Sovrin for CEOs
CEOs Are Beginning To Get Sovrin.
Earlier this week, I was pleased to discuss Sovrin with a Silicon Valley-based CEO. He understands that the costs and liability associated with digital identity can be transformed into revenue (from costs) and assets (from liability). His business focuses on better customer retention through relationships rather than the discrete digital identities that come with costs.
Let’s back up just a minute for a bit of background.
Since the commercialization of the internet, digital identity has been a cost for most companies. It is treated as an expense and a liability, actually. The reasons for this are simple and well known, but a brief explanation will be helpful.
- Expense – CIOs face pressure from their CFOs to reduce costs, but this presents a problem as they need more controls, authentication, and integration than ever. The problem is that the systems companies have in place were never meant to keep a digital identity for individuals; they’re meant to hold employee information for authentication and authorization. Costs for controlling an individual’s digital identity are usually warranted, but the system falls apart when you look externally.
- Liability – Here’s the killer problem. Holding a digital identity for each customer or prospective customer is a huge problem. With high-profile breaches at companies like Yahoo and Equifax, the legal landscape is still uncertain. But corporate risk and legal teams are understandably worried about the potential consequences.
Notable exceptions are the big internet players – Facebook, Google, etc. They provide their “product” free, which feels odd until you consider what my friend Drummond Reed has figured out. “If you’re not paying for the product, YOU are the product.“
Let’s return to our CEO and discussion about Sovrin and how it’s changing the way people think about the cost and liability of digital identity.
Business is About Relationships – Not Digital Identity.
By focusing on the business relationship with the customer, the CEO realized that they could turn digital identity costs upside down. Digital Identity creates an ecosystem where businesses can thrive – by building relationships.
One of the biggest concerns that CEOs and their board of directors have is the risk of holding a database that contains millions of digital identities – a massive target in today’s cybersecurity world. Given that the industry our CEO is in has some KYC (know your client) requirements, the types and amount of information that they may have needed to hold can make the C-Suite and Board feel very nervous. Every day CEOs and directors hear about new breaches and imagine it happening to their company – not a happy place.
With Self-Sovereign Identity, individuals can maintain control over their personal information through encryption on a per-Identity basis. In other words, accessing a database of identities would provide millions of heavily encrypted identities. Each one is just as difficult to crack as the next; it would be like breaking into a giant vault containing many smaller vaults, each equally challenging to access.
The primary purpose of many businesses is to create a trusted relationship with their clients – that relationship is a true asset for many companies. However, to date, holding the information required to make that relationship work is challenging – fraught with security issues and risk.
Further – the CEO realized that one of the pushbacks he was getting from customers was that they needed to hook deeply into their enterprise systems to enable the Identity services they provide. The cool thing here is that Verifiable Claims make the need to connect systems directly disappear. Shifting the focus to creating claims that can be shared and verified later simplifies things for all players instead of hooking deeply into sensitive systems.
So, instead of hooking deeply into sensitive systems, their customers generate Verifiable Claims that can prove where they came from, that they haven’t been tampered with, and that the data is valid (e.g. hasn’t been revoked). Both sides win by allowing the recipient to trust the information they receive without incurring the cost of hooking into those sensitive systems.
The digital identity costs, in this case, turned around. Digital identity became a revenue driver (arguably both top and bottom line) and it turned digital identity from a liability into an asset.
This financial aspect of Sovrin took me a while to realize, but once I did, I realized that the game was changing. I am happy that some in the Valley are jumping in on this shift.