payments in stable dollar-equivalent payment means such as stablecoins. It forms part of our tokenomics vision that encourages flexibility and competition in the market.

Watch our talk The Seven Deadly Sins of Commercialising SSI from Internet Identity Workshop 2021 to dive deeper into how we’re thinking of tackling the challenges of privacy-preserving payments for digital credential exchanges.

Trend #4: Identity is a foundational building block for DeFi and Web 3.0

cheqd is a rapidly-growing digital identity startup, and we always want to ensure that we’re targeting our resources on areas that will have the greatest impact/traction. While it may not be 100% correlatable, instead of asking our survey audience generically about where self-sovereign identity might have the most impact, we phrased the question to ask them where we should focus our efforts.

DeFi and Web 3.0 applications are unique in the sense that “your reputation travels with you”, as described by a16z. Web 3.0 services have a high degree of switchability: don’t like a particular wallet, exchange, or dApp? There’s probably a different app or service to which you can port your user experience to, while retaining history.

Regulations such as the Travel Rule bring new compliance requirements on crypto businesses (which Nota Bene focuses on), and as more regulators get interested in “digital dollars” or Central Bank Digital Currencies (CBDCs), cryptocurrencies will face greater scrutiny. Other efforts have arisen more natively from the blockchain industry, such as Centre Consortium’s Verite, which aims to bring decentralized identity to crypto finance.

A lot of these CeDeFi use cases above are a variation of Know Your Customer (KYC) and Know Your Business (KYB) processes — but the concept of identity isn’t just related to KYC / KYB. For instance, it’s painfully common for low-reputation crypto projects to be a “rug pull”. (Simon Taylor’s Fintech Brain Food newsletter covers the intersection of DeFi and identity pretty well on a regular basis.)

Interestingly, our survey respondents were relatively lukewarm towards the idea of applying SSI to traditional finance (or, “TradFi”). Our hypothesis is that this might be due to either…

…an acknowledgement that the traditional finance sector moves very slowly. We’d phrased the question as what we should focus on this year.
…a bias due to our audience demographics.

THE INTERSECTION OF IDENTITY AND NFTS

Much like the issue of uncertain reputation in the case of “Who’s behind this particular crypto transaction, anyway?” — as demonstrated in the case of potential insider-trading of the Meebits NFT collection or Chainalysis’s report on rampant “wash trading” for these digital assets. A transaction involving a valuable NFT has the same issues as a high-value (fungible) token transfer does. OpenSea, one of the world’s largest NFT marketplaces, had to bring in special countermeasures to combat scammers who pretended to be from their own support team.

Bored Ape Yacht Club (BAYC) NFTs

Widespread interest in the NFT space is regardless creating a dangerous proliferation of projects that attempt to create “digital credentials” using NFTs. Pseudonymous identity, tied to a user handle or to a wallet address — the way that an NFT would be — is still an identity. The fundamental problem with using transferrable tokens to handle identity or reputation is that it’s hard to determine whether the reputation was earned or bought. Think of an employee pass, a driver’s license — or even something more pseudonymous such as a gamer profile. These are digital footprints that are earned through effort, and should not be transferrable.

Ethereum Name System (ENS) domains — like the one above — make the user experience of wallets simpler with the trade-off of making interactions more correlatable

Then there’s the issue of how strongly correlatable and privacy-leaking NFTs can be, due to the nature of them being linked to on-chain handles such as Ethereum Name System (ENS) domains. Many people willingly mention their .eth addresses on their social media, such as Twitter, making it trivially easy to follow any interactions with other wallet addresses, and understand what specific NFTs/assets that particular person owns.

It’s interesting to see the emphasis on DeFi / Web 3.0 in contrast to NFTs. This is a strong sign that there is an understanding of the distinction between these, despite the overall dominance of NFTs adoption in the marketplace. NFTs was the lowest-ranked use case in our survey.

Pest Control is the official authentication group for Banksy artwork

With valuations of non-fungible tokens such as Bored Ape Yacht Club (BAYC) soaring exponentially, NFT buyers may also care about the provenance of their digital artwork. This doesn’t mean the same as KYC: for instance, the official artwork authentication group for Banksy is a service called Pest Control. Many NFT artists also similarly skew towards pseudonymous identities and may want to offer the assurance on the provenance of easily right-clickable digital artwork — which helps provide assurance that maintains high valuations for an NFT collection — while preserving the privacy of buyers, sellers, and creators.

THE CASE FOR SELF-SOVEREIGN IDENTITY IN DEFI/WEB 3.0

One of the breakout use cases we saw for SSI was “one-click sign-in with cheqd”, with identity verification baked into onboarding. This is analogous to the ubiquitous Login with Google / Facebook / Twitter / [insert other large Web 2.0 service] buttons that you may see online. (More recently, Magic.link raised a $27 million Series A to bring such single sign-on technology to Web 3.0 apps as well.) However…the traditional Login with X button doesn’t prove my real identity: it’s just a shortcut method to bypassing a username and password setup. You wouldn’t really expect a username+password to be sufficient enough to prove reputation in the context of Know Your Customer (KYC), and also in scenarios where pseudonymous identity is sufficient. For example, a lot of decentralised finance (DeFi) or decentralised autonomous organisations (DAOs) may not require KYC in the traditional finance (TradFi) sense, but would perhaps care about preventing sockpuppet accounts from influencing governance decisions in their community.

Overall, we saw strong interest in this space on pseudonymous forms of identity and online reputation to various degrees. Crypto adopters might care about an inherently private means of proving their own reputation, the provenance of digital assets, or strong privacy-preserving mechanisms for validating whether they are transacting with the actual person/project they intend to interact with.

In the SSI context, one of the areas we’re keen to explore is to move beyond the usage of “well-known URIs” (Uniform Resource Identifier) to determine whether a Decentralized Identifier (DID) is trustworthy. This is achieved by tying a DID back to a web endpoint/domain name…which ultimately anchors things back to the very centralised public-key infrastructure (PKI) that DIDs aim to disrupt.

A pseudonymous online reputation is also valuable for traditional real-world and Web 2.0 services. We explore this in the next section.

