In one topic, we deep-dive into the most commonly used tools, as well as their relationships to the activity categories we defined above. This detailed analysis is performed in both contexts of present-day digital systems, and legacy systems pre-dating them. This comparison demonstrates how both generations of these systems and tools are ultimately enabling the same categories of supporting activities following similar patterns. All of this can inform future efforts to define next-generation self-sovereign identity systems, given that the same patterns will likely hold true there.

Legacy artifacts

In the past few centuries, especially following the industrial revolution, human societies have developed and converged on a few common processes, infrastructure systems and tools, related to the identity domain and for the purpose of supporting economic activity. Examples include the systems and norms around the use of identity documentation, such as identification cards and passports. More indirect examples also include legal and financial systems and instruments, such as money, checks and contracts.

Some of the above-mentioned processes and systems have been disrupted or evolved since start of the digital information revolution, however in this section we focus on the systems and tools that remain unchanged by digital technology, thus use of the term “legacy”. We also primarily focus on the artifacts as representative symbols, as opposed to, and in place of their backing systems and processes.

Below is the list of legacy support artifacts (see appendix for full definitions):

  • Identification documentation (Identity cards, badges and passports)

  • Resumes (C.V.)

  • Certificates and diplomas

  • Keys

  • Money, checks

  • Contact cards, business cards

  • Accounts (at businesses)

  • Signatures, fingerprints

  • Seal stamps

Identification documentation

(Identity cards, badges and passports) — are typically presented by a bearer to a receiver, they are used by bearers to identify themselves and are used by the receivers to verify the identity of the bearer, as well as to authenticate any documented claims. These documents are often issued and supported through a backend system managed by an authority such as the government. For example, drivers licenses are issued by state governments, and are typically required by some businesses to verify the customer’s identity as well as information such as date of birth.


(C.V.) — are used in the job application process to document the applicant’s identity, experience and education. The job applicant is identifying themselves as well as promoting their personal brand, and the potential employers are using scanning the contained identity information in their selection process.

Certificates and diplomas

These document one person’s completion of professional training or a set of academic courses sufficient for the issuance of a degree or designation. They are then presented by bearers to other parties that requires proof of that completion. For example, undergraduate students receive a bachelors diploma, which they can present to potential employers during the job application process.


Are mechanical instruments with unique physical features that are used to secure and access physical goods, valuables, or controls to a machine. Complementary tools called keychains are used to store, organize and access keys, especially in mobile scenarios.

Money, checks

Money commonly takes the form of denominated bills or coins, and is used as store of value, medium of exchange and unit of accounting. It is most commonly backed by state treasuries or national banks. Checks are primarily used as a medium of exchange with arbitrary denominations, backed by a given commercial bank. Complementary tools called wallets and checkbooks are used to store, organize and access these artifacts, especially in mobile scenarios.

Contact cards, business cards

Business cards are primarily used to create, formalize and strengthen business connections, as well to promote an entity’s brand. Contact cards are used to formalize, store, organize and access personal and business connections. Complementary tools such as rolodexes or cardholders are used to store, organize and access these artifacts, especially in mobile scenarios.

Accounts (at businesses)

Customers often open an account with businesses they have recurring business with, in order for the business to have access to their latest identity, contact and payment information. For example home residents are required to have an account with the electricity company, notify the company of address changes, and keep banking account numbers up to date to facilitate recurring payments.

Signatures, fingerprints

Physically unique impressions of a person’s handwriting of their name or skin ridges from their fingers are often used as a verifiable sign of that person’s participation or agreement in legal documents. For example, a person’s signature on a legal contract such as a home lease confirms their agreement and binds them to the terms.

Seal stamps

Stamps or signets are used to both create a unique impression in documents, as well as physically seal documents using wax. Thus they are used as a verifiable sign of a given entity’s participation or agreement in legal documents, and as proof of non-tampering for physical documents.

