fikua.org

Learn more

Introduction

Fikua is a non-profit project dedicated to facilitating and providing technology guidance related to self-sovereign identity and digital identity for any organization aiming to create and implement a digital identity system.

We want to be a non-profit organization in the future, but for now, we are focusing on the project itself and not the administrative nature.

Firstly, we introduce you to understanding the key differences between Self-Sovereign Identity (SSI) and Digital Identity. Let's explore these concepts!

The Digital Identity refers to the electronic representation of an individual, organization, or device's identity in the digital world. It encompasses the various attributes and data points that establish and verify who or what someone is online.

Digital identity information may include a person's name, email address, username, biometric data, government-issued IDs, and more. It plays a crucial role in online interactions, enabling individuals to access services, make transactions, and establish trust on the internet.

On the other hand, the Self-Sovereign Identity, often abbreviated as SSI, is a decentralized and user-centric approach to identity management in the digital realm. In an SSI ecosystem, individuals have complete ownership and control over their identity information.

Key Principles of SSI

  • User Control: Users hold and manage their digital credentials, which are cryptographic proofs of identity, in a digital wallet. This ensures that individuals have control over who accesses their identity information and when.
  • Decentralization: SSI systems rely on decentralized and distributed ledger technologies (DLT) like blockchain to eliminate the need for centralized authorities to verify identity. This enhances security and privacy while reducing reliance on intermediaries.
  • Privacy: SSI prioritizes user privacy by allowing individuals to share only the specific information necessary for a transaction or verification, minimizing the exposure of personal data.
  • Interoperability: SSI ecosystems aim to be interoperable across different platforms and organizations, allowing individuals to use their digital credentials universally.
  • Security: The use of cryptographic methods ensures the security and integrity of digital credentials and identity information.

Supporting Technologies and Standards:

Digital Identity and SSI ecosystems rely on a set of technologies and standards, including blockchain, decentralized identifiers (DIDs), verifiable credentials (VCs) and presentations (VPs), and zero-knowledge proofs (ZKPs).

Verifiable Credentials (VCs) and Presentations (VPs)

Verifiable Credentials and Verifiable Presentations are fundamental components in Digital Identity and Self-Sovereign Identity (SSI) ecosystems, and they play critical roles in enabling secure and privacy-focused identity interactions.

Verifiable Credentials

A Verifiable Credential (VC) is a digital representation of identity information issued by trusted entities, such as government agencies, financial institutions, or educational institutions. These credentials can include driver's licenses, passports, diplomas, and more.

In SSI ecosystems, verifiable credentials are issued, held, and controlled entirely by the individual (the holder) rather than centralized authorities. Users collect and manage these credentials in a digital wallet, which may include personal information, qualifications, and other attributes. Verifiable credentials in SSI are cryptographically signed and can be shared selectively with verifiers.

Verifiable Presentations

A Verifiable Presentation (VP) is how individuals or entities present their verifiable credentials to prove their identity or qualifications when interacting with services or organizations online. These presentations are typically sent to verifiers (service providers or relying parties) as part of authentication or identity verification processes.

In SSI ecosystems, the critical distinction is that users have full control over which credentials they share and with whom, enhancing privacy and control over their personal information. Verifiable presentations are also cryptographically secured, ensuring the integrity of the information presented.

Decentralized Identifiers (DIDs)

Decentralized Identifiers (DIDs) are another core component of the Self-Sovereign Identity (SSI) framework and a fundamental building block for creating decentralized and verifiable digital identities.

DIDs Characteristics:

  • Uniqueness: DIDs are designed to be globally unique, ensuring that no two DIDs are the same. They are constructed to minimize the risk of collisions, making it highly improbable that two entities will ever have the same DID.
  • Decentralization: DIDs are not tied to a centralized registry, authority, or intermediary. Instead, they are created and managed on decentralized and distributed ledger technologies (DLT). This decentralization eliminates the need for a central authority to manage or validate DIDs.
  • Persistence: DIDs are intended to be persistent over time. Once created, they can be used as long as the entity desires, regardless of changes in technology or service providers.
  • Control: One of the key features of DIDs is that the entity (or the DID subject) has complete control over their DID. This control extends to the management of associated cryptographic keys and the ability to update, revoke, or deactivate the DID as needed.
  • Cryptographic Security: DIDs are associated with a set of cryptographic keys, typically stored in a DID Document. These keys are used for various purposes, including authentication, encryption, and digital signatures. The cryptographic nature of DIDs enhances security and privacy.

The uniqueness, decentralization, persistence, control, and cryptographic security of DIDs make them a foundational element in the SSI framework, enabling users to have more control over their digital identities while reducing reliance on centralized authorities.