Trend #5: Healthcare, Social Media, and Government use cases lead the pack among “traditional” sectors where SSI can be applied

HEALTHCARE & TRAVEL

The Covid-19 pandemic has undoubtedly been one of the largest-scale and most deeply-impactful periods in recent human memory, with loss of life and health effects that will likely linger for decades. It has also been a period of “forced experiments” that accelerated the adoption of digital/online services, as large parts of the world came to grips with new realities of what a hybrid workforce looks like.

“How do I prove my Covid-19 vaccination status, or test results, with a high degree of trustworthiness?” has been an especially important question that societies and governments have had to grapple with. Given this lived experience, it’s unsurprising that healthcare stood out as one of the top use cases in our survey. Covid-19 vaccination/testing results, provided through self-sovereign digital credentials, provide one possible solution to this question — without the need to create massive, global/regional databases of health records (arguably a bad idea) or having to rely on paper/PDFs (easily spoofed).

A wide range of airlines are trialling Covid-19 records under the IATA Travel Pass scheme, built on SSI credentials

For example, one of cheqd’s key partners — Evernym — built the International Airport Transport Association (IATA)’s Travel Pass scheme. Local governments, health agencies, and international organisations such as IATA allow travellers to easily, securely, and digitally prove their compliance with Covid-19 regulations. This is now officially accepted by dozens of airlines and governments around the world, as the world takes tentative steps to re-open.

cheqd’s co-founders have personal/professional experience with the use of SSI in travel and healthcare…

Fraser Edwards (CEO) worked on the Known Traveler Digital Identity (KTDI) initiative, a collaboration for the use of SSI digital ID for international travel between the World Economic Forum (WEF), the Dutch government, and the Canadian government.

Ankur Banerjee (CTO) was one of the key architects for the early trial phase of NHS Digital Staff Passports. Since then, Digital Staff Passports has evovled to an NHSX initiative being rolled out across certain NHS trusts with invovlement from Truu (a cheqd network partner), Microsoft (who built Azure AD Verifiable Credentials), Condatis, and Evernym.

GOVERNMENT

Without the involvement of governments across the world, these healthcare (and travel) use cases described above would have never really seen the light of day. One of the pioneers in terms of laying legal/regulatory framework guidance as well as funding technical research in this has been the European Union government, especially through its Next Generation Internet Initiative: the European Self-Sovereign Identity Framework Lab (eSSIF-Lab).

European Union’s Self-Sovereign Identity Framework Lab (eSSIF-Lab) is one of the

Read Evernym’s analysis of the EU Digital Identity Architecture and Reference Framework, written in collaboration with ValidatedID, Intesi Group, and iLabs which explains the latest developments in how the EU guidance impacting SSI is evolving.

It’s no surprise that the EU, with its multi-nation bloc, recognised the need for portable digital identity credentials that would work across all the EU nations without needing to resort to massive EU-wide databases. The European Blockchain Services Infrastructure (EBSI) and eSSIF-Lab provide an early look at what an ecosystem focussed on user-controlled digital identity could look like.

European Blockchain Services Infrastructure (EBSI) potential market, by the numbers

Other early pioneering government initiatives in self-sovereign identity are the IDUnion network in Germany (which has cheqd network partners Danube Tech, eSatus, European EPC Competence Center, and Spherity as members); and the Government of Canada with has a rich ecosystem of national and provincial initiatives for SSI.

Governments have a strong fit with the identity space, as a lot of the “genesis” of identity attributes are often derived from government-issued credentials. Many governments around the world are also keen on improving the citizen/resident experience, building on technology stacks that don’t have strong vendor lock-in.

Trend 5, therefore, helps us show the growing interest in how the first credentials in any SSI ecosystem can be created from government entities.

Methodology

We feel it’s worth providing some insight into how we constructed and ran the survey. Overall, we had 114 completed respondents to the general survey (with a completion rate of 65.8%; pretty high given that average survey completion rates are around 10–33%). The estimated audience/population size this survey was offered to was ~12,000. Taking the sample size of respondents into consideration, it allows us to state a confidence level of 95% (with a margin of error of 9%) for the trends and conclusions drawn from this survey.

We also asked all respondents to self-score their knowledge of decentralised digital identity and Web 3.0 from low to high. Our audience composition likely resulted in most rating themselves average to high (between 5–10 on our scale), due to their industry background in these topics.

At the end of the general survey, we identified 45 respondents as either pre-qualified experts from our partners or self-identified as having a high degree of knowledge of digital identity / Web 3.0. We had 37 completed respondents to this deep-dive survey (with a completion rate of 84.6%). This group included experts from some of the world’s most prestigious early-stage to late-stage digital identity companies and Web 3.0 partners. Given the estimated population size (~90 qualified individuals) this survey was offered, the sample size of respondents allows us to state a confidence level of 90% (with a margin of error of 10%) for additional insights derived from the expert audience group.

TOOLS

We used Typeform for this survey as we both valued the branching options it offers, whilst also appreciating the overall user experience it offers. One of the consistent pieces of feedback that we received was that the respondents enjoyed answering the survey and found it a “slick” experience.

One of the issues we encountered with Typeform was that we used its auto-estimation feature to calculate the estimated length of the survey (in minutes). This led us to state that the survey would take “7+ minutes” to complete. What we didn’t realise at the time is that Typeform stops counting survey length after 7 minutes. We also validated the “7 minutes” length by running through the survey internally, but during this internal testing, we didn’t provide extended free-text answers — which many of our respondents did. As a consequence, the average completion time was approx. 31 minutes, which was significantly higher than the expectations we set with people. (Since this is an average figure, some people would have spent significantly shorter, while others longer. This may even include the time when the survey was left open in the background in a tab.)

Another issue we ran into was Typeform being unable to export answers to multi-select questions in a consistent format, which took us 2+ weeks of back-and-forth with their customer support team. (Thankfully, they were proactive in offering us service credits.)

Despite the challenges we faced, the extremely high completion rate and overall positive sentiment towards the survey showed us that when a survey is designed to be engaging and feel quick, it makes respondents likely to respond in detail and offer rich insights. We’ll be more careful about setting the expectations right when designing future surveys on the time commitment needed. Typeform enabled us to build this experience, and we foresee us continuing to use it, above tools such as SurveyMonkey.

