Decentralized identity is an approach to identity and access management (IAM) that seeks ways to allow individuals to manage their own personally identifiable information (PII) instead of using a central authority.
An important goal of decentralized identity is to create standards that will allow internet users to control which applications and services can have access to specific types of PII.
In one proposed scenario, for example, individuals would collect information about themselves from a certified data source such as the Department of Motor Vehicles (DMV) and store their personal information in a identity wallet built upon a distributed database.
In a very fundamental sense, interest in decentralized identity has arisen from blockchain and the broader interest of how to keep cryptocurrency transactions secure. In this use case, however, the originating individual controls what information can be shared, not the distributed database.
For an easy way to think about decentralized identifiers, think about the threat of data breaches that haunt basically every single company in the world. Data breaches are invasive and expensive. For companies, they trigger all sorts of liability and cost. Individual users, meanwhile, also see their private data handed around the web by hackers and malicious parties.
The idea that users can self-serve in bringing credentials to a company's environment is a win-win situation. It also mirrors the idea of holding an individual's cryptocurrency in a cold off-line wallet, or in a noncustodial type of environment. In both cases, it's a move from a company having your data, to you having your own data, with evident benefits.
How Decentralized Identity Works
Decentralized identity works on the principle of offering a way to craft a more anonymous identifier for a user. One of the most basic ways that many experts explain it is that instead of a traditional username, where the user is tabulated and tracked according to an entry in a vendor's database, the user submits a self-owned credential that is decentralized and more anonymous than it otherwise would be.
Others describe decentralized identity as a “trust framework” made possible by the blockchain, where decentralized identifiers can be used in serverless applications and other new types of architectures.
When a customer identifier is held by the individual user in a wallet, instead of being stored housed in a vendor database, it is less vulnerable to theft because the wallet's distributed architecture does not present a single point of failure.
Decentralized identifiers play an important role in the concept of creating thinner attack surfaces. Decentralized identifiers also have the potential to make some of the struggles with the GDPR and other privacy laws obsolete.
Advantages of Decentralized Identity
In general, companies are working on implementing decentralized identities that will conform with "know your customer" and anti-money laundering regulations.
So in that sense, decentralized identifiers are the right answer, at just the right time. They solve fundamental problems that tech media have been reporting on for years. They unlock potential that is in some ways nearly limitless, and they serve that same idea of online self-service that's driving more capable business-to-consumer platforms in healthcare and beyond.
For example, decentralized finance assets and cryptocurrencies are often talked about as serving the un-banked or underbanked, people who have not done well with traditional centralized banking systems and the maintenance of traditional check and savings accounts.
In a similar sense, decentralized identifiers will help people who have experienced a data breach and been victimized because of a third party’s negligence. They'll be able to guard their personal data from not just hackers, but from illegitimate advertisers and third-party data buyers as well. All of that will tend to make the idea of decentralized identity very appealing to people and companies moving forward. Look for this technology to become much part of our world in the future.
0 Comments