Table Of Contents
This article is the first part of a 4-part series on Digital Identities. Each of the articles will look at a different aspect of Digital Identites and explore various considerations on the topic.
New technologies bring new opportunities but also new risks. It’s the same with digital identities (DIDs). Saying identification is important is an understatement, it’s one of the cornerstones our societies are built on. An ID means you can own things and tie them to your identity, but they can also be misused by authorities as a form of control. As with all new technologies, adoption comes down to understanding how they work.
Why are identities important?
In a blockchain world there seems to be the idea that a legal identity can be forfeit altogether and we can conduct everything in a decentralized and anonymous way. But this is not the case and I believe it never will be.
Identity is ownership. An identity allows you to own a house, car, or your latest social media post. It allows you to own a name, but it also “allows” you to own the speeding ticket that you got by driving a car. So, it’s not only about having the right to enforce our rights but also to take responsibility for any of our actions. Looking at identity broader, even a crypto wallet is a form of identification, or it can be used as an identifier. It is used to link digital assets to a unique address. I would like you to keep this broader idea of identity as it relays a lot of what is coming in the ID world.
Are DIDs bad?
Technologies are neither good nor bad, it’s all about the people using them. But you are correct to be distrustful. DIDs are coming and the way they will be implemented will determine whether you will live in a free world or not. But just because a technology can be misused, we should not forfeit it altogether. Let’s rather learn about it and use it in the right way.
I’ve heard so many things about DIDs recently, enough to understand that there’s a great deal of confusion around them. Many are not aware about the standards, how they work and even if you understand the technical side, there are still multiple ways to implement them. And these can be beneficial or detrimental to your freedom.
This is not intended to be a technical article on implementation but a high-level overview of the key factors that influence privacy and control in the space of identity and data ownership. Understanding this will help you make decisions about what DID solutions is right for you and which ones to strictly avoid.
What does DID stand for?
DID can have a few different meanings. It’s either an abbreviation of Digital ID, Decentralized ID or decentralized identifier. Digital ID is in a sense a catchall as it has the broadest meaning. A Decentralized ID will also be a Digital ID, but a Digital ID does not need to be decentralized.
Sometimes you will also hear the phrase Sovereign Identity. This is also a form of DID and probably what describes best what we should be striving for in the field of digital identities.
What is a Digital Identity?
In the broadest meaning, this would be any digitally stored information that can be linked back to you. Your government and a lot of other institutions store such data to this date, and it is fully under their centralized control. We all have a digitalized identity already and your ID card or your passport are only physical representations of your true digital identity. Just think about your passport getting scanned at the airport, matching it to all the whole worlds’ databases instantly.
Of course, we could also argue that as long as we still need the physical form of our ID, we do not truly have a Digital Identity and I’d fully agree with that.
Current forms of actual official Digital IDs come as digital certificates that are issued by government approved institutions that allow you to identify yourself on governmental websites to send or receive official information, like your tax returns. Almost every country now offers such services.
If we want something to be globally accepted and used by everyone, humans and machines alike, it needs to follow some standards.
How you should not do a digital ID is with some unique NFTs that only the issuer can use. This limits the usability of the DID as it will probably not be interoperable with many platforms, if any at all.
At this moment, there is no definite global standard accepted, but W3C are developing a DID standard that currently is the most probable to become universally recognized. The standard separates the identifier from the data. This is where the DID acronym is used in the most correct manner, meaning a Decentralized Identifier that make a digital identity possible.
An identity then consists of the DID, Verifiable Credentials (VC’s) and Verifiable Presentations (VP’s) bound to it.
Such a system is extendable and can serve many use cases. Aside from everything you have been able to do with your normal ID, you can store your education certificates, employment history, medical records, or any information that you may want to present to another party in the future that is probably true, correct and has not been modified or tampered with. Such information may be used to calculate your credit score and instantly approve a loan for you, without having to reveal the information that was used to establish your score.
There are unlimited possibilities in such a system, and it extends its value far beyond just identifying yourself.
It needs to be noted that the W3C standard by itself does not require storing DIDs on a decentralized ledger. It is up to the implementer to choose how centralized or decentralized their solutions will be.