Top 5 trends in Decentralised Self-Sovereign Identity and Privacy-preserving Technology in Web 3.0 (2022)

Co-authored by Alex Tweeddale (Governance & Compliance Lead), Ross Power (Product Manager), and Ankur Banerjee (CTO/co-founder)

In the early months of 2022, the cheqd team conducted two surveys diving into self-sovereign identity (SSI) and digital identity in Web 3.0. We analysed responses from a general audience, as well as from an expert audience, to tease out key trends in how identity plays a role in decentralised systems and Web 3.0.

The first article focuses on trends and key takeaways that we derived from combining a general survey and a deep-dive survey, where the respondents were a blend of experts from our list of 45+ partners as well as general audience members through outreach we did on our social media channels on Twitter, Telegram, and LinkedIn.

In a future article, we will deep-dive into the technical and industry-standard topics in self-sovereign identity (SSI), from an extended survey that was shown to an expert audience on the two topics.

 

Overall, we had 114 completed respondents to the general survey (with a completion rate of 65.8% with a confidence level of 95% for the trends and conclusions drawn from this survey. We describe the methodology and statistical analysis of survey respondents in more detail at the end of this article. We’ve also included links to the anonymised, aggregated responses for those interested in diving deeper into the data.

Read cheqd’s meta-analysis reasoning that the self-sovereign digital identity market size could be worth $500 billion or more.

Key Trends in Digital Identity from cheqd’s survey

  1. Trend #1: Maintaining privacy and control of their own data is of paramount importance to web users
  2. Trend #2: Users — and the companies/organisations where they want to use self-sovereign identity — have vastly different motivations
  3. Trend #3: Privacy-preserving commercial models for digital identity exchange could radically accelerate the adoption of self-sovereign identity
  4. Trend #4: Identity is a foundational building block for DeFi and Web 3.0
  5. Trend #5: Healthcare, Social Media, and Government use cases lead the pack among “traditional” sectors where SSI can be applied

Trend #1: Maintaining privacy and control of their own data is of paramount importance to web users

People do NOT feel in control of their data

An overwhelming majority — 68% — felt that they had limited/no control over their personal data, and what happens once it’s shared with companies. Perhaps not unsurprisingly, given the composition of our survey respondents, a lot of them believed that self-sovereign identity (SSI) — a new paradigm in portable and interoperable digital identity — would be the default method of handling digital identity in a 5+ years time horizon.

 

Obviously, in a lot of scenarios people have to give their data to a company. For example, when buying a product from a Shopify store, a customer needs to give Shopify / the store their name and address (so that they can send the items bought).

An SSI solution doesn’t automatically solve the problem of whether a company decides to take someone’s personal/business data, and repurposes it. What it does offer a possibility of is to make asking for fewer correlatable data points or cloaked data points and make that the norm. This is a principle called data minimisation.

What do does ‘data minimisation’ mean?
Data minimisation means collecting the minimum amount of personal data that you need to deliver an individual element of your service. It means you cannot collect more data than you need to provide the elements of a service…
- Derived from UK Information Commissioner’s Office (ICO) guidance
duck duck go cheqd
Source: DuckDuckGo “Spread Privacy” blog

Two good examples of data minimisation in active usage are Apple’s Hide My Email and DuckDuckGo Email Protection: both offer the ability to hide the real email addresses as well as remove trackers that could leak personal data. Albeit these offerings are not built using SSI, it demonstrates a path forward that people will adopt privacy-preserving solutions when it is offered to them.

Companies hide trackers in your emails that can capture personal information. Source: DuckDuckGo “Spread Privacy” blog.

Self-sovereign digital identity expands this concept beyond just email addresses and enables data portability across different companies, industries, and even geographies — for far more types of personal/business data. Techniques such as selective disclosure allow people to control what they share and minimise it in a fashion that moves data ecosystems towards giving people more control over their data.

