What is decentralized identity?
To understand why there’s so much buzz around decentralized identity, we need to start with how we prove who we are in the real world.
How does identity work offline today?
From the moment of birth, most of us begin collecting “identity credentials.” These paper documents and plastic cards are issued by trusted institutions that prove who we are and certain things about us like our age: birth certificates, passports, national identity cards, drivers’ licenses, and so on.
Without these official credentials, we would be lost, incapable of accessing employment, finance, and healthcare. We would be excluded from digital and mobile services. We would not be able to vote. This exclusion is, in fact, a daily reality for the estimated one billion people who lack legal identification.
Are there benefits to physical identity credentials?
A credential’s power resides in its uniqueness, its physicality, and the elaborate measures the institutions that issue them use to prevent forgery. Our physical ID represents our identity alone and no-one else’s.
Our identity credentials can be used at any time and in any context. Whether at a border crossing or a bar, we decide when to show our cards, documents, or certificates and to whom. The person we show them to decides if they are trustworthy or fake.
Why do we need to update this system?
We have to physically present these identity credentials to use them. They can be lost, stolen, or destroyed. They can be forged. People are denied basic human rights and services because they were never given physical documents to prove who they are. And, last but not least, these credentials were not designed for proving identity online.
How does digital identity work today?
You can’t show someone your passport online without copying the information in it. Each time we are asked to identify ourselves, we have to reveal our names, email addresses, home addresses and, depending on the service, social security numbers and passport numbers. We’re asked for all this “personally identifying information” (PII), and we supply everything under the assumption that only we will have access to it all—and not someone else.
To simplify this process, single sign-on tools, controlled by third parties like Facebook or Google, make it easy to create accounts with new businesses. By giving Facebook and Google our PII, we can quickly interact with many online organizations and businesses because Facebook and Google take the role of a ‘trusted’ entity controlling our connection. This is called federated or centralized identity.
What are the drawbacks to this system?
Because we’ve copied the information in our identity credentials into an online database, it no longer has the protection of physical uniqueness. That personally identifying information is now data, something that can be copied and transferred to others.
Every time we create a new account online, we make and give away another copy of ourselves—almost as if we let every store make a usable copy of our driver’s license.
We no longer own this identity—or control it. It can be used to track us and trace what we do every time we’re online. It can be sold to others for the purposes of marketing. And, because this identity is valuable, people want to steal it, either by hacking our account passwords or hacking the databases storing our information.
The rise of decentralized identity
To solve all these problems, we have to make digital identity credentials more like physical identity credentials, maybe even better—more flexible, more portable, secure, and permanent.
- We need to stop turning our personally identifying information into data that can be copied.
- We need a system that doesn’t require us handing over our personal information to dozens of databases to prove that we are who we say we are.
- We need to liberate our identities from this massive system of third-party control.
- We need to move beyond passwords and profiles.
This is the goal of decentralization. Our identities are not something that should be managed by an intermediary. They should be managed by each of us and in a way that gives us control and where privacy and security are the default settings.
New technologies that have emerged over the past decade now make this possible: distributed ledgers, decentralized identifiers, cryptographic keys, and zero knowledge proofs. We’ll take you through how all these work together to build a decentralized identity system and what they make possible. But for now, here’s a glimpse of what tomorrow could look like.
Instead of typing in your passport details, you’ll be able to share—through an app on your phone—a unique cryptographic proof that the passport office has issued you a passport. The person on the other end will be able to independently check that this proof is correct and that your passport is still valid. They’ll be able to do this without needing to contact the passport office or even seeing the details of what’s in your passport—if you don’t need or want to share that information.
Indicio.tech is building the decentralized identity solutions of tomorrow by providing the professional services developers need to learn, build, and grow their decentralized identity products and services. Contact us for details.
Indicio provides development and hosting for Trusted Digital Ecosystems. Enterprise, consumer, and mobile applications run on Indicio’s network and use its comprehensive ecosystem of software to issue, verify, and exchange verifiable digital credentials.
© 2022 Indicio, PBC All Rights Reserved