Implementing the Swiss SSI Ecosystem – Two Streams Approach
The challenge of dealing with unknowns
How to move forward when expectations are high whilst divers and many open questions seem to lure on the way? How to demonstrate value of a constantly developing technology before all open issues are clarified? These uncertainties seemingly dominated the recent participation conference organized by the federal project team as the start of a series of similar events to accompany in the most transparent way the development and legislation of the newly proposed E-ID-Ecosystem for Switzerland.
DIDAS (Digital Identity and Data Sovereignty Association), a not-for-profit organization uniting leading experts on Self Sovereign Identity (SSI) from academia, public and private entities in Switzerland, proposes a two streams approach to tackle this great endeavour.
Stream 1 – Exploring the Foundations
The main goal of stream 1 is to show, not to tell. In a sandbox-type test environment practical uses cases of all sorts and sectors shall be developed and demonstrated to the general population not yet familiar to the concepts of an E-ID-Ecosystem. Here the main effort is to develop prototypes of the tools and applications for verifiers, holders and issuers of digital credentials, which will be made easier by leveraging readily available tools and frameworks for the underlying decentralized trust network . This is a standard procedure in modern product management known as MVP (minimum viable product). These applications will never go in production directly but serve to demonstrate the interactions of all players in such an ecosystem with all its different sectors. The key goal here is to demonstrate user interactions and raise all necessary questions upfront to enable the construction of a secure and efficient future E-ID-Ecosystem for real life in Stream 2.
Stream 2 – Building the Extended SSI Ecosystem
Stream 2 takes up all important tasks which are necessary to design and build the infrastructure, tools and governance required to provide the solid, secure and internationally interoperable basis for a Swiss E-ID as well as digital credentials from all other sectors. Key questions such as security, privacy, efficiency and resilience as well as necessary business models will be carefully evaluated, discussed and implemented.
Moving Fast Towards Production
Both streams will run in parallel. They will nurture each other by sharing experiences, identifying and raising new questions and finding new answers. The key is to iterate on the implementation in an agile way until the moment when the system, tools and governance will be safe enough to be put into production. We expect the first pilot implementation not to be the E-ID itself but rather verifiable credentials in need of lower assurance levels such as membership cards, tickets or other credentials which will be used , potentially, on a daily basis.
In such pilot applications, critical questions of user experience and acceptance can be validated in real life. The findings and results will feedback into further development of the systems and hardening of security and privacy. This is also a great practical way to identify legal aspects that need clarification or even potential changes in the relevant laws. Since we expect strong further development in all aspects of SSI, this approach allows for agile and continuous improvement until the stage where it will be safe enough to broadly launch the Swiss E-ID with great user experience and many questions answered.