“For far too long, blanket terms of service agreements have forced consumers to either ‘agree’ to all of a company’s conditions or lose access to a website or app entirely…No negotiation, no alternative, and no real choice.”
— Rep. Lori Trahan (D-MA)

Existing data protection regulation is NOT good enough

66% of our respondents said they don’t feel existing data privacy regulations are sufficient to give people control of their data. This is no surprise when we consider that regulations such as GDPR have resulted in more compliance on part of companies…but with limited effect, on the control a person can exercise.

ToS;DR
Screenshot of ToS;DR home page

It’s extremely common even under the scope of GDPR that people are prompted to accept long-winded terms of service, where they blindly grant access to companies to their personal data that they understand little about. 

This situation has gotten ridiculous enough, to the extent that it has spawned projects such as ToS;DR (“Terms of Service; Didn’t Read”), where community volunteers annotate ToS policies into a more digestible format; and the Terms-of-service Labeling, Design and Readability Act (TLDR Act, a nod to the term “too long, didn’t read”) to legally compel companies to provide more tangible controls to people.


Trend #2: Users — and the companies/organisations where they want to use self-sovereign identity — have vastly different motivations

Motivations of users are largely centred around controlling the privacy and access to their data

We asked our survey respondents why did they, personally, care about self-sovereign identity. The choices presented here were based on commonly-quoted reasons the team at cheqd had heard during working during the past five years in the space of self-sovereign identity. 

Some of the choices presented were directly beneficial to them, such as the privacy of personal/company data, which was ranked as the top reason for their interest in SSI by 62.3% of all respondents.

While the overall ranking disproportionately skewed towards privacy and control of their data, personal control (ranked 2nd overall) and efficiency gains (ranked 3rd overall) were the next closest motivations. Control and efficiency are things that both users — and the companies/organisations they interact with — care about. 

Portability, better inclusivity, and technological innovation brought the middle of the pack with relatively similar spreads. Given the demographics of our respondents, there was a slight uptick at 1st/2nd ranks for concepts such as tech innovation and decentralisation than others.

 

Scope for commercial gains/profits had low ranks at position 1 or 2 (still higher than both innovation and inclusivity), with a big bump around 5th rank — a bit more on this later.

Why would companies/organisations bother with privacy-preserving digital identity?

Stating that people in our survey wanted SSI is a tad obvious…and hopefully we’ve also shown through examples outside of the sphere why people care about and adopt privacy-preserving digital identity. But why would the companies that these users interact with care?

To dig into that question, we asked our expert audience of executives and industry experts from digital identity companies why their own existing/prospective clients cared about SSI.

 

Reducing compliance risk was chosen by far by more than 2/3rds of the respondents who answered this question (70% of respondents), which is undoubtedly aided by clearer regulatory frameworks that promote privacy-preserving digital identity (55% of respondents). (We cover the evolution of the use cases and regulatory frameworks later in Trend 5.)

Tied in the second spot was a desire to stay ahead of the curve by adopting new technology (also at 55%), which contrasts with the relatively-low ranking of “technological innovation” as a factor from a user perspective.

Reduction in costs, cost of existing identity verification providers, or generating new revenue was selected by fewer respondents, which could be due to an existing lack of solutions that enable this in the space.

Other reasons we heard from our expert audience on why their clients care about SSI…
“Providing new privacy enhanced experience for end users”

“Overcome surveillance capitalism”

“Increased trust and removing friction”

“End-to-end transparency & correlatability for compliance use cases; protecting business confidentiality”

“A recognition that the public favors solutions that value their privacy.”

If everyone WANTS self-sovereign identity, why isn’t it being adopted more widely?

The wide range of partners we have here at cheqd allowed us the opportunity then to flip the previous question and ask our expert audience what the biggest blockers they have heard from their clients in being able to consider SSI adoption.

