Self-sovereign identity community discusses the future of digital ID at IIW XXIX
Can biometrics play a role in self-sovereign identity? Some attendees of the Internet Identity Workshop (IIW) are resistant to the idea. Others suggest there is a place for biometrics in decentralized ID systems, so discussions about biometric technology crop up in various ways during IIW sessions.
Self-sovereign identity (SSI) and decentralized ID experts and advocates gathered from October 1 to 3 in Mountain View for the latest IIW, sharing perspectives and information on challenges, projects, and research related to enabling user control over digital identity data, including use of biometrics. The twenty-ninth event is the largest ever for IIW, with more than 300 attendees from across the U.S. and countries around the world including Canada, Japan, Mexico, Columbia, Sweden, Argentina, New Zealand, Sri Lanka, and the UK.
IIW was one of the forums where federated identity was conceived and formulated, according to several attendees.
Ed Eykholt, VP of Engineering for non-profit biometric service provider iRespond, who was attending IIW for his third time, told Biometric Update in an interview at IIW that the event can provide value to those in the biometrics industry because of the collaborative atmosphere and deep expertise across many areas of digital identity. Biometrics professionals can track trends in self-sovereign identity systems, which compliment regulations such as GDPR by putting control of identifiers, credentials, and verification in the hands of users.
Topics at the IIW, which is conducted as an “un-conference,” include authentication protocols and standards such as Open ID Connect, FIDO and OAuth2, particular issues such as key recovery and the portability of health records, as well as new architectures and technologies. The agenda is set by participants, and includes discussions of the chosen topics, along with a tech sandbox for demonstrations.
During the initial agenda-setting session, some attendees expressed concern for how digital identity will affect future generations, and even whether digital identity is a good thing in the first place. Participants including members of the groups mentioned above and the W3C spent significantly more time, however, on technical specifications and protocols, along with best practices, workflows and use cases for decentralized IDs (DIDs).
Sponsors for the event at the Computer History Museum include Google, Yubico, Microsoft, IBM, AWS, Hyperledger, Evernym, and Veridium. Other companies participating include Gluu, Sailpoint, Kiva, Capital One, Okta, and Onfido.
An attendee told Biometric Update that IIW was attended by around 100 people in 2016, and that he was curious to see how the “Open Space” format scales. By the end, there was a clear consensus among attendees that it had indeed scaled effectively.
Veridium CTO John R. Callahan says that three years ago, the SSI community was not ready to engage with biometrics as a subject, but that the polite and welcoming IIW community allowed a degree of fragile trust for the technology to be built up.
“This community plays probably the critical role in leadership in self-sovereign identity, from protocols to social impact; you see the range sessions here,” Callahan told Biometric Update. “They have to say something about biometrics and their proper use, their potential vulnerabilities and so forth. If everyone’s silent on it or just critical that’s not going to help because they’re going to continue to be used.”
Biometrics in the realm of blockchain
“Strong biometrics, such as iris scans, are very unique and thus can be used for identification and correlation across systems. Less unique biometrics, such as a single finger, are valuable primarily for verification of a known identity. Because of the risks in any sharing of biometric data, which include the potential for correlation of private data or a nefarious impersonation or presentation attack, biometric data storage must be treated with great care,” says Eykholt.
He further explains that many in the IIW community considers it inappropriate and unsafe to store biometric data on blockchains, even in the form of encrypted templates. “Whenever things as sensitive as biometric templates are written to an immutable ledger, you don’t know what’s going to happen with that data years into the future.”
While the danger of storing personally identifiable information on a public blockchain is relatively obvious, the same concern also ultimately applies to private blockchains.
Where biometrics can play a role, if stored off the blockchain, is in verifiable credential solutions. iRespond has ties to the Sovrin Foundation, and Eykholt says that for verifiable credential solutions leveraging Sovrin or Hyperledger Indy, the identity of an issuer who wants to be known and trusted issuer is put on the blockchain in the form of their decentralized identifier (DID), which can be resolved to find their public keys. A public blockchain enables a stable trust in those issuers, and thus also in the verifiable credentials they issue. Biometrics can be used to show the verifier, or relying party, that the subject of the credential and the holder of the credential are indeed the same person.
By contrast, in a pure cryptography solution, digital signatures created from the asset owner’s private key alone are the predominant trust factor.
Evernym Chief Architect Daniel Hardman told Biometric Update that there are several different variants of the ‘Biometric Service Provider’ pattern, which is one of three patterns of privacy-preserving biometrics verification described in a paper which will be published in December in IEEE Spectrum’s special edition on “The Dawn of the Internet Identity Layer and the Role of Decentralized Identity” in December.
The paper also describes ‘The Pocket Pattern,’ in which the verifier performs a match to a new ephemeral biometric image, which it required to discard after completing the verification process. Both of the above patterns involve no database of biometric templates. A third method is the ‘Low-fi layers pattern,’ in which the biometric image is deliberately made less accurate.
“The moral to the story is there are ways to use biometrics that do respect privacy,” Hardman explains. “This low-fi layer respects privacy. It’s not identifying who you are. It’s reducing the likelihood that you can transfer the credential substantially.”
There are anti-patterns as well, in which privacy is not retained, as in a ‘biometric service provider’ pattern which introduces a centralized database.
“I’m not trying to make a case, except about this: it’s possible to use biometrics in more healthy ways or less healthy ways in the ecosystem.”
Callahan compares typical identity systems, including biometric systems, as operating on a mainframe model straight from the 1980s, which suggests that the next step is something analogous to the PC revolution, drastically increasing decentralization. Members of the SSI community are set on decentralization, but as the architectures above are developed, a place seems to be opening up for the strong identity assurance provided by biometrics.
“Now you have biometric vendors here, they’re coming in, welcoming self-sovereign and respecting these guidelines for how to use them properly to integrate with self-sovereign identity. That trust is fragile, it could be hurt in the future, so I’d like to see it continue to grow and develop with a family of other self-sovereign identity solutions. So I’m delighted this year, things seem to be really growing well,” Callahan observes.
“The dialogue is no longer ‘let’s not even talk about biometrics,’ but has evolved to now talking about it,” he continues. “The earnest dialogue is now mainstream and the context has been set, and now we can have discussions because there’s a baseline of assumptions about how it should be integrated. That’s really what’s key for the biometric industry is now they can come to this forum, and get a baseline understanding about terminology and use and so forth, that didn’t exist before.”
He suggests that at this point, biometrics forums and conferences could start to develop their own discussion threads and papers integrating SSI into their initiatives.
Now that the SSI community has engaged with biometrics, perhaps it is time for the biometrics community to more actively engage with SSI.