The fourth industrial revolution is believed to transform the way the world operates. At the forefront of this revolution are advanced technological concepts such as artificial intelligence and Blockchain, creating a truly digital ecosystem.
However, as the world moves towards digitalization, one important aspect that needs to be addressed is creating a robust digital identity system.
The recent hacks on social media such as the Twitter hacks of 2020 have made us realize the vulnerabilities of the current digital ecosystem.
The main concern is regarding the centralized systems which are prone to theft and hacks. Even though several security measures are taken such as firewalls and encryption keys, data theft is still a common dilemma for digital identity systems.
There is a dire need for an identity solution that can preserve the privacy of the users providing a secured, reliable, and efficient model.
Therefore, the concept of ‘Decentralized Identity’ has gained significant traction.
Want to become an expert in Hedera Network Services? Enroll Now in Hedera Fundamentals Course!
What is Decentralized Identity?
Decentralized Identity, DID, or Self-Sovereign Identity (SSI), all of these terms used to represent the concept of digital identity based on Blockchain.
DID allows users to have a universal location for their identity rather than the disparate system where there are multiple issuers and multiple identity standards.
Therefore, DID approach helps users in gathering their credentials from various issuers like government, educational institutes, or employers and allows them to store their identity in a digital wallet. These credentials are then used by the verifier to establish the authenticity of a person by following the ‘identity and access management (IAM)’ process through a blockchain-based ledger.
In essence, Decentralized Identity allows users to be in control of their identity.
Imagine if you lost your Pan card. If you want to open a bank account, you won’t be able to unless you get the Pan card re-issued. For that, you have to go through the extensive process of getting the Pan card issued from the government office by presenting other identity proofs.
Now let’s imagine you lost your passport. Even if you have an urgent flight, you need to get authorized and get the passport again in order to travel.
These situations beg the question, “why do we need a third party to control our identity and verify our presence in the world?”.
Decentralized Identity on Hedera provides a trustworthy model or framework to users where they can replace their usernames with IDs and can exchange their data or information over blockchain using distributed ledger technology for a secured transfer of information. Users