We also used Datawrapper to generate visualisations that could be embedded easily, since they offer the ability to have dynamic and interactive embeds, the ability to download static images, and auto-suggest “sensible” defaults for visualisations. They also guarantee to keep the charts alive regardless of whether our account there is deleted, thus preventing link rot, and don’t track as much data as competing solutions such as Google Charts.

QUESTION FORMULATION

Generally, we tried to keep to consistent usage of ranking scales and Likert Scales because these offer a clear picture of how badly something is wanted, rather than a simple indication that there is somewhat of a desire without a clear way of comparing one to another. For example, just asking respondents whether to pick amongst a list would tell us what percentage overall voted for a choice, but wouldn’t tell us how they ranked the options against each other when forced to make the choice.

Similarly, the usage of “Strongly Agree to Strongly Disagree” allows us to understand degrees of agreement/disagreement to a statement, rather than a simple yes/no binary choice. We took a lot of care to phrase statements in a neutral fashion (as far as possible) and then present a choice against Likert Scale, as well as blending in statements that implied the opposite sentiment to previous statements — as this allows us to check whether the spread of opinions is a mirror image or not. This helps validate whether someone is simply going down a column, picking the same choice, to breeze through the survey as quickly as possible.

We wanted to make this survey overall more quantitative as it is far easier to retrieve more results, plus analyse and inform our strategy with a more data-driven approach. That said, the offering of free-text input proved worthwhile; we loved the range of comments and opinions, as can be seen from some of the quotes we pulled out above.

AUDIENCE DEMOGRAPHICS OF THE RESPONDENTS

When approaching this survey, we had two key objectives. First, we wanted to uncover deep insights from our partners that could help strengthen our understanding of what is most needed from cheqd. Secondly, we wanted to be open enough to resonate with those with less specific knowledge, since such persons can help provide a more objective and generalist perspective on us as a company and the direction we should head in.

We created this survey in a way that not all questions were meant to be completed by every respondent. For example, if someone was to indicate in certain questions that they held limited knowledge of self-sovereign identity, we used branching logic to ensure these individuals did not provide answers without enough prior insight as this could taint the overall results. We also chose to accommodate a larger audience to improve the overall reliability survey, as if we had just surveyed those immediately involved in SSI (i.e. current and prospective partners), we’d likely witness a level of confirmation bias about the overall level of understanding of the space and what is more sorely needed.

We also noted that surveys that take too much time drastically worsen the overall results, as questions towards the beginning get more love. Therefore, on top of leveraging branching logic to help improve the accuracy of results, we also used the branching logic feature to help limit time spent on questions that either didn’t have relevance to the respondent or would leave them unable to answer, thereby simply selecting any option so to proceed.

ANONYMITY/PSEUDONYMITY OF RESPONDENTS

This was important to us for obvious reasons: both for what we stand for at cheqd but also for the validity of results. When forced to provide their identity people will generally answer less honestly and often overly positively. However, we did want to be able to guide respondents down the right path based on their level of experience and area of expertise.

To balance these somewhat competing needs, we opted to ask for aggregated demographic information to guide the branching logic of the survey and waited until the end to offer the opportunity to provide any more personal information.

What’s next

To recap, we identified the following key trends from our survey:

Trend #1: Maintaining privacy and control of their own data is of paramount importance to web users
Trend #2: Users — and the companies/organisations where they want to use self-sovereign identity — have vastly different motivations
Trend #3: Privacy-preserving commercial models for digital identity exchange could radically accelerate the adoption of self-sovereign identity
Trend #4: Identity is a foundational building block for DeFi and Web 3.0
Trend #5: Healthcare, Social Media, and Government use cases lead the pack among “traditional” sectors where SSI can be applied

There is plenty more that could be extracted from the survey, which is a testament to our community and respondents for providing such thought-provoking insight. Stay tuned for our following blog posts, where we go into greater detail about trends in the Web 3.0/Cosmos ecosystems, and in the standards stack of self-sovereign identity.

All of our charts can be found on Datawrapper River and are reusable under a Creative Commons Attribution-ShareAlike 4.0 License. The aggregated, non-identifiable survey responses can also be accessed under the same licensing terms for anyone who is interested in re-using this survey.

We’d love to hear your thoughts and take about the state of self-sovereign identity and how it intersects with the Web 3.0 ecosystem. To find out more about SSI and digital identity, follow cheqd on LinkedIn or Twitter.

Data Privacy Digital Identity Verifiable Credentials

Scale your SSI start-up with cheqd

cheqd provides eligible SSI start-ups with the network tools, payment utility and grants to build with us and scale. Entrepreneurs in self-sovereign identity can leverage cheqd’s network and grant program to launch their start-up journey and join us in solving some of the most critical problems in privacy, and identity today.

The ability to build and scale with minimal costs and maximum support in SSI is critical, and at cheqd, we enable our SSI start-ups to utilise our network for verification of trusted data, the utility of our payment rails, use of our sophisticated tooling and product, customisable business models and ongoing support.

On top of the network’s core utility and functionality, cheqd also offers inclusion in our forthcoming partnership network. In this self-serve ecosystem, SSI start-ups can engage with cheqd consulting partners, enterprises, and web3 organisations or enter knowledge sharing and potential partnerships with mature SSI vendors. We’re building a budding open-source community and we’re constantly looking for co-creators, builders and innovators to join us on our mission; to reclaim our data and commercialise SSI at scale.

In announcing our first SSI start-up cohort, we’re also proud to announce a bespoke grant program tailored for SSI start-ups in ideation, pre-seed, seed stages. Eligible SSI start-ups can access $CHEQ token grants to enter cheqd’s ecosystem, begin validating the cheqd network and utilise the network and all its advantages to go-to-market, focus on building, and join us disrupting established paradigms to create new and fair data landscapes of the future.

