Decentralized identity isn’t just for tech geeks anymore — it’s already beginning to revolutionize the way we log in, pay, open bank accounts, and has the potential to reinvent our entire digital lives including making passports a thing of the past.
Digital identities are being stolen every day
The way governments and institutions store personal data is shifting towards digital. But just as much as online databases of digital identities are convenient, they are vulnerable. Even with top-notch security, centralized storage of valuable data remains you guessed it “centralized,” which has the potential to lead to huge losses in the event of a successful cyber-attack. Just look at companies like Premera, Equifax, and so on.
There have even more extreme examples including Facebook and what happened in India last year: “the government ID database, Aadhaar, suffered multiple breaches that potentially compromised the records of all 1.1 billion registered citizens,” — says The World Economic Forum’s (WEF’s) Global Risks Report 2019. Access to the data was then illegally sold on the darknet.
It goes without saying that India is not the only country which faces problems with digital identity management. According to safeatlast.co, there were 16.7 million ID theft victims in the US in 2017, which led to the loss of over $17 billion. Experian reveals that the most common type of identity theft is credit card fraud, whereas government documents or benefits fraud takes sixth place with over 25,000 reports per year.
Let’s add massive data breaches to the mix. In 2018, the most famous hacks happened to Google+, Facebook, MyFitnessPal, and Quora. With each of these, users were not given any choice or recompense after the hack took place with companies taking no financial or policy penalty outside of bad PR. No surprise then that an average online consumer doesn’t feel safe about their personal data.
Is Decentralized Identity a solution?
In many areas, where a secure and transparent way to store unique data is required, blockchain provides the ready-made and viable solution to identity. Digital identity management is no exception. Decentralized identity empowers the end users and uses the same cryptographic security features we see in leading currencies like Bitcoin and Ethereum giving users protection for storing any type of digital asset including cryptocurrencies, as well as government-issued IDs, voting information, credit cards, biometric data, online bank access details, etc.
The idea of how decentralized identity works is actually easy to understand. With decentralized identity management, there is no centralized storage, but small bits of data spread throughout the network instead. This means a person can’t hack into a single database and gain access to thousands of credit card or social security numbers. On top of that, data stored on a blockchain is securely encrypted, making it nearly impossible to get the information.
How are our digital identities protected?
There are several types of security available including some that most people are already familiar with:
1) A passcode or phrase
To get access to data an owner needs to provide information only he knows. This is the lowest level of security, as passwords often get lost or stolen.
2) An external device
Where a higher level of security is required, the information can be protected by something the account holder owns. Examples of this include two-factor authentication (a code sent to your mobile phone), a hardware crypto wallet, etc.
3) Biometric data
Right now, protection by your biometric data is considered to offer the highest level of security. Fingerprint and face recognition are even projected to replace passport control at airports in the future.
A combination of 2 and 3 used over decentralized identities provides the perfect solution to current identity management problems. This is something members of the Decentralized Identity Foundation are already working on. The Foundation was created to facilitate the development and adoption of digital identities and has some big names such as Microsoft and MasterCard among its members.
Real Life Use Cases
Organizations like the Decentralized Identity Foundation and W3C CCG are working to create standardized around identity protocols or more specifically DID, that is able to work across different blockchain networks. As a concept, developers worldwide can use and contribute to the development of decentralized identity solutions.
Microsoft has invested a lot of money into this project and promises that millions of people worldwide will benefit from the results. The company’s primary goal is to help people that don’t have government-issued documents to gain their digital identities. For refugees and other people in complicated life situations, decentralized identities may open access to many vital services, including medical, travel, and financial ones.
Although mass adoption of decentralized identity isn’t there yet, the foundations are already being built. Recently, ArcBlock recently launched the first DID-wallet that gives users the ability to store, use and manage their digital identities and assets. The wallet is a blockchain-based analog equivalent to Apple Wallet and other similar apps, but it is more powerful as it gives the users the ability to manage their digital lives, but also increased ability to make decisions about how has to access to their data, can revoke access and remove the possibility of any type centralization. The ABT-Wallet by ArcBlock is a complete decentralized identity solution designed to work with many DApps, including those that will use Microsoft DID technology.
For developers, ArcBlock released a decentralized identity framework that allows for immediately integrated DID services for their users by simply using the Forge DID component of Forge Blockchain Application Framework and SDK. This has made the company the industry’s first fully enabled, decentralized identity network.
The future of DIDs
Blockchain is widely viewed as the future of voting because it is secure enough to store sensitive information and is transparent enough to prevent election fraud. The same characteristics enable blockchain to resolve digital identity management problems:
- Decentralized identity is well protected because it is not stored in a centralized user database.
- DID can be secured with biometric data and external hardware or software that only the data owners have access to.
- Decentralized identity is not stored by third parties you interact with
Currently, our digital identities are co-owned by third parties: banks, airlines, social networks, etc. With decentralized identity, your personal data is fully controlled by you. This almost completely eliminates the threat of massive data breaches.
Your social network login can be the most basic use case: with DID there is no need to provide your email to anyone to verify your identity. The benefits are greater if we think about banking: instead of uploading a government-issued ID and a proof-of-address to open an account online, you will need to simply connect a DID-device to identify yourself. It is faster, easier and more secure than a traditional KYC-procedure — that’s why many technically-advanced banks are very interested in this technology.
It is hard to tell how fast decentralized identity solutions will go mainstream. There are still a lot of technical problems to be solved and customer-friendly applications to be developed, but the first steps have already been taken — the first ever DID-wallet is already here to try. With the current speed of technological evolution, it may take as little as 5–10 years to say ‘goodbye’ to digital identity storages as we know them.