Blog 31 May 2024

Buyers Guide

Complete playbook to understand liveness detection industry

Learn More
Empowering Self-Sovereign Identity through AI Facial Recognition

Empowering Self-Sovereign Identity through AI Facial Recognition

Author: teresa_myers | 31 May 2024

The current digital ecosystem and rising public concern about data privacy, integrity, and digital security calls for the need to empower users in many aspects. Identity verification is crucial for accessing online platforms. There is a tug-of-war between self-sovereign identity and identity verification, where the elements of privacy, ownership of identity, and ensuring digital security are critically important and are constraints that identity verification service providers face. 

Today’s blog post will discuss how self-sovereign identity is important and can be a next-generation identity verification solution and how Liveness detection through facial recognition can empower users to uphold self-sovereignty in identity verification.

What is Self Sovereign Identity (SSI)?

As the name suggests, self-sovereign identity (SSI) exercises the element of sovereignty i.e. it gives full ownership and control to the individuals in managing their digital identities. It is also called Decentralized Identity (DID) because it allows users to prove their identity without being dependent on third-party identity database management systems or servers. It uses a blockchain-decentralized model and cryptographic identification methods that would enable identity proofing without revealing any personal information. 

There are 2 industry-level definitions of a Self-Sovereign Identity given below:

  • According to EIDAS, self-sovereign identity should empower users to create their own identity without the involvement of a centralized authority.
  • EESC’s publication includes another definition by Christopher Allen that is:

“Self-Sovereign Identity is the next step beyond user-centric identity and that means it begins at the same place: the user must be central to the administration of identity.”

Before discussing SSIs further, one must understand the concept of digital identities.

Why Businesses are Moving to Digital Identities?

Rapid digitization, the dominance of AI, and other technological advancements have pushed the entire globe towards finding ways of incorporating digital identities to match the digital world’s progressive pace. Technically, McKinsey unfolds the core features of a Good Identity that exists digitally. Here’s a brief overview of this research on a Good Digital Identity:

Inclusion
  • Out of 7.6 billion people on earth, 1 billion have no ID, 3.2 billion have some form of a digital ID and 3.6 billion have some form of a digital ID.
  • Digital ID promotes inclusion as people having digital identities can:
    • Swiftly access financial services.
    • Their onboarding cost can overall be reduced by up to 90%.
    • This could improve the gender gaps in identification for low-income countries.
Value
  • Efficient resource allocation
  • Improved labor market efficiency
  • Fraud Detection

A Good Digital Identity should have the following four features.

  • It should provide a high degree of identity assurance that meets both government and private sector standards of identification. It should incorporate a multi-factor authentication approach including an array of biometric technology and other robust identity verification methods.
  • A good digital ID is always unique in every sense and this is missing in most social media platforms these days. The element of uniqueness ensures that a user has one identity per system. All identities of a user correspond with one another yet are unique.
  • It should be fully user consent-based. Users must intentionally and knowingly register for digital Identity with complete information on the data being used for identification and how it will be used.

How Self-Sovereign Identity is a Good Identity?

Self Sovereign Identity differs from a Federated Identity which is another type of digital identity. Federated Identities work by offering a Single-Sign-On (SSO) model in which the user can gain access to multiple online services through a single identifier. The data is stored on a centralized server that is accessible by multiple parties limiting the control and privacy of user’s identity information.

Here’s why a Self-Sovereign Identity should be preferred over a Federates Identity:

  • Decentralized storage offers more control to users over their data and information.
  • It offers high interoperability by working in a more trust-minimized environment.
  • It largely emphasizes privacy and data security of user’s personal information and gives a choice to users on what information they want to share and what they want to conceal.
  • It is used in privacy-sensitive and trustless online interactions where information must be concealed during identity verification.
  • Offers a certain level of anti-fraud measures as well.

Three Key Nodes in Self-Sovereign Identity

A self-sovereign identity solution works on the principle of three participants or nodes:

  • The ‘issuer’ is the government or a regulatory body that issues the DID credentials.
  • The ‘holder’ is the actual owner/user of the DID. 
  • The ‘verifier’ is the third party that requires DID to verify the identity of the holder to give them access to services. The verifier is dependent on the Holder and Issuer for identity verification and cannot own the identity like in the Federated Model. 

Read More: Student ID 2.0 Biometric Authentication for Educational Institutions

The image shows the flow diagram of how self-sovereign identity (SSI) is issued and controlled by a user involving the Issuer, Holder (User), and the Verifier.

