There is a growing movement in the Blockchain world to develop solutions that allow individuals to own and control their online identities. We use our personal credentials to do all kinds of things online, like logging into to many, many websites, sharing our payment information, our mailing addresses, our birthdays, etc.
Some people opt to using the simple and easy login services created by Facebook and Google. We’ve all seen the Sign-in with Facebook button on various websites. The problem with choosing this quick login method is your data is being collected by large corporations and stored on company servers without your knowledge or permission. Sometimes not all the data collected is accurate and we have no control over who sees our personal data. In addition, the company servers are often hacked leaving our personal and payment information in the hands of thieves. And for those folks who love gaming, criminals are focusing their efforts in that arena in 2019.
Here’s a quote from Akamai who does threat assessments and research:
Criminals go where the money is. And these days, there’s real money to be stolen in the virtual world of gaming. Our latest State of the Internet / Security report delves into the growing popularity of credential stuffing attacks against the gaming industry. In one 17-month period, we counted 12 billion attacks.
Here’s an exerpt from an article on NBCNEWS.com:
A 20-year-old woman stalked through the Internet and killed. Thousands of e-commerce customers watching as their credit card numbers are sold online for $1 apiece. Internet chat rooms where identities are bought, sold and traded like options on the Chicago Board of Trade. … the Net’s threat to personal privacy can’t be dismissed as mere paranoia. …(And) we’ve only seen the tip of the iceberg.
In 2017 Forbes wrote an article on the infamous Equifax security breach:
Equifax is one of the largest credit reporting agencies in America … An authorized third party gained access to Equifax data on as many as 143 million Americans. That’s nearly half the population of the United States as of the last census.
Overall, the internet lacks a universally available digital identity system that lets individuals collect, hold and present any credentials they want, to whomever they want, whenever they want– without the reliance on a third-party managing it all.
Richard Chen, on Medium says,
“Identity is one of the most important missing pieces of Web 3.0 infrastructure, and there are a number of projects taking different approaches to building an identity layer that the entire (Blockchain) dApp ecosystem can use.” I’ve found Blockchain developers approaching this problem from two different directions.
1) The first is called Decentralized Identities.
Microsoft, who plays a big role in blockchain development says, “Decentralized identity (DID) can replace identifiers such as an email address or username. It’s rooted in blockchain and distributed ledger technology to protect privacy and allow secure transactions.”
Blockstack, a DID project that I follow, is a second layer protocol that works with the Bitcoin blockchain. To test it out, I created my own digital identity and then used it to seamlessly login to various dApps (decentralized apps) on the Blockstack network. It was so cool that I didn’t need a username and password for every dApp I tried. I played with Graphite (simple encrypted word processing) and Blockusign (encrypted document signing and digital notary). You should try it! Just go to Blockstack and create your own identity.
2) The second is called Self-Sovereign Identity. This is an identity concept where people and businesses store and control their data on their own devices, then provide this data when someone needs to validate them. This is all done without relying on a centralized database. The promise of this approach is; individuals can collect, hold and present any credential they want, to whomever they want, whenever they want.
Control Your Digital Identity
Projects working on Self-Sovereign Identity solutions include Civic and Sovrin.
Civic is built on the Ethereum blockchain and uses smart contracts to oversee data authentication. Their mission is “To give people control and security over their digital identity.” Civic is a personal identity verification protocol that leverages blockchain technology to better manage digital identities.To get started just download the app to your mobile phone. I found it in the iOS app store. I entered my email address and mobile phone number, and voila, I was done! I’ll let you know how it goes as I use it.
Sovrin is a blockchain identity network built on Hyperledger Indy open-source code. Sovrin is public and permissioned which means it’s not exactly decentralized. It’s publicly visible but you can only use it if given permission. The Sovrin network provides a global identity infrastructure that supports self-sovereign identity and verifiable claims. Here’s a great video on the Sovrin Network.
Personally manage your digital IDs online with
the Sovrin Network – an open source project creating
a global public utility for self-sovereign identity