Are decentralized digital identities the future or just a niche use case?
Are decentralized digital identities the future or are they a niche use case for blockchain technology doomed to solely be used by crypto natives?
As users take advantage of online services and explore the internet, they eventually create a digital identity. This type of identity is then tied to central entities like Google and Facebook, which make it easier to share data with new services through simple sign-in buttons.
While these digital identity management systems are convenient, they are relying on centralized intermediaries that hold and control user data. Personal identifiers and attestations are in their hands, and they can decide — or be forced — to share this information with other parties.
Blockchains offer a solution: decentralized digital identities. These allow individuals to manage information related to their identities, create identifiers, control who they’re shared with and hold attestations without relying on a central authority, like a government agency.
A decentralized identifier for a decentralized identity can take the form of an Ethereum account. Users can create as many accounts as they want on the Ethereum network without anyone’s permission and without anything being stored in a central registry. Credentials on the Ethereum blockchain are easily verifiable and tamper-proof, making them extremely trustworthy.
Other use cases are out there. In August 2022, Binance catapulted the decentralized identity debate to social media platforms after moving to launch its first soulbound token, BAB, serving as users’ Know Your Customer (KYC) credentials.
Whether decentralized identities are the future of online activity remains to be seen.
Managing decentralized identities
Speaking to Cointelegraph, Witek Radomski, chief technology officer and co-founder of nonfungible token ecosystem Enjin, revealed he sees a future in which the metaverse will see a “blend of social media networks, email, crypto wallet addresses, and decentralized applications,” suggesting there will be a mix of digital and decentralized identities.
Per Radomski, the key to identity management will be the “preservation and protection of sensitive information,” as different networks have “distinct technical methods to track digital ownership of data.”
Recent: Vietnam’s crypto adoption: Factors driving growth in Southeast Asia
Radomski added that individuals entrusting protocols with their personal data should consider that big business decisions will be made based on an enterprise’s needs and philosophy, adding:
“The ownership of digital assets mimics asset possession in the physical world. Assuming that owners are operating within the bounds of the law, blockchain-enabled digital ownership cannot be interfered with by the government.”
He added that decentralized identities will play a role in preserving individuality, which will “depend on proving that you’re not a bot” and will have online activity as one of the “most compelling testaments to demonstrate this.”
The potential of decentralized identities
Managing digital identities is a challenge, as one mistake can easily lead to a breach of personal information. Centralized entities have been known targets, with a recent case seeing the personal data of Portugal’s president stolen in a cyberattack. The use of decentralized identities eliminates this risk, as only the users are responsible for their data.
Speaking to Cointelegraph, Dmitry Suhamera, co-founder of IDNTTY — a decentralized public infrastructure layer enabling a decentralized identity approach — said that centralized digital identity providers “compete with each other, which actually hinders widespread adoption,” as in the end, “the user needs an ID for government services, an ID to interact with a bank, an ID to work with a cooperation.”
Real-world use cases have seen digital identity programs’ adoption slow down shortly after launching, with Suhamera using Gov.UK Verify in the United Kingdom, which saw less than 10% of the population signing up, as an example. Nigeria’s adoption of eID, Suhamera added, stalled in 2017 amid issues with public-private partnerships used to launch the program.
Per Suhamera, centralized digital identity solutions tend to “be quite expensive and offer an inconvenient monetization model” as users have to buy and pay for national IDs before using them digitally.
Cross-border uses of digital IDs are also complex, Suhamera added, as corporations and regulators have to line up bureaucracy, which can be a slow process. Suhamera added:
“Decentralized ID allows for the creation of a distributed ‘cheap,’ easy to integrate repository of personal ID (for which only the user is responsible) with which any service can integrate, from KYC providers and digital signatures to any online or identity services.”
While decentralized identity can make identifiable information more portable while keeping it safe, centralized entities managing digital IDs “tend to provide a set of services at once,” boosting user experience.
Decentralized identities have a number of use cases, including the potential for universal logins across a number of applications without the use of passwords. Service providers can issue attestation tokens granting users access to their platforms after a single sign-up, for example.
Binance’s soulbound token shows that user authentication and KYC is also a possibility on the blockchain through the use of non-transferable tokens. Because these tokens aren’t transferable, voting through the blockchain without manipulation is a real possibility.
Security concerns
While decentralized identity management does appear to have significant advantages, the technology does not come without its drawbacks. For one, self-sovereignty means it may not be the most user-friendly approach.
Speaking to Cointelegraph, Charlotte Wells, communications manager at crypto platform Wirex, said digital identities have been around for some time, although blockchain-based digital identities will “be a game-changer in the future web 3 due to their decentralized nature.”
Wells pointed out that the amount of user data stored online is steadily growing, creating “huge security concerns over how this data will be stored and who will have access to it.” She pointed to data breaches at Facebook, which exposed the data of millions of its users. Per her words, decentralized digital identities will be “vital in allowing us to have ownership and control over our credentials.” Wells commented:
“Self-sovereign identities use blockchain technology and zero-knowledge proofs to store digital identities on non-custodial wallets – the biggest advantage being that users have complete control over this and decide what companies, apps and individuals have access to this data.”
She added that there are drawbacks: One important role of centralized entities is “enforcing standards of regulation, giving users and businesses the reassurance they need to work on the web.” Without these central authorities, Wells concluded, there may not be the same level of protection for decentralized identities.
Zero-knowledge proofs are a way of proving the validity of a set of data without revealing the data itself. This technology, paired with decentralized identities, could mean users can prove who they are while under pseudonyms, ensuring their security isn’t affected.
Recent: Institutional crypto custody: How banks are housing digital assets
To Fabrice Cheng, co-founder and CEO of Quadrata, blockchain-based digital identities are going to change the concept of digital IDs and create new use cases for the Web3 space. Speaking to Cointelegraph, Cheng noted that it is still important to be mindful of what’s shared, noting that people should “be aware o their behaviors on the blockchain.”
With the Ethereum blockchain acting as a global directory for decentralized identities of users who choose what they share and are in control of their data, it’s hard to imagine a scenario in which crypto-native users wouldn’t prefer this alternative. Non-crypto native users, however, may prefer to keep using centralized providers and share their data, at least until the user experience becomes as simple.