 

The picture that emerges is an impression — whether justified or not — of technical standards not being mature enough (60% of respondents) and lacking/limited interoperability with products of other SSI software or existing enterprise systems (55% of respondents). To be fair, this is a clear rallying cry for the self-sovereign identity software industry: the developer experience of integrating, for example, Sign-in with Apple takes only a few lines of code, but implementing an SSI solution could take dozens to hundreds of person-hours of effort.

That might be slightly unfair as a comparison to make, or comparing apples to oranges since SSI goes far beyond what a simple single sign-on achieves. But the reality is that enterprise clients are, in all likelihood, actually comparing it to Apple’s (or Facebook’s / Google’s / traditional identity verification providers’) developer experience at a surface level.

 

This neatly brings us to the rest of the top 5 blockers: unclear understanding of return-on-investment for investing in SSI solutions (55% of respondents), lack of knowledge of the benefits SSI brings among decision-makers (50% of respondents), and lack of commercial/business models (30% of respondents). These all broadly fit into the theme of being able to articulate the business value of why SSI is beneficial. Educating stakeholders is a common refrain that comes up in the free-text responses.

Our purpose here in showing these answers is not to cast a shadow of doom-and-gloom on the prospects that self-sovereign identity has. Instead, we wanted to transparently highlight the areas the industry experts themselves have identified as spots where the whole sector could improve. We’re assessing and responding to this data ourselves at cheqd to see where we could improve.

 

Going back to the general survey for a second, it’s interesting to note that a larger portion of the general audience thinks the technical standards in SSI are mature enough for widespread use (28% agree, 38% neutral) compared to the results we saw from blockers faced by the expert audience.

Once again, an overwhelming portion of respondents (61%) agreed that Web 3.0 / blockchain apps need integrated digital identity solutions. They are also passionate that there aren’t any alternatives besides SSI they strongly believe in. 

There is one thing that more than 70% of respondents from our expert audience agreed would have the biggest impact in driving the adoption of SSI among their enterprise customers: payment mechanisms for digital identity exchanges. Onwards to Trend #3


Trend #3: Privacy-preserving commercial models for digital identity exchange could radically accelerate the adoption of self-sovereign identity

One of the core hypotheses behind cheqd’s inception is that a lack of commercial models — which are privacy-preserving as well — is hampering the lack of SSI adoption. We described this in The business models of identity as follows (excerpted):

the time and resource cost an issuing/verifying organisation incurs must not be ignored for a viable and sustainable self-sovereign identity ecosystem.
For instance, government-issued credentials should be made free / as cheap as possible to acquire as they are funded through taxes and/or one-off fees. This is crucial as government-issued credentials are often the genesis of trusted data in many industry contexts.
However, in other scenarios where an issuing/verifying organisation is not a publicly-funded organisation, we do see an unmet need for compensating organisations that carry out the work of verifying digital identity. These organisations are the root of trust that make SSI credentials held by an identity subject more trustworthy and have greater utility.

In that blog post, we described this as the flywheel for SSI adoption: trustworthy digital credentials that are cheaper to consume and produce compared to the current costs of KYC/KYB verification services will, over time, increase the volume of credentials in circulation and hence drive these costs down for all users and companies to make consumption cheaper and easier.

Flywheel of adoption
The virtuous cycle of SSI adoption, accelerated by viable commercial models

As we saw in Trend #2, maintaining the privacy of users while they interact with companies is something that people deeply cared about. After all, if the gains that were gained from adopting self-sovereign identity were compromised by correlating payments recorded on an immutable ledger, these benefits are washed away. Obviously, cheqd will be designing and building with this in mind!

70.3% of respondents from the expert audience agreed with our internal thinking that privacy-preserving payment mechanisms for identity exchange would have a large impact on driving SSI adoption. The challenge, so far, has been models that achieve value exchange while maintaining privacy in transactions.

