We’re going to change Ireland by making it the first country in the world where digital credentials are routinely issued and accepted in important everyday interactions.
This article is either going to elicit a ‘so what?’ or ‘that’s amazing, when can we get started, can how can I help?’ response. I think it’s a game changer for simple, everyday things.
The starting point here is convenience and trust. The advent of widespread electrification changed the face of rural Ireland. It ushered in an era of washing machines, electric cookers, radios, televisions thereby creating more leisure time on the one hand and filling it on the other. It required a ‘big bet’ by the relatively young Irish Free State government that bringing electricity to the furthest corners of our nation would make a difference. The showcasing by the German electrical giant Siemens of the massive hydroelectric development on the River Shannon at Ardnacrusha was a great example of the ambition of that young state. My own mother grew up in mountainous north Cork and remembers very well the arrival of electric lighting, replacing oil-filled Tilley lamps, delivering convenience. I remember trips to my grandad’s farm in the 1970s where the newly installed home phone was one of many directly connected to the local village post office where anybody lifting their handset could hear the conversation of the active caller. The idea that the community could enjoy a degree of freedom from eavesdropping was based solely on trust.
The DARPA-funded Internet was in its infancy when my young mind marvelled at the idea that picking up that old phone without a rotary dial might expose me to the secret conversation of some neighbour further up the windy road. This wasn’t quite the Internet we all jumped on in the mid-90s to the theme tune of a dial-up modem, nor the Internet as we know it via gigabit connectivity today.
Today, I’m lucky enough to be involved in a not-for-profit venture that at first blush may appear to be simply solving a first-world problem, and one that you may wonder needs solving at all. Dig a little deeper and you’ll find something just as game-changing as the freeing up of significant amounts of time by the introduction of electrically-powered washing machines, as life-enhancing as the introduction of electric light and television, not to mention the rollout of first the fixed-line, and later mobile telephone network.
The goal of the Emerald consortium is to put in place a self-sovereign, credentials sharing network serving the island of Ireland.
Say that again?
Let’s start with a simple analogy. Twenty years ago when we travelled on airplanes we had to pick up a physical ticket (if you remember that multi-page red carbon paper booklet) and one of those pages was torn off and placed in a slot at the back of your boarding pass in order to board a plane. It was like physical currency. Then in an innovation years later we could download and print our boarding pass on plain paper, and finally minutes ago in Internet time we could save that boarding pass into a ‘wallet’ on our smartphone.
Now assuming you don’t have phone battery anxiety, that’s a neat solution. Your boarding pass stored neatly in your digital wallet, presented for scanning at the check-in desk.
Now think a little broader. Imagine that you could store your passport and driving licence there too. These documents by the way, are credentials. And why stop there? What about your birth certificate, exam results, qualifications, proof of address?
Storing them in your digital wallet would be a handy way of holding them in one place, but what if they had some other useful properties, that your typical airline electronic boarding pass does not have today:
What if:
- The issuer of the credential was readily ‘digitally’ verifiable. We could show with certainty that the ‘passport’ in your wallet was genuinely issued by the Department of Foreign Affairs, and more importantly has not be tampered with.
- You, the holder of the credential could choose to share the entire credential (or selected fields from one or more credentials) with a third party who interactively requests this information from you. The principle that you, and only you, decide who you share your credentials with is the core of self-sovereign identity systems. Let’s take the example of opening a Bank Account: you can share your name, date of birth and latest address with the Bank. The Bank can verify that all the details provided have been issued by trusted parties and have not been tampered with, short-circuiting the all-too-familiar process of searching for suitable physical copies at home.
- At all times the data exchanged between the holder and the verifier passes securely between them, is not routed via an intermediary and is protected from eavesdropping or tampering by the best encryption technologies available, fully preserving privacy.
Big deal?
This simple change would have the following more significant implications:
- Online and in-person interactions supported by the secure exchange of these credentials would provide a high degree of trust to both the supplier (holder) of, and the verifier of credentials. It would be almost impossible for the holder to supply fake or forged credentials – massively increasing the implicit trust in the transaction. Forged passports, driving licences, student id, college degrees would become impossible.
