Here we are at the second part of the guide on examples in everyday life with Self Sovereign Identity. If you missed the first part, here is the link. Following on from the first guide, this second part aims to demonstrate and show how SSI and Verifiable Credentials can be used in everyday life.
Alice and the Medical Prescription
This scenario shows how Self Sovereign Identity can help to digitise what is currently done in the physical world with paper, pen and trust.
The protagonist of our scenario is Alice, an Italian girl who has not yet taken a step into the world of Self Sovereign Identity. In a few simple steps she will be able to use this new technology for an everyday need: medical prescriptions.
Unfortunately, Alice has not been feeling well for a few days and needs to visit a doctor for a prescription.
- Alice has not yet taken any steps into the SSI world and will therefore need a digital identity. To obtain one, she will first need to receive a VC certifying that she is indeed Alice. Such a credential is very similar to the identity certificates we keep in our wallet, such as an identity card or driving licence.
- Just as with the issuance of any ‘official’ document, Alice will be able to receive her Identity Credential from an appropriate accredited entity, for example her home municipality, rather than another type of Identity Provider.
- Alice chooses to go and get her identity VC issued in the municipality. Just as if it were a physical identity card, Alice’s municipality will provide her with a digital credential held by Alice and ‘certified’ by the municipality.
- How will Alice receive her ‘identity credential’? Within an app on her smartphone. This app will act as a DKMS (Decentralised Key Management System): Alice holds the ‘opening keys’ to the app and everything in it. In addition to the identity credential, Alice will be able to keep all the VCs she wants (diplomas, certificates, attributes, etc.).
- Once Alice receives the credential from the municipality, she will be able to keep it and show it as she likes. In this scenario, Alice will need to show it as identification inside the doctor’s office where she goes to see her doctor. Alice can show the credential directly to the secretary her own identity credential.
- The process of “showing” the credential is actually very simple: Alice can frame a QR Code on the secretary’s screen with her smartphone and agree to “show” the credential.
- At this point Alice has identified herself at the doctor’s office. Once in the waiting room, after the usual (long) wait, she is finally received by the doctor.
- The doctor examines Alice, and after the examination prescribes a special antibiotic. Alice can only buy the medicine in the pharmacy with the doctor’s signed prescription.
- Normally, prescriptions for medicines are recorded on a special sheet, signed by the doctor. Not so different from Verifiable Credentials, after all, is it?
- The doctor will then issue the prescription to Alice in the form of a VC. The doctor will send a digitally signed credential from the doctor to Alice’s smartphone containing details of the medicine and the prescribed dosage.
- Alice can now go to the pharmacy to buy the medicine prescribed by the doctor.
- When she arrives at the pharmacy, Alice asks the pharmacist for the medicine. The pharmacist has to be sure that Alice has the prescription before giving her the medicine. The pharmacist will then ask Alice to show the VC for the prescription.
- Alice, using her smartphone and scanning a QR code on the pharmacy screen, will be able to transmit the prescription data, proving that the prescription has been signed by her doctor, accredited in the National Health System.
- Once Alice’s credentials have been verified, she will be able to receive the medicine and… finally be cured!
The example shown has been imagined within a world where all actors have access to the SSI ecosystem. In reality, the SSI adoption process will certainly be more tortuous and complex. In any case, we have demonstrated how this paradigm can be used to keep our personal data safer even in the context of our everyday lives.
Alice was able to carry out actions that today involve several centralised intermediaries managing Alice’s data, without having to involve them, and being the sole owner of its data: from the identity certificate to the prescription. Alice entered the SSI world and from now on has complete autonomy with respect to its own data. This is a feature that is completely missing in current identity models. The SSI is also versatile: the same paradigm can be used to manage heterogeneous data, issued by different entities, but all under the control of a single person.
Self Sovereign Identity is certainly one of the most important technological revolutions taking place in the world of digital identity. For this reason, it is important to understand that this is not just a subject ‘for technicians’, but a concept that we will all be able to use in any of our daily situations.