 

The Sovrin whitepaper in 2018 proposed a payment mechanism called holder-pays-issuer; an example of this is when I pay a government agency a fee to be issued a passport document. There’s a direct exchange of value here since it costs the government agency some money to process the request.

This model can also be extended to verifier-pays-holder; an example of this would be if I charged a bank that wants to KYC me for access to a copy of a digital passport credential. These two models clocked in at about 32–41% of respondents believing holder-pays-issuer or verifier-pays-issuer would have a large impact.

However, our hypothesis here at cheqd has always been that while there may be some credentials where people are willing to “buy” them (paying to get the credential) or where companies would be willing to “buy” the rights to have a peek at a holders’ wallet, it would be hard to convince all people in an ecosystem to change their behaviour towards this.

What we believe is a more viable commercial model is one where verifier-pays-issuer, i.e., the recipient of the information pays the person who created the credential. 62.2% of the expert audience respondents said verifier-pays-issuer would have a “large impact” on SSI adoption

We don’t take it lightly that establishing such a model is hard to do while maintaining privacy. Our methodology here is to not create a locked credential — as that breaks interoperability and portability — but to allow issuers to charge for access to the revocation status of a credential.

Drivers licenses as an example of verifier-pays-issuer
I could show my drivers license to at a grocery store to prove my age when buying alcohol. Since the checkout staff only care about deriving my age from the date of birth, they don’t need to care whether the drivers license is actually valid (e.g., it could have been “cancelled” if it was reported as stolen) as long as it is document that was issued by a competent authority. This is analogous to showing a Verifiable Credential, where the recipient can see that the credential is cryptographically untampered.
However, if I took the same drivers license to go rent a car, the car rental agency would likely way to check if the license was issued by a competent authority and that it wasn’t otherwise disqualified/revoked (e.g., reported as stolen, revoked due to dangerous driving, etc). This is analogous to presenting the Verifiable Credential and being able to read it being free, with the receipient/verifier having the option of paying for a revocation status check. The revocation status here is an attribute of the drivers license document controlled by the issuer, and not an attribute of the license holder themself.

It’s important to clarify here that there is no one-size-fits-all, and we don’t plan on mandating any particular price point for credentials on the cheqd network. Instead, we believe that some credentials will likely be free to consume as well as check revocation statuses for, some will be charged out by holders of the credentials, and some will be “free” to present with an additional charge to check revocation status.

On that point, we recognise that having stable-pricing mechanisms is important for this economy of function. 40.6% of respondents said stable pricing would make a large impact, with 45.9% saying it would make a moderate impact. This aligns with our thinking in terms of how we plan on handling payments in stable dollar-equivalent payment means such as stablecoins. It forms part of our tokenomics vision that encourages flexibility and competition in the market.

Watch our talk The Seven Deadly Sins of Commercialising SSI from Internet Identity Workshop 2021 to dive deeper into how we’re thinking of tackling the challenges of privacy-preserving payments for digital credential exchanges.


Trend #4: Identity is a foundational building block for DeFi and Web 3.0

cheqd is a rapidly-growing digital identity startup, and we always want to ensure that we’re targeting our resources on areas that will have the greatest impact/traction. 

While it may not be 100% correlatable, instead of asking our survey audience generically about where self-sovereign identity might have the most impact, we phrased the question to ask them where we should focus our efforts.

 

DeFi and Web 3.0 applications are unique in the sense that “your reputation travels with you”, as described by a16z. Web 3.0 services have a high degree of switchability: don’t like a particular wallet, exchange, or dApp? There’s probably a different app or service to which you can port your user experience to, while retaining history.

Regulations such as the Travel Rule bring new compliance requirements on crypto businesses (which Nota Bene focuses on), and as more regulators get interested in “digital dollars” or Central Bank Digital Currencies (CBDCs), cryptocurrencies will face greater scrutiny. Other efforts have arisen more natively from the blockchain industry, such as Centre Consortium’s Verite, which aims to bring decentralized identity to crypto finance.

