About ESSIF framework
What is ESSIF ?
ESSIF (European Self Sovereign Identity Framework) is a pan-European project based on the principles of SSI (Self Sovereign Identity) with the use of blockchain technologies (EBSI – European Blockchain Service Framework).
ESSIF aims to implement a generic and interoperable Self-Sovereign Identity framework, defining the necessary specifications and building support services and capabilities that will allow citizens to create, control and use their own digital identity (including identification, authentication and many other types of identity-related information) without of having to rely on a single centralized authority. ESSIF is part of a wider ecosystem of decentralized identity and will interact with other systems and platforms of public and private organizations.
ESSIF will facilitate not only all types of digital interactions between different parties from the public and private sectors, but also processes between citizens and public administration bodies or private parties in all EU Member States. ESSIF aims to be GDPR compliant while aligning with eIDAS to ensure that ESSIF can leverage existing legal frameworks, enabling ESSIF to provide digital evidence supporting legal enforceability. All this in line with the revision of eIDAS, which aims to “improve its effectiveness, extend its benefits to the private sector and promote trusted digital identities for all Europeans and create a secure and interoperable European digital identity that puts citizens in control.”
A brief history of ESSIF
The ESSIF scenario was included in the EBSI projects among the first in 2019, because digital identity is the basis for other EBSI scenarios. Gradually, the EU technical group developed basic, common functional components (ESSIF core services) and functional specifications, which are used by development groups in individual EU member countries (MS) to develop ESSIF deployment in their countries. Gradually, the functionality of ESSIF was incrementally supplemented and other countries joined the initiative. Slovakia also joined this initiative in the very first wave of the so-called ESSIF Early Adopters through the MOU – PoC4 project.
The subject of PoC4 is to test and demonstrate the possibilities of using ESSIF Verifiable ID for third-party authentication. For the purposes of PoC4, a fictitious DEMO Bank was used as a third party (Verifier) and a new client onboarding process.
The subject of PoC4 is not the process of issuing Verifiable ID. PoC4 assumes that the owner has already obtained a Verifiable ID and has it in their wallet. The owner can obtain a Verifiable ID from various providers (Issuers). For the purposes of PoC4, we will use the Verifiable ID issued by the so-called “SK ESSIF Issuer”, where the Verifiable ID is derived from logging in via an eID card. SK ESSIF Issuer is implemented within the framework of the relevant EU CEF call (CEF-TC-2020-1 – Blockchain).
How ESSIF works?
Three basic subjects enter the process of issuing and using the ESSIF identity:
- Issuer (ESSIF identity issuer): For example, it is a government organization providing ESSIF identity issuing services to citizens, which contain data on proven identity of citizens (so-called Verifiable Credentials). The initial proof of identity is based on authentication through the eIDAS notified scheme. In our case, it is login via eID card.
- Verifier: The entity that accepts and verifies the ESSIF identity. In our PoC, a fictitious bank is used, which provides online registration of new customers also through ESSIF.
- Holder (Owner of ESSIF identity) : A citizen as an ESSIF identity holder is a person who requests the Issuer to issue an ESSIF identity, while the person’s identification data is provided from the eID verification process. The citizen then uses his ESSIF identity to present his identity to the bank as part of the new customer registration process.
The following figure shows 2 basic ESSIF scenarios:
- Obtaining a Verifiable ID that is derived from logging in via an eID card
- Use of Verifiable ID for authentication/onboarding in DEMO bank