BLOCKCHAIN & DIGITAL IDENTITY REVOLUTION
The rise of Fourth Industrial Revolution (4IR), Leads a new stage of globalization “Globalization 4.0”, reshapes the means of how individuals, entities, and devices interact and transact. A trusted, secure and verifiable identity is necessary to communicate and transact with each other.
Identities have become more and more shattered and redundant with each new service provider and authority, and have been increased in an unmanaged approach, which is not coping with the evolving of the ways we transact and behave across the digital and physical world. This raises the need for a reliable and verifiable identity; this need applies to individuals, legal entities, and devices ( as they become more reliable to complete transactions independently).
We become connected to our devices over the day to interact and transact, which compromise our privacy and security. Where we have to share our identity details; With different software and applications installed on our devices, to consume the provided services.
In addition to the data collected by those applications, without our consent (i.e., shopping habits, browsing, credentials, and conversation, places we visit or pass by), health data (i.e., Heart rates, sports activities …etc.); This is a preach to our privacy and raises the need for secure digital identity.
An example of this is Facebook leaks of sharing users' data without their consent.
“For years, Facebook gave some of the world’s largest technology companies more intrusive access to users’ personal data than it has disclosed, effectively exempting those business partners from its usual privacy rules, according to internal records and interviews”.
Digital Identity is a critical player in the value of the future economy. Supporting verification will provide the primary enabler for solving the last mile, for all parties in the digital economy (Individuals, Entities, and devices); Providing and consuming critical services in a trustless secure approach.
Blockchain may solve the problem of establishing the required prerequisites and the core foundation for building a decentralized Digital identity, that bridges the gap between service provider ( i.e. Banks, MNOs, Airlines, Hotels, Retails, etc.) and end-user, enabling the service provider to verify the end-user identity, in a secure and convenient approach, and compliant with different regulations (i.e., Know Your Customer, Data Protection Regulation (GDPR)…etc.).
The main advantage of blockchain is building a trust-less, transparent , and anonymous platform to consume any transaction, without the need for intermediaries.
The main types of Identities can be grouped as follows
— National Identity: this includes different types of identities issued by the country or known authority ( i.e.Birth certificate, Identity card, Passport, Driving license…etc.)
— Social Identity: this includes different types of social media ( I.e., Facebook, Twitter, Google…etc.)
— Others: this covers the remaining, includes banks’ Cards ( Credit, Debit), Healthcare ( Medical record, insurance cards), Social and health club cards, Shoppers and retail cards…etc.
These diverse identities without a mean to connect them for identity verification in a reliable and trusted approach, or even interoperability between them, doesn’t support the required decentralized Digital Identity.
There are many existing use case and initiatives of adapting digital identity over the years.
eIDAS (electronic IDentification, Authentication and trust Services) is one of them; It is an EU regulation on / a set of standards for electronic identification and trust services for electronic transactions in the European Single Market. It oversees electronic identification and trust services for electronic transactions in the European Union’s.
Blockchain may solve the problem of decentralized digital identity, by enabling the attestation and verification process, in trust-less, connected network, with the identity owner consent of any transaction of his/her identity verification, and shares only relative information.
Minimize fraud of sensitive transactions, like loans, claim for health services, or insurance services. The diagram below shows a conceptual view of a trusted blockchain network.
Even this conceptual view, can be further optimized to build a unified identity platform, where the consortium for attestation and verification, can be from the primary identity issuers of different countries.
The Key Actors of the network are
o Verifier / Certifier Entities ( Consortium): which can be a consortium manage and attest the identities over the network, with the consent of the person.
o Service provider: Those can be any service provider, which requires identity verification for specific details before granting their services (i.e., Hospital, Banks, Telecom Operators, Online Retails…etc.)
o Trusted Network: those the governor of the network, where all the transactions go through it, and get verified by the consortium, and recorded. the network is managed and governed by a group of trusted Identity providers, and identity verifier and certified.
o ID-Wallet: This is the user electronic wallet, used to maintain their identities, and claim over blockchain trusted network. Have a record of all transaction. The user will be able to share only the relevant data based on the service.
Key Challenges
Those are the key challenges facing the standard and unified digital identity:
· Accessibility & Portability: Different definition of identity and identity details, lack of trust between identity issuers, which end up with different digital and physical identity for each service.
· Data Management & Ownership: The ability to identify which entity owns which part of data, data retention, and monetization of such data.
· Sharing only Relevant Data: Limited ability for individuals to determine the details to be shared based on the context and the entity they are dealing with. Supporting the decision with more details through the platform, to secure user privacy.
· User Experience & Convenience: Tedious and repetitive process, with the poor user experience. Providing a seamless user experience for all parties is a necessity.
Technologies & Standards Supporting the decentralized digital identity includes.
o Standards
NIST 800.63: this standard covers the Authentication Assurance Level (AAL), and identity Assurance Level (IAL).
Interoperability standard between different identity system Decentralized Identifiers (DIDs) specification, still emerging. However, promising.
o Protocols
OAuth, OpenID, or FIDO (Fast IDentity Online) for authentication and authorization.
o Data Format
X.509 and JWT ( JASON Web Token) as the data formats for identity claims.
o Blockchain Network Type
Different types are supported based on the implementation ( Public, Private, Semi-Private), which covers different use case. Mostly Private or Semi-private is the most applicable for this use case.
o Blockchain Secure devices
Secure mobile and connected devices that will support securing identities (i.e. ,HTCEXODUS, sirinlabs.com…etc.)
Main Advantages of Blockchain Trusted Identity Verification.
o Security: securing user identity from theft, also securing any alteration of user data, which provides trust for all parties. All transactions are recorded and can’t be modified
o Verification Process optimization: Identity verification can be done on the spot, with the minimum time, based on the network performance.
o Transparency without Data Disclosure: the full transaction can be done without disclosing user’s details of information, as the service provider may require age verification, this can be answered by ( Yes or No), or nationality, or eligibility for a service, which provide more security to the user.
Real use cases of Blockchain implementation for digital identity.
o VISA is adapting blockchain digital identity and verification, with IBM.
o Know Your Customer (KYC): as it becomes mandated, using blockchain solution will optimize the process time, as the required due diligence for document verification, by each entity or service provider, will not be needed with Blockchain identity verification.
Conclusion
Decentralized Digital Identity, is the leading enabler for all services in the modern connected world and 4IR. The Key prerequisites and the core foundation for building a decentralized Digital identity have now existed ( i.e., Smart Mobile phones, network coverage, enablement technology. In addition to the present need, A trusted, secure and verifiable identity is necessary to communicate and transact with each other; and to cope with the new phase of globalization “Globalization 4.0”, driven by 4IR. With the emerging and the advance of Blockchain, combined with other standards and technologies, the decentralized digital identity is possible.
