The Journey to a Self-Sovereign Digital Identity Built on a Blockchain
Identities are no longer simple
As we move further into the digital world, the method for defining an individual’s identity grow more and more complex. A person is no longer simply represented by name, gender, date of birth, and address. Identities have changed over time to include other detailsб such as employonment, social, financial, and medical histories among others.
With the complexities involved, methods for identity management must also adapt. There have been talks about managing identity with blockchain in the previous year. This idea was central to a session on the future of digital identity led IBM’s Jai Singh Arun during IBM InterConnect 2017.
“Every business and social transaction is carried out by people. People are known by their identities. Hence, identity drives every business and social interaction.” —Jai Arun, IBM
The evolution of identity
Since the introduction of the Internet, digital identity has continued to evolve from the concept of centralized identity.
- Centralized identity. Administrative control by a single authority or hierarchy.
- Federated identity. Administrative control by multiple, federated authorities.
- User-centric identity. Individual or administrative control across multiple authorities without requiring a federation.
- Self-sovereign identity. Individual control across any number of authorities.
What’s the problem?
According to Jai, we have yet to reach that fourth phase of self-sovereign identity. “Individuals generally have little or no control over the information that comprises their identities,” he said. “Without visibility into the exchange of identity attributes across the enterprise for authentication, verification, and authorization, individuals are vulnerable to identity fraud.”
Identity data is typically decentralized. We have different organizations for varying elements of identity. This presents a number of problems and challenges for individuals:
- Too many steps and documents involved in proving identity
- Unpleasant experiences and unwanted services
- Limited control over identity information and identity theft concerns
- Compliance and regulation
- Fraud, identity theft, and data breach
- Costs, complexity, and unreliability
- Ensuring citizens’ privacy and safety
- Protection of ID documents from counterfeiting, alteration, or theft while simplifying experience
- Increasing costs and complexity of physical ID issuance, renewal, maintenance, monitoring, and verification
To address the challenges, Jai believes that there is a need to create a trusted digital identity network, which adopts such technologies as:
- Cognitive applications that collect data from cumulative online interactions to simplify and expedite routine tasks, such as filing taxes, while also reducing errors and system fraud.
- Systems for user-controlled payment, so that acquiring a new credit card no longer requires a lengthy process of changing payment information for each recorded service account.
- Applications that simplify transactions, such as car purchases by verifying identity, credit, title, and insurance, and obtain approvals with trusted identity profiles to shorten the buying process from hours to minutes and significantly reduce paperwork.
- Holistic health care applications that give doctors and pharmacists access to patients’ electronic medical records. This would allow care providers, pharmacists, and patients to track dosages, receive automatic alerts for missed or incorrect dosages, monitor possible adverse drug interactions, and even help to prevent addiction.
Such a trusted digital identity network should also have the following key elements:
- The ultimate authority of a user over his/her identity (self-sovereign)
- Privacy‐enhancing and voluntary
- Decentralized/distributed trust
- Designed as a social good
- Open and flexible
- Interoperable and portable
- Viable and sustainable
Blockchain as the foundation
Given the requirements needed for developing a trusted digital identity network, the blockchain technology, specifically permissioned blockchain technology such as Hyperledger Fabric becomes a suitable option. According to Jai, permissioned blockchain technology provides core capabilities that enable a trusted digital identity network to build and operate as:
- A shared, append-only ledger with one version of the truth shared across all permissioned network participants in real time.
- Smart contracts that ensure that verifiable and signed business logic is executed in each transaction.
- Trust between known participants to verify transactions and ensure records are valid.
- Privacy and security measures that grant access only to permissioned parties.
These capabilities deliver the required values for trusted digital identity:
- User-centric design, which allows users to control their identity profiles and attributes.
- Dynamic validation of identity and transaction data and ongoing validation of information leveraging smart contracts to update trusted data in real time.
- Trusted digitization, which enables processes to become fully digital while maintaining trust in the data items.
- Auditable records to provide for validation.
- Controlled visibility, or the ability to verify identity without disclosing actual data.
- No hierarchy unlike a database with a single point of control. All participants have the same capabilities.
Placing the trusted digital identity network on a permissioned blockchain would provide certain benefits for individuals:
- Convenient and simplified experience for identity verification
- Full control and consent over identity usage and monetization
- Reduced costs and reduced risk of data breach and identity theft
- Efficient compliance management and monitoring
- New revenue streams
- Rapid onboarding of customers
- Better personalized customer services
- Distributed trust and increased protection of identity data.
- Reduced counterfeiting, alteration, and theft.
- Reduced risk and cost of identity issuance and management.
- Increased efficiency in compliance control, monitoring, and quality.
“Digital identity networks built on blockchain drive trust among business and social enterprises by leveraging shared ledgers, smart contracts, and governance to standardize management and reduce the cost, risk, time, and complexity of decentralized identity management.” —Jai Arun, IBM
We’ve already seen how blockchain can help financial institutions to manage identity of their customers. There’s also collaboration between IBM and SecureKey Technologies, which aims at developing a new network for digital identity and attribute sharing based on IBM Blockchain. Trusted digital identity networks might not be that far off.
Jai’s presentation can be found here.
- Blockchain Can Help Banks to Better Manage the Identity of Customers
- A Panel: Blockchain Introduces Opportunities in Identity Management
- Canadian Financial Institutions Are Adopting Blockchain: 6 Success Stories