A lot of these CeDeFi use cases above are a variation of Know Your Customer (KYC) and Know Your Business (KYB) processes — but the concept of identity isn’t just related to KYC / KYB. For instance, it’s painfully common for low-reputation crypto projects to be a “rug pull”. (Simon Taylor’s Fintech Brain Food newsletter covers the intersection of DeFi and identity pretty well on a regular basis.)

Interestingly, our survey respondents were relatively lukewarm towards the idea of applying SSI to traditional finance (or, “TradFi”). Our hypothesis is that this might be due to either…

  • …an acknowledgement that the traditional finance sector moves very slowly. We’d phrased the question as what we should focus on this year.
  • …a bias due to our audience demographics.

The intersection of identity and NFTs

Much like the issue of uncertain reputation in the case of “Who’s behind this particular crypto transaction, anyway?” — as demonstrated in the case of potential insider-trading of the Meebits NFT collection or Chainalysis’s report on rampant “wash trading” for these digital assets. A transaction involving a valuable NFT has the same issues as a high-value (fungible) token transfer does. OpenSea, one of the world’s largest NFT marketplaces, had to bring in special countermeasures to combat scammers who pretended to be from their own support team.

Bored ape
Bored Ape Yacht Club (BAYC) NFTs

Widespread interest in the NFT space is regardless creating a dangerous proliferation of projects that attempt to create “digital credentials” using NFTs. Pseudonymous identity, tied to a user handle or to a wallet address — the way that an NFT would be — is still an identity. The fundamental problem with using transferrable tokens to handle identity or reputation is that it’s hard to determine whether the reputation was earned or bought. Think of an employee pass, a driver's license — or even something more pseudonymous such as a gamer profile. These are digital footprints that are earned through effort, and should not be transferrable.

Ethereum name service
Ethereum Name System (ENS) domains — like the one above — make the user experience of wallets simpler with the trade-off of making interactions more correlatable

Then there’s the issue of how strongly correlatable and privacy-leaking NFTs can be, due to the nature of them being linked to on-chain handles such as Ethereum Name System (ENS) domains. Many people willingly mention their .eth addresses on their social media, such as Twitter, making it trivially easy to follow any interactions with other wallet addresses, and understand what specific NFTs/assets that particular person owns.

It’s interesting to see the emphasis on DeFi / Web 3.0 in contrast to NFTs. This is a strong sign that there is an understanding of the distinction between these, despite the overall dominance of NFTs adoption in the marketplace. NFTs was the lowest-ranked use case in our survey.

Pest control authentication
Pest Control is the official authentication group for Banksy artwork

With valuations of non-fungible tokens such as Bored Ape Yacht Club (BAYC) soaring exponentially, NFT buyers may also care about the provenance of their digital artwork. This doesn’t mean the same as KYC: for instance, the official artwork authentication group for Banksy is a service called Pest Control. Many NFT artists also similarly skew towards pseudonymous identities and may want to offer the assurance on the provenance of easily right-clickable digital artwork — which helps provide assurance that maintains high valuations for an NFT collection — while preserving the privacy of buyers, sellers, and creators.

The case for self-sovereign identity in DeFi/Web 3.0

One of the breakout use cases we saw for SSI was “one-click sign-in with cheqd”, with identity verification baked into onboarding. This is analogous to the ubiquitous Login with Google / Facebook / Twitter / [insert other large Web 2.0 service] buttons that you may see online. (More recently, Magic.link raised a $27 million Series A to bring such single sign-on technology to Web 3.0 apps as well.)

However…the traditional Login with X button doesn’t prove my real identity: it’s just a shortcut method to bypassing a username and password setup. You wouldn't really expect a username+password to be sufficient enough to prove reputation in the context of Know Your Customer (KYC), and also in scenarios where pseudonymous identity is sufficient. For example, a lot of decentralised finance (DeFi) or decentralised autonomous organisations (DAOs) may not require KYC in the traditional finance (TradFi) sense, but would perhaps care about preventing sockpuppet accounts from influencing governance decisions in their community.

