The majority of Internet identities are centralized, meaning that they are owned and controlled by a single entity. The user does not own their identity record, and it can be taken away at any time. The deletion of an account effectively erases a person’s online identity, which they may have spent years cultivating, and is impossible to replace.
Identity governance solutions with on-premises and cloud-based identity management software are deployed in enterprises as an integral component of employee on-boarding/off-boarding. This aims to provide a service that ensures the right people have the right access to the right information at the right time. Most organizations work hard to ensure that their identity governance system reduces the burden on their users by providing a single sign-on experience so that once users have authenticated themselves, they do not need to re-authenticate themselves to access multiple internal and external enterprise applications such as Salesforce, Workday, and Office 365, etc. during the same session.
Presently, there has yet to be a globally unique network identifier that an individual can own and control during his lifetime. This user-centric identifier is most frequently manifested as independent personal data stores at one end, and large social networks at the other end, relying on the user to select their individual identity provider of choice. However, this creates a problem of excess – the mature personal data store ecosystem would be required to integrate and accommodate the vast number of identity providers. Hence, this calls for the need for a new form of identifier that is designed to be controlled entirely by the identity owner, without requiring any third parties.
Consequently, the self-sovereign identity ensures individual control, security, and full portability. Since the individual is their own identity provider—there is no external party who can claim to provide the identity or take it away from them – credentials are hence decentralized and pushed into the hand of individual, making them less economically valuable to hackers because it would require a lot more effort to hack individual identities one-by-one.
Self-sovereign can be thought of as a digital record of identity information that you control. You can add more data to it yourself, or ask others to do so. You can reveal some or all of it. You can record your consent to share data with others, and facilitate that sharing. It is persistent and not reliant on any single third party. Claims made about you in identity transactions can be self-asserted, or asserted by a 3rd party whose authenticity can be independently verified by a relying party.