Among the many emerging use cases of blockchain technology, digital identity management and verification is perhaps one of the most promising. In 2018 alone, billions of people were affected by personal data breaches, all around the world. There is an undeniable need for more secure methods of storing, transferring, and verifying sensitive information. In this context, blockchain systems may bring valuable solutions to some of the difficulties faced by most centralized databases.
How can blockchain apply to digital identity systems?
In essence, when a file is recorded on a blockchain system, the authenticity of its information is ensured by the many nodes that maintain the network. In other terms, a “batch of claims,” from multiple users, supports the validity of all recorded data.
In such a scenario, the nodes of the network can be controlled by authorized agencies or governmental institutions, responsible for verifying and validating the digital records. Basically, each node can “cast a vote” regarding the authenticity of the data so that the files can be used just like an official document, but with increased levels of security.
The role of cryptography
It’s crucial to understand that a blockchain-based identity system doesn’t require the direct or explicit sharing of sensitive information. Instead, digital data can be shared and authenticated through the use of cryptographic techniques, such as hashing functions, digital signatures, and zero-knowledge proofs.
Through the use of hashing algorithms, any document can be converted into a hash, which is a long string of letters and numbers. In this case, the hash represents all the information used to create it, acting as a digital fingerprint. On top of that, governmental institutions or other trusted entities can provide digital signatures to give the document an official validity.
For instance, a citizen could provide their document to an authorized agency so they can generate a unique hash (digital fingerprint). The agency can then create a digital signature that confirms the validity of that hash, meaning that it can be used as an official document.
Other than that, zero-knowledge proofs make it possible for credentials or identities to be shared and authenticated without revealing any information about them. This means that even if data is encrypted, its authenticity can still be verified. In other words, you could use ZK proofs to prove you are old enough to drive or enter a club without revealing the exact date of your birth.
The concept of self-sovereign identity refers to a model where each individual users has full control over their data, which could be stored in personal wallets (similar to crypto wallets). In this context, one could decide when and how their information is shared. For instance, someone could store their credit card credentials in a personal wallet and then use their private key to sign a transaction that sends that information out. This would allow them to prove they are the true owners of that credit card.
While blockchain technology is mostly used to store and exchange cryptocurrencies, it can also be used to share and validate personal documents and signatures. For example, a person might have a government agency sign off on their status as an accredited investor, then transfer confirmation of that fact to a brokerage via a ZK proof protocol. As a consequence, the brokerage could be sure the investor was properly accredited, even though they have no detailed information about their net worth or income.
The implementation of cryptography and blockchain in digital identity may provide at least two major benefits. The first is that users can have better control over how and when their personal information is used. This would greatly reduce the dangers associated with storing sensitive data in centralized databases. Also, blockchain networks can provide higher levels of privacy through the use of cryptographic systems. As mentioned, zero-knowledge proof protocols allow users to prove the validity of their documents without the need to share details about them.
The second advantage is the fact that blockchain-based digital ID systems can be more reliable than the traditional ones. For instance, the use of digital signatures could make it relatively easy to verify the source of a claim made about a user. Other than that, blockchain systems would make it harder for a person to falsify a piece of information, and could effectively protect all sorts of data against frauds.
As with many use cases of blockchain, there are some challenges involved in using the technology for digital identification systems. Arguably the most difficult problem is the fact that these systems would still be vulnerable to a type of malicious activity known as synthetic identity theft.
Synthetic identity involves combining valid information from different individuals to create an entirely new identity. Since each piece of information used to create a synthetic identity is accurate, some systems may be tricked into recognizing the fake ones as authentic. This kind of attack is widely used by criminals in credit card frauds.
However, the problem can be mitigated through the use of digital signatures so that made-up combinations of documents won’t be accepted as records on a blockchain. For instance, a governmental institution could provide individual digital signatures for each document but also a common digital signature for all documents registered by the same individual.
Another point of attention is the possibility of 51 percent attacks, which is more likely in small blockchain networks. A 51 percent attack has the potential to reorganize a blockchain, essentially changing its records. This problem is particularly concerning in public blockchains, where anyone can join the process of verifying and validating blocks. Fortunately, private blockchains can reduce the likelihood of such attacks as they would only include trusted entities as validators. However, this would represent a more centralized and less democratic model.
Despite the drawbacks and limitations, blockchain technology has great potential to change the way digital data is verified, stored, and shared. While many companies and startups are already exploring the possibilities, there is a lot to be done. Still, we’ll certainly see more services focused on digital ID management in the coming years. And most likely, blockchain will be a central part of it.