The evolution of the World Wide Web is leading to an increased desire and need for decentralised, self-managed Digital Identities, also known as Self-Sovereign Identities (SSI). In contrast to current centralised and federated digital identities, SSIs allow users to have autonomous and self-determined control over their digital identities, taking privacy and security to a new level. This study aims to structure the topic of "Digital Identities" and to analyse the role of SSIs as a fundamental building block of Web 3.0.
The focus is on the theoretical requirements for identity and access management systems (IAMs) that pursue decentralised and self-managed approaches. The Trust Triangle Framework with the roles of the issuer, the identity holder and the acceptance centre is presented as a promising technical implementation option. Current discussions on the structure of data registers and the handling of personal identity data are examined. In this context, the study emphasises the potential of SSI. Through decentralised data storage and advanced encryption techniques, SSIs not only contribute to making cybercrime more difficult, but also promote trust and data control in the digital world. The introduction of new forms of identity opens up opportunities to develop innovative business models and realise efficiency gains through process optimisation.
The forthcoming update of the Electronic Identification, Authentication and Trust Services (eIDAS) Regulation in the EU aims to create a decentralised, self-managed digital identity for all EU citizens. However, legal, regulatory and governance challenges as well as open questions regarding interoperability still stand in the way of the widespread use of SSI. Concerns about security and user-friendliness could jeopardise the acceptance of these digital identities.
In order to meet the challenges and utilise the potential identified in connection with the updating of the eIDAS Regulation, government options and requirements for action are opening up. A legal framework must be created, open questions about standards and technologies must be answered and the acceptance of decentralised digital identities must be increased. The private sector should be incentivised to develop innovative business models and contribute to the development of a German EUDI-Wallet solution.
