What are digital identities?
As in the metaverse, the essential premise of the digital economy is the attribution of an identity to each participant. It is necessary to identify the participants in this dematerialized and sometimes decentralized world in order to allow and manage access to potentially sensitive data and financial flows. Let’s see how a digital identity could be created and managed for the different participants of the digital registers of the upcoming digital economy.
The digital identity of natural persons
The digital economy is characterized by the digital ownership, which refers to assets but also to the identity of participants. In this emerging new economy, participants manage their identities and can monetize them across different registries on which interactions take place. Identity is what distinguishes a person from others, what makes him/her unique.
We can group the identity attributes by the following areas:
⦁ Civil status: surname, first name, nationality, date of birth, sex, postal address, etc.
⦁ Health: weight, height, vaccinations, chronic diseases, allergies, disability, phenotype, history of surgery, history of doctor visits, dental health, etc.
⦁ Assets: family assets, income, personal assets, personal debt…
⦁ Education: certificates, diplomas, issuer of certificates/diplomas, dates of issuance, grades achieved, etc.
⦁ Career: professional experience, skills, jobs, salaries, etc.
⦁ Legal history: past and present proceedings and trials, criminal convictions, etc.
⦁ Environment: carbon footprint.
All this data is now stored and managed in various registers and documents, from identity cards to certificates, vaccination records or the nice diploma hanging in your office. They have at times been recorded on the basis of actual events or performances by accredited persons or holders of authority bestowed by public administrations: city administrations, medical personnel, notaries, university presidents, judges, etc.
Ultimately, identity is a set of personal and often sensitive information that can be stored in a centralized or decentralized digital registry. Various accredited persons and entities may be authorized to either view part of this register or to add data. The only person who can or cannot authorize a third party or entity to view or make changes to their digital identity is that individual or their legal representative, unless they have been convicted. An ophthalmologist can thus store the data in the dedicated part if he has been given the right. Such a system could be activated from birth.
There are basically two ways to set up such a system:
⦁ Centralized via a register managed by an authority that collects this data and, if necessary, verifies it. Any citizen would have access to this register via an application and the possibility of modifying certain information or having it modified, depending on the local legislation.
⦁ Decentralized, via a register holding the digital identity in the form of an NFT of the person, who could grant other people the right to read or write, in certain cases possibly for a fee.
In both cases, the digital register becomes the single source of truth, a role it is intended to play in the context of the digital economy more generally.
Protecting personal data
Protecting people’s privacy is an issue that is even more important in the digital world where everything can be tracked per se, so it is understandable that many people are reluctant to use digital currencies or record their identity in digital registers.
However, three points should be mentioned here:
⦁ Asymmetric cryptography is an encryption technique that is so powerful that it is used daily by all banks, password manager systems and many more organizations to ensure the security of their systems. Bitcoin has run flawlessly since its inception, thanks in large part to this technique.
⦁ As mentioned above, the individual is always the one who decides which person or organization can see or change their data, regardless of whether their identity is stored in a centralized or decentralized register.
⦁ Each person will also be able to control the level of access to the information in the register. For example, a person can demonstrate that they are of legal age without disclosing their age. The body mass index, BMI, can also be used instead of the direct weight specification. The same for the level of study, which can be indicated without revealing anything about the details of the certificates, etc.
A digital identity will make it possible to organize votes and referendums much more efficiently and securely, also online, and to create a patient record in a digital register that can be used by all doctors and patients and possibly not by a private organization like Doctolib or Apple, but either by a decentralized system or by an administration. In Germany, Gematik is working diligently on the subject. Whatever system is put in place will undoubtedly have advantages and disadvantages, but it will enable its participants to interact with the digital economy in a rich, efficient and complex way, as their digital representative will be able to participate in a whole range of digital registers and the metaverse, receive or make payments, interact with other people via their digital identity, etc. Crypto projects like IOTA and Civic already offer solutions in the decentralized world, and the governmental eID system in Germany is already well established.
The digital identity of organizations
It will also be important to provide legal entities, i.e. public or private organizations, with a digital identity so that administrations, associations, companies, points of sale, factories, municipalities, power plants, etc. can interact by selling or buying goods, services, information, collect taxes, etc. For example, a hospital could equip each of its operating rooms with a digital registry, in which the machines, medical staff, health insurance company, patient, etc. would interact during the operation with real-time financial flows and information exchange via their respective wallets and digital identities. The doctor could view the relevant part of the patient record from the patient’s digital identity (with their consent) and use devices that would be paid for in real-time by the hospital, which maintains the digital register and makes it available to these participants. Another example: a city could create a digital register of its streets so that vehicles, traffic lights, street lamps, parking meters and the city itself can interact to exchange information, electricity, computing power or money.
