Today, your credentials are in the form of a number, usually printed on a physical card, that proves something specific about you. It can be your student ID to prove you are a student, your Social Insurance Number to prove you have the right to work or access government benefits, or your drivers licence number, to prove you are allowed to drive. To look up the validity of the credentials, a central third party, such as a government body or an educational institution, must first be contacted.
These credentials are moving away from having to be verified by centralized third parties, to being verified for validity instantly when the credential is being presented. This technology is known by various names, such as Self Sovereign Identity, Decentralized Identification, or Verifiable Credentials.
Traditional Identification, as it might be called, has been revolutionary in helping establish trust and trade between unknown parties as society moved away from “peer to peer” trust (that is, trusting and trading with people you directly or indirectly know).
However, traditional identification can be intrusive, may not always be effective, and cannot show dynamic information. For example, to prove your age, you might show your driver license, which also includes your name, address and date of birth. Student only discounts depend on student IDs or emails, and are hard to verify for eligibility. Sharing something like creditworthiness instantly is not possible, as it can change frequently over time and must be requested each time it is needed from a third party.
Verifiable Credentials are quickly replacing traditional identification methods, resulting in more privacy, while improving trust. For example, with Verifiable Credentials, a clerk wanting to confirm an age can simply get a “Yes” to the question of whether someone is above a certain age. In more advanced uses, a landlord can confirm someone is paid enough to cover the rent without having to check bank statements or run credit checks.
These privacy preserving abilities are needed. For example, the B.C. Privacy Commissioner found the majority of landlords routinely violate privacy laws by collecting bank statements and credit histories. In competitive housing markets, renters that might lose out on places to live generally feel they would miss out on finding a home if they do not provide these consents.
In addition to preserving privacy, Verifiable Credentials also have great marketing benefits. For example, a credit union or association that offers member only benefits may be able to attract higher quality deals for their members. Current member discount schemes may rely on discount codes, or a costly or time consuming form of verification. Verifiable Credentials allow instant confirmation that a potential customer is actually eligible for a type of discount.
While Verifiable credentials are an inevitable part of our future, it is not something that is going to be adopted overnight. A key challenge is that it needs multiple parties using a common technology not currently in use. There is the party issuing the Verifiable Credential, such as a Credit Union. There is the party verifying the credential, such as a retailer. And the holder of a verifiable credential, such as a member. Each of these parties need to use a common protocol for the process to work.
Canadian Credit unions may be well placed to lead adoption. Known for their innovation and cooperation, many credit unions use open banking platforms, where early adopters Credit Unions can test out new technologies, while other Credit Unions can join in later and help spread the cost burden. This allows early adopters to test out Verifiable Credentials in low stakes use cases, such as member discounts, before moving onto more advances uses such as proving credit worthiness or income.
Gora aims to be a key partner in helping increase adoption of key technologies such as Verifiable Credentials by providing a common interface for data to be transferred from APIs and databases, or between the blockchain systems hosting the credentials. To learn more about our solutions, visit us at identity.gora.io.