 

Overall, we saw strong interest in this space on pseudonymous forms of identity and online reputation to various degrees. Crypto adopters might care about an inherently private means of proving their own reputation, the provenance of digital assets, or strong privacy-preserving mechanisms for validating whether they are transacting with the actual person/project they intend to interact with.

In the SSI context, one of the areas we’re keen to explore is to move beyond the usage of “well-known URIs” (Uniform Resource Identifier) to determine whether a Decentralized Identifier (DID) is trustworthy. This is achieved by tying a DID back to a web endpoint/domain name…which ultimately anchors things back to the very centralised public-key infrastructure (PKI) that DIDs aim to disrupt.

A pseudonymous online reputation is also valuable for traditional real-world and Web 2.0 services. We explore this in the next section.


Trend #5: Healthcare, Social Media, and Government use cases lead the pack among “traditional” sectors where SSI can be applied

 

Healthcare & Travel

The Covid-19 pandemic has undoubtedly been one of the largest-scale and most deeply-impactful periods in recent human memory, with loss of life and health effects that will likely linger for decades. It has also been a period of “forced experiments” that accelerated the adoption of digital/online services, as large parts of the world came to grips with new realities of what a hybrid workforce looks like.

“How do I prove my Covid-19 vaccination status, or test results, with a high degree of trustworthiness?” has been an especially important question that societies and governments have had to grapple with. Given this lived experience, it’s unsurprising that healthcare stood out as one of the top use cases in our survey. Covid-19 vaccination/testing results, provided through self-sovereign digital credentials, provide one possible solution to this question — without the need to create massive, global/regional databases of health records (arguably a bad idea) or having to rely on paper/PDFs (easily spoofed).

IATA airlines
A wide range of airlines are trialling Covid-19 records under the IATA Travel Pass scheme, built on SSI credentials

For example, one of cheqd’s key partners — Evernym — built the International Airport Transport Association (IATA)’s Travel Pass scheme. Local governments, health agencies, and international organisations such as IATA allow travellers to easily, securely, and digitally prove their compliance with Covid-19 regulations. This is now officially accepted by dozens of airlines and governments around the world, as the world takes tentative steps to re-open.

cheqd’s co-founders have personal/professional experience with the use of SSI in travel and healthcare…
Fraser Edwards (CEO) worked on the Known Traveler Digital Identity (KTDI) initiative, a collaboration for the use of SSI digital ID for international travel between the World Economic Forum (WEF), the Dutch government, and the Canadian government.
Ankur Banerjee (CTO) was one of the key architects for the early trial phase of NHS Digital Staff Passports. Since then, Digital Staff Passports has evovled to an NHSX initiative being rolled out across certain NHS trusts with invovlement from Truu (a cheqd network partner), Microsoft (who built Azure AD Verifiable Credentials), Condatis, and Evernym.

Government

Without the involvement of governments across the world, these healthcare (and travel) use cases described above would have never really seen the light of day. One of the pioneers in terms of laying legal/regulatory framework guidance as well as funding technical research in this has been the European Union government, especially through its Next Generation Internet Initiative: the European Self-Sovereign Identity Framework Lab (eSSIF-Lab).

eSSIF-Lab
European Union’s Self-Sovereign Identity Framework Lab (eSSIF-Lab) is one of the 
Read Evernym’s analysis of the EU Digital Identity Architecture and Reference Framework, written in collaboration with ValidatedID, Intesi Group, and iLabs which explains the latest developments in how the EU guidance impacting SSI is evolving.

It’s no surprise that the EU, with its multi-nation bloc, recognised the need for portable digital identity credentials that would work across all the EU nations without needing to resort to massive EU-wide databases. The European Blockchain Services Infrastructure (EBSI) and eSSIF-Lab provide an early look at what an ecosystem focussed on user-controlled digital identity could look like.

