The SSI-PoC of the established Swiss companies Orell Füssli and Swisscom together with AXA and SBB

In a pioneering step to explore the potential of verifiable digital proofs in the private sector, Orell Füssli and Swisscom, together with AXA and SBB, have successfully completed the first cross-company proof-of-concept in the Swiss private sector for Self-Sovereign Identity (SSI). This included various use cases for employee confirmations as digital proof, which were carried out on the technical solution from Orell Füssli’s subsidiary Procivis.

The objectives of the proof of concept included:

• Better understanding of digital evidence and its potential/added value (e.g. efficiency, security) for the company in its business processes
• Development of SSI know-how together with other companies
• Definition of employee confirmation and differentiation from other digital proofs based on practical use cases from the private sector (PoC with a focus on Switzerland, international issues excluded)
• Definition of processes and interfaces for issuing, inserting and checking
• Identification of opportunities and challenges in preparation for a productive solution
• Collecting feedback from participating employees and involving internal stakeholders

First, relevant use cases were compiled and defined for the PoC, and then the pilot proof was defined together with the required attributes.

The four companies belong to different sectors, including insurance services, transportation, telecommunications and publishing. The PoC was developed to demonstrate how digital proofs can be successfully used in various business environments using the example of employee confirmation.

Four different use cases for employee confirmation

• AXA: The company AXA used the digital proof to use the secure and verifiable employee confirmation to apply for payment protection insurance via a web form. In order to prove that the policyholder meets the application requirements (workload of at least 60%), the employee could present confirmation from a verified employer using a digital wallet. AXA can therefore check and offer an insurance application immediately.
• SBB: The SBB PoC simulates the login (or authentication and authorization) to the SBB default portal (V-App), which is used by SBB employees, but also by various partner companies, to list defaults and changes to defaults. Access for the partner companies was realized in the PoC with the digital employee confirmation, thus ensuring that this person really works for this partner company. At the same time, thanks to the verified attributes from the employee confirmation, access rights are controlled – depending on the company and role.
• Swisscom: Swisscom tested the implementation of an online order for a smartphone with a company discount using verifiable employee confirmation. The testers, who were issued with employee confirmations from the companies participating in the PoC, were thus able to simulate the discounted purchase process immediately without media discontinuity.
• Orell Füssli: Orell Füssli has simulated an employee discount for its publishing store, whereby employees of recognized companies can share proof from their employer for a reduction in the purchase price of books in the online store.

Results of the PoC

• Secure and verifiable digital proof of identity: SSI opens up the possibility of identifying yourself as an employee securely and with a trusted method in the digital space, independent of a less secure email account. Until now, employees often had to rely on their email accounts or physical ID cards to verify their identity.
• Verified information: An important advantage of SSI is the verifiability of the information provided. This significantly reduces the effort involved in issuing and checking proof of identity. At the same time, it opens up new application possibilities in which verifiable information can be used directly, securely and efficiently, and increases overall security.
• Technical integration: The technical integration of SSI proved to be extremely simple and user-friendly. By implementing the Procivis solution via API, identity management could be seamlessly integrated into the workflow. This smooth integration contributed significantly to the acceptance and use of SSI.
• Cross-company standardization of employee confirmation: Standardization is a prerequisite for the successful use of digital verification across different companies. Today’s employee confirmations can vary from company to company and require manual checking. One of the first milestones in this PoC was the definition of a digital proof with the required attributes that were necessary for the various use cases, but also in line with the usefulness of this confirmation. For the draft, the work already carried out in DIDAS as coordinator of business and research and sparring partner of the federal government in the establishment of the entire E-ID ecosystem was used for employee confirmation.
• Internal stakeholder education and involvement: A crucial step in the project was to educate internal stakeholders about the benefits of SSI and actively involve them in the process. The successful integration of various parties (e.g. HR, Access Management, IT, Sales and Operations) opened up new insights and opportunities for efficient processes within the company and between companies.