With blockchain, individuals and machines can identify themselves in digital networks unambiguously in a tamper-proof manner. In many places, the COVID-19 pandemic praised the creativity of teachers when the school material was conveyed via or WhatsApp. The initiative is considerable, and it highlights the state of digitalization. After all, in an increasingly digital world, many companies are struggling with the problem of trust in digital commerce. Unfortunately, the question of a reliable identity and reliable information on the Internet has not yet been solved sustainably. The loss in online commerce as a result of identity fraud in 2018 amounted many billions. Unfortunately, the chip including digital signature on the card could not change this. The procedure did not prevail. Not even all government agencies adapted digital signature. Banking still relies on signature and 4 digit pin. Identification processes such as live photo can reach some users, with the disadvantage that they are problems to personal data disclosure. In addition to natural persons, things such as machines or legal persons and companies need a clear identification for further digitized processes. If you start research on identity, you inevitably stumble upon the terms:
- Digital identity
- Decentralized identity
- Sovereign identity and
Digital identity identifies us on the Internet. But the solutions offered today are not very effective: a separate login must be created for each service. As a rule, this data set is supplemented by personal data and all this ends up in central data silos of the various companies. As a citizen or user, you have no control over your data and their use, nor can you access it directly. The result is a split identity in the network with redundant data. To make matters worse, the validity of allegations is difficult to verify. For example, each bank account must be verified, even though it has long since been carried out for another bank.
Self Sovereign Identity (SSI)
The catchphrase Self Sovereign Identity (SSI) is about personal sovereignty over one’s own identity in all matters both off and online. It is the responsibility of the individual to have a self-determined view of who is allowed to see or use which personal data for how long.
A sovereign identity could be more granular to determine who gets what information. This approach is in stark contrast to today’s usual approaches because it is decentralized in nature: the user manages his data completely without a central authority. Selective sharing guarantees a high level of privacy and sovereignty over its data. The solution to this problem could lie in the blockchain because the protocol enables a decentralized PKI infrastructure (public key infrastructure) and is thus the foundation for a self-sovereign identity or a decentralized identity.
Decentralized Identity as a Solution
The solution for a sovereign digital identity is the so-called decentralized identity. It acts as a universal key for all online applications – smartphones provide a bridge to the analogue world. This eliminates the individual registration on each website and the management of password and username. In contrast to the popular social logins of Facebook or Google, the data of the users does not lie on the central servers of these providers but remain in full control of the user. However, in many situations, participants in a transaction must be able to rely on the information provided. The car rental company must check the driver’s license before handing over the vehicle key. If it is only available in digital form, it must be able to trust this information. In the digital space, therefore, the question arises as to how a valid identity can be proven sustainably? A solution is needed that:
- provides secure trust records in real-time and is easy to use;
Such a digital identity solution could benefit insurance companies, financial service providers, mobility, B2B trading or automotive. The decentralized identity is also particularly interesting for login to web applications and large social media platforms. The Decentralized Identity can serve as a kind of universal account for all web services – the management of password and user names is no longer necessary. Compared to the currently popular social login functions, this solution offers the advantage that the data of the user is not stored on a central server of Google, Facebook and Co. They remain under the sole control of the user. This protects privacy, less trust in third parties is needed.
The users can control their decentralized identity which is free for re-use. This would allow the regulatory concerns of states such as users to be enforced against platforms such as Amazon, Facebook or Google: these companies generate revenue from their users’ data; they are de facto transforming their customers into a product. Regulators and politicians around the world are trying to bring these platforms under control, often with a focus on tax issues. The protection of privacy is lagging. With decentralized identities, states are given a means of collecting taxes while protecting the data of their citizens. This would require undertakings to offer access to the service with the digital identity as a minimum requirement and thus without discrimination. Any additional identity feature may, of course, be requested, for which the platform might have to pay, for example.