Here is our first SSI cohort profile and the incredible challenges they’re looking to solve:

DOSHY

“Doshy is an Australian-based digital credentialing platform making it easy for individuals and organisations to issue, receive and verify SSI-enabled verifiable credentials. Doshy joined the cheqd network to enable us to offer our customers an even stronger business case for leveraging verifiable credentials, and contribute to a network that is critical to enabling mainstream SSI adoption. Together, Doshy and cheqd’s partnership will accelerate the decentralisation of digital credentials and identities.” Liem Truong (CEO, Doshy)

cheq Doshy out: https://doshy.com.au/

YELLOWDOTPINK

“YellowDotPink was founded on principles ensuring sustainability is equitable, transparent, and truly effecting of change – not just symbolism. We are currently focused on empowering renewable asset owners to benefit from new and emerging energy market structures aimed to deliver Net Zero benefits through electrification. Verifiable credentials (through SSI) deliver significant benefit in the energy sector with the ability to provide consent, verification, and an overarching cyber security capability to meet (through governance) strict critical infrastructure regulations for market participation. YellowDotPink is excited to partner with CHEQD as a leader in the SSI space. The CHEQD network is forging new and progressive governance to SSI and associated payment rails from core values of privacy and security by design. We look forward to working closely with CHEQD to help empower our clients.” Paul Grehan (Director, YellowDotPink)

cheq out YellowDotPink: https://yellow.pink

And follow them on Twitter.

KNOWNPRIVACY

“We chose cheqd as the payment rail for Known Privacy because of its focus on Self Sovereign Identity. chedq is engineered and optimized specifically to support SSI, making it an easy choice.

Known Privacy was created to give consumers ownership and control over their personal data. We are focused on changing how marketers acquire and use personal data for targeted advertising and personalization. We leverage SSI to empower marketers to pay consumers directly for their data, rather than pay for data acquired through secretive tracking and surveillance companies.

Joining the cheqd community has been an incredibly positive experience. The support directly from the cheqd team and members of the community has been great, even in the midst of an incredibly busy launch. We are looking forward to continued participation and engagement with this amazing project.” John Ruder (CEO, KnownPrivacy)

cheq out KnownPrivacy: https://www.knownprivacy.com/

And follow them on Twitter.

WOPLII

“WOPLLI Technologies is an early-stage startup with a vision to make our experiences [as we work, play, learn, live] to be safe, fair and trusted. WOPLLI has adopted 5 key architecture principles to progress this work human centricity, decentralization in identifiers, distribution in data processing, heterogeneity in controls and self-healing. With this, we are working on creating a trusted platform that will enable a person to transact with verified things. DID, SSI and VC are central to the architecture of this platform. Along with the platform, we are creating and contributing to standards and frameworks including at TOIP, DIF, IEEE and NIST. We’re excited to join the cheqd network, to accelerate our vision and join the partnership network to help scale our start up and utilise cheqd’s technology and tooling to build our platform out from our original idea, to product.” Vikas Malhotra (CEO, WOPLLI)

cheq out WOPLLI: https://www.woplli.com/

And follow WOPLLI on Twitter.

cheq out WOPLLI on LinkedIn: https://www.linkedin.com/company/woplli-technologies/

CLIENTFABRIC

“As a founder looking to leverage Self Sovereign Identity to help firms fight financial crime, I was looking for a firm that had great products, people who are passionate about what they do, great to work with and I found cheqd ticked all those boxes.

Client Fabric is on a mission to fight financial crime and fuel commerce by engaging, enabling, empowering clients to Own, Earn from and Do Good with their data. An ecosystem, to support that aspiration, has several elements and we are starting with what, we believe, will make the single biggest difference in accelerating adoption i.e., skilled professionals who can serve both end clients and firms to meet their needs. We are building a global network of Certified Due Diligence Professionals (CDDPs) with the verified credentials that clients and firms can trust.” Arun Kiezpadathil (CEO, ClientFabric)

cheq out ClientFabric: https://clientfabric.com/

We know starting a start-up is an exciting, yet challenging time. Whether you’re in ideation, pre-seed or seed, supporting our SSI start-up partners is critical to the success of our network.

We want our network to grow and scale with the innovation of everyone involved in the SSI industry and that’s why we’re proud to announce this first cohort and our grant program.

If you are an SSI start-up looking for a network to support your journey, please get in touch with Tobias Halloran, Head of Partnerships at [email protected]

Data Privacy Digital Identity Verifiable Credentials

cheqd meta-analysis finds the Self-Sovereign Identity market is worth over $550 billion

cheqd aims to redress these structural markets issues by inverting data ownership, allowing individuals to create a single profile that they control and share with companies as and when they choose.

Click here to read the whitepaper in full; cheqd’s methodology has been published in detail so that all market participants are able to use the data for their own calculations.

About cheqd

cheqd is a technology company enabling individuals and organisations to take full control of their data. It provides payment rails, customisable commercial models and governance structures for authentic data, including self-sovereign identity (SSI). Based on blockchain technology, cheqd is built upon a public permissionless network with a dedicated token – $CHEQ.

Founded in 2021 by CEO Fraser Edwards and CTO Ankur Banerjee, cheqd is a driver for innovation backed by Outlier Ventures, Evernym, TitanBlock, 3GR, Cosmos’ Tendermint Ventures and private investors, receiving a total raise of just over £2.4 million in its Seed investment round.

For enquiries, please contact:

Alexandra Santos
[email protected]
07972 854508

Data Privacy Digital Identity Verifiable Credentials

Welcome to a new era for decentralised identity

Co-authored by Alex Tweeddale, Ross Power, and Ankur Banerjee

We DID it! 🎉🥳 cheqd has recently launched its mainnet for a token-incentivised SSI network built on the Cosmos blockchain framework. This mainnet comes as a successor to our successful testnet releases and incorporates our tokenomics for mainnet, cheqd Governance Framework and core identity functionality.

Recap

Over the past nine months, since cheqd greeted the world in April, we’ve been on quite the journey. It was only four months ago in July that we announced our roadmap to launch an incentivised SSI Network on Cosmos, and since then we quickly open-sourced our code and launched our testnet in August, together with our initial partners Evernym, Outlier Ventures and DIDx. The next month, in September, we raised $2.6 million into equity at a $42.6 million valuation.

Alongside these large milestones, we have also made a number of smaller accomplishments. We have created the first of its kind decentralised governance framework for self-sovereign identity (SSI), based on the principle of increasing Entropy. We have transparently released our tokenomic parameters and distribution strategy. And we have made numerous educational blog posts on SSI and DeFi.

This is a big one though.

We are thrilled to announce that we have successfully:

Launched our mainnet alongside over 20 leading SSI vendors, as Node Operators
Launched the $CHEQ token for incentivised SSI payments
Enabled core identity functionality on our mainnet release

Where do we begin?

