DID vs Sign in with Google — Web 3 Credibility, DID Trilogy (pt.3)

People’s views on DID and our thoughts after reading them.

Inerslit

Published in

DoubleSlit

5 min readJul 20, 2022

TLDR;

Twitter commentary on DID
SU-ID, Redefining DID in terms of convenience
Will VC be a game changer for privacy of DID.

Tweets, replies, and thoughts

1. DID in air travel

DID in air travel

From our perspective, the adoption of DIDs will not result in a significant change in user experience related to air travel. Nevertheless, there are many verifications for disease control (vaccination and test results) required nowadays, so if thoroughly verified e-authentication is issued rather than in paper and stored in e-passports in the form of DID, a global-compatible COVID authentication system that does not rely on institutions of each respective country, can be constructed.

2. Connected social identity of web3

Disconnected social identity in web 2

Although convenience increases, the fact that all histories are grouped together only seems to add to account theft concerns. Many people have different personas across various accounts so it can be somewhat unpleasant that single accounts provide records from another.

3. Credibility of product builders

As a matter of fact, it is possible to prevent the malicious behaviour of anonymous builders if they mortgage their reputation to proceed with the project so, that it could perform the same functionality as the existing reputation dynamics. It would be possible to eliminate many owner risks that exist on web3 if there were a verification system that provides not only a history of the builder that users could trust but also penalties for malicious behaviour. But again, enough application must precede to have enough power.

Our perspective

Identification on chain

Blockchain technology has eliminated the necessity of the middle man and erased the borderlines in financial systems. This brought extreme convenience and accessibility to the users and unified the cash flow overseas. This innovation of decentralization in the financial field has been extended to a number of other fields, and so has the identification system that has achieved self-sovereignty

“But was this change really necessary? and was it really effective?”

DID vs Sign in with Google

As shown in Figure 1, there is no significant difference found between “Sign in with Google” and DID. All the activities done by DID can also be done and are already happening with “Sign in with Google”. So technically the only outstanding difference is that there is a 3rd party identifier. When it comes to DID and decentralisation, identifiers are usually described as a villain but when it comes to identification to “prove” ourselves to others, Should one have the right to control their own information? And if so will the manipulatable information really be reliable for others to use?

Will VC be a game changer for the privacy of DID

DID uses VC (verifiable credential), a scheme that enables privacy-ensured identity verification. VC allows the identification of individuals to disclose minimal personal information. You can, for example, verify your gender without having to disclose the information on the ID card entirely. This process does not require registering or storing sensitive personal information in a particular system or institution since the original information (the ID card) belongs to the individuals and, it is possible to verify identity while maintaining anonymity.

However, even DID with VC only works when the identity issuer is not malicious. This is because there is no specific information stored or registered to be verifiable, therefore it is virtually impossible to verify the source of information(ID card in this case) where the identification is derived, meaning authenticity of identification can never be completely verified under the current scheme. Thus, it shares the limitations of traditional identity authentication methods — that they still require a certain level of assurance from a specified institution from which the verification was derived.

Due to the fact that information such as gender, date of birth, and history is currently firmly anchored to the government or each institution, simply transferring and storing it in an individual’s wallet will not provide reliable identity verification. Yet, this methodology can work well when a certain level of compromise is made on decentralization of personal information storage; main information stored in one place and only relevant verification (e.g., gender authentication, age authentication, etc.) attributed to the wallet. While this method is safer since the original information can be verified from where the certification was derived, it may not appear much different from the traditional method.

DID in terms of Convenience — Introducing SU-ID

The information required when creating accounts on Google, Facebook, Twitter, Apple and etc. are the same; however, the information has to be provided every time when creating accounts for each platform. Ideally, DID is available across multiple platforms without creating additional accounts or filling in the same information repeatedly.

Therefore, when it comes to convenience, DID could be defined as a SU-ID(single, universally accessible identification) rather than SSI(self-sovereign identification). Yet, this feature is already provided similarly by various platforms from web2. They allow users to access multiple websites and platforms with a single account and, like DID, this can be done without extra steps of registeration.

However, in order for DID to achieve this convenience to its full potential, a unified DID standard, and expanded usage of DID are needed. It is also necessary to lower the entry barrier of requiring a great deal of information from users.

DID must evolve to a complete single-universally available model, or else users will have to repeat the Web2 experience of handing information every single time they sign up for a new platform.

In conclusion

Our world continues to expand asynchronously and DID is also one of the asynchronous expansions, of how we used to “prove” ourselves. The only accounts we have had so far have been synchronized with a specific platform. DID offers the possibility of having a single ID that can be linked to multiple platforms asynchronously.

The objective of this article is not to point out that the direction of expansion headed by the existing Identification system was wrong, but rather the question about the asynchronous development DID made was a development “worthy enough” for us, the human being, to adapt and to be used.