The shift towards an increasingly digital world has become overwhelmingly apparent. The coronavirus era has forced a technological leap on all fronts, and incumbent technologies are struggling to hold back a deluge of fraud and cybercrime. Between the need for secure access to digital services and the demand for increased security, the case for a trusted and verifiable ID system has never been stronger.
However, one question remains: Who gets to implement this system? If the answer is a company or a government, then concerns around personal privacy and civil liberties become quite relevant. Fortunately, this type of system can be implemented in a way that is decentralized, secure, and protects user data. And it’s this type of model that stands to best benefit both consumers and businesses.
The need for digital IDs in the modern world
Per data from the World Bank, nearly one billion people worldwide lack officially recognized ID – barring their entrance to the digital economy. This issue is even more pressing given that most of these people live in low-income countries. No ID means no access to financial services, travel, healthcare, and even some government services.
It’s not just developing countries that stand to benefit from digital ID. From online payments and delivery to account verification, identity remains one of the most critical enablers in accessing a myriad of services.
However, for many, entrusting their personal information to a centralized digital ID system spells trouble. Such a system might make acquiescing to ID checks a daily occurrence for a handful of mundane tasks, dropping digital breadcrumbs of our every move.
After all, big tech and governments have repeatedly shown they cannot be trusted with this type of information or control over such a system. You only need to look at what happened with Apple’s attempt to digitize traditional IDs in their Apple Wallet. The US government relinquished control to Apple, allowing the company to dominate the digital ID rollout and even foot the bill to the taxpayer.
For privacy advocates, Apple’s growing monopoly and an increasing reliance on the tech firm could spell disaster for personal freedoms. For one, the agreement stipulates that Apple retains control over which devices are compatible, excluding those without an Apple product. Moreover, placing valuable data in the hands of any centralized company — no matter how strong their encryption is — presents an inherent data risk.
Consigning a private company with ultimate control over a digital ID system and our most personal data is less than ideal. But we needn’t write digital IDs off just yet.
Self-sovereign ID is key to preserving privacy
When backed by biometric data and enforced using the power of decentralized blockchain ledgers, digital IDs stand to address many of the lingering issues with traditional ID documents. Already, various forms of fraud and illicit access are occurring more frequently as consumers spend more time and money online. Leveraging these new technologies can deliver IDs that are impossible to fake or manipulate, and they can be designed to interoperate with new systems.
When implemented correctly, decentralized digital IDs can make it harder to infringe upon civil liberties and privacy. That said, it’s essential that these IDs are not federated or corporatized but are, instead, self-sovereign identities, fully controlled by the end-user — made entirely possible by blockchain’s trustless verification.
Decentralized digital IDs are supported by a wide range of emerging technologies and techniques, leading to the creation of a truly Self-Sovereign ID, or SSI — where users hold full control over their personal data. This includes zero-knowledge proofs, a system that allows one party to verify data to another party without revealing any pertinent information, which ensures that personal information never has to be revealed or retained by third-party verifiers.
Having self-sovereign identities linked to purchases and payment rails will facilitate trustless trade that also seamlessly can stay in line with regulatory expectations. Better yet, most of this upgrade would be on a software level. Much of the existing infrastructure could be modified, and personal mobile devices could act as the point of access for data entry or retrieval. This model can give any company a competitive advantage against older and more problematic designs. Users will feel safer, and less intruded upon — a sentiment that should go a long way in the modern era that has seen rampant abuse of data collection practices.
Ultimately, with the shift to a digital world, the problems of physical ID systems need to be addressed. They can be addressed in multiple ways, but everyone should be wary of any solution that is controlled and monitored by businesses or governments. The potential for abuse is far too high.
Blockchain tech and mobile devices already offer us the tools we need to create SSI that are at least as secure, arguably more so, than any centralized solution. This will benefit not only the consumers themselves but also the companies that have the foresight to implement these systems sooner than their competitors.