Assessing e-identity solutions according to Self-Sovereign Identity: application to eIDAS
Abstract
Digital identity is an essential factor in economic growth for businesses and governments cooperating to provide electronic identity to users. Promising approaches from academia, organizations, and working groups aim to provide privacy-enhancing electronic identities through the concept of Self-Sovereign Identity (SSI). However, the concept is still elusive, and many design patterns coexist without an agreed-upon standard-this allows anyone to build identity systems while declaring adherence to SSI. We contribute by formalizing a definition of SSI and proposing an evaluation model to assess digital identity offerings. We then demonstrate our model value with an in-depth analysis of the major European electronic identification framework (eIDAS). As a consequence of this analysis, we could pinpoint areas of improvement for both eIDAS and SSI with a more pragmatic definition of SSI. In the long run, our work will spot weaknesses in digital identity systems and provide citizens with a tool to help choose their best-fit identity offering.