I first wrote about Self-Sovereign Identity (SSI) in this blog late last winter. I rarely revisit a topic in less than a year, but the SSI space is evolving so much more quickly than I expected that it is already time for a big update.
As a refresher, Self-Sovereign Identity is a concept, delivered in part by decentralized technologies, that is mostly defined by community standards. The Worldwide Web Consortium (W3C), the Decentralized Identity Foundation (DIF), Hyperledger Indy, Sovrin, and other organizations and efforts have developed open-source standards that support SSI. Following the models used to create now-universal standards like TCP/IP and HTTP, SSI standards are emerging, where and as needed, from pilot projects and products being developed by participating organizations to meet their own diverse business needs.
SSI puts you, as a person (or organization or thing) in full control of your own digital identity. You decide what to share with whom, when, and under what conditions.
- You obtain a Decentralized Digital Identifier (DDID), which is issued and controlled not by a government or third party but by an entry on a public blockchain for which only you have the cryptographic keys. Your DDID looks and acts much like a worldwide web URL.
- Your DDID allows you to define endpoint services, such as a personal data store hosted by a cloud provider or even on a mobile device. This works much like the way Internet Domain Name Records define endpoint services for a domain’s website or mail server.
- With a DDID and personal data store, you can start collecting digital credentials that attest to facts about you, certified by trusted third parties: that you have a driver’s license or passport, that you are employed by a particular company, that you hold a specific club membership, that you have a travel reservation, or that you have a credit card account.
- Your encrypted personal data store sits securely on a cloud service or private server of your choice. You can add any relevant information you might want to share with others, such as information you might put on a hotel loyalty profile.
- You can share information from your personal data store with others as needed. The sharing can be initiated by an app, by a website, by scanning a QR code, or by tapping your phone on an NFC tag; the action opens an app or web page indicating what information is being requested for the transaction. You can then approve sharing all or some of the requested information with the party that requested it. With this permission, until and unless you revoke it, the requestor can retrieve it from your personal data store, automatically getting any updates you make.
You can limit information sharing to the minimum required for a particular transaction. Your driver’s license or passport, for example, can prove you are old enough to get a drink at a bar, but also contain lots of unrelated information. SSI enables you to claim “I am old enough” without having to share even your actual birth date or age, much less other personal information that you might prefer to keep private, such as your phone number or your weight (this is known as a Zero-Knowledge Proof). The bartender can easily verify that you have a legitimate identity document issued by someone they trust (such as a driver’s license bureau) proving you are old enough, without having to contact the issuer. If needed, she can even retain proof of having checked.
Recent Developments: SSI Is Here Today
Since I wrote that first article, the European Commission has launched a digital identity program that will become available to every European Union citizen (already or soon in some countries, a bit later in others). It will be usable to prove your age, to request public services, to open a bank account, to file tax returns, to apply to a university, to access a prescription for medication from anywhere, to rent a car, or to check into a hotel. The program design follows the core guidelines of SSI and DDIDs: the individual, not the government or any third party, controls the information about their identity. The role of governments and other third parties is limited to issuing cryptographically verifiable claims about the identity holder, such as the validity of a digital ID that a government issues to them.
The same design principles are being used for the EU Digital COVID Certificate, which is or will be usable anywhere in the EU that proof of COVID vaccination, recovery, or negative test result is required. In addition to the EU, similar efforts are in place in Israel, Singapore, Iceland, and Estonia. Many other countries have introduced vaccine passports as well or are evaluating doing so; however, not all of them are based on SSI technology and decentralized identity principles.
SSI technology is no longer something that is around the corner for hospitality (as I suggested back in March); it is here today – although to be sure, still in its earliest days. Its effect will, I believe, be a generational change as significant as those brought about by TCP/IP in the 1970s, by the worldwide web in the 1990s, and by GSM and smartphones in the early 2000s. I expect we will see SSI technologies become commonplace in our daily lives over the coming years, with major applications in banking, healthcare, travel, and elsewhere. By 2035, SSI as a technology will be about the same age as smartphones are today, and by then or even sooner, as commonplace.
SSI and Disintermediation
In coming years, SSI will facilitate peer-to-peer communication between travelers and travel providers, which has the potential to reduce the market power of distribution intermediaries. Intermediaries may still play a role, but it may be a quite different one. Like anyone else, they can participate as a peer in direct communications with travelers and travel providers. But because travelers and providers will be able to easily bypass them with direct peer-to-peer conversations, there will be greater transparency of the value they add vs. the fees they assess to providers and to travelers. An intermediary that assesses a fee or commission that is too large in relation to the value they add, will find itself getting bypassed as travelers and providers can easily discover lower-cost options.
Today, intermediaries are necessary for a traveler who wants to conduct a broad search across multiple brands and independent hotels. In an SSI future, they will no longer be required. This does not mean they will disappear; intermediaries will undoubtedly still offer travelers other good reasons to use them, but the playing field vs. direct distribution could become significantly more level than currently.
