DPI — or Digital Public Infrastructure — is a new, white hot topic in development. In 2023, at a G20 meeting in New Delhi, India, DPI was
“…a set of shared digital systems that are secure and interoperable, built on open technologies, to deliver equitable access to public and/or private services at a societal scale.”
The Bill and Melinda Gates Foundation describe DPI as:
“Like roads — a physical network essential for people to connect with each other and access a huge range of goods and services.”
In essence, how can governments invest in digital infrastructure that accelerates sustainable development — and what does that technology look like?
A trusted information superhighway?
If you’re thinking that maybe we’ve been here before, you’re half right. The internet and the web that came to sit on top of it utterly transformed how we interact, access and share information, and engage in economic and other activities.
But the internet and web evolved without a crucial element — a verification layer for people and organizations, which has led to widespread identity fraud, privacy concerns, and security breaches. So it’s not surprising to see digital identity systems being described as “foundational to DPI.”
Simply put, you can’t create a thriving, inclusive, innovative digital economy if you can’t trust that the person or organization you’re interacting with online is who they claim to be. Similarly, people won’t trust systems that can’t protect their personal data, not least their biometric data.
This is why decentralized identity and Verifiable Credentials can be justifiably described as “game-changing” technology for DPI. Here, we explain three of the most important benefits
1. Seamless authentication and data sharing
Decentralized identity means that people or organizations or devices hold their own data in secure Verifiable Credentials in digital wallets on mobile devices. First, this eliminates the need for centrally storing personal or other valuable data in order for identity and verification to be managed. This removes a major security risk and provides data privacy. People can now consent to sharing their data. Companies and organizations are freed from onerous data privacy compliance.
Second, the source of a Verifiable Credential — the organization that issued — is always knowable. The data in the Verifiable Credential is digitally signed, which means that if someone tries to alter it, it will be automatically detected. Verifiable Credential data can be shared by creating a link or QR code from simple software on a mobile device and verified with simple software on the web or on a mobile device.
Add these all up and you have portable trust. You no longer have to engineer complex direct integrations to share data; and if you trust the source of the credential — say a bank, a business, or a government — you can act on the information instantly, because you know it hasn’t been altered.
Decentralized Identity means information from anywhere can be verified anywhere. If this seems abstract, think of it in the context of, say, India, which has 63 million micro industries. With Verifiable Credentials, each of these economic actors can authenticate who they are interacting with and share data that can be trusted.
It gets better. By combining Verifiable Credentials with decentralized identifiers, people and organizations can authenticate and interact with each other directly, across secure communication channels (DIDComm). This communication protocol enables their mobile devices to take on the functionality of an API but with better security. Now they can integrate and use information in much more powerful ways.
Think of it as the capacity to create secure digital roads. These roads have no tolls. They are not owned by a platform, which means that the value created by digital interaction goes directly to those creating the value. These roads can be created from anyone to anyone, anywhere to anywhere.
2. Rescue biometric infrastructure from catastrophic failure
Biometrics are a powerful way to manage authentication: We bring our own, they don’t have to be remembered or constantly changed, and they’re fast to verify. For these reasons, they are being >rapidly adoptedeverywhere.
But though biometrics are supposed to replace passwords, they, unavoidably, have replicated one of the critical architectural weaknesses of password authentication: centralized storage. In order to verify a biometric template (essentially, a hash of a biometric), a verifying entity must store that template in a database.
Centralized storage has already led to catastrophic security failures, and the factor that makes biometrics so powerful — their uniqueness — turns their theft into an existential risk: You can reset a password, you can’t reset yourself, biometrically.
Verifiable Credentials make, these problems go away — giving you all the benefits of biometrics without the need for centralized storage.
Here’s how it works: When a person’s biometric is first captured during identity assurance, the biometric template is also rendered and issued to them as a Verifiable Credential. This means that when a person presents for a biometric scan, they also present their biometric VC. The verifying entity compares the scan to the template in the credential. That’s it — all the benefits of biometric authentication without the need for centralized storage.
“Bring your own biometrics” also provides a way to deal with the problems of biometric fakery, whether using silicone masks or generative-AI “deepfakes.” By requesting a credential containing a biometric template, verifiers have a way to double check the person is who they really are.
3. Decentralized governance
In creating Digital Public Infrastructure for people to authenticate and share data, it is impossible to know in advance every possible way they will use it to create value.
Decentralized Ecosystem Governance is a simple way for the entity responsible for each use case to implement the governance rules it needs for its roads work and be accountable to its users (e.g., which credential issuers can be trusted, what information flows are needed).
This way of implementing governance (through machine-readable files that are propagated to each participant’s credential software) has the information-handling capacity to meet whatever variety the system throws at it, not least by virtue of localizing the governance decision-making and making it easy to implement changes based on feedback.
For example, when we worked with the government of Aruba to implement Verifiable Credentials for Covid testing, the government needed to be able to rapidly change verification workflows based on new scientific information (e.g., test type, test validity times). Decentralized Ecosystem Governance was developed to meet this need. It has been developed into a full specification for governance by the Decentralized Identity Foundation (DIF).
As Digital Public Infrastructure, decentralized identity combined with decentralized governance gives people and entities the control they need to create frictionless ecosystems, the ability to rapidly respond to feedback, and clear accountability.
Lightweight and resilient
All these solutions can be implemented in a matter of weeks and without the eye-watering costs normally associated with infrastructure projects. That’s because Verifiable Credentials can work with rather than require replacing existing systems. And, because they are based on interoperable standards and open-source code, they can unify disparate systems.
This effectively makes decentralized identity a universal DPI layer for seamless authentication and data sharing, and one that can scale easily and start generating network effects rapidly.
Not every version of decentralized identity delivers the best possible combination of benefits. To learn more about the options you have, and how our government customers are using this technology to drive digital transformation, contact us and book a free, no-obligation workshop where we’ll analyze and discuss your use case.
###
