The Case for Decentralised Identity
Decentralised identity and verified credentials enable you to identify yourself online, without needing to scan your passport or expose personal information unduly. It enables organisations to know who they are dealing with more efficiently. It allows us to build trust between multiple parties. It allows for this through innovative use of blockchain technology, while remaining compliant with data protection rules and regulations.
Processes that require consent and sharing of personal data can be managed more efficiently, and secure connections between previously unknown parties can be established without the need for a trusted third party. This emerging technology of self-sovereign identity is now becoming accessible through greater standardisation. Government investment in the space allows verifiers to build on top of ‘foundational credential,’ dramatically increasing the ease at which we can establish trust online.
The Challenge
"You can be whoever you want to be. You can completely redefine yourself if you want. You don't have to worry about the slots other people put you in as much. They don't look at your body and make assumptions. They don't hear your accent and make assumptions. All they see are your words."
These are the words of Sherry Turkle, elaborating on why the internet removes popular prejudices. Or, as Peter Steiner put in his now famous cartoon, published in The New Yorker, stating simply, “on the internet, nobody knows you’re a dog.” While the privacy options enabled by the internet are great, they pose a challenge for those online businesses that require a certain level of KYC, or Know Your Customer. If you’re an online bank, signing up new customers requires them to prove their identity. The best option used to be to literally ask them to scan their ID or passport, and then send this over.
And even if you aren’t as regulated as a bank, forcing customers to always resubmit the same details each time they sign up to a new service is annoying, inefficient and error-prone. People are tired of remembering yet another password, or giving away their email address just to gain access to a short lived transaction.
Letting people prove who they are hasn't been easy, neither for the prover nor the verifier. The problem has been that we don’t have a digital representation of our identity.
The Solution
We’re in the 2020s, and there must be a better way than taking pictures of passports before emailing them as part of a sign-up or KYC process? Luckily, with blockchain technology and decentralised identity (DID), there is! A core challenge tied to this has been around the distribution of public keys. In a public/private key setup, I create a pair of keys tied to each other, one to lock, another to unlock, a message or a signature. And, as the name suggests, I keep the private key private. I now want to widely distribute the public key so that others can use it to verify my signature.
Prior to blockchains, distributing these public keys required trust in a third party, like a centralised directory where I could announce my public key. But we don’t want this trusted third party, as it leaves us exposed to their operational integrity. And agreeing on who this potential third party should be is not straight forward.
Blockchains remove the requirement for a third party since they operate as a decentralised system without such a need. I can publish my public key and the immutable ledger on the blockchain will preserve this record, cryptographically verified forever. This is a first key step towards decentralised identity.
Foundational credential
The second key step is to then tie credentials to my public identity as identified by my public key.
This is where a ‘foundational credential’ issued by traditional actors like a central government agency fills in the gap. By having a well known public key, they can give me a cryptographically signed record stating my name, date of birth, address, or other such information. My public key is tied to this credential, and now, instead of a scanned passport, I can give you a fully digital, verifiable and machine readable credential. We can imagine similar use cases for health records, vaccination status, or your driver's license.
An alternative approach is through what we refer to as a ‘web of trust’, without the need of a central agency, where connections between many parties build confidence in the subject. For example, let’s say you’re looking for someone to help clean your flat after moving out. If three of your closest friends claim that the same person X is a reliable cleaner, you’ll probably believe this to be the case. In the decentralised identity space, if 10 of your closest connections attest to the name or other details of a new connection, you’ll probably rightly conclude that this too is correct.
Summing up
Because decentralised identity enables machine-readable verifiable credentials (VC), with trust anchored through issuers with cryptographic signatures, it becomes an efficient and scalable approach for managing trust online.
From a quicker sign up experience to a more efficient KYC process, everyone benefits from DIDs and VCs. Users don’t have to remember yet another password, or fill in the same details again, and verifiers don’t need to rely on unverifiable information delivered in difficult to consume formats like pictures or scanned PDFs.
Previously costly or inefficient business processes can be optimised, and new or more transparent risk assessments can be obtained. Trusted connections between new parties can be established with ease.
At Web3 Labs we understand how to navigate this emerging landscape, and we can help you find the right opportunities and technologies to enable decentralised identity in your organisation. Reach out now for a free consultation.
If you'd like to learn more about the future of blockchain technologies, check our blog or give our Web3 Innovators podcast a listen.