Two weeks ago, we released our new software version (“v0.3.1”) and we are excited to say that this is our mainnet.

We have released the software now because we are confident that our latest release of testnet (“v0.2.7”) was stable, functional and provided a user experience that we were happy to release to the world. A big thank you to all of the Node Operators on our testnet who have supported us in ensuring we are ready to launch.

Our New Partners

We are incredibly proud of the partnerships we’re building at cheqd, and this is only the beginning! A selection of cheqd’s SSI mainnet launch partners has been featured by 150+ press outlets. Cheq out our graphic featuring our partners below.

At cheqd, we put our partners first. Our partners directly influence the direction of the network in a framework created for commercial, technical innovation and delivery.

We’ve implemented our decentralised governance framework to support this, a distributed consensus of users and Node Operators on the Network. This means that we do not prescribe to our partners any ways of building on the Network, or how cheqd itself develops.

We have also implemented continuous feedback loops, touchpoints, feature requests, an open-source community with forums for discussion and open dialogue. Through these channels, we will maintain industry best practices, in line with our Principles and Code of Conduct, to ensure that our partners progress in our ecosystem and create new authentic data marketplaces through cheqd’s tools and network utility.

cheqd intends to become the next evolution of SSI networks, bridge the emerging world of Decentralised Finance (DeFi) with SSI, and support our SSI partners with never-seen-before payment rails and commercial models for their enterprise customers. This is the first step to achieving that goal.

Please cheq out our approach to partnerships here and contact [email protected] or [email protected] to join cheqd’s mainnet.

What is new on mainnet?

cheqd was always meant to be designed with decentralised identity at its core. We have spoken a lot about our token in previous blogs, and in this release, we are excited to release our foundational identity functionality.

The most important new features of mainnet are:

Added functionality for decentralised identity, specifically Decentralised Identifiers (DIDs), utilising the new cheqd DID method
Amended the genesis parameters
Integration with Keplr, OmniFlix and Block Explorer

Decentralised Identifiers (DIDs)

While creating cheqd, we wanted to make sure that our network supported the World Wide Web Consortium (W3C) technical standards as closely as possible.

For this reason, we decided not to build cheqd on top of Hyperledger Indy (read here to find out why) or another existing identity ledger, which is not directly aligned with the formalised standards. For example, the current Indy Decentralised Identifier (DID) method does not support DID Docs in a way that is compatible with the W3C standards — this creates a fundamental misalignment between solutions built on Indy and the rest of the SSI community.

Transparently, we felt that we could do better; aiming to create a more unified Layer 1 ecosystem, built specifically for the decentralised identity community.

So where did we land?

We wanted to acknowledge the breadth of identity work that is built on Indy, without using it directly. As such, we decided to rework the existing Indy DID method into something DID Core compliant.

With better compliance against the DID Core specification, the goal of the cheqd DID method is to maximise interoperability with compatible third-party software libraries, tools and projects in the SSI ecosystem.

We are proud to showcase the cheqd DID method here, which explains this in more detail.

Following our mainnet launch, vendors are able to anchor DIDs on cheqd, which enables an equivalent function to other identity ledgers — but with a more exciting roadmap! (see below)

Genesis Parameter Adjustment

When we initially launched cheqd’s testnet v1 in July 2021, we were still in the process of finalising the tokenomics that would be deployed on the network. This meant that our cheqd node software used the default parameters from a Cosmos SDK network along with identity transactions implemented on the Hyperledger Indy transaction model.

We have since then published our tokenomics model for the cheqd SSI network and a series of blog posts walking through the cheqd Governance Framework.

Our tokenomics blog post is the best starting point to understand the fundamental values.

While we were testing these parameters out in testnet, we noticed that we were running into a recurring issue. To make a change on the Network, a governance proposal was needed to be made. The voting period for this change was two weeks, and until this period was up, we were not able to make any other changes. This created a time lag between when updates were ready and when we were able to implement these changes.

For this reason, we have chosen to reduce the voting_period and deposit_period to one week (down from two weeks).

Similarly, the period to unbond from a Validator was three weeks. With the voting_period reduced to one week, we thought it would be sensible to reduce the unbonding_period equally. We have now reduced the unbonding_period to two weeks.

These changes are more like tweaks than any breaking changes, but the intention is to make the initial progression and development of cheqd more frictionless in the initial months, while many updates get pushed out.

Integration with Keplr, OmniFlix and Big Dipper

As part of our mainnet update, we wanted the cheqd Network to have core utility right from launch. For this reason, we made sure to integrate cheqd with:

Keplr: A Cosmos-native wallet
OmniFlix: A dashboard for staking, delegation and governance
Big Dipper Block Explorer: A way to monitor price, transactions and validators on the Network

We have already posted instructions on how to get our Keplr wallet set up, you can find these here.

Similarly, for help with staking, delegation and governance, read our instructions here.

Finally, we have integrated with a block explorer to make it easy to monitor the price of CHEQ, the Validators on the Network, their voting power and commission, as well as transactions made.

Check out the block explorer here

Wrapping it up…

This is still just the beginning for us at cheqd. In the coming weeks, we’ll be sharing a thorough look at our Product Roadmap for 2022 to close out our first (almost) year at cheqd.

We couldn’t be happier to hear the excitement coming from our community and partners alike, and we will continue to include you in every step of the way as we build the authentic data network at scale and help drive SSI to global adoption.

If you would like to learn about our partner programme for self-sovereign identity vendors, please reach out to us at [email protected]. If you’re interested in more regular updates you can follow us on Twitter and join our Telegram group.

Please feel free to ask us any questions on the cheqd Community Slack. We also hugely believe in the value of the community supporting and engaging with each other, so whenever you see someone in need of support, feel free to jump in.

Onwards and upwards,

The cheqd team 🚀

Data Privacy Digital Identity Verifiable Credentials

Self-sovereign identity use cases

Co-authored by Eduardo Hotta and Elina Yumasheva

While self-sovereign identity (SSI) sounds like an unfamiliar concept for some, others are actively leveraging the technology to address industry-specific challenges — take the KYC trial of the Financial Conduct Authority or the IATA Travel Pass.

But before we go any further, let’s define what SSI is.

