Decentralised Digital Identity (DDID) will change how we manage passports, driving licenses, and online logins forever

Imagine never having to worry about a lost driving license or passport ever again. Imagine never having to worry if someone has stolen your identity. With decentralised digital id, this could be a very real possibility.

In the last article we looked at data privacy and how, without respect to privacy at a systemic level, we end up with public user data scandals like that of Facebook and Cambridge Analytica where millions of Facebook users' personal data was acquired without the individuals' consent and used for political advertising.

Such scandals scare end users away from sharing their data. With decentralised digital identity based on blockchain, data access is transparent. Users can see who is accessing their data, when, where, and how — and have control over it, too.

In this article we are going to take a much closer look at the proposed solution: decentralised digital identity. By the end of this article you’ll know what digital ID is, the different types that exist, and how it could change the way we manage identity verification forever.

A digital identity is simply a way to verify who you are in the digital world. It consists of a set of validated digital attributes and credentials — similar to a person's identity for the real world. Attributes can include a unique identity number, social security number, name, place, and date of birth, citizenship, biometrics, and more, as defined by national law.

It all began with the conventional siloed shared-secret model. That’s where we use our username/email and passwords to prove our identity. Service providers use a combination of online and offline processes to onboard users, then authenticate their identity for future interactions via secret information such as passwords, confirmation emails etc. In this centralised model, user information is fragmented across a pool of service providers.

The centralised model, however, is repetitive for users and poses security threats. If you want to buy something small and trivial online, it will ask you to create an account, set up a username and password, add your payment details, and perhaps verify your email etc. This means your information is likely stored in a database. The problem here is that, regardless of the strength of your username and password combination, it remains your weakest link.

A single breach of the database comprises your payment details, address, and other valuable information. In fact, it’s common for regular internet users who don’t often change passwords to have dozens of compromised accounts at any one time. The greater the number of accounts you hold, the greater the chances of compromise. Therefore, security is a legitimate risk.

What’s more, from a user perspective, it can be a real pain to keep track of countless login details for dozens of different websites. Every time you login you need to type in your details — if you can remember them. You might find yourself forever changing lost passwords. The future of digital identity, however, looks different.

This paved the way for the federated model, which allows you to sign in with some other trusted source — provided you are present on their database. If you have ever come across ‘login with Google’ or ‘login with Facebook’ you have encountered a federated identity solution before — and probably enjoyed its convenience. However, the problem becomes that we place too much trust in a single identity provider. For example, if we use ‘login with Facebook’ everywhere, a simple change in Facebook's terms and conditions could lock you out of your linked accounts.

That’s where decentralised digital identity (DDID) comes into play. With a DDID, we don’t rely on any single identity provider, we don’t have to maintain multiple login credentials, and we don’t have to type in username and password combinations everytime we login.

With DDID, the end user takes the power back as they have sole ownership of their data. Data that is no longer stored in a third-party service provider’s database. Never again do users have to worry about their passwords, hacks, or annoying advertising emails when their data gets sold in a greasy backhander.

DDID infrastructure lets you use, issue, store, and verify credentials without the physical meeting between two entities. You simply share your digital credentials with trusted parties to prove your identity, giving you freedom and security.

If you’re familiar with blockchain, as soon as you read the word ‘decentralised’, you knew what was coming. Blockchain facilitates the decentralisatist’s dream. In doing so, it helps us eradicate the following problems in the current system:

Inaccessibility
Approximately 1.1 billion people worldwide have no proof of indentity¹. 45% of those are among the poorest 20% in the world. Cumbersome identification paperwork processes, expenses, lack of access, and the simple lack of awareness keep people locked out of traditional identification systems. Nonetheless, 60% of the 2.7 billion unbanked already own mobile phones, which paves the way for blockchain-based mobile identity solutions which better suit the needs of vulnerable citizens².

Data Insecurity
At present, the government stores our most valuable information in centralised databases which have more single points of failure than an un-armoured tank. As these databases hold valuable personal information of millions of users, they may as well have bright shiny targets and welcome signs for hackers. As a matter of fact, a recent study has shown that personally identifiable information is the most targeted data for breaches comprising about 97% of the total in 2018³. Our personal data is not secure.

Fraudulent Identities
Due to the weak link between online and offline identities, it is easy to fake our identity online over different websites. Have you ever entered a false email, or even made a second email for online sign ups with a different name? It’s most common among trolls who juggle fake identities and peddle fake news and fraud. With a false identity and no way to prove who they are, we rarely get hold of the actual culprit. With a blockchain-based system of identity management we can reduce such activities where the user has to authenticate himself with his true identity online.

There are three basic types of decentralised digital id: enterprise, consortium, and self-sovereign identity.

The enterprise implementation is restricted to an internal enterprise in a private blockchain network. The enterprise acts as the issuer and the verifier and also controls the data.

In a consortium DDID, members can join either as issuer or verifier and use permissioned blockchain to share details in a secure manner. The identity information here is controlled by members.

Self-sovereign identity systems operate as public utilities. In SSI, we rely on a non-permissioned blockchain like Ethereum or Sovrin where the underlying network is hyperledger Indy, which is a public, but permissioned, chain.

Privacy and convenience
DDID’S are private by design giving users full control of how, when, where and what data is being shared. They are conveniently easy to set up and reduce a lot of time and effort than the usual logging in with a username and password.

Security and fraud reduction
Users are more secure as they do not have to maintain and cope with multiple usernames and password combinations for different websites and login pages. Furthermore, businesses are more secure as they don't have to maintain honeypots of descriptive personally identifiable information. This leads to fraud reduction as there are no login IDs and passwords with which hackers can steal — even with brute force hacking.

Cost savings and efficiency
DDIDs can reduce the cost of customer onboarding, data management, and security.