Digital identity is a concept of intertwining science, technology, law, ethics, sociology, marketing, and even philosophy. By now, when progress and technology went far ahead of the established legislation, and while the ethical challenges require understanding, digital identity is a subject to uncertainty. Many points are controversial, while concepts are vague, and the direction of development is still unknown.
The first contradiction is the digital identity definition, apart from blockchain. It is generally accepted that digital identity is a digital footprint, the data that we leave on the network, but only the data which can be directly associated with a particular person. We are talking about documents, social or bank card numbers, medical history, accounts in different services.
Modern computing systems efficiently analyze vast amounts of information. Instruments for tracking users are diverse and multifunctional, social networks, and web pages store a lot of data. It’s not so difficult to establish the identity of a person who hasn’t left his first and last name, photographs or scanned copies of documents anywhere, but still has an active online life.
Probably, it would be more correct to formulate the definition like this: digital identity is the whole complex of data left by a person on the Internet, its digital projection on the network. But such an extension of the definition will significantly complicate the solution of an already complicated question, and besides, a review article can quickly turn into a study. It is better to stick with the classic term and compare the use of online personal documents and other data of a person using them in real life — offline.
The physical world and the Internet
In the physical world, people have every opportunity to control their identity: they give their data to whom they want, in every situation where it is required. The other party accepting this data can easily verify the authenticity and the identity of the person providing it. But on the Internet, everything is changing quickly.
Then the third party appears — the one who transfers, collects and stores the data. The person sending documents, identifiers and other important information loses control over them. There is a problem with the receiving party: it is necessary to make sure that the data is genuine, and the person who transferred the data is the one he claims to be.
Digital identity IS a problem
The critical importance of issues related to the exchange of information between a person and the network appeared a long time ago. It started with the cases of leakage of user data from the servers of service providers, banks, exchanges and other institutions that centrally stored personal information.
News of massive leaks still appear, and the frequency of their appearance is not decreasing — there is still no solution. Storage security requirements, improved data exchange standards, robust monitoring, and control tools do not reduce risks and do not exclude new cases.
The catchphrase “Data is new oil” describes it all. Information is essential, it has its price, it’s a valuable resource. Data possession allows you to make a profit, while the destruction or disclosure of other pieces of information is a weapon against competitors. It means that interested parties will always try to gain access to information, using weak points in the storage infrastructure.
The weak point of the largest providers and enterprises is centralized data storage. When great treasury is hidden behind one door, the great cost for breaking the lock will be paid off with the granted access.
Is blockchain a solution?
Probably yes. Not indisputable, not yet quite ready for use, revealing new difficulties and raising further questions, but still is one of the best solutions. There are two main ways to solve the problem by blockchain application for digital identity — use cases of a decentralized network and decentralized exchange of user data.
Dweb — decentralized network
A global and universal solution, where decentralized digital identities and blockchain is only one of the applications. The promotion of the Dweb technology — a decentralized network — is being carried out by Blockstack or Filecoin, the digital identity blockchain projects.Blockstack distributes its decentralized browser and platform: anyone can use ready-made decentralized applications or create them. The idea lies in the absence of third parties. If the intermediaries are not there, then the person possessing the information is free to dispose of it.
Filecoin is a project where participants submit their available storage to other members, receiving project tokens for it. Other participants who wish to use storage space acquire the same tokens to pay for the space provided.
This is a narrower application: the creation of a blockchain based digital identity system for storing user identifiers with which they can provide personal information at their discretion. The term that defines this approach is self-sovereign identity.
Several successful digital id and blockchain projects are developing in this sphere. For example, Civic is a company offering a set of identification services where users are authenticated using mobile devices or desktops, receive an identifier, and with its help they could establish trusted relationships with other participants or enterprises. Another Civic service is a solution for enterprises that allows a quick implementation to meet the requirements of KYC.
Another one out of blockchain digital identity startups is the Sovrin non-profit foundation. This organization develops standards for digital id using blockchain and supports the Sovrin Network. Standard offline institutions are involved where users are identified in real life: government agencies, offices, enterprises. A person who made it through the identification procedure receives a DID — a digital identifier, and with the help of it, he can manage his data on the network after the blockchain identification has been passed.
Digital identity blockchain startups and companies. What has already been done?
IBM has its own digital identity using blockchain technology development strategy. The company takes part in projects that develop standards, services and publish regulatory documents.
Ethereum and its community are also involved in the blockchain digital identity management. For example, project members participate in the activities of the Sorvin Foundation. Besides, ERC-725 and ERC-735 tokens have been developed on the platform, embodying solutions for digital identity systems using smart contracts.
Microsoft is a member of the ID2020 alliance, an organization created by the decision of the Davos Economic Forum to introduce digital identity systems for people who have lost their documents and are unable to restore them, for example, refugees and homeless people. Microsoft digital identity blockchain is implemented on Microsoft Azure.
The UN and WFP are developing Building Blocks, their own digital identity system project based on the Ethereum platform for use in the hunger relief program.
Estonia is the first country where the digital identity system (e-Identity) is implemented at the state level — a digital identity government blockchain. There is a special card or mobile device which allows citizens to solve almost any issues with government agencies.
Is the digital identity management using blockchain perfect?
Using blockchain for digital identity, along with problem-solving, still raise new questions. Here are some of the examples:
Future of using blockchain for digital identity
It’s hard to say how viable the blockchain digital identity use cases described in the article will be adopted on a global scale. The problems are apparent; still the benefits are not completely clear. Perhaps, when technologies are tested massively, new questions will appear, and maybe, on the contrary, old ones will be dispelled. One thing is obvious: the current situation with digital identity requires some changes, while blockchain systems give a chance that the situation would improve.
Image courtesy of Allerin