Identity On The Blockchain
This week’s hot topic - Identity on the Blockchain
Currently, identification certificates take many different forms, including passports, driver licenses, birth certificates, bank cards, Medicare cards, etc. For most readers, this personal information is most likely stored in many places, including your bank, your employer and your insurance company or on any online software subscription such as Facebook, Uber, Spotify or Netflix. If any one of these intermediaries is compromised, individuals stand to have their personal information exploited by wrongdoers.
Two recent examples of this are when Equifax had a data breach that compromised the personal data of 145.5mn users, and when Cambridge Analytica improperly accessed data from Facebook which is now reported to have effected 87mn users.
Blockchain has a unique solution to solving security of personal information dubbed, ‘self sovereign ID’. The idea is that this digital identification will have a unique public key (sting of letters and numbers, e.g. ID04xcgFtY675H6dcm253d3). When this public key is shared by the user and signed with their private key (similar but never shared), any third party can verify the users identify on the blockchain without accessing and storing all their private information. How this looks in reality is rather than uploading passports, licenses and other documentation to third parties, users will simply submit their public key which can be matched against an immutable ledger to provide the required level of identification.
Cybersecurity Ventures published in its 2017 report that the cost of cybercrime to the global economy was $3 trillion in 2015 and will grow to $6 trillion by 2021. Self sovereign ID is a clever way to give back full control of identity to users and remove vulnerabilities and trust placed in third party sites. However, in order to be successfully implemented and reach critical levels of adoption, it requires adoption from users, merchants, global governments and others which is no easy task.
With some early players building solutions to solve this problem, including Civic, Identitii and Sovrin, it is only a matter of time before users have access to a better mechanism for controlling their digital identity.