Empowering Self-Sovereign Identity through AI Facial Recognition
Author: teresa_myers | 31 May 2024In This Post
The current digital ecosystem and rising public concern about data privacy, integrity, and digital security calls for the need to empower users in many aspects. Identity verification is crucial for accessing online platforms. There is a tug-of-war between self-sovereign identity and identity verification, where the elements of privacy, ownership of identity, and ensuring digital security are critically important and are constraints that identity verification service providers face.
Today’s blog post will discuss how self-sovereign identity is important and can be a next-generation identity verification solution and how Liveness detection through facial recognition can empower users to uphold self-sovereignty in identity verification.
What is Self Sovereign Identity (SSI)?
As the name suggests, self-sovereign identity (SSI) exercises the element of sovereignty i.e. it gives full ownership and control to the individuals in managing their digital identities. It is also called Decentralized Identity (DID) because it allows users to prove their identity without being dependent on third-party identity database management systems or servers. It uses a blockchain-decentralized model and cryptographic identification methods that would enable identity proofing without revealing any personal information.
There are 2 industry-level definitions of a Self-Sovereign Identity given below:
- According to EIDAS, self-sovereign identity should empower users to create their own identity without the involvement of a centralized authority.
- EESC’s publication includes another definition by Christopher Allen that is:
“Self-Sovereign Identity is the next step beyond user-centric identity and that means it begins at the same place: the user must be central to the administration of identity.”
Before discussing SSIs further, one must understand the concept of digital identities.
Why Businesses are Moving to Digital Identities?
Rapid digitization, the dominance of AI, and other technological advancements have pushed the entire globe towards finding ways of incorporating digital identities to match the digital world’s progressive pace. Technically, McKinsey unfolds the core features of a Good Identity that exists digitally. Here’s a brief overview of this research on a Good Digital Identity:
| Inclusion |
|
| Value |
|
A Good Digital Identity should have the following four features.
- It should provide a high degree of identity assurance that meets both government and private sector standards of identification. It should incorporate a multi-factor authentication approach including an array of biometric technology and other robust identity verification methods.
- A good digital ID is always unique in every sense and this is missing in most social media platforms these days. The element of uniqueness ensures that a user has one identity per system. All identities of a user correspond with one another yet are unique.
- It should be fully user consent-based. Users must intentionally and knowingly register for digital Identity with complete information on the data being used for identification and how it will be used.
How Self-Sovereign Identity is a Good Identity?
Self Sovereign Identity differs from a Federated Identity which is another type of digital identity. Federated Identities work by offering a Single-Sign-On (SSO) model in which the user can gain access to multiple online services through a single identifier. The data is stored on a centralized server that is accessible by multiple parties limiting the control and privacy of user’s identity information.
Here’s why a Self-Sovereign Identity should be preferred over a Federates Identity:
- Decentralized storage offers more control to users over their data and information.
- It offers high interoperability by working in a more trust-minimized environment.
- It largely emphasizes privacy and data security of user’s personal information and gives a choice to users on what information they want to share and what they want to conceal.
- It is used in privacy-sensitive and trustless online interactions where information must be concealed during identity verification.
- Offers a certain level of anti-fraud measures as well.
Three Key Nodes in Self-Sovereign Identity
A self-sovereign identity solution works on the principle of three participants or nodes:
- The ‘issuer’ is the government or a regulatory body that issues the DID credentials.
- The ‘holder’ is the actual owner/user of the DID.
- The ‘verifier’ is the third party that requires DID to verify the identity of the holder to give them access to services. The verifier is dependent on the Holder and Issuer for identity verification and cannot own the identity like in the Federated Model.
Read More: Student ID 2.0 Biometric Authentication for Educational Institutions
Zero Knowledge Proof (ZKP) and Decentralized Trust Networks (DTNs)
A self-sovereign identity is highly trustworthy as it uses zero-knowledge proofs (ZKPs) and employs decentralized trust networks to enable full ownership of users over their digital identities. This approach works on three pillars:
- Decentralized Identifiers (DID)
- Decentralized Blockchain Database
- Cryptographic Verifiable Credentials
How Facial Recognition Empowers Self-Sovereignty in Digital Identities?
Facial Recognition can become the prime choice for self-sovereign identity. Research was conducted that tested the use of selfie images and using them to create DIDs. It combined machine learning with cancelable biometrics, proving face identity recognition a promising tool to empower self-sovereign identity solutions. The main idea was to enable users to control their biometric identities through selfie verification that uses:
- Cancelable biometrics
- Decentralization
- Bloom filters
- Machine Learning
It creates a privacy-driven approach in allowing maximum user control over biometric identity (facial identity). The two main contributors to making facial biometric identity a user’s SSI are:
- The concept of ‘SelfIs’ is a cancelable biometric template created to empower users’ full control over their DID.
- A machine learning model that can extract facial features from the encrypted/encoded cancelable biometric template.
Below is an explanation of how SelfI is generated as a self-sovereign identity for a particular user:
| Salting Biometric Templates |
|
| One-Way Functions |
|
| Cancelable Template Creation |
|
| Storage on Blockchain |
|
| SelfI Generation |
|
| Integration with Decentralized Identifiers (DIDs) |
|
Benefits
The major benefit of using Selfi is that it has enabled facial identity to be used as a Self-Sovereign Identity. Moreover, it offers users:
- Privacy of user’s identifiable data.
- High level of security.
- Decentralized Identity verification solution.
Final Thoughts
Self-sovereignty in identity proofing through facial biometrics is now possible and is the future of digital identities. Offering a high level of security, user ownership over identity, and decentralized storage, SelfIs are by far the best way to convert facial identities into SSIs. The identity verification service should incorporate this technique and bring in the futuristic concept of user empowered SSIs and stay ahead in providing privacy-orientated digital identities to everyone.
Read More: Facial Recognition Technology for Better Student Services
Frequently Asked Questions
AI facial recognition can successfully create a Self-Sovereign Identity by implementing ‘SelfI’ which uses cancelable biometrics to convert selfie images into DIDs (Decentralized Identities) or SSIs.
AI facial recognition is beneficial for creating selfie-based SSIs in terms of security, and privacy and empowering user control over their facial DIDs.
Since Self-Sovereign Identity offers a high degree of privacy to users, AI facial recognition using selfies converted into SSIs through cancelable biometrics addresses almost all privacy concerns of users.