Intermediaries may initially resist SSI technologies, because they have a greater stake in the current distribution model than do travel providers. If they do resist SSI while hotels embrace it, hotels may be able to claw back some of the distribution margins and customer relationships that they have previously ceded to intermediaries. But if hotels and other travel providers wait for intermediaries to take the lead, the deeper pockets of the intermediaries may ultimately make them the SSI winners.
SSI in Hospitality and Travel Today
SSI is no longer something that is coming, it is here today in hospitality. The German federal government earlier this year, with the support and personal participation of Chancellor Angela Merkel, launched pilot programs using SSI technologies for seven use cases, including opening bank accounts, e-commerce logins, and access control management. The very first use case to go into pilot, on May 18, 2021, was hotel check-in, which is currently in testing by 120 participating hotels from three hotel groups and 200,000+ employees of four German corporations.
To be sure, check-in is just one application of SSI in hospitality, but it is an important one. By scanning a QR code at reception, a traveler can securely transmit registration data, including national identity and verified company information, to the hotel. The press release (read the original in German or let Google translate it) quotes the Minister of State to the Federal Chancellor and Federal Commissioner for Digitization, who was the first customer to use the process, as saying “Put an end to the mess of paper. The lack of digital evidence is one of the most pressing barriers to digitization of our time. I am therefore delighted that we can start the first application of our new ecosystem of digital identities with the hotel pilots.” The program required changes in two German laws, one permitting identification by fully digital means, and the other waiving the requirement for physical signature capture by hotels.
Other use cases, envisioned but not yet supported in the pilot, would allow mobile check-in (including proof of identity) or tapping an NFC-capable phone in the hotel lobby to initiate check-in and to obtain a mobile key. Importantly, the process can encourage any guest to share whatever information about themselves they think is relevant to a hotel, using data they have already set up in their personal data store and avoiding the need to retype each field into the hotel’s form. Set up properly, I would expect that hotels will be able to effortlessly and with no staff resources collect the address, email, and mobile phone number from most guests at check-in, simply by asking and letting the guest respond yes or no. And of course, many customers may be willing to share much richer data if they think it may be used to improve their hotel experience.
Aside from the German pilot program, the International Air Transport Association (IATA) is now testing an SSI solution called One ID with many airlines. Originally conceived to facilitate a frictionless airport experience (check-in, security, immigration control, lounge, duty-free, and boarding) and still planned to meet that need, IATA shifted priorities during COVID to fast-track SSI-based health credentials. This will enable airlines and immigration authorities to easily verify that travelers meet the arrival requirements of various countries for proof of COVID vaccination, recovery from COVID, or negative test results. The program will allow the traveler to present the necessary proof wherever it is required in the process, without exposing unnecessary health details; it also eliminates the most common sources of fraud. The underlying technology is the same; it enables verification of a person’s identity and supports claims from trusted third parties about that person.
If you have not yet looked at the potential power of SSI, it is not too late, but it is time to do so now. The rest of this article will outline some ways you can familiarize yourself with SSI for hospitality.
Getting Up to Speed on SSI
A group of about 25 technology leaders, many from hospitality but also from other parts of the travel industry, have been meeting several times each week since shortly before my earlier article, operating as the Hospitality and Travel Special Interest Group (H&T SIG) of the Decentralized Identity Forum (DIF). DIF is a nonprofit, open-source organization focused on the development of robust design standards for Self-Sovereign Identity. It operates under the direction of the Linux Foundation and in close coordination with the Worldwide Web Consortium (W3C).
Leading the informal and all-volunteer H&T SIG efforts are notable hospitality and travel technology leaders who will be familiar to many readers: Nick Price, Mark Haley, Mark Fancourt, Norm Rose, Gene Quinn, Brian Lewis, Robert Cole, Bill Carroll, and yours truly. Membership in the SIG is open and free, and the webconference meetings are, with few exceptions, recorded and available to all. Just follow the instructions on this page if you are interested.
This core group, along with many other industry participants, have developed the first two next-generation use cases that illustrate the power of SSI; a third may be released by the time you read this. The plain-language descriptions of these use cases are well worth a few minutes of your time to read. To be sure, they are aspirational, describing a future state of technology that will not be achieved overnight, but that can nevertheless help enlighten the art of the possible. These use cases are being shared with the DIF standards-writing working groups to ensure that the hospitality and travel industries’ needs are fully represented in the evolving standards. Additional use cases are under development.
The Discount Entitlement use case describes a traveler who has multiple memberships, affiliations, and attributes that may yield special rates at different hotels (such as AAA, AARP, senior citizen, or corporate). He performs a brand-agnostic search within an area to see which hotel(s) have the best to offer in terms of location, rate, and packaging, based on preferences he has specified. This search can be performed peer-to-peer, with no intermediary, with any hotel that is prepared to respond. Hotels can, of course, still use a service bureau or intermediary if they wish, and I expect many initially will. Online travel agencies and other intermediaries can also respond based on inventory and rates they have to sell. Rate quotes can be made as they are today, based on a schedule of public and qualified rates, or individualized responses can be created for specific shopping requests where warranted.