What is self-sovereign identity (SSI)?

Self-sovereign identity (SSI) is an emerging concept for exchanging authentic and trusted data related to people, companies, and things in a much more secure and privacy-preserving way. Essentially, it gives the individual a verified master-copy of their own data, affording control over what information they share and removing the need to store personal data entirely in central databases. Watch SSI explained in 25 seconds here.

It could be key to unlocking access to banking, government benefits or other services, and as McKinsey Global Institute research suggests, it could boost economic growth by 3% in the UK in 2030.

Do we have a problem with digital identity?

Current identity solutions largely incentivise issuing/verifying organisations (the data controller) over the individual/company (data subject). The data subject (i.e. an individual or a company) at best has to directly pay (sometimes prohibitive) fees to acquire documents, and at worst, often have no control over their own data (as often in targeted advertising).

The bottom line is that the current identity model is fundamentally broken as it’s all built and controlled by third-party providers rather than individuals. The result of such a set-up from a user experience is that, on average, an individual has 130 to 200 different accounts tied to the same email address. This makes it in many ways a paradise for threat actors, as they can target organisations’ data silos and can use phishing and social engineering techniques to try and trick individuals into giving away their passwords to a multitude of accounts. Over time, data subjects have lost track of what data is being stored and by who.

Know Your Customers and Finance

When it comes to use cases, SSI has a variety of applications, and, arguably one of the most known within the Banking sector is Know Your Customer (KYC). Most processes that touch finance usually request user identity verification, such as transactions that require payment. SSI enables a reusable KYC concept that offers a much more seamless way of ID verification. When an ID verification is needed more often due to compliance or regulatory pressure, SSI can significantly reduce the friction for users improving a customer experience while providing a compliant service.

In short, current KYC is ‘single-use” while” KYC’ed SSI makes KYC’ recyclable’.

However, friction reduction goes beyond the Business to Consumer (B2C) space and applies to the Business to Business (B2B) use cases. SSI also provides traceable and auditable personally identifiable information (PII). Finally, as it’s also applicable across-industry, SSI ultimately speeds up the onboarding process for new customers and improves security by removing the unnecessary paper trail. This makes it a rather useful solution to enable mobile banking. One of the notable examples is the UK government, which launched a trial for their Financial Conduct Authority (FCA) using an SSI-powered solution for onboarding users.

SSI in Decentralised Finance and Crypto

Moving beyond traditional banking, the Centralised Decentralised Finance (CeDeFi) also sees a robust application for SSI. Since identity verification is equally required in both centralised and decentralised finance, with neither satisfied with the existing KYC and identity approaches, SSI can provide that identity layer that meets both worlds. It creates a bridge between traditional data-heavy interactions and an anonymous DeFi approach, while CeDeFI will provide the financial infrastructure for SSI adoption in a key market.

cheqd’s ultimate vision is to establish the payment rails for identity, initially self-sovereign identity without anyone needing to worry about the underlying technology. This perfectly aligns with the CeDeFi vision of providing a spectrum of financial services without the need to worry about whether they are centralised, decentralised or what technology they are built on. The blending of CeFi and DeFi also prevents the need for multiple, siloed identities, which is the problem SSI is built to solve.

Within the Crypto and DeFi space, SSI enables peer-to-peer (P2P) transactions. One can share a small piece of identity information, i.e. a Telegram handle, to prove who they are without disclosing their identity publicly. This means no more test payments to check wallets. Another option is doing KYC’ed loan pools without storing the data — instead, only keeping ‘yes’ or ‘no’ answers.

Travel and SSI

The travel industry probably shows one of the most relatable SSI applications enforced by the pandemic developments. International and domestic travel has always required identity to be shared in the form of passports, visas and other documents. In the age of COVID-19, this has been made even more complex as another layer of health certification has been added. Take the ‘track and trace’ system, for instance; one of the biggest downsides is that a lot of personal information is shared with a vast number of third parties. One of the projects in this space is the Covid Credentials Initiative, which aims to develop ‘privacy-preserving verifiable credentials’ to spread the virus through the use of SSI.

Airlines are actively testing global credentials to verify health passports using SSI and digital identity with the International Air Transport Association (IATA) developing IATA Travel Pass. It stores encrypted data, such as verified test and/or vaccination results on the traveller’s mobile device, meaning it’s fully decentralised as there is no central repository for this information.

NFTs and SSI

In a nutshell, self-sovereign identity helps to prove who created, owned and/ or currently owns Non-fungible Tokens (NFT) across their lifecycle as well as providing ownership of fractions. SSI can solve the provenance issue regardless of the ledger NFTs are hosted on. SSI can enable a fully decentralised content consumption with payment and identity — in other words, consumption of media/content directly from the creator without a distribution channel. This can help creators to receive fair payments for their work and interact with their audiences directly. cheq out our thoughts on how NFT and SSI combined unlock a new gaming experience here.

Another issue that self-sovereign identity can address is identity tied to payments. There is currently no way to verify the identity of the payment receivers in Crypto/ DeFi transfers beyond the wallet address. It’s a problem even for low-volume transfers, but increasingly more so on high-value transfers. While there is always a need for anonymous payments in Crypto, there are occasions when it’s useful to verify who is receiving funds.

Other SSI use cases

While the list can go on, especially as various industries join the bandwagon and pick up the technology, there are a few notable examples. Decentralised storage is getting more traction as SSI can be implemented to manage participants’ data and store distributed files with decentralised access control. Decentralised identity and the technical standards involved (Verifiable Credentials and Decentralised Identifiers) can also be used for:

• E-commerce: Besides increasing transactional security and preventing potential e-commerce fraud, it reduces onboarding and payment friction. A few examples of existing projects include Barclaycard and OpenBazaar.

• Corporate or organisational identity: Making it easier to trust companies one is interacting with, especially over the internet. For instance, Bosch is participating in The IDunion network’s project that develops an internationally deployable SSI application for corporate identity and master data management.

• Product or package identity: Enabling more efficient and effective track and trace for real-world supply chains. The global blockchain supply chain market size is projected to reach circa $9,852 million by 2025, with a growth of more than 80% from 2018 to 2025.