- Stolen data would have little or no residual value. Stealing attributes of a person’s identity is only of value where you can use those in transactions to impersonate or otherwise hijack the identity of the individual. If all key transactions in society require secure digital credentials, then the value in misappropriated data per se would plummet. The data itself would become worthless unless contained in the appropriate digital container, like how a photocopy of a banknote is of little use at the shop counter.
- Tens of key person-to-person and person-to-business transactions would become instantly more efficient by eliminating the need for routine checking to confirm the veracity of traditional physical documents exchanged. No need to ring the university to prove the transcript is valid, no need to ring the employer to confirm the prospective tenant works there, no need to doubt whether the person entering the bar is old enough to drink alcohol.
In these cases what is being exchanged is not just a credential, it is trust of high quality.
Fields of Dreams?
The early Internet had a small number of nodes, so that you could only exchange email with people in a few other universities or with the US Department of Defence. It hadn’t benefited yet from the network effect of millions (or billions) of active participants.
Similarly, a self-sovereign identity or credential exchange system will be useless without:
- The availability of high-value, high-quality credentials on the system. Government issued ID (passport, driving licence, birth certificates) are the gold standard, but so also are items such utility bills (used for proof of address), and even financial or tax statements (for proof of earnings, wealth), and educational results (proof of skills or competence)
- A network of verifiers who will accept these digital credentials in lieu of their traditional counterparts. Banks who will open Bank Accounts, Employers who will accept personal details etc.
In many respects the idea here is very similar to the initial switch from cash transactions to those using credit cards. There needed to be a critical mass of merchants with the VISA or Mastercard sticker in their window to give consumers the confidence to use ‘card’, more often than ‘cash’.
Emerald is an initiative of interested stakeholders in Ireland, seeking to establish a critical mass of credential issuers (Government, Financial, Educational bodies, and others) and credential verifiers (organisations who will accept these credentials in lieu of the older, less reliable physical ones). Irish Life is one of the early backers of the idea and we have received enthusiastic support from the Office of the Government CIO, some blue chip corporates including An Post and the ESB, and leading consulting organisations and individuals, who have given time and resources to help develop the idea.
Like the brave new world of electrification in the 1920s we are keen for Ireland to be at the forefront of digital credentials. We’ll look back in five, ten or twenty years and this approach will be commonplace: in fact, it will likely be the norm; unverifiable paper or physical credentials will be consigned to museums. The World Economic Forum (WEF) estimate that the use of digital credentials in key everyday processes would have a minimum positive impact of 3% GDP in a developed economy like Ireland and up to 13% in a less developed economy.
The story is also a very positive one for civil liberty: the self-sovereign model involves no centrally stored personal information; the digital credential is held in a digital wallet under your control and you decide when or if to issue parts of those credentials to other parties. The sharing of the credentials is done in a manner that means the recipient can’t reissue them in their own, or in your name. Basically, a whole range of digital protections that aren’t possible with the base technology invented by Gutenberg.
How’s it all going to work?
There are a wide variety of technical platforms that could be used to deliver Emerald. Examples include the Sovrin self-sovereign network and UPort/Ethereum. In both of these cases there is a sprinkling of Blockchain technology – primarily to store the central directory used to verify the bonafides of credential issuers (think of the Golden Pages, if you are old enough to remember what it is/was). No personal details are held on the blockchain: so, there is no GDPR exposure, or danger of data sitting forever on a distributed ledger.
We are entering into a proof of concept (POC) / production pilot phase which will likely involve one or more businesses (including Irish Life) working experimentally with several government departments and some other utilities and interested parties. Our initial POC will use a Sovrin-based approach with a more in-depth technical analysis and selection process coming later once the concept is fully proven. The underlying technology is based on open standards such as Distributed Identifiers and Verifiable Credentials that are being developed and ratified as we speak by the W3C.
