SSI strong authentication using a mobile-phone based identity wallet reaching a high level of assurance

Abstract

Assurance in digital authentication means represents a fundamental requirement in the authentication process of digital identities. Different level-of-assurance (LoA) describe the trustworthiness of the authentication specified by various standards. Some traditional governmental identity systems achieve a high LoA. Nevertheless, the recent self-sovereign identity (SSI) model, which utilizes identity wallets to ensure that the identity data control remains with the related user, still lacks a high LoA, detaining the full potential of SSI such as using it for sensitive use-cases like for eGovernment or public administration services. This work tackles this problem by starting with assessing related LoA standards. Based on this assessment are requirements defined to achieve an LoA high. These requirements are utilized in the process of defining and evaluating our proposed concept. Our generic serves as the foundation for other developers, aiming to elevate the LoA in their SSI systems. The implementation of a proof-of-concept showcases the feasibility and practicability of our concept. In the evaluation, we identify measures provided by our concept, used to meet the defined requirements, and discuss the design decisions.