AI systems need decentralized identity. Why? Only decentralized identity provides the authentication, consent, delegated authority, structure, and governance needed for AI to deliver value.
By Trevor Butterworth
AI is going to be everywhere. From virtual assistants to digital twins and autonomous systems, it will reinvent how we do everything. But only if it can be trusted with high value data, only if it can access high quality data, only if there’s user consent to that data being shared, and only if it can be easily governed.
This is where decentralized identity comes in. It removes obstacles, solves problems, and does so in a way that delivers next-generation security. Here are the five ways decentralized identity and its key technology — Verifiable Credentials — puts AI agents and autonomous AI systems on the path to trust and monetization.
1. Authentication
We are going to need to authenticate AI agents. They are going to need to authenticate us. It’s an obvious trust issue when so much data is at stake.
“We” means everything that interacts with an agent — people, organizations, devices, robots, and other AI agents.
Traditional forms of identity authentication aren’t going to cut it (see this recent article by Hackernoon — “When OAuth Becomes a Weapon: AI Agents Authentication Crisis”).
And given the current volume of losses to identity fraud (the estimated global cost of digital fraud was $534 billion over the past 12 months, according to Infosecurity Magazine), the idea that we should now open up massive quantities of high-value data to the same security vulnerabilities is insane.
The first fake AI agent that scams a major financial customer will cause panic, burn trust, and trigger regulation.
Only decentralized, Verifiable Credentials can provide the seamless, secure, and AI-resistant authentication to identify both AI agents and their users. And they enable authentication to occur before any data is shared.
2. Consent
AI needs data to work — and that means a lot of personal data and user data. If you want AI solutions that require access to personal data to comply with GDPR and other data privacy regulations, the “data subject” needs to be able to consent to sharing their data. Otherwise, that data is going nowhere — or you’re headed toward compliance hell.
Verifiable Credentials are a privacy-by-design technology. Consent is built into how they work. This simplifies compliance issues and can be easily recorded for audit.
3. Delegated authority
AI agents are going to need to access multiple data sources. While Verifiable Credentials and digital wallets allow people and organizations to hold their own data, they are not necessarily going to hold all the data needed for a task.
For example, banks and financial institutions have multiple departments. An AI agent that is given permission to access an account holder’s information, will need to share that information across different departments either to access the customer’s data or connect it to other data. It might need to share the data with other agents or external organizations.
Verifiable Credentials make it easy for a person to delegate their authority to an AI agent to go where it needs to go to execute a task, radically simplifying compliance. Decentralized governance (more of which later) simplifies establishing trust between different organizations and systems.
4. Structured data
AI agents and systems need good quality data to do their job (and therefore earn their keep). Verifiable Credentials issued by trusted data sources contain information that’s tamper-proof, that can come from validated documents, and that is structured in a way that each data point can be selectively disclosed.
In other words by putting information into a Verifiable Credential, we minimize error while structuring it to be easy to consume. In the process, we enable data and purpose minimization to meet GDPR requirements.
5. Decentralized governance
Finally, we come to one of the less-well known features of decentralized identity: decentralized ecosystem governance — or as we call it DEGov, which is based on the Decentralized Identity Foundation Credential Trust Establishment specification.
DEGov is a way for humans to structure interaction through trust. The governance authority for a particular use case publishes trust lists for credential issuers and credential verifiers in a machine readable form. This is downloaded by each participant in a credential ecosystem, and it enables a credential holder’s software to automatically recognize that an AI agent issued by a given organization is trustable. These files also contain rules for data presentation workflows.
DEGov enables you to easily orchestrate data sharing: for example, a Digital Travel Credential issued by an airline for a passenger identity can be used by a hotel to automate check-in because the hotel’s verifier software has downloaded a governance file containing the airline as trusted credential issuer (this also facilitates offline verification as governance rules are cached).
The value of decentralized governance really comes to the fore when you start building autonomous systems with multiple AI agents. You can easily program which agent can interact with which resource and what information needs to be presented. You can orchestrate interaction and authentication across different departments, domains, sectors.
As you can also enable devices, such as sensors, to generate Verifiable Credentials containing the data they record, you can rapidly share trusted data across domains for use by pre-permissioned AI agents.
In sum, decentralized identity is more than identity or identity authentication — it’s a way to authenticate and share any kind of data across any kind of environment, seamlessly and securely. It’s a way to create digital relationships between participants, even virtual ones.
Indicio ProvenAI
We designed Indicio ProvenAI to do all of the above. It’s the counterpart of the Proven technology we’re deploying to manage borders, KYC, travel and everything in between. It’s why we are now a member of the NVIDIA Inception program.
We see decentralized identity as the key to AI unlocking the right kind of data in the right way. It’s the path to trust, and trust means value.
Contact Indicio to learn how we’re building a world filled with intelligent authentication.