The Share Profile Elements use case envisions a traveler who maintains a single profile, from which he can share elements with travel providers and other businesses as needed. If his requirements change, a single tap on a mobile app can refresh the information with every provider who has a copy or needs it. A consumer who changes his email address or phone number, for example, can push the update to every provider with which he previously shared his old one, simply by typing it once and pushing a button on a mobile app. Aside from being an obvious time-saver for a consumer who may be registered on dozens or hundreds of websites and apps, this makes it much more likely that each business will get every update. Stale email addresses, phone numbers and preferences are much less likely to remain in their customer databases.
Both of these use cases reduce the need for a hotel to store personally identifiable information, while giving them real-time, permissioned access to accurate, current, and digitally verifiable customer information. Security and risk management departments will benefit from reduced risk of data breaches, while marketers will have better data, especially for customers booking through intermediaries. SSI aligns extremely well with regulations such as the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA), since the customer controls their data, provides it only on a permissioned basis, and can revoke the permission at any time. A digital credential certifying that you have a credit or debit card account could easily substitute for the actual credit card number, potentially eliminating risk associated with the Payment Card Industry Data Security Standards (PCI-DSS).
A third use case currently being finalized surrounds travel change and disruption. This addresses the needs of a traveler whose trip is interrupted (such as by a flight delay), necessitating multiple downstream changes to other travel components that are today left largely to the traveler to address individually. SSI can enable the traveler to automatically share information about the changes and ensuing consequences with downstream travel providers, but only if and when something happens that creates the need. The airline can know exactly where to deliver misdirected luggage, a dinner reservation can be automatically cancelled if a plane will arrive too late, or a hotel can be notified if a disruption will push a 9pm arrival to 5am the next morning. Once published, this third use case (and all other current and future ones) will be posted here.
To be sure, many of the standards required for certain use cases are still on the drawing board or in development, but others have been ratified by the W3C or DIF, and numerous technology companies large and small are now actively developing products to support them.
What The Industry Can Do Now
The first commercial products supporting SSI are under active development or pilot by various technology companies and will likely become available, at least for beta test, later this year. For the moment, the best course of action for hotel IT leaders and technology providers to the industry is to familiarize key people in their organizations with the technology, to learn about some of the efforts to implement SSI, to establish a network of contacts in the SSI space to keep abreast of developments, and to position your company to move quickly as relevant products start to come to market. Some technology providers may well want to be leaders in the effort and start developing their own SSI-based products; others, as well as hotels, may be better positioned to be close followers.
In either case, it is important to understand that this change is not a “lift and shift;” it does not require replacing major systems. Rather, SSI will operate in parallel with traditional technologies for many years (just as call centers continued after the introduction of online bookings). Hotels and their technology providers can, for example, build a second pathway for retrieving customer data needed to support a transaction, requesting and receiving permissioned data for reservations that are made using platforms that support SSI, while continuing to use the current, database-centric approach for other reservations. This can be accomplished by replacing code that retrieves customer data from a CRM or loyalty database, with code that “forks” to the SSI model only where it is available. Over time, the design of core hospitality technology products such as reservation systems and property management systems will likely evolve to incorporate SSI natively.
Hotels can still store copies of as much data as they need in their transactional systems, and indeed some (mostly older) transactional systems that were not designed to isolate customer data may only run with fully populated internal customer databases. With permissioned access to current customer data “on demand,” however, the need to keep detailed information on customers will become much less over time, and the option to reduce compliance risk can likely lead to a much leaner operational customer data model.
As SSI products start to become available and sufficiently mature to be publicized, I will periodically return to this topic in future columns to highlight some of them.
Upcoming Webinars & Conferences
The H&T SIG team plans to offer two webinars in coming weeks for all interested individuals. Both will be recorded and available after the fact.
The first one, on Wednesday August 11 at 11:00 am EDT, will feature Nick Price and a presentation to introduce the topic of SSI in hospitality. It will be similar to one he made earlier this month to about 40 members of the AHLA/HTNG Executive Leadership Group (ELG), which generated very good feedback from a mostly C-level audience. If you are interested, add it to your calendar and check the H&T site closer in for the Zoom link, or send me an email to request a calendar invitation. Recordings will be linked on the H&T SIG site, once available. For those who attended the ELG session, this is an opportunity to make the material available to others within your company.
The second one, on Wednesday September 1 at 11:00am EDT, will cover one or more of the use cases in greater detail (if we cannot cover all of them that week, we will schedule additional sessions). These will be led by the team leads who spearheaded them: Mark Haley, Mark Fancourt, and me.
Both sessions will be recorded, and links published on the H&T SIG site after the fact.SIG members will also be presenting updated material at HITEC 2021 in Dallas, in a supersession on Monday, September 27 from 10:45am to noon. The full set of presenters will be finalized closer in, as international travel restrictions become clearer. Check the HITEC agenda for updates to the time and final presenter roster.
The Call to Action
Industry and technology experts from hundreds of leading companies, who have spent time to understand SSI, are convinced that it will fundamentally change the way customers and merchants interact, in hospitality and travel as well as virtually every other sector of the economy. You have the choice to hope that the experts are all wrong, to plan for the change and use it to build competitive advantage, or to let others build it first and have it done unto you. Which will it be?