How Digital Identity Evolved Over The Years — Web1, Web2, & Web3

9 min readAug 22, 2022

The Evolution of Digital Identities

The internet was born in 1989, thanks to the legendary Tim Berners-Lee. It looked like this:

According to Insider, this is what the first ever website looked like in 1992.

Today, the internet looks different. For one, there are colors. Even the most basic of websites features more html code than the first ever website created. For another, hundreds of thousands of people are learning, exploring, and growing the entire ecosystem.

How did we get here? What is here? And where do we go from here? To properly understand this, we need to dive into what digital identities are and how they shape the worldviews we have of the internet.

What is a digital identity?

In a nutshell, our digital identities are how we understand our relationships to the internet.

Take, for example, your passport. As long as you hold it, you have a claim over your birth name and birth date. We can call this your physical identity. As long as you hold your passport, you have rights in your home country that tourists don’t.

Similarly, your Digital Identity gives you rights online, depending on how you use it. We’ll delve into them later, but it’s important to recognise that whenever you do anything online with your digital identity, you will knowingly leave “footprints” behind in the form of posts you create, but also unknowingly leave “footprints” behind in the form of cookies and metadata.

Now that we have a high level understanding of Digital Identity, let’s go back in history and take a chronological look at how it has evolved over time.

Digital Identity in Web1 (the “Read-Only” phase) from a user’s perspective

Scroll up and look at the first picture in this article again. Text and hyperlinks. Those were what made up the majority of Web1, which is why it was known as the read-only phase of the internet. Pictures came later, and when Dr Fun, one of the first webcomic platforms, was published, it was heralded as “a major breakthrough for the Web” by the National Center for Supercomputing Applications.

Where did Digital Identity come into play against such a landscape? This is a bit of a trick question as Digital Identities were not accessible to the masses. The level of interactivity was so limited that you couldn’t even enter your email address to get sent updates from your favorite creators — the functionality hadn’t been invented yet.

What does this mean for users?

In Web1, we were all limited citizens — perhaps even ghosts — who were only allowed to interact with basic text and hyperlinks that site owners have put out. We were spectators who did not feel any sense of ownership over anything seen online, and this is part of the reason using the internet in those days was so transitory. It was purely window shopping, nothing else.

Digital Identity in Web2 (the “Read-Write” phase) from a user’s perspective

Then things started to change. The infrastructure got better, more people started recognizing the value of the internet, and the invention of a new beast — social media — started a complete revolution.

With this heightened interest in the internet, major giants started appearing. You may have heard of some of them: Facebook, Google, YouTube, Twitter, and Neopets just to name a few. Interactivity was key to getting users on their platform, as the more we could play games, watch videos, or talk to friends, the more of our time we were spending on these platforms, the more advertising dollars they got.

This is where Digital Identity really started to form: you needed a form of identification for interactions online to be meaningful. It was a win-win solution: you were able to interact with others online and companies were able to get feedback on what you wanted to do online.

Phase 1: Siloed identities

Username + password logins
Email addresses
Mobile phone numbers

A virtual pets website, Neopets, has used siloed identities since its launch in 1999.

The initial stages were pretty much a free-for-all among digital companies. As they were figuring out how to engage with users, they started creating the very first forms of “digital identity”.

Think of these “digital identities” as membership cards — they were recognized by the card issuers but nowhere else, essentially making them siloed. Siloed identities are still common today. Most websites that enable signups or subscriptions allow you to create a new login which you can then use to interact with the website.

Phase 2: Federalised identities (via the OpenID standard)

One-tap logins across multiple platforms
Eg Sign in with Facebook/Gmail

Spotify allows logins via federalized identities.

Not all internet-native companies are created equal. With the incredible growth of tech giants like Facebook and Google, we soon saw attempts at creating federalized identities. Federalized identities are created via the OpenID standard, which enables you to provide your details to one provider, who is then authorized to share this with other websites you visit. The OpenID standard has been adopted mainly by the bigger tech companies who are aiming to integrate users into a larger ecosystem of apps.

Note: OpenID is an open-sourced standard created in 2005. Since then, there have been over 1 billion OpenID-enabled accounts, with over 50,000 websites accepting them.

On first glance, federalized identities are a win-win-win solution for users, the tech giants, and the platforms who integrate the federalized identities. After all, this system leads to a much quicker signup process for users, tech giants increase the scope of their data collection with minimal work, and the platforms gain access to a wider range of users.

