On this page we cover the following:
- How does identity work today?
- Why do we need blockchain for identity?
- How do decentralized digital identities work on Ethereum?
- What are the use cases of blockchain in identity management?
- What are the benefits of decentralized identity?
How Does Identity Work Today?
Companies often collect sensitive information about their users and store them alongside less-sensitive routine business data. This creates new business risks with the rise of user privacy-centric regulations such as GDPR and the shifting industry focus to corporate IT responsibility. When these data are relegated to tight-lipped data vaults, they become less useful in driving product improvements and attaining true customer understanding. Only after receiving large fines or developing stronger IT capabilities will many enterprises pursue expensive and risky projects to achieve the right balance between data security and business needs.
For IoT Devices
There are about 7 billion internet-connected devices. This number is expected to grow to 10 billion by 2020 and 22 billion by 2025. In a still-nascent industry, most IoT technologies do not incorporate appropriate identity and access management capabilities, not unlike the early Internet which consisted solely of trusted institutions. Interconnected internet of things (IoT) devices and objects must identify sensors, monitors, and devices, and manage access to sensitive and non-sensitive data in a secure manner. Leading IT vendors have begun to offer IoT management systems to address these service gaps. For example, it is not uncommon for a single organization to have tens of thousands of IoT devices, in contrast to the mere dozens or hundreds of traditional servers and user devices. Mismatching standards across devices is a common ailment with such volume. Security frequently remains an afterthought to the already-taxing implementation of simple management capabilities at scale, evident with large-scale IoT hacking emerging as a vogue topic at top IT security conferences.
Identity is integral to a functioning society and economy. Having a proper way to identify ourselves and our possessions enables us to create thriving societies and global markets. At its most basic level, identity is a collection of claims about a person, place or thing. For people, this usually consists of first and last name, date of birth, nationality, and some form of a national identifier such as passport number, social security number (SSN), driving license, etc. These data points are issued by centralized entities (governments) and are stored in centralized databases (central government servers).
Physical forms of identification aren’t widely available to every human for various reasons. Approximately 1.1 billion people worldwide don’t have a way to claim ownership over their identity. This leaves one-seventh of the world’s population in a vulnerable state – unable to vote in elections, own property, open a bank account, or find employment. The inability to attain identification documentation jeopardizes a person’s access to the financial system and in turn, limits their freedom.
Citizens with officially recognized forms of identification continue to lack complete ownership and control over their identities. They have a fragmented online identification experience and unknowingly lose the value that their data generates. Companies holding their data are subjected to frequent hacks, which forces a lifetime of fraud mitigation for the end-user. Once a social security number is issued and lost, there is little to no recourse.
Why do we need Blockchain for Identity?
Blockchain identity management systems could be used to eradicate current identity issues such as
- Data insecurity
- Fraudulent identities
Approximately 1.1 billion people around the world have no proof of identity, and 45% of those without an identity are among the poorest 20% on the planet. Cumbersome identification paperwork processes, expenses, lack of access, and the simple lack of knowledge around personal identity are primary roadblocks that keep over a billion individuals outside of traditional identification systems. Without possessing physical identities, one cannot enroll in school, apply for jobs, get a passport, or access many governmental services. Having an identity is crucial to gaining access to the existing financial system. Conversely, 60% of the 2.7 billion unbanked people already own mobile phones, which paves the way for blockchain-based mobile identity solutions which better suit the needs of vulnerable citizens.
At present, we store our most valuable identification information on centralized government databases supported by legacy software operate with numerous single points of failure. Large, centralized systems containing the personally identifiable information (PII) of millions of user accounts are incredibly appealing to hackers. A recent study shows that personally identifiable information is the most targeted data for breaches, comprising 97% of all breaches in 2018. Despite regulatory legislation and enterprise efforts to increase cybersecurity, 2.8 billion consumer data records were exposed at an estimated cost of more than $654 billion in 2018.
Additionally, the user’s digital identity landscape experience is exceptionally fragmented. Users juggle various identities associated with their usernames across different websites. There is no standardized way to use the data generated by one platform on another platform. Furthermore, the weak link between digital and offline identities makes it relatively easy to create fake identities. Fake identities create fertile ground for the phenomena of counterfeit interaction, which can help in the perpetration of fraud and lead to inflated numbers and lost revenue. In society, this vulnerability facilitates the creation and dissemination of evils like “fake news,” which poses a potential threat to democracy.
Due to the increasing sophistication of smartphones, advances in cryptography and the advent of blockchain technology, we have the tools to build new identity management systems; digital identity frameworks based upon the concept of decentralized identifiers (DIDs) – potentially including a new subset of decentralized identities known as self-sovereign identity (SSI).