In both of these cases, it will no longer be necessary to look for information from different sources that are more or less updated, to wait x days, weeks or months for the corresponding payments, or to coordinate many systems with different operating modes. A performance takes place, digital currency transfers are triggered instantaneously, everything takes place in real time on the same digital register between uniquely identified participants of different types, machines perform certain tasks and certain payments autonomously, and the history of the digital register has the force of law in the event of a posterior control (hence SSOT).
The digital identity of machines
Machines represent the third category of essential participants in the digital economy. If we want to have intelligent, autonomous machines that can exchange payments, information and services, we must first give them an identity in order to create a gateway to the real world. We are talking about vehicles, of course, but also any devices that are already connected to the internet, household appliances, medical devices, lights, kitchen appliances, etc. We often hear about the fridge ordering its own groceries and gettng them delivered from a vehicle or drone which it pays: this is a relevant example, but there are many others. It is imperative that a reliable standard for the digital identity of machines be developed and generalized so that they can connect to the registers of the digital economy and interact with other participants in real time. CodeNekt, for example, is a French company that creates NFTs connected to vehicles, recording their entire history from the first kilometer.
The digital identity of products
Assigning a digital identity to every product/food is essential if we want to move towards a more sustainable, transparent, fair and efficient economy. A standardized list of attributes can be developed for each product, for example: category, subcategory, manufacturer, brand, mass/volume, unit of mass/volume, retail price, components/ingredients, provenance, ecological footprint, selling restrictions, etc. The information contained in a product’s digital identity will be reliable as long as it is recorded in a well-designed and maintained digital register so that anyone can consult it before or after purchasing the item. Just think of the ingredient lists and other useful information that appear on the packaging of consumer goods that we find in supermarkets. All this data will eventually be stored on digital registers. For example, a minor could not buy cigarettes because a sales restriction would be encoded in the digital identification sheet of the cigarette pack, the payment system would ask “Who is buying what?” with each purchase, and would determine that the wallet holder who wants to pay for the product is a minor. The system would then reject this transaction. This automatic and systematic transmission of information through the payment systems of the digital economy could also affect the price in general or even the price depending on the person buying the product.
The identities of people, organisations, machines and objects will interact with each other via smart contracts on digital registers: many machines will be digitally connected to a person, a building, an organisation or other machines, with complex hierarchies, continuous exchanges of information, performance, energy and money. It is important in this area to first develop digital identity standards that have a legal framework, are compatible with each other and connect to digital registers on which many interactions can take place that have an impact or represent events in the real world. NFTs are particularly well suited for this application: for example, we can very well imagine recording the history of a very specific vehicle from manufacture to maintenance, including license plates and any accident, in digital form in an NFT linked to this vehicle, as CodeNekt already does in France. Alfa Romeo recently announced that they would systematically make an NFT available to buyers of their cars. Once we are dealing with a unique entity or an entity to which we can attribute something unique, such as a serial number, we can consider assigning an NFT to that entity. Owning the NFT corresponds to owning the corresponding product or entity: a concrete application of the concept of digital ownership which is about to spread to every aspect of our lives, including our very identity. Since each person is unique, the concept can indeed be applied to our identity: a person’s identity can be contained as a whole in an NFT, which will be owned and managed by that person via their wallet. The future prospects of NFT look extremely good.
The new Eldorado for hackers?
It is sometimes claimed that the blockchain cannot be tampered with and that it is a very secure way of managing sensitive information. However, the transition to a digital economy presents a whole new set of opportunities for hackers. Impersonating machines or taking control of networks could become the new Eldorado for hackers. By impersonating someone/something, it is possible to obtain payment or information intended for another machine/organization/person, while by taking control of networks, one can appropriate real-world objects and, for example, blackmail someone. One could imagine a hacker taking control of a machine undergoing an clinical operation and demanding ransom to “free” it, or taking control of the system that manages your doors and windows so you cannot come into your home until you transfer the hacker a certain amount. Since the new digital registers will be interconnected and have a direct impact on the real world, hacking could have serious consequences. Establishing a secure, common and legally recognized protocol for issuing digital identities is therefore fundamental to the development of digital registers that will form the basis of the digital economy.
