Centralized identity systems are fragmented, insecure, and restrictive. The emergence of blockchain technology holds the promise of a more secure, accessible, interoperable, and ultimately self-sovereign future, where everyone gets to own their personal information and control how it is used. At least that’s the dream sold by blockchain evangelists. But how does the reality of blockchain digital identity stack up?
What Is On-Chain Digital Identity?
A digital identity is a record derived from the use of personal information and actions taken online. It can include pseudonymous information, like an IP address, but also real-world data such as name, date of birth, medical history, and search activity. It is the combination of these biographic, biometric, and behavioral data points that make up a digital identity.
Blockchain technology provides a decentralized solution for storing and managing this digital identity, where data is not stored in a single database. Blockchain-based digital identity solutions can encrypt the data and record it in different volumes on-chain, securing the information in a verifiable, interoperable, and accessible format when required while protecting privacy and securing against hacks and unauthorized access.
Users and organizations can then present digitally signed claims related to them (such as a driving license, fingerprint, or qualification), which have been signed by identity issuers. The verification process of the signed claims is automatic and with no intermediary required.
Why Blockchain Digital Identity Is a Big Deal
Managing digital identities on a blockchain could eradicate issues with existing centralized solutions, including insecurity, inaccessibility, and lack of transparency.
Currently, most of our valuable data is stored on centralized government or business databases. They use legacy software and introduce single points of failure. Personally identifiable information stored on these systems is very attractive to hackers, comprising 97% of all breaches at an estimated cost of $654 billion in 2018. Storing and transmitting encrypted information across a tamper-proof decentralized blockchain removes this risk.
Over one billion people have no proof of identity, and nearly three billion are unbanked. Lack of an identity prohibits access to education, work, travel, government services, and the existing financial system. This legacy system involves inconvenient and complex processes and expense, with a lack of knowledge on how to navigate it keeping people locked out. However, as over 60% of these unbanked already own mobile phones, blockchain-based mobile identity solutions can open up access to a new, simpler system that can better suit their needs.
The fragmented and non-standardized way in which digital identities are currently managed is weak, making it easier to create fake identities and increasing the levels of fraud. With sophisticated smartphones and advances in cryptography and blockchain technology, we now have the tools to build decentralized identity management systems that standardize the process and make it much harder to manipulate.
On-Chain Identity in Action
One project developing such a solution is Concordium. Concordium is a privacy-centric, public, and permissionless proof-of-stake blockchain built for business. Digital identity is core to the Concordium network, with identity management built-in at the protocol level and interoperability with other blockchains helping to develop a standardized solution. It also comprises an ID app for iOS and Android, allowing users to import files, move identities and accounts to other devices, and restore backups, opening up accessibility for participants.
Concordium offers a workable solution by providing transactional privacy for users, along with a mechanism that allows for accountability to local regulations.
Concordium’s self-sovereign identity layer contrasts with other blockchains by using zero-knowledge proof cryptography to allow its users to transact and share information in a completely private and anonymous way. Concordium accounts can therefore be tied to zero-knowledge-proof identities, confirming they are verified. Blockchain observers cannot use that identity to link to a specific entity, as it remains encrypted. This means that transactions are processed without exposing the identity of the sender or receiver, and the sender and receiver will also be the only parties that can see the actual details of a transaction.
On the other hand, where a suspicious transaction or set of transactions have been detected, the real-world identity of the user can be revealed to qualified authorities with the help of anonymity revokers and identity issuers in a decentralized process. This provides a hybrid solution to empower compliance with jurisdictional legislation, regulations, and auditor requirements.
What Blockchain Means for Digital Business Models
Decentralized, blockchain-based digital identity is maturing fast, with solutions like Concordium’s ID app allowing users to obtain and control verified digital identities from regulated identity issuers.
This will have a big impact on business models in terms of data monetization, data portability, and economic inclusion, as we set out on the road towards the ultimate goal of self-sovereign identity.
As the world begins to realize the benefits of digital identity on a blockchain, attitudes regarding who owns and should profit from user-generated data are likely to change. This has particular ramifications for user content-based services like social media platforms, and behavioral analytics-hungry advertisers, but also any other organization that needs the data. It provides individuals with control over a future data monetization model that is user rather than business-centric.
The enabling of frictionless data portability will also have a profound effect on how services are set up. Regulators are keen to push the right of portability, where technically feasible, so users do not have to re-verify identity across multiple platforms, reducing security risks. However, current solutions either create walled gardens that make this inefficient or rely on a few large tech giants like Facebook and Google to manage it.
This was a point made by German Chancellor Angel Merkel in talks with businesses including Deutsche Telekom, BMW, and Lufthansa about making digital identity a top priority, alongside EU initiatives like the European Blockchain Services Infrastructure (EBSI) helping to implement self-sovereign identity and trusted data sharing.
With decentralized identifiers (DIDs), secured by private key cryptography, containing the verifiable claims, it is possible to migrate identities between systems without friction. It simplifies onboarding and access processes for users, providing a standardized means of verifying credentials without manual inefficiencies or relying on centralized points of failure.
Digital identities are expected to contribute considerably to economic growth in the coming decade, benefiting individuals and opening up access to the global market. The value of digital identities is estimated to expand by 22% per annum, with economic benefits of over €300 billion for European organizations alone, and double that for consumers. Decentralized digital identity models will allow users to unlock this value and help grow the global economy.
The Ultimate Goal: Self-Sovereign Identities
The issues surrounding traditional digital identity systems make life harder for both users and organizations. By taking a blockchain-based decentralized approach, thanks to projects like Concordium, we move closer to the ultimate goal of self-sovereign identity.
It represents a major breakthrough, giving users back full control over all their personal information. Companies will have limited access to verifiable claims, and the system does not rely on a central authority to work. The impact of this will extend far beyond our current imagination, encompassing new use cases and industries as digital identity becomes an integral part of the lives of billions.