There will be a consumer based ‘wallet’ whose functionality we feel will ultimately get subsumed into mainstream offerings on mobile operating system platforms, and there will be libraries for credential issuers and verifiers to interact with in order to integrate the digital credentials into their business processes. In time this will be as common as the credit card machine is at point of sale in most retail outlets today.
In fact, we think the technology here will evolve rapidly with every chance of the initial deployment choices, particularly in the wallet technology, being replaced a number of times in the coming decade.
We expect key credential issuers such as government departments to offer a digital credential in parallel with today’s physical credential (just like a passport card can be issued alongside a passport book) and expect that larger organisations will become early adopters accepted these credentials in lieu of the traditional artefacts in the name of more efficient, customer-centric business.
Making all of this happen will (we hope) be much simpler than routing thousands of miles of cable around the Irish countryside throughout the middle of the last century.
Has anyone else done it?
We are not alone on this journey. The province of Alberta in Canada has 4.5 million inhabitants and the regional bank ATB has founded the Alberta Credentials Ecosystem (ACE) to progress the launch of a self-sovereign identity platform covering the whole province. They have made great progress and are in an active pilot with stakeholders including provincial Government, Financial institutions and Utilities to enable some key end-to-end transactions using this approach. We hope that Ireland will catch up with them shortly!
What will it mean in practice?
Firstly, it means that the Know Your Customer / Anti-Money Laundering interactions with Banks, Insurance Companies, Credit Unions, Estate agents and the like will be easily satisfied in seconds by pre-verified digital information from your wallet. As easy as tapping your debit card to pay for a coffee.
Landlords and tenants will be able to mutually verify each other with verifiable credentials. The idea of an incoming renter being scammed by a fraudulent ‘landlord’ will be no more, and a landlord can instantly confirm the bonafides of the tenant.
Any situation where we currently need to provide a document that requires an extra manual step to confirm validity would now be verifiable on receipt. Examples include verifying proof of address, proof of employment, proof of qualifications etc. In the UK, the NHS are trialling this to allow doctors to be verified by hospitals.
Insurance certificates or driving licences can be held securely in your mobile phone’s wallet: allowing for instant presentation and automated verification at the roadside.
It would be theoretically possible to present your passport in digital form at airports and other border crossings, though we would need other countries to accept this also in order to get back home again.
Emerald could also support one or more rapid authentication / automated logon schemes using stored credentials while not attempting to compete with any authentication scheme itself.
This is only the start and these merely examples. Like electricity, global telecommunications or the Internet, once you put the foundation in place, the opportunities are limited only by our imaginations. I’d love to hear your ideas for how it could be used.
Call to action
Emerald is a pro-bono, not-for-profit enterprise. Once the appropriate legal entity is formally established, the idea is that it won’t be controlled by any single party and will exist for the good of all citizens and participants in transactions originating in Ireland.
In time this scheme could bridge with other international developments in this space. By analogy with the manner in which Irish banks introduced Laser cards before a global offering such as VISA Debit become available here, we are open to Emerald being superseded by a global credential exchange scheme sharing the same self-sovereign philosophy, should one emerge.
We are lucky to have the interest and backing of a wide range of corporate, government and individual stakeholders and we welcome the further participation of any individual or corporate interested in making the establishment of Emerald a success.
You can read more on the spark that ignited my interest in self-sovereign identity here and I’m very grateful to the leadership in Irish Life who first raised this as a potential area of investment from a corporate citizenship perspective. It really is an endeavour where technology could be applied to make a marked difference in our everyday lives, and which requires some courage and determination to build towards critical mass.
We welcome open participation and especially welcome those who could bring relevant skills (tech, legal, PR, marketing etc) or financial support to the endeavour. If you are interested in more information or getting more involved then feel free to tag me in the comments to the post or join our Linkedin Group. If you know someone who should be involved or would help – tag them! This is Ireland after all.
And finally …
The success of an initiative like Emerald would be a great win for Ireland Inc as we develop our national digital footprint. I’d invite you to Like and Share this article to raise awareness of the initiative and welcome contact from interested parties.
It will be an opt-in initiative that will offer a more efficient, privacy and trust-enhancing alternative to those who choose to use it.
The future is Emerald …