And of course, the most exciting one is the metaverse. As metaverse is a very decentralised concept and is about privacy, control, openness and interoperability, its requirement for identity verification and trusted data elements should also be fully decentralised. The metaverse needs to be designed on open standards – with SSI and verifiable credentials hopefully playing a pivotal role here. Explore the symbiosis of metaverse and self-sovereign identity and how they fit within Web 3.0.

Conclusion

The beauty of this technology is that it addresses issues that are universal and applicable across industries. With more and more companies leveraging SSI, the list of use cases will grow fast, making SSI a reality soon. Take a look at the most comprehensive list of self-sovereign identity use cases here.

Data Privacy Digital Identity Verifiable Credentials

Marketing in a privacy-preserving way

This is the first blog post of a series of three.

“Marketing in a privacy-preserving way” used in the same sentence, I bet, sounds like an oxymoron for a majority of marketers. Marketing is well known to surpass any personal boundaries whatsoever in service of communicating the greatness of that product or service that you’re unaware of yet but should totally get; otherwise, your life will be miserable / you won’t fix that problem of yours (perhaps you didn’t know the issue existed) / <add your variation here>.

What prompted us to look into the subject?

Exploring the possibilities of marketing that respects one’s personal privacy has been on our radar for an apparent reason. Giving individuals and organisations back their privacy and control of their data is our mission and the very essence of what unites our team. We’ll explore what we’re doing at cheqd to enable privacy-preserving marketing in a separate post — we would love to share our learnings in this space and hear your thoughts.

Now, what struck us was an organisation working in digital identity that has been shamelessly offering data on their customers to anyone interested in purchasing it.

We were shocked.

Obviously, marketing practices should be ethical across industries, but hearing that from an organisation claiming to address the privacy and data problems makes it double unethical (if such a thing exists).

Living by your mission

And this is a typical example of an organisation having an absolute mismatch between its mission and its actions. I pay particular attention to this as I have an unusual background. I studied environmental science and worked in corporate sustainability for the past ten years, communicating the value of products and services with a purpose (I’m also developing as an artist, but that’s another story).

So ethics of marketing or broader communications practices have always been part of my considerations. But I’m not in any way claiming that it was perfect because, as for the majority of marketers, our holy grail was following the latest best practice (whatever that was in that particular time), which I did too.

Being surrounded by like-minded individuals at cheqd, I finally feel that we can do things differently. The question I want to put out there is whether ethical marketing will always be disadvantageous compared to traditional marketing? Is it going to be limited in its reach and effectiveness and/or be more expensive?

Marketing monopoly

Speaking of the price, there’s a backlash on the social media giants that, simply put, sell your data to advertisers (take Cambridge Analytica or The Social Dilemma). Society rightfully disapproves of these practices. However, this is arguably one of the “most straightforward” and widely used ways to acquire new customers from the marketing perspective (hello, targeted advertising).

I’m not going to argue against or in favour here; my point is of a different nature. This becomes a somewhat monopolistic business — a marketer pretty much ends up with Google/ YouTube, Facebook/ Instagram, Twitter and LinkedIn suite. Even if you don’t run pay per click (PPC) campaigns or promote your posts, you’d still most likely rely on collaboration with influencers within those systems. If not the only advertising avenue for some companies, this handful of tech giants, at least, is the major one. And this is concerning.

If you’re to ditch this tech suite for the reasons above, what are you left with?

So, I take you back to my original question — can one truly have ethical marketing — marketing that respects an individual’s personal boundaries? And would it be effective?

In an attempt to answer this question, we’ll explore the legislative developments in the space in our next blog.

In the meantime, do let us know what you think and make sure to join our Telegram community here. We’re also on LinkedIn and Twitter.

Data Privacy Digital Identity Verifiable Credentials

How to make digital identity more inclusive and accessible

The last few months have been fruitful, and we’ve been to a number of events, presenting or participating and learning. As you know, giving back to our community is core to everything we do (hint: we love being invited to events — drop us an email to [email protected]).

Today, we’d like to focus on the Diffusion July 2021 event organised by Outlier Ventures. We discussed making digital identity more inclusive and accessible together with Alex Preukschat, author of Self-Sovereign Identity book, SSI Meetups, Aron van Ammers, CTO & Co-Founder, Outlier Ventures and Evin McMullen, Co-Founder, Serto and Ankur Banerjee, CTO, cheqd. We find this topic of paramount importance, and the tech sector certainly has a long way to go, so we’re grateful to be having this conversation.

Let’s start with a definition of inclusivity and accessibility in the context of digital identity. There are a number of layers of accessibility that could be looked at, including:

1) on a user-level — does it require additional skills? I.e. is it localised? Is it going to work with the hardware you have?

2) on a personal level — is the concept even understood? Can you explain what digital identity means to a friend?

3) underlying tech itself — does it require smartphones only? Could it be widely used across the world?

4) on an operational level — how compatible is it with your existing operational model? Does it require restructuring to use this new tool?

Examples of digital identity use cases

It’s hard to talk about identity without pairing it to a use case. People don’t get up in the morning thinking about digital or self-sovereign identity (SSI), they think they need to fly to X, open a bank account etc., and for that, they need to prove their identity. Usually, you’d think about digital I.D. as a means to achieve the secondary goal.

There are a few examples of digital identity use cases:

Airlines started testing global credentials to verify health passports using SSI and digital identity.
NHS in England rolled out a programme to make it easier for doctors to transfer their credentials across when onboarding within a hospital.
The E.U. green certificate and International Travel Association are doing something similar. Both explore the ways to issue unique digital credentials that individuals can carry on their phones to prove their identity.

Issues related to digital identity accessible and inclusive

The usability aspects don’t get spoken about often within the SSI world partly because this is a very new field, and it’s usually a very technical conversation. Some have been considered in detail as part of the SSI working groups across companies regarding the COVID-19 credentials.

Accessibility and inclusivity are two different terms, though closely interlinked.

On an accessibility level, take a typical example of not having an active internet connection. By default, you have to be connected to the internet as your credentials are on a blockchain — how can you present your credential without an internet connection? We often think this could happen if you’re on border control in a remote place, but often you can be in your office in the city of London with no network coverage.

Another example is not having a smartphone. Put aside a digital divide between the people who own and don’t own one could still affect everybody. Imagine your battery dies, and you can’t charge it? Voila, consider, you don’t have a smartphone anymore.

