What makes your business singular? What makes one customer, one device, one line of code different from the next? What makes you you?
The answer is identity. Identity is the key to modern life, and identity management—the means businesses use to distinguish one individual user from the next and to maintain and safeguard their proprietary information—is crucial to operating in the modern economy. However, in the digital era, establishing who or what we are is more challenging—and more critical— than ever before.
At T-Mobile, we view technology through the lens of customer obsession. As a result, we believe our customers and employees have an inherent right to data security and data access. It’s a matter of trust that we’ve established with our customers, and a big part of our role as the Un-Carrier is listening to our customers and giving them what they ask for. And the core of that trust is identity management. We want to be sure that as we help drive the technology evolution of identity management, T-Mobile customers and employees will be among the first to benefit.
As T-Mobile’s CIO, one of my main responsibilities is removing barriers to collaboration to encourage greater innovation, and that’s led my team to develop some rather impressive solutions for identity management. When we began our journey of digital transformation in 2014, we sought to both learn from and contribute to the technology communities around us. We engaged with the open source software (OSS) community to explore the full depth of identity management and platform development. With millions of customers and thousands of employees, we understood that identity was at the center of our transformation. Our goal was security, and API-first software designs allowed us to realize the holy grail of identity management: giving our customers and employees the right access to the right resources at the right time.
“Identity governance is a compelling use case, but SSI marks a potential turning point in modern identity”
By 2016, as blockchain technology became more widespread, we recognized an innovation that could change the way identity is accessed, managed, secured and audited. We also recognized real industry pain points: Standards were rare, even nonexistent, and throughput, key management, and oracles presented significant engineering challenges. To lead the way toward a future where blockchain dramatically improves the identity space, we had a lot of work to do. In the process of driving OSS efforts and industry-wide initiatives including the World Wide Web Consortium’s Verifiable Claims work and the Token Taxonomy Initiative, T-Mobile became a thought leader, and we homed in on two primary identity-related use cases: identity governance and self-sovereign identity (SSI).
Identity governance, the centralized, policy-based management of identity and access, is critical to any company that manages identity at scale. Blockchain can play an important part. The three keys to this capability are tokenizing an identity entitlement that allows for precise tracking; leveraging smart contracts (which I like to think of as business processes defined and operated in code) to allow control definitions to be coded into the platform, and providing indisputable audit records of transactions. As T-Mobile continues to lead standards development in this space, we’ve implemented much of our research in theHyperledger Sawtooth NEXT Identity Platform. This OSS application combines the performance of a NoSQL database with the blockchain keys identified above. Layer a React UI over the Swagger-based APIs and you have a next-generation enterprise solution for controlling, operating and auditing identity. We developed this software in conjunction with Microsoft and Intel and we’re sharing it freely with the sole intention of empowering businesses to better serve their customers.
Identity governance is a compelling use case, but SSI marks a potential turning point in modern identity. The term describes the set of protocols, infrastructure, and standards that allows an individual to control their online identity, encrypted and decentralized. This truly revolutionary technology provides—for the first time—the ability to change the definition of online identity from “You are you” to “I am me.” And its impact on business could be profound.
Whether in a B2B partnership, sales deal or employee hire, businesses traditionally trust claims without verifiable proof. SSI offers the opportunity for third party-verifiable claims—a potentially revolutionary and empowering advance across a wide spectrum of applications. This can, for instance, break down longstanding barriers around education and hiring. The personal anonymity of blockchain systems combined with the ability to verify individual claims could be a boon for diversity hiring, as applicants would present only the job-relevant aspects of their identities, eliminating potential bias against certain types of names, ethnicities or educational paths. In other words, any and all qualified applicants – whether or not they fit a specific socioeconomic profile – would suddenly find themselves in consideration for jobs they were previously denied. Opening the door to qualified candidates of all backgrounds could reveal a previously untapped talent pool and forever change how hiring decisions are made. Here at T-Mobile, where we’re committed to expanding the diversity of our employees across all our teams, leading the way to that end is the kind of work we want to be doing.
From security that keeps private information safe to new models of blockchain audit and governance to fundamental changes in SSI and verifiable claims, identity management is at the heart of T-Mobile’s technology transformation. It determines not only how our businesses interact, but how we interact as human beings. The tools are changing but T-Mobile’s commitment to protecting and empowering our customers and employees is not. As this space continues to evolve, T-Mobile will continue pushing the boundaries, Un-carrier style.