Skip to main content

The EU Project 'eSSIF-Lab'

The European Self-Sovereign Identity Framework Lab (eSSIF-Lab) views itself as an ecosystem of parties that work together to make existing (and new) Self-Sovereign Identity (SSI) technology into a scalable and interoperable infrastructure that businesses can use very easily for negotiation and execution of (business) transactions with other organizations and individuals alike, as further described in the eSSIF-Lab Vision.

The eSSIF-Lab project is a European H2020 project that is part of the [European Union's Horizon 2020 Research and Innovation Programme (grant agreement Nº 871932) that funds projects of SMEs and startups that contribute to further develop SSI infrastructure itself (with a focus on interoperability and standardization (infrastructure call)), and its use (by making a business out of it business open call #1, and by solving real-world problems with it business open call #2). This project is one of the NGI projects of the European commission. It has received funding from the [European Union's Horizon 2020 Research and Innovation Programme] under grant agreement Nº 871932.

The objectives of the eSSIF-Lab project itself include:

  • empower European and other citizens by providing them with new means that help them to electronically negotiate and conduct transactions. These new means will make electronic transactions fast and safe both in the Internet and in physical life, and eliminate logins.
  • empower European and other organizations and governments by providing new means to speed up, secure and automate transactions with citizens, customers, suppliers and partners, resulting in tens of billions of euros savings annually on administrative costs in Europe.
  • ensure these new means support organizations and citizens to exercise their rights and fulfil their duties under the GDPR.
  • stimulate these new means foster inclusiveness.
  • stimulate the pervasive use of new business ecosystem paradigms with thousands of new jobs, many new job categories and new business opportunities for existing and new European companies.

The eSSIF-Lab project seeks to fund (EU) SMEs that want to contribute to the eSSIF-Lab Vision by

  • making open-source technological components available that may be considered part of an (e)SSI(F-Lab) infrastructure (comparable with the roads/highways of various kinds). Such an infrastructure must remain business-agnostic, be interoperable with technologies of others (also outside eSSIF-Lab), and scalable. Typically, infrastructural components facilitate business applications to make use of SSI technologies. See the infrastructure open call for details.
  • making open-source technological components available that are not necessarily part of the infrastructure, but extend it to provide value for businesses that want to connect to such infrastructure (comparable with driveways, that connect parking lots or garages to a road). Examples include components that implement e.g. eIDAS signing, credential revocation mechanisms, or credential catalogues. In this call, funding must also be used to demonstrate the business value of the contribution. The call for these kinds of contributions has passed.
  • making a technological project that actually uses the components that are produced in the aforementioned calls, and demonstrates that a business can be made with that. Such projects typically validate the infrastructural components and its extensions. The call for such contributions is expected to launch in late spring 2021.

The eSSIF-Lab project also contributes to the design, maintenance and validation of the eSSIF-Lab framework.

Background

The current situation (2020/2021) is that electronic support for such transactions is very limited. In most cases, people have to type in data, most of which already exists in electronic form but isn't readily available for (re)use. People may need to copy data from papers, or scan papers and upload these scans. On the provider side, this data has to be verified and validated, which takes time and effort, often from human employees.

However, there are also initiatives where IT-systems provide APIs for obtaining data that such systems could disclose. Such APIs are typically custom for the IT system, and need to be managed, not only at the provider side but also at the side of organizations that use the APIs: any changes in the API spec have to be signalled by such organizations, and projects have to be executed to accommodate such changes. Such management is estimated to be in the order of 80% of the total cost of ownership (TCO). This, together with the observation that often departments that manage the APIs are not the actual users of such APIs, make that this solution is not desireable.

Newer initiatives, where users get wallets in which they can obtain data as credentials from the parties that have that data available electronically, and which they can (re)use with other parties to obtain products or services, already demonstrate what the future we wish for might look like. However, such SSI solutions have mostly been created as specific applications that serve particular purposes. They must be considered 'vertical solutions' or 'stovepipes', some of which need some kind of centralized governance/control, others have privacy issues, and none that we know of are interoperable with other such solutions (although we've recently seen some progress being made in this area).

The situation we would like to see is one in which we have SSI-enabled, interoperable, scalable and business/information agnostic technologies, that form an infrastructure that every application for every party can use to serve its own objectives. This infrastructure, that enables the electronic exchange of qualified (personal and non-personal) data, must be so easy to access and use for such parties that they will no longer need to be concerned about actual (SSI) technologies that have empowered them to make this happen. Rather, they will only need to think about, and decide which kinds of information they want to obtain for conducting specific business transactions and which parties they trust for providing such information. Also, they will need to think about, and decide which kinds of information they themselves are willing to provide to others in this new SSI world.

Acknowledgement

This site is part of the eSSIF-Lab project that has received funding from the [European Union's Horizon 2020 Research and Innovation Programme] under grant agreement Nº 871932.