EBSI
European Blockchain Services Infrastructure (EBSI) potential market, by the numbers

Other early pioneering government initiatives in self-sovereign identity are the IDUnion network in Germany (which has cheqd network partners Danube Tech, eSatus, European EPC Competence Center, and Spherity as members); and the Government of Canada with has a rich ecosystem of national and provincial initiatives for SSI.

Governments have a strong fit with the identity space, as a lot of the “genesis” of identity attributes are often derived from government-issued credentials. Many governments around the world are also keen on improving the citizen/resident experience, building on technology stacks that don’t have strong vendor lock-in.

Trend 5, therefore, helps us show the growing interest in how the first credentials in any SSI ecosystem can be created from government entities.


Methodology

We feel it’s worth providing some insight into how we constructed and ran the survey. Overall, we had 114 completed respondents to the general survey (with a completion rate of 65.8%; pretty high given that average survey completion rates are around 10–33%). The estimated audience/population size this survey was offered to was ~12,000. Taking the sample size of respondents into consideration, it allows us to state a confidence level of 95% (with a margin of error of 9%) for the trends and conclusions drawn from this survey.

 

We also asked all respondents to self-score their knowledge of decentralised digital identity and Web 3.0 from low to high. Our audience composition likely resulted in most rating themselves average to high (between 5–10 on our scale), due to their industry background in these topics.

At the end of the general survey, we identified 45 respondents as either pre-qualified experts from our partners or self-identified as having a high degree of knowledge of digital identity / Web 3.0. We had 37 completed respondents to this deep-dive survey (with a completion rate of 84.6%). This group included experts from some of the world’s most prestigious early-stage to late-stage digital identity companies and Web 3.0 partners. Given the estimated population size (~90 qualified individuals) this survey was offered, the sample size of respondents allows us to state a confidence level of 90% (with a margin of error of 10%) for additional insights derived from the expert audience group.

Tools

We used Typeform for this survey as we both valued the branching options it offers, whilst also appreciating the overall user experience it offers. One of the consistent pieces of feedback that we received was that the respondents enjoyed answering the survey and found it a “slick” experience.

One of the issues we encountered with Typeform was that we used its auto-estimation feature to calculate the estimated length of the survey (in minutes). This led us to state that the survey would take “7+ minutes” to complete. What we didn’t realise at the time is that Typeform stops counting survey length after 7 minutes. We also validated the “7 minutes” length by running through the survey internally, but during this internal testing, we didn’t provide extended free-text answers — which many of our respondents did. As a consequence, the average completion time was approx. 31 minutes, which was significantly higher than the expectations we set with people. (Since this is an average figure, some people would have spent significantly shorter, while others longer. This may even include the time when the survey was left open in the background in a tab.)

Another issue we ran into was Typeform being unable to export answers to multi-select questions in a consistent format, which took us 2+ weeks of back-and-forth with their customer support team. (Thankfully, they were proactive in offering us service credits.)

Despite the challenges we faced, the extremely high completion rate and overall positive sentiment towards the survey showed us that when a survey is designed to be engaging and feel quick, it makes respondents likely to respond in detail and offer rich insights. We’ll be more careful about setting the expectations right when designing future surveys on the time commitment needed. Typeform enabled us to build this experience, and we foresee us continuing to use it, above tools such as SurveyMonkey.

We also used Datawrapper to generate visualisations that could be embedded easily, since they offer the ability to have dynamic and interactive embeds, the ability to download static images, and auto-suggest “sensible” defaults for visualisations. They also guarantee to keep the charts alive regardless of whether our account there is deleted, thus preventing link rot, and don’t track as much data as competing solutions such as Google Charts.

