Are DIDs the Key to Decolonizing the Internet From Big Tech Giants?
The Next Generation of Identity Management
Identity theft is a serious problem. In 2022, there were over 20 million identity theft victims in the United States.
The report states that there were 1,862 data breaches reported in the United States in 2022, exposing the personal information of over 422 million people. The most common types of data breaches were phishing attacks, ransomware attacks, and cloud breaches.
Sometimes, the most bizarre thing is so obvious that we fail to register the gravity of it. I am talking about identity management solutions here.
Ours is a digital age. From accepting cookies policy to logging in using your email ID and password — your digital identity establishes your presence everywhere on the internet.
Beyond the virtual, opening a bank account, buying a car, paying taxes, or securing a seat in your favorite college, all these require proving your identity first. But there’s a problem here.
Your identity is fragmented, scattered, and insecure. You don’t even control it. It is the centralized intermediaries who issue and control your identity.
In Sweden, where I come from, we have BankID which is a great identification service but it is still centralized and I have no control over it.
I am constantly seeking innovative solutions that can enhance security and privacy in the digital realm. One such solution that has caught my attention is decentralized identity.
Blockchain presents a solution to this problem via decentralized identity systems.
Let’s decode why we need decentralized identities, the underlying infrastructure, and the possibilities that lie ahead.
The Problem with Centralized Identity Management Solutions
Let’s do a quick recap on how digital identities work today.
Companies collect and store sensitive and routine business data in numerous ways. This is a risky business, especially in light of user privacy-centric regulations such as the General Data Protection Regulation (GDPR) and corporate IT responsibility.
The Flaw In The Plan
Privacy risks and inappropriate security with regard to identity and access management capabilities remain rampant issues in the 7 billion or so IoT devices spread around us.
Let’s not forget the limitations accompanying physical identities. They are prone to manipulation, misplacement, misuse, and theft. They are unstandardized, lack universal acceptance, and can be compromised.
1.1 billion people, or 1/7th of the world population, cannot claim rights over their identity. They can’t vote, open a bank account, or get employment.
The ones who have officially recognized identification lack complete ownership and control.
And let’s not forget the infamous Facebook-Cambridge Analytica data scandal, where data belonging to millions of FB users was collected without consent and used to serve the vested interests of the parties.
Decentralized Identifiers (DIDs) as a Solution
Decentralized identifiers, or DIDs, are verifiable identifiers created and owned by a user, independent of any third party. You issue, control, and hold your DID stored on a distributed ledger or blockchain.
DIDs are globally unique, resolvable with high availability, and cryptographically verifiable.
Think of DIDs as a digital locker, holding all your credentials securely in one place. An Ethereum domain name is a DID. A soulbound token representing a person’s identity can also be called a DID.
You can even consider a non-custodial crypto wallet as a DID, as you control the private keys for verifying transactions and proving ownership.
Ethereum Name Service (ENS), SpruceID, BrightID, Proof of Humanity, proof of personhood passport, etc., are some examples of DID projects.
Whenever someone wants to identify your identity, you just need to produce the unique number or key associated with your DID.
Of course, DIDs are at a very early stage of development, and my example is entirely hypothetical. However, a DID can be associated with an individual, organization, or government institution.
Blockchain acts as an immutable directory for these DIDs. The ERC725 Ethereum standard is used to incorporate decentralized identity standards into P2P marketplaces on the blockchain.
Why Do We Need DIDs?
There are some superb benefits of DIDs. They offer a seamless, trustless, and secure method for managing and verifying user identity via cryptographic guarantees and attestations.
What does this imply?
You can bypass KYC procedures and use universal logins using your DIDs.
A DID can ensure unlimited access to financial, educational, or other opportunities and access institutions to the 60% unbanked population who own a mobile phone.
DIDs make identity portable. The attestations ( a claim made by one entity for another entity backed by identifiers) and identifiers (name, mobile number, social security number, or identification credentials) stored in a DID can be shared with anyone freely.
DIDs can work wonderfully well with zero-knowledge technologies. You prove you have done something without revealing the exact details. This could be a powerful way to combine security and privacy — a challenge Web3 has been struggling with for so long.
97% of all breaches in 2018 targeted personally identifiable information.
