What is reusable identity?
Reusable ID goes by many names, e.g. “self sovereign id” (SSI), decentralized ID.
Regardless of the label, this approach to digital identity encapsulates a number of interlinked concepts: personal data sovereignty, no central authority, secure reuse/sharing, cryptographic verifiability, privacy-by-design, and specific mathematical ways for proving things without exposing data.
The sprit of SSI sometimes frames things in terms of control: individuals should own their identity – that no government, company or third party should be able to control their identity and people should be able to have more direct control over their personal data and relationships. More often than not this accomplished through decentralized storage, digital wallets, and a holistic rethinking of how data moves around an ecosystem
SSI uses sophisticated cryptography such that every identity transaction is signed with a pair of digital keys that prove control over the identity and permission for a verifier or issuer to sign the transaction and the output.
SSI also allows for privacy by design as the individual can choose what information to share and with whom. This way, the individual can prove their identity without giving away any more information than necessary.
When applying these concepts to the financial system, with regulations that require institutions to use PII to combat fraud and financial crime, the team at Portabl thought long and hard about how to get “ID reusability” to work with the state of regulation.
Here are the outcomes we’re building for:
Individual outcomes
- your personal data should be reusable through secure channels
- you should be able to revoke access under certain circumstances
- you should have greater visibility into where and how your data is being used and have both read and write controls
- many different pieces of your financial life can vouch for you — multiple authorities instead of a central authority
- any sort of identity wallet can be virtualized — no need to download yet another thing
Business outcomes
- Connecting the dots between certain trusted data points like identity and banking information make authentication and access simpler, safer, and easier for both businesses and consumers
What we do
- reusable ID can be implemented in balance with financial
Our Architecture
Summary
Portabl identities are subject-bound, meaning they are tied to a single user through the use of cryptographic keys, MFA, and data aggregated onto the personal account. While underlying devices are subject to change, we want to make sure our network is continuously one person, one passport.
Identity credentials in the Portabl network can be issued, requested, verified, and reverified throughout their lifecycle. These are the functions that you’ll most commonly be working with and that end users will experience.
Credentials can also be suspended or revoked and tied to access depending on your use case.
The following diagram describes a simplified credential flow from the beginning to the end of a lifecycle
- user begins wallet authentication
- registers second factor
- relying party issues a presentation request with specifics of what needs to be verified
- presentation exchange
Our Standards
Under the hood, Portabl combines traditional verification methods and decentralized identity standards iinton a single platform to power an agent-to-agent model of secure data sharing between people and the financial touchpoints of their choosing.
Portabl exposes a set of API endpoints and SDKs that allow you to manage DIDs, credentials, and data exchange with other parties using Self-Sovereign Identity (SSI) standards
- W3C DID (opens in a new tab)
- W3C Verifiable Credentials (opens in a new tab)
- DIF DIDComm Messaging V2 (opens in a new tab)
- DIF Presentation Exchange (opens in a new tab)
- DIF Credential Manifest (opens in a new tab)
- Hyperledger Aries RFCs (opens in a new tab)
- SIOPv2 (opens in a new tab)
- OIDC4VP (opens in a new tab)
Data privacy
We take data privacy and KYC/AML best practices seriously seriously and will never store PII on-chain.