Question formulation

Generally, we tried to keep to consistent usage of ranking scales and Likert Scales because these offer a clear picture of how badly something is wanted, rather than a simple indication that there is somewhat of a desire without a clear way of comparing one to another. For example, just asking respondents whether to pick amongst a list would tell us what percentage overall voted for a choice, but wouldn’t tell us how they ranked the options against each other when forced to make the choice.

Similarly, the usage of “Strongly Agree to Strongly Disagree” allows us to understand degrees of agreement/disagreement to a statement, rather than a simple yes/no binary choice. We took a lot of care to phrase statements in a neutral fashion (as far as possible) and then present a choice against Likert Scale, as well as blending in statements that implied the opposite sentiment to previous statements — as this allows us to check whether the spread of opinions is a mirror image or not. This helps validate whether someone is simply going down a column, picking the same choice, to breeze through the survey as quickly as possible.

We wanted to make this survey overall more quantitative as it is far easier to retrieve more results, plus analyse and inform our strategy with a more data-driven approach. That said, the offering of free-text input proved worthwhile; we loved the range of comments and opinions, as can be seen from some of the quotes we pulled out above.

Audience demographics of the respondents

When approaching this survey, we had two key objectives. First, we wanted to uncover deep insights from our partners that could help strengthen our understanding of what is most needed from cheqd. Secondly, we wanted to be open enough to resonate with those with less specific knowledge, since such persons can help provide a more objective and generalist perspective on us as a company and the direction we should head in.

We created this survey in a way that not all questions were meant to be completed by every respondent. For example, if someone was to indicate in certain questions that they held limited knowledge of self-sovereign identity, we used branching logic to ensure these individuals did not provide answers without enough prior insight as this could taint the overall results. We also chose to accommodate a larger audience to improve the overall reliability survey, as if we had just surveyed those immediately involved in SSI (i.e. current and prospective partners), we’d likely witness a level of confirmation bias about the overall level of understanding of the space and what is more sorely needed.

We also noted that surveys that take too much time drastically worsen the overall results, as questions towards the beginning get more love. Therefore, on top of leveraging branching logic to help improve the accuracy of results, we also used the branching logic feature to help limit time spent on questions that either didn’t have relevance to the respondent or would leave them unable to answer, thereby simply selecting any option so to proceed.

Anonymity/pseudonymity of respondents

This was important to us for obvious reasons: both for what we stand for at cheqd but also for the validity of results. When forced to provide their identity people will generally answer less honestly and often overly positively. However, we did want to be able to guide respondents down the right path based on their level of experience and area of expertise.

To balance these somewhat competing needs, we opted to ask for aggregated demographic information to guide the branching logic of the survey and waited until the end to offer the opportunity to provide any more personal information.

What’s next

To recap, we identified the following key trends from our survey:

  1. Trend #1: Maintaining privacy and control of their own data is of paramount importance to web users
  2. Trend #2: Users — and the companies/organisations where they want to use self-sovereign identity — have vastly different motivations
  3. Trend #3: Privacy-preserving commercial models for digital identity exchange could radically accelerate the adoption of self-sovereign identity
  4. Trend #4: Identity is a foundational building block for DeFi and Web 3.0
  5. Trend #5: Healthcare, Social Media, and Government use cases lead the pack among “traditional” sectors where SSI can be applied

There is plenty more that could be extracted from the survey, which is a testament to our community and respondents for providing such thought-provoking insight. Stay tuned for our following blog posts, where we go into greater detail about trends in the Web 3.0/Cosmos ecosystems, and in the standards stack of self-sovereign identity.

All of our charts can be found on Datawrapper River and are reusable under a Creative Commons Attribution-ShareAlike 4.0 License. The aggregated, non-identifiable survey responses can also be accessed under the same licensing terms for anyone who is interested in re-using this survey.

We’d love to hear your thoughts and take about the state of self-sovereign identity and how it intersects with the Web 3.0 ecosystem. To find out more about SSI and digital identity, follow cheqd on LinkedIn or Twitter.