How Can Blockchain Help With Identity?
As FinTech solutions pop up for nearly every imaginable use case, one particularly important area has only recently begun to pick up steam in terms of attention: Identity.
What makes identity important? It’s not something that we often think about, and yet it permeates almost every aspect of our daily life. Take, for example, paying for a coffee with your credit or debit card. If the point of sale device does not support the tap function (Near Field Communication or NFC), you’ll need a PIN to go along with your credit card, which is basically providing your digital signature for the purchase.
These proofs refer immediately back to your identity, although that may not be the first thing that comes to mind. It’s likely that you simply go through the motions without necessarily understanding how all of the pieces fit together.
However, identity isn’t only about the instances in which we need to pay for something. There is another aspect of identity that is much broader, and it has to do with what others say about us.
The Thing About Attestations
Think about a time when you’ve applied for a job. Your potential employer wanted to know about your past work experience, your education, and so on. You could claim that you went to Oxford University, and maybe you actually did — but no one is going to believe you unless you can get another source to attest to your having gone there.
That’s what your university diploma is all about. It verifies that you actually graduated from school and can prove it. However, it’s not you proving information about yourself, it’s a third party proving information about you, and you’re merely handing it over to your potential employer.
The same goes for credit scores, passports, membership cards, and much more. We need all of these third-party networks to verify information about ourselves just to prove to another party that what we say about ourselves is true. All of these proofs, or attestations, via third-parties constitute the public side of who we are, what we say about ourselves, and what we’re able to claim to others.
From the foregoing it should be clear then that attestations play an integral role in our concept of identity, and that if we’re going to move to a decentralized identity paradigm heralded by digital twinning, which is the creation of a digital copy of something that exists in the physical world…in this case your identity, we’ll need to build an effective attestation infrastructure.
What will an attestation network that doesn’t centralize your data look like? How would it work? These are important questions that need to be carefully considered.
Firstly, attestations in the decentralized identity paradigm won’t be the same as what we have now when you think of institutions like credit scorers. Megalithic corporations like Equifax hang tightly to as much of your data as possible, and as seen in the recent (and major) Equifax hack, your data is quite vulnerable if the centralized authority can’t keep it secure.
That makes the need for a decentralized identity and attestation infrastructure all the more pertinent. By decentralizing attestations, they won’t exist in any one place — but where would they exist?
Ideally, your identity won’t exist on a centralized network or on a decentralized blockchain. Storing your identity in either place has several pitfalls. In the previous section we highlighted some of the concerns with storing in a centralized location, but storing them on a blockchain is problematic as well.
The main issue is that a public blockchain’s best attribute — its transparency — is also its downfall when it comes to storing sensitive data like ID-related information. So, where would this information go? You’ll need a wallet much like the one you use for cryptocurrency, except this wallet will store and manage nothing more than your identity and the attestations/claims that go along with it.
Just in the same way you need a public and private key to encrypt your crypto wallet, you’ll also need those keys to guard your identity wallet. What will your private key be used for? In instances when you need to sign your identity off on something to say “this is me,” you’ll use your private key. The public key is how you’ll publicly identify yourself on networks if and when necessary. For instance, social media networks will eventually link up with your digital identity (using your public key) to lend your ID increased robustness much in the same way that attestations do.
Perhaps what you need is to verify your passport information. In that case, you can check in with the relevant authority and provide your public key and passport. The passport authority will check over the information you’ve provided, will sign off on it, and provide you with an attestation that will be bound to your public key. You now have an attestation regarding the veracity of your passport and can use your attested to information where necessary.
The real innovation in all this is that the organizations requesting your passport won’t get to see your actual passport or any of the data contained within it. They’ll only get informed that your public key ID has the right attestation from the right authority, and they’ll have no choice but to accept it without knowing anything extra about you.
All of this is stored in your cryptographically secured wallet, but your actual identity information is not stored on a public blockchain. Private blockchains, or distributed ledgers, can be purpose-built to fit the needs of decentralized identity, and there are several efforts underway to that effect throughout the blockchain space.
As we move away from centralized, siloed forms of identity toward a new era of blockchain-enabled decentralized ID, you’ll find yourself noticeably empowered. In the near future, you won’t need to overshare your data with organizations that may be trying to take it from you only to sell it onward to third parties. Instead, you’ll hold all of your critical data privately.