Decentralized Identity Providers. Problems, Solutions, Unika
Dear friends, today we would like to tell you about peculiar technical aspects of decentralized identification and show you what place Unika may occupy in this sphere.
Today it is challenging to imagine any financial services without identifying their users. The reason is apparent — states declare the fight against money laundering, tax evasion, fraud and other financial crimes. To effectively combat this, it is necessary to identify and regulate participants in economic relations. It requires identifiers and special procedures such as KYC (Know Your Customer). However, with the advent of blockchain, part of society openly opposed excessive financial control by government institutions. And the more corrupt the state is, the more interest the society shows in the blockchain. Supporters of the crypto were able to offer an alternative way to carry out economic activity. And after more than ten years, this path has had some success. At least cryptocurrencies have become widespread. However, although some people have limited the intervention of centralized institutions in their financial affairs and have felt greater freedom, economic crime has not gone away. So the question is how to satisfy both sides and install a balance between the state’s financial control and the private individual’s economic freedom.
Decentralized Identification, DIDs, SSI
The problem described above still has a solution — decentralized identification related to decentralized identifiers (DIDs) and self-sovereign identity (SSI).
A DID provider is required to operate such a technical infrastructure. It identifies the user and aggregates the received data. This data is stored so the user can access it anytime. In general, DID provider solves three tasks:
- Web2 data aggregation and its transfer to the Web3 platform;
- Scores (unique/non-unique identifiers) creating;
- Implementing the self-sovereign identity (SSI) approach.
Self-sovereign identity approach gives individuals control over the data they use to prove who they are to web services. In turn, decentralized identifiers allow people to have, store and manage their digital identity without total dependence on a centralized provider. The state institutions retain the possibility to identify participants in economic relations and regulate the financial system. Unlike centralized identifiers, DIDs claim they are designed to be as much separate from centralized registries, identity providers, and certificate authorities as possible.
Participants in the identification process
Before moving on to consider the benefits that Unika can bring, we must clearly define the participants in the decentralized identification process:
- Data source (e.g. Passport Office);
- User;
- Party acting as a verifier (e.g. KYC provider);
- DID provider;
- Web service (e.g. cryptocurrency exchange).
During user identification on any platform, a document scan is transmitted to a third-party organization that can verify the provided data, e.g. a KYC provider. This provider cannot guarantee the document’s authenticity by 100%, but it checks the fields from the record against its database and reports the result.
In turn, DID providers are engaged in storing encrypted data and keys only the owner of this data can access. The advantage of a DID provider is that the user uploads his data to the platform only once. The various platforms this user utilizes request data from this provider, reducing the user’s registration and verification time.
At the same time, a platform that wants its user to pass verification looks for the encryption keys in the DID provider’s registry, checks the signature and the source, and ensures the data matches. After that, the user gets access to the platform.
For some platform that requires user identification, the danger lies in the possibility of creating several digital identities with different attributes from one person. There is no guarantee that the user does not have other accounts. On the other hand, the problem with DID providers is that there are no alternatives for the user. Therefore, the user hasn’t the possibility to anonymize transferred data. E.g. if the website wants to know that you are over 18, then it will demand the date of your birth and DID provider will show this date.
Unika solution
Unika is a protocol of anonymous identification that solves such problems as multi-accounting, insufficient security, and anonymity lack. Also, it doesn’t store the data but only links to this data that can be acquired from DIDs.
Let’s look at what the whole identification flow can look like with Unika:
- Data source (e.g. Passport Office);
- User;
- Unika (acting as link aggregator, “additional source of truth”, verifier) / Party acting as a verifier (e.g. KYC provider);
- DID provider;
- Unika (acting as a layer of additional anonymity and security);
- Web service (e.g. cryptocurrency exchange).
As we see, Unika can bring additional security to the whole process and anonymity to the user, and there are two options for how to implement Unika. First, it can co-work with any party acting as a verifier at point 3. Second, it can create an additional layer of anonymity and security at point 5. Here is one simple example: when the website asks the DID provider for the user’s age to find out if they are over 18, Unika calls the DID provider and sends the following data to the website: “Yes, this user is over 18” without giving out their exact date of birth.
And now, we can describe Unika’s value in just three sentences:
- Additional security and anonymity layer;
- Links aggregator and additional data source for DIDs;
- Guarantor against the use of multi-accounting.
An example of multi-accounting is the so-called Sybil attack — creating many accounts by one person to falsify the vote. During such an attack, it seems to third-party users that the accounts are independent of each other, although they are controlled by one person or group of people.
Unika is not only a technology but also a warm and open team of engineers and marketers. Feel free to share your thoughts about its invention or propositions for its development and implementation!