Digital artifacts

As mentioned, some of the processes and systems in use since the industrial revolution, have been disrupted or have evolved since start of the digital information revolution by taking advantage of digital technology and its efficiencies.

Sometimes these improved systems are digital equivalents of their legacy counterparts, as with the example of digitized voice communication over the same phone infrastructure. At other times these systems are rebuilt on a completely new digital foundation, and present completely new opportunities, such as with the example of the internet and electronic mail.

Below, we focus on particular artifacts, as opposed to, and in place of their backing systems and processes (see appendix for full definitions):

  • Online identities

  • Online profiles

  • Connections

  • Digital certificates, hardware keys

  • Passwords

  • Online accounts

  • Payment cards —Debit and credit cards

  • Digital money— PayPal, Venmo, Zelle, etc

  • Contact data files

  • Email

  • Phone

  • eSignatures

Online identities

These are digital representation of subsets of a person’s multiple identities, often hosted by, and managed through social networks as identity providers. Some of these identity providers also provide the ability to log into external web services, and provide privacy settings for restricting access to certain identity information. For example, a person can use a Facebook identity for social posts, as well as logging into affiliated web services with limited data sharing, while using their LinkedIn identity to represent their professional identity.

Online profiles

Online profiles are expressions of a person’s public identity, published with the help of social networks. They are often used to promote a personal brand in order to increase the chances of forming new productive connections. For example, professionals post their professional profiles on LinkedIn sometimes in place of their business cards or resume, in order to enhance their connections as well as to create new professional opportunities.


Connections are digital representations of a person’s connections with other persons, organizations or things, managed through social networks, or through contact management apps. For example, a person can maintain their list of friends through a social network like LinkedIn, and integrate that with additional identity information stored on their phone contacts app.

Digital certificates, hardware keys

Private keys are a fundamental building block of cryptographic security systems, and are often used in high security scenarios. Possession of a digital certificate file, and ability to sign data with it, proves one’s control over a given private key. Hardware keys feature additional protection provided by hardware security modules, which are extremely resistant to online exploitation. For example, some developers use digital certificates to sign code before publishing, and some use hardware keys to store the underlying private key, and to sign published code.


are unique combinations of characters, often also accompanied with a unique user name, that allow for secure access into digital system and over digital resources. Complementary tools such as password manager apps are used to store, organize and access passwords in a more efficient manner.

Online accounts

With the increasing universality of internet access, most businesses have made their customer account systems accessible through the web. In fact it is now the norm for new customers to create and manage an account with said business through their site and mobile app. consumer businesses the existing account systems When signing up for web-services

Payment cards

Debit and credit cards — Are primarily used by consumers to make payments to retail and commercial businesses in return for products and services. They can also be used to identify and verify the owner and map to other identification documents such as driver licenses. The various flavors of these cards, namely credit, debit, cash, etc, have more to do with the consumer’s credit and payment structure, as opposed to the purchasing process.

Digital money

PayPal, Venmo, Zelle, etc — Are used by consumers to transfer monetary value to personal and business connections. These payment tools are primarily available through the web and thus are well integrated into web and mobile app infrastructure.

Contact data files

These are digital container for identity information. Any entity, including people and organizations, can share their identity information in this format for easier access. It can also be used by the receiver, as part of a contacts application, to organize, store, access and transfer identity information of connections.


Primarily used for communication, it has additional uses for identification and verification. Each email user is assigned a unique email address, that can be used to identify them, as well as to verify a person’s control over that email account.


Primarily used for communication, it has additional uses for identification and verification. Each email user is assigned a unique phone number, that can be used to identify them, as well as to verify a person’s access to that phone number.


Are cryptographic artifacts defined within the context of a signing web service, such as docuSign, Adobe sign or others, that verify a person’s agreement on a digital legal document. Combined with complementary tools such as email and smart documents, these can be used to represent legal documents and processes digitally.

Last updated