Title: Why Decentralised Identity Management?
Setting: This thread is created to start a discussion on decentralized identity management.
Decentralized identity management – Self-Sovereign identity
Recognised identity
Several organisations are working on creating a decentralised identity solution, yet no solution has prevailed. To date, we remain dependent on our governments to organise and establish our identities for us. This implies that people without official Government recognition have no “form of identity” to participate in modern society.
Digital identity
Furthermore, it is important to realise that our Identity is no longer limited to what is written on our passports; the internet and technologic innovations in data management lead to the creation of our digital identity. Our digital identities show our behaviors, favorite locations, and even the meals we ate yesterday; opposite to our government recognized identities, our digital identity is mostly controlled by large corporations.
The problems with not having access to a recognised identity and the associated exclusion from society are obvious. Our digital identities prove to be more ambiguous in nature, spread out across corporations, governments, and organizations in whose services we participate or we have happened to cross, if they have not crossed us prior. Our actions in these services are gathered into our profiles. Our collective profiles become our digital identity. Stored across databases, ready for abuse, theft, and influence.
While this risk of identity theft brings fear into our hearts, it is not as dangerous as the influence exercised through our digital identities. Silent and unnoticeable, our collective digital identities, or better how they are managed have strong implications in our society. Shaping and influencing minds and actions, justified under what suits the narrative of the day - examples of justifications are the protection of free speech, tolerance and other words with an empowering after flavor.
Solution: Self-Sovereign identity - Take back control.
In essence, each individual has to be given the right to an identity as well as ‘ownership’ of their identity.
The basic proofs of concept of Identity Managment are easy, however, it quickly becomes challenging when covering all nuances.
What is identity in a digital, decentralised context? An identity consists of a unique identifier, representing an individual, along with a set of attributes associated with the identity, for example:
-A Unique ID
-Your Name
-Your Birthdate
-Social information (family, likes, jobs, yesterday’s lunch)
A unique ID in the digital world is a bunch of 1’s and 0’s unique within a particular domain. This could be your email address, or it could be a seemingly random number like ‘did:earth:423dab4dfe3b5’, enforced through authentication systems such as a readable digital identity card, a password or private key, known only by the identity holder.
Returning Identity back into the control of the individual. Requirements:
1) Individual initiative: Individuals take the initiative to create and register their unique identifier or identification number on a decentralized identity management platform or application.
-If created by someone else, there is no assurance we are starting with a clean slate (because the other party might retain the private key or seed). When registered, the mechanism doing so needs to be fully transparent to assure that it is unique.
2) Local storage: Storage of all the associated attributes of our identity remains under the control of the individual. Stored on our own devices, easily moved at our will. Not to be stored on a public ledger; only anchored via the individual’s identifier.
3) Freedom to choose: The individual has the freedom to choose which attributes are associated with their identity, such as their name, birthdate, social information they wish to include, etc.
4) Permission-based verification: The individual gives permission to an authoritative agency which can vouch for an attribute, such as our birth certificate or a KYC/AML check, separately for each attribute, in the process building a web of trust.
5) Right to privacy:
-If another individual would like to look at our identity, the individual decides what and how much detail can be viewed, and for how long they can store this information if at all.
-When the individual does share information, it will be uncorrelated with information we share with other parties, or even the same party at a different time, allowing to build up a secret profile.
7) Right to be forgotten: Whenever the individual desires, they should be able to remove a particular attribute, or even everything associated with their unique identifier, and revoke permission for others to store or see it from that point on.
8 ) Easy and secure: All steps mentioned above need to be easy in operation and managed for the individual in a secure manner allowing for the decentralised identity to be used by both a pre-teen as well a grandmother.
The paradigm shift which will follow the introduction of Self-Sovereign identities into our society will impact all our lives, bringing forward global empowerment of all people.
Creating a Decentralised Identity solution as described above can be accomplished today with recent technological advances, bringing cost-effectiveness, scalability for mass adoption, and universality within reach. Standardized schemas are being developed for how data is formatted bringing universal adoption through a mechanism called ‘Universal Discovery’. As long as all specific decentralized identity management systems follow the enforceable schemas, they can cooperate between one another.
The universal discovery process connects to the correct provider for the resolution of each identity query. If the individual truly has control of their identity data, they are free to move between solutions of their choosing. From that point onwards, economics and value-adds such as performance, regional value, and premium services, along with demonstrably altruistic intentions, determine the dominant solutions.
The creation and implementation of Decentralised Identity Management will send ripples across the world affecting our business and personal lives, it will as well fundamentally change the way governments operate. The evolution towards decentralized identity management is a required shift from current society. It will be a crucial element for the betterment and empowerment of many lives.
-If voting can be organized autonomous and in full transparency, why do we trust a centralized entity to determine the outcome?
-If I comply with all the laws of my hosting nation, why can’t I be anonymous?
-Why do we require a government to validate whether we have the right to exist?
NEXT POLL:
Are we ready for the first operational decentralized identity solution, validated by a borderless sovereign society?