On an inclusivity front, some of the issues to consider are: how expensive are these systems to use? How easy are these systems to use?

Right now, digital identity is being adopted to its best by early adopters. Even with traditional software, usability and UX have always been a big challenge, putting aside the need to explain how to use this new service. You’ve got to consider various demographics, behaviour preferences, cultural aspects and languages, digital literacy, at last! How easy are these experiences to understand to a broad group of people?

Another aspect to consider is a tricky one — how can you prove that these credentials belong to you? Uber teaches us a good lesson. An Uber driver got approval to conduct commercial activity. However, a different person showed up on a shift. Uber lost its licence after that incident. The point to consider is not about having the right certification but ensuring that it belongs to the rightful owner.

This brings us to the biometric identification issue. Touch ID wouldn’t know if you’re the person you’re claiming to be — all it knows is a fingerprint saved on a device. It could be yours or your family members. Many problems are associated with how “good” biometric algorithms could be for people of colour. Think about how SSI credentials could be linked to biometric identity? It would be quite a powerful mix.

Finally, you can’t have a decentralised web without a decentralised identity. We’re starting to see examples of having decentralised assets in an app but with a centralised identity. This creates inequality risks as individuals should be able to participate not only based on their wallets (wealth they have) but also on their achievements.

Watch how to make digital identity more accessible and inclusive panel discussion:

How to make digital identity accessible and inclusive

There is always a tendency to quickly bring a Minimum Viable Product (MVP) to the market and think about accessibility and inclusivity later. But that is wrong — accessibility and inclusivity should be a core part of your product, so think of them early on.

Often owning a smartphone is accessed from a digital divide perspective. So developers tend to assume if they target a particular demographic with a certain amount of wealth, they would own one by default. That assumption is fundamentally wrong. Even those who have the luxury of owning a smartphone can be in a situation with no devices available at hand.

Similarly, when we think about digital literacy, we tend to assume this applies to someone illiterate. However, this applies to most demographics.

An excellent example of how an internet connection issue is resolved is a national Health Service (NHS) Vaccination app. It doesn’t only issue a vaccinated person a Q.R. code, but also you can download a PDF certificate, which you can use with no internet connection.

Finally, to make it accessible and inclusive, at some point, we have to stop using the term SSI, and the language must become easier, so a 5-year old can understand.

The bottom line is to make digital identity accessible 1) it should be fully decentralised and 2) the use of digital identity should be as easy as showing a scanned PDF, and 3) it should be available to all.

cheq out the second part, where we discuss the key takeaways from The Internet Identity Workshop. We explore how to make SSI relevant to all and why we need to move away from SSI to authentic. Finally, we delve into how SSI should be adopted globally.

In the meantime, join our rapidly growing Twitter community here to stay updated with our latest news as we head towards launch.

P.S. We’re also on Telegram or LinkedIn; make sure to cheq in!

Data Privacy Digital Identity Verifiable Credentials

Key technical trends identified in digital identity / Web 3.0 in cheqd’s deep dive survey

Introduction

Trend 1: Hyperledger Indy is still the most supported Layer 1, but there are signs it may be losing its dominance

Trend 2: Aries-based SDKs are dominant, correlating with Indy at Layer 1

Trend 3: OIDC SIOP may be starting to rival DIDComm in terms of a peer-to-peer connection layer

Trend 4: The lack of harmonisation on Credential type/exchange standards is more stark than ever

Credential Exchange

Credential type

Layer 5: Ecosystem adoption could be driven by stronger commercial models and payment rails

Key Takeaways

What do these trends mean for cheqd going forwards?

CeDeFi and SSI as Continuums

cheqd, eIDAS and the Travel Rule

How does this work?

Zero-knowledge proofs

Regulatory Authorities

Corporate SSI

The direction of travel (rule)

Coalescing

Key Trends in Digital Identity from cheqd’s survey

Trend #1: Maintaining privacy and control of their own data is of paramount importance to web users

PEOPLE DO NOT FEEL IN CONTROL OF THEIR DATA

EXISTING DATA PROTECTION REGULATION IS NOT GOOD ENOUGH

Trend #2: Users — and the companies/organisations where they want to use self-sovereign identity — have vastly different motivations

MOTIVATIONS OF USERS ARE LARGELY CENTRED AROUND CONTROLLING THE PRIVACY AND ACCESS TO THEIR DATA

WHY WOULD COMPANIES/ORGANISATIONS BOTHER WITH PRIVACY-PRESERVING DIGITAL IDENTITY?

IF EVERYONE WANTS SELF-SOVEREIGN IDENTITY, WHY ISN’T IT BEING ADOPTED MORE WIDELY?

Trend #3: Privacy-preserving commercial models for digital identity exchange could radically accelerate the adoption of self-sovereign identity

Trend #4: Identity is a foundational building block for DeFi and Web 3.0

THE INTERSECTION OF IDENTITY AND NFTS

THE CASE FOR SELF-SOVEREIGN IDENTITY IN DEFI/WEB 3.0

Trend #5: Healthcare, Social Media, and Government use cases lead the pack among “traditional” sectors where SSI can be applied

HEALTHCARE & TRAVEL

GOVERNMENT

Methodology

TOOLS

QUESTION FORMULATION

AUDIENCE DEMOGRAPHICS OF THE RESPONDENTS

ANONYMITY/PSEUDONYMITY OF RESPONDENTS

What’s next

DOSHY

YELLOWDOTPINK

KNOWNPRIVACY

WOPLII

CLIENTFABRIC

Recap

Where do we begin?

Our New Partners

What is new on mainnet?

Decentralised Identifiers (DIDs)

Genesis Parameter Adjustment

Integration with Keplr, OmniFlix and Big Dipper

Wrapping it up…

What is self-sovereign identity (SSI)?

Do we have a problem with digital identity?

Know Your Customers and Finance

SSI in Decentralised Finance and Crypto

Travel and SSI

NFTs and SSI

Other SSI use cases

Conclusion

What prompted us to look into the subject?

Living by your mission

Marketing monopoly

Examples of digital identity use cases

Issues related to digital identity accessible and inclusive

How to make digital identity accessible and inclusive

Explore

Insights

Developers

Developers

Subscribe for updates