Decentralised Identity Management: A New Way to Own and Share Your Identity and Interact on Web 3.0 Infrastructure in a Trusted and Seamless Manner

In the current internet era, web 2.0, by default, provides our personal data to the service providers. We provide credentials to access these services. Often much more is provided than necessary. Your data is used as well outside of the original service provider and on-sold by organisations. We have completely lost control of where our data ends up. As we know, there have been massive data breaches and misuse of our data across the board, and it is entirely out of our control….but this may be changing and sooner.

We need our identity to be self-owned and digital.

Digital Identity means that instead of providing our data and credentials each time we interact with a web service, an identity service will provide these credentials. In web 2.0, this is similar to using Google ID across multiple platforms. Moreover, many forms of identity, such as a driver’s license, are not digital and must be provided in person or scanned into a digital document. Microsoft provides identity services for corporate customers so that each time a different corporate tool is used, the credentials are obtained from a central place. Nevertheless, these approaches put the onus on the enterprise and service provider to manage authentication and security. They are still centralised, so we do not control our data, and you still have a central store of identity data that will attract hackers – sometimes called a ‘honey pot’.

In short, decentralisation gives us self-ownership of our identity and the ability to share different parts of our identity with different services as we see fit.

If you have ever held cryptocurrency and stored your own crypto in a wallet, you would understand this impact. It is quite an experience to hold your own access to your own ‘money in your possession. No banks. No intermediary. You have the keys to move your digital assets and value. You become your own bank.

This self-owned identity provides control over what we share and with and whom we share it, in addition—when necessary—provide the ability to take it back. Consider instead not to grant broad consent to countless apps and services that spread identity data across numerous providers. Individuals would have a secure, encrypted digital hub where they can store their identity. So with decentralised digital identity (DDID), it is an entirely different paradigm to identity management. Digital Identifiers credentials are supplied to third party service that we interact with. An identity owner would store many different digital identifiers in your own electronic wallet attested from different ‘issuers’ (see more on issuers later). 

These identifiers are claims provided about your identity, validated by a trusted issuer such as the government for passport, driver’s license, and educational establishments for pass marks, attendance, and qualifications attained, who certify that you own the credential and its validity. The credentials are backed by the Blockchain, where the entire record has complete transparency and is supported by cryptographic, immutable proofs. For instance, an education establishment will digitally sign the identity’s credential legitimising the proof. This proof is tamper-resistant, meaning no one can alter the record. There is much evidence of how job applicants self-certify their credentials, and it is well known that there is a sizeable quantity of applicants who lie on their resume. Furthermore, it is challenging for an employer to check every credential.

Blockchain helps by providing a cryptographic block database with trusted network verifiers or nodes who are incentivised to act within a protocol, brings trust between the various parties in identity management. 

Decentralised identity was proposed before Blockchain even existed, but Blockchain provides the backbone for security and privacy so that verifiers can be sure of the authenticity of the claim of identity.

It is sometimes taken for granted the security and trust that Blockchain brings through immutably recording data and its various interactions. The paradigm shift of providing a trusted service is a complete game-changer; it allows users to self-own their identity along with decentralisation.

When discussing identity management, it is essential to understand the three actors: Issuer, Owner/Entity, Verifier.

The issuer is a trusted third party such as the government or educational institute. By issuing a credential, the identity issuer attests to the validity of the personal data, e.g. drivers license detail. The identity owner can then store the credential in their personal identity wallet and use them later to prove statements about their identity to a third party (the verifier). 

Authenticity and accuracy of claims are stored on the Blockchain, which provides a transparent means for a third party to validate the reliability of the claims. This statement is essential and requires deconstruction of how a verifying party can assess the identity. When the identity owner (can be human or machine) presents their credentials, the verifier will validate the proof by assessing the validity of the issuer. In this way, the validation of proof is based on the verifier’s judgment of the issuer’s reliability. Hence third party verifiers do not need to validate the actual identity credential but only validate the provided proof of the attesting party, e.g. the government or institution.

A service provider can independently verify claims of, for example, an education institute about a student. This unlocks access for identity interactions within the third party, allows access to sensitive disclosures based on the level of trust delivered through DID – this is a game-changer for many industries. Over time, identity can accrue greater legitimacy, gain endorsements from trust attestations from independent verification of who issued an endorsement and accumulate attestations from multiple trust systems. This provides greater confidence over time. Enabling trust in this way provides seamless and frictionless interaction with web services without needing a third party or middleman to enable trust.

This is a foundational element of web 3.0.