DIDs can drastically reduce the number of frauds, bots, and spams plaguing the internet, especially social media platforms today. Whatever you do, you cannot pretend to be several humans, as your identity is now immutably stored on a blockchain.
The Architecture Behind Decentralized Identities: How Do DIDs Work?
Two key components make decentralized identifiers possible:
Public Key Infrastructure (PKI)
Most blockchains use this information security measure to generate a pair of public and private keys. Public-private key cryptography is used to authenticate user identities and digital asset ownership on blockchains.
Decentralized Datastores
We have been talking about these data stores all along. These decentralized, verifiable data stores are public blockchains like Bitcoin, Ethereum, etc. Anyone can access the public ledger to verify or validate the decentralized identifier.
How Do DIDs and Attestations Come Together to Enable Digital Identity?
DIDs contain all your identity-related information but unlike traditional identification systems, this information is self-controlled, private, and portable.
Attestations become cryptographically verifiable claims (by an issuer) in the context of DIDs. Both DIDs and attestations form the building blocks of decentralized identity.
Suppose you want to verify whether an attestation is valid. Since DIDs live on the blockchain, you can do so by simply cross-checking the issuing authority’s DID on the blockchain.
But what if the authority no longer exists?
In that case, the holder will always have the proof of attestation, given the provenance and validation backed by a blockchain ledger.
Also, the verifier would only need cryptographic guarantees proving the authenticity of the attestation and identity of the issuing entity and not the complete identity information to determine if the proof is valid.
Types of Attestations
Attestations can be on-chain and off-chain.
Off-chain attestations are stored off-chain in digital wallets to protect user privacy. These attestations need to be signed with the issuer’s DID.
When you apply for a job, you can share the attestation with the prospective employer from your mobile wallet. The employer can confirm the validity of the attestation by checking the issuer’s DID or public key on the blockchain.
On-chain attestations are secured by smart contracts on blockchains such as Ethereum. The smart contract acts as a registry, mapping the attestation to the corresponding on-chain DID or public key.
For instance, An XYZ company issues shares to buyers with a proper background check. XYZ can now employ a company to issue attestations certifying individuals who have passed the background checks. The smart contract selling the shares approved the buy orders of only those buyers who have passed the attestation by checking their identity in the registry contract.
Use cases
DIDs are finding use cases in voting credentials, citizenships, university degrees, wallet details, universal identification numbers for social security schemes, etc.
As discussed earlier, DIDs can support universal logins and KYC authentications.
For instance, Stripe Identity allows ID document verification in over 33 countries. kycDAO helps issue reusable, on-chain KYC verifications.
Skipping the conventional verification processes can help save a lot of identity management costs. User information also remains secure whenever they log in on a new platform.
Verite proves identity claims while securing user information.
Online voting and social media can benefit from several DID use cases. DIDs leave little room for manipulation or malicious actors. They also ensure the integrity of online voting processes. For social media, DIDs can create authentic communities comprising actual people, not bots.
A great example is Nametag — an all-in-one social profile connecting web2 and web3 accounts.
DIDs provide anti-Sybil protection. Individuals can no longer trick systems into believing they are multiple people.
Vitalik talks about ‘Proof of Humanity’ as one of his favorite projects being built on the blockchain. It is a sort of online phonebook where you can get yourself registered. Your profile gets verified collectively and gets added to the blockchain forever.
Another sophisticated yet great use case for DIDs.
Do DIDs Hold The Key to The Decentralized Internet?
DIDs allow the internet of today to break free of its colonized past and embrace a user-first, democratized perspective. While it is liberating and holds many possibilities, the challenges of securing a universal standard still persist.
While the World Wide Web Consortium’s (W3C) Decentralized Identifier (DID) Standards provide a starting point for organizations creating DID solutions, much work still needs to be done.
DIDs will continue to find new uses as our self-expression and social identities evolve in the virtual space.
Subscribe to DDIntel Here.
Have a unique story to share? Submit to DDIntel at https://datadriveninvestor.com/ddintelsubmission
DDIntel captures the more notable pieces from our main site and our popular DDI Medium publication. Check us out for more insightful work from our community.
Register on AItoolverse (alpha) to get 50 DDINs
Join our network here: https://datadriveninvestor.com/collaborate
DDI Official Telegram Channel: https://t.me/+tafUp6ecEys4YjQ1
