By Samantha Pereira
With our digital and physical lives blurring into a single integrated way of living, now more than ever do we need a trusted way to prove we are who we say we are both online and offline.
In the physical world, we prove our identity using a driver’s license, passport or other physical credentials issued by trusted authorities. But what is the online equivalent of a driver’s license or passport? Our online identity is called our digital identity, which is a grouping of digital identifiers. Every app we sign on to and every purchase we make creates a digital identifier. Many companies collect these digital identifiers to derive insights, so our digital identifiers are not in fact controlled by us and are quite fragmented across the apps and service providers we choose to use [1].
Amidst the boom of the digital world, identity management has reached a pivotal point. Today, our identity includes more data than ever before, but we don’t own any of it. The current centralized identity system is flawed with data breaches, data privacy concerns, and data control issues. So how do we solve this problem? We decentralize our digital ID.
Unpacking the Challenges
Identity is a fundamental and universal human right; it helps improve political, economic, and social opportunity. This may seem trivial because we are so accustomed to having both an online and offline identity, but for 1.1 billion people worldwide a digital identity is inaccessible [2]. Now, for those of us who do have a digital identity, that identity is not in our control. Our digital interactions are owned and controlled by other parties, some of whom we aren’t even aware of [3]. Even if our data was in our control, privacy and security measures are inadequate to protect that data. Lastly, our identity data is neither portable nor persistent; it is caged in by boundaries inhibiting us from transferring data seamlessly and for years to come.
Roadmap Forward
To address these challenges, multiple organizations and alliances, are collaborating to move the needle on decentralizing digital identities. Every person needs a place to store their data and control access to it; this self-sovereign digital identity will not be bound by any one organization or government.
“Each of us needs a digital identity we own, one which securely and privately stores all elements of our digital identity. This self-owned identity must be easy to use and give us complete control over how our identity data is accessed and used.”
Microsoft
How It Works
There are seven key innovations that need to work together to build the technical foundation of this decentralized identity ecosystem to be implemented on a global scale [4].
- Decentralized Identifiers (DID): Globally unique identifiers that individuals create, own, and control independent of any one organization or government.
- Decentralized System: Blockchains and ledgers that provide the building blocks required to create the infrastructure to support DIDs.
- User Agents: Applications that manage DIDs and associated data.
- DIF Universal Resolver: A server that resolves DIDs across implementations and decentralized systems.
- DIF Identity Hubs: An encrypted personal datastore.
- DID Attestations: Signed attestation that enables owners to generate, present, and verify claims.
- Decentralized Apps and Services: DIDs paired with Identity Hub personal datastores enable the creation of a new class of apps and services.
Using these innovations, an individual creates a unique digital identity (DID) and stores it in an identity hub. During the creation of a DID, a pair of public-private keys is created. Only the private key owner controls access to the associated digital identity with all its credentials. Each DID is then associated with DID attestations that are issued by other DIDs to attest to specific credentials. The private key is known only to the individual whereas the public key can be shared. Once shared, an individual or organization can use the public key to verify that the individual with the corresponding private key sent the message across the blockchain; only these two parties can encrypt and decrypt the message or data.
For example, I am going to soon be a recent MBA grad. I can request a digital copy of my diploma from Ivey Business School to be issued against my DID. When applying for jobs, I can then choose to present my MBA diploma to a recruiter through the corresponding public key which can then be used to verify the issuer, time of issuance, and status on the public ledger.
Role of Blockchain
Blockchain and its public ledger system enables trust between parties without the need for an intermediary organization or government identity provider. By building this ecosystem atop a blockchain foundation, individuals and companies are able to create, prove, verify, and control their identity in a decentralized fashion. This new self-sovereign digital identity system will give control back to the individual who can choose what data is shared and with whom. Blockchain allows this to be done in a tamper-proof and chronologically ordered way.
“In a decentralized system trust is based on attestations: claims that other entities endorse – which helps prove facets of one’s identity.”
Microsoft
Why It’s Important
With the digital revolution pushing full steam ahead, now is the time for us to make a concerted effort to provide access for everyone to a secure digital identity. This isn’t just a right but a chance to break down barriers to political, economic, and social opportunities. Every person has the right to an identity but more so than that every person has the right to an identity that is private secure, and under their control.
So let’s take back control of our identity, let’s decentralize the digital ID system!
References
[1] https://id2020.org/faq
[2] https://id2020.org/digital-identity
[3] https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2DjfY
[4] https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2DjfY
Strategy in the Age of Decentralization 