Zero Knowledge Proof (ZKP) and Decentralized Trust Networks (DTNs)

A self-sovereign identity is highly trustworthy as it uses zero-knowledge proofs (ZKPs) and employs decentralized trust networks to enable full ownership of users over their digital identities. This approach works on three pillars:

  • Decentralized Identifiers (DID)
  • Decentralized Blockchain Database
  • Cryptographic Verifiable Credentials

How Facial Recognition Empowers Self-Sovereignty in Digital Identities?

Face Recognition can become the prime choice for self-sovereign identity. Research was conducted that tested the use of selfie images and using them to create DIDs. It combined machine learning with cancelable biometrics, proving face identity recognition a promising tool to empower self-sovereign identity solutions. The main idea was to enable users to control their biometric identities through selfie verification that uses:

  • Cancelable biometrics
  • Decentralization
  • Bloom filters
  • Machine Learning

It creates a privacy-driven approach in allowing maximum user control over biometric identity (facial identity). The two main contributors to making facial biometrics identity a user’s SSI are:

  • The concept of ‘SelfIs’ is a cancelable biometric template created to empower users’ full control over their DID.
  • A machine learning model that can extract facial features from the encrypted/encoded cancelable biometric template.

Below is an explanation of how SelfI is generated as a self-sovereign identity for a particular user:

SelFIs are a new way of developing Self-Sovereign Identity (SSI) via a Selfie Image through cancelable biometric technology.
Salting Biometric Templates
  • A selfie is taken by the user from a smartphone for id proofing.
  • A set of random numbers is generated called ‘seeds’ that transform the selfie input image into a highly secure format. 
  • These seeds are locally stored on the user’s device.
One-Way Functions
  • The original selfie converted into seeds is done through a ‘one-way’ functional approach making it impossible to use ‘reverse engineering’ to recreate the original image from transformed data or seeds.
Cancelable Template Creation
  • Feature Extraction: The selfie image is dismantled into feature vectors (nose, eyes, lips, etc.)
  • Encoding & Rearrangement: The featured vectors are encoded and rearranged in Bloom filters.
  • These bloom filters are a type of data structure for efficient storage and comparison of the transformed biometric data.
  • Noise addition: Data transformation is secured with an extra layer of protection by adding noise to it.
Storage on Blockchain
  • Blockchain (decentralized) is a data storage facility that ensures tamper-proof and verifiable data.
  • Bloom filters and seeds are stored on a blockchain such as Hyperledger Fabric.
SelfI Generation
  • The output is created which is called ‘SelFI’ instead of ‘selfie’ as it can be used for identity proofing and registration processes.
  • It is a highly protected and completely user-controlled identity-proofing solution.
Integration with Decentralized Identifiers (DIDs)
  • DID Authenticator: Cryptographic material, authentication suites, and service endpoint ensure the use of facial biometric digital identity as DIDs.
  • SelfI is used as part of the cryptographic material in the DID Document to authenticate the user securely.

Benefits

The major benefit of using Selfi is that it has enabled facial identity to be used as a Self-Sovereign Identity. Moreover, it offers users:

  • Privacy of user’s identifiable data.
  • High level of security.
  • Decentralized Identity verification solution.

Final Thoughts

Self-sovereignty in identity proofing through facial biometrics is now possible and is the future of digital identities. Offering a high level of security, user ownership over identity, and decentralized storage, SelfIs are by far the best way to convert facial identities into SSIs. The identity verification service should incorporate this technique and bring in the futuristic concept of user empowered SSIs and stay ahead in providing privacy-orientated digital identities to everyone. 

Read More: Facial Recognition Technology for Better Student Services

Frequently Asked Questions

How can AI facial recognition be used with Self-Sovereign Identity?

AI facial recognition can successfully create a Self-Sovereign Identity by implementing ‘SelfI’ which uses cancelable biometrics to convert selfie images into DIDs (Decentralized Identities) or SSIs.

What are the benefits of using AI facial recognition for Self-Sovereign Identity?

AI facial recognition is beneficial for creating selfie-based SSIs in terms of security, and privacy and empowering user control over their facial DIDs.

Are there any privacy concerns with using AI facial recognition for Self-Sovereign Identity?

Since Self-Sovereign Identity offers a high degree of privacy to users, AI facial recognition using selfies converted into SSIs through cancelable biometrics addresses almost all privacy concerns of users.