In order to understand globaliD, you also need to understand how identity typically works today. For the most part, today’s identity systems are authenticated based on something-you-know.
That typically means knowing a username and password combination. In the context of a digital environment, it’s easy to see why such a system would be fundamentally insecure.
To address this, the globalid identity framework is authenticated based on something-you-have, whereby an identity token is embedded into a physical item or device that you own.
For instance, an identity token might be embedded onto the magnetic strip on a card or encrypted and stored on a smartphone. Access to the identity token is only granted upon further authentication. That might be through a PIN code or some form of biometric verification such as facial recognition or a fingerprint reader.
If you think about it, that’s already how some systems work in the real world. If you wanted to take out cash from the ATM, you would not only need your debit card but also the corresponding PIN number to gain access.
Beyond the obvious security benefits, the use of identity tokens provides an array of convenience, privacy, and utility advantages:
- Identity tokens could be used to securely authenticate yourself both in the real world as well as online.
- Zero-knowledge proofs through attestations could provide a level of trust without requiring the re-sharing of personal information.
- Browsers with identity tokens baked in provide a new framework from which we can interact with the World Wide Web.
But most of all, such a system empowers end users.
A move toward an objective authorization and authentication model that is independent of any particular actor shifts the balance of power away from siloed third-party services and back to the individual.
You can learn more about The Tokenization of Identity by reading our white paper.