However, if we looked deeper into how it’s set up, we’ll soon notice a few issues with digital identity in Web2, all inherent to the fact that we’re using third party platforms:

Censorship may occur at any time
Our data is being sold without consent
Data breaches may occur
We don’t own our identities

This is not meant as a criticism of Web2, it is showing that there can and will always be improvements to be made.

What does this mean for users?

Web2 so far has shown us a glimpse of what is possible with Digital Identity. It was the first time “normal” people from one corner of the world could interact with friends from the opposite corner in split seconds. Social media itself has been a beast of revolution, upending how we interact with friends and even strangers.

While Web2 users are happy with their experience so far, this will only continue for as long as tech giants and the platforms they use act in a benevolent way. In essence, on Web2, We are children, able to make some choices but the moment our parents (i.e. tech companies) get upset, we have no choice but to obey them. This happens most obviously in the cases of censorship and data privacy.

Which brings us to…

Decentralized Identities (the “Read-Write-Own” phase) from a user’s perspective

Now we’re on the cutting edge of technology. The path forward is always being paved, and for all the good that Web2 has brought us as digital citizens, it’s time to stop renting digital space and become homeowners for ourselves. After all, if the Web1 to Web2 revolution brought such drastic changes, imagine what the Web2 to Web3 revolution will bring.

Web3 differs from Web1 and Web2 because it operates primarily on blockchain technology. Being on-chain provides new advantages such as everyone being able to own part of it, allowing projects to be community-owned (i.e. decentralized).

Decentralized Identities are digital identities that are generated by a completely neutral protocol, generated from pure math. Put simply, imagine if a large corporation like Google or Facebook were issuing identities, except for decentralized identities, the “issuer” is Math. This completely eliminates the possibility of the issuer selling your data or spying on you without consent.

What does this mean for users?

While Decentralized Identities are not yet in mainstream use, it effectively demonstrates how Web2 Digital identities’ main weaknesses can be nullified: take decision-making power away from the identity issuer and they won’t be able to sell or use your data without your consent.

The driving motivation for Decentralized Identities is for users to own their own identities and not rely on centralized third parties for verification. This is a huge step. We are now adults, having graduated from “renting” space from tech giants and able to interact directly with protocols with self-owned identities.

Why we need to understand Decentralized Identities

Decentralized identities are important because of the growth of social protocols. Many such protocols are decentralized and permissionless, so if the decentralized identity is integrated into these social protocols, you’ll 1) own your identity and 2) have an uncensorable platform.

Now, imagine you have an ID/passport/driver’s license. Except every time someone else uses it, they need to crack an unbreakable (cryptographic) code. Only you, who can prove your identity, gets free access to it. This future is made possible by the cryptographic technology that enables Web3, and may well be a cornerstone of decentralized identities.

Because the decentralized identity space is still evolving, there are competing ways of determining identity:

Verified Credentials
Holding a “badge” or a “Verified Credential” in your account could verify that you’re a member of a community
Soulbound NFTs
Same as Verified Credentials, except Soulbound NFTs cannot be transferred and are permanently associated with your wallet
Referral networks (like Proof-of-Humanity)
Using word-of-mouth to create a community of verified accounts. Proof-of-Humanity does this by requiring existing community members to refer their friends into the network

Where Next.ID fits in this Digital Identity landscape

Now that we’ve covered most of what you need to know about Digital Identity, let’s take a look at where Next.ID fits in. Next.ID is the world’s first Decentralized-Identity-As-A-Service (DIaaS) protocol, with the goal of creating a home for all digital identities, ultimately integrating digital identities from both Web2 and Web3.

With a community-centric approach and the ultimate goal of decentralization, the founding members of Next.ID have laid the groundwork for its success by pioneering 3 pieces of technology: ProofService, KVService, and RelationService.

Together, these 3 technical breakthroughs create the foundation for Next.ID.

ProofService uses a blockchain-like model to store data and retain data integrity using cryptography, ensuring that only users with the correct private keys can make changes to the identity.
KVService’s full name is Key Value Service. It’s a framework to store key information, facilitating developers in creating new use cases.
RelationService aggregates existing IDs, ID queries, and IDs bound to and in parallel to Next.ID, opening up possibilities for integration with external projects and creating more native social use cases

The Next.ID strategy is simple: we want to build a public good that benefits every user of the internet, from Web2, Web3, and anything that comes after.

We want to build an ecosystem that wins and helps other projects win. Our long term goal, as you can see from the roadmap below, is to eventually build a framework for normal everyday users to self-host their data, creating a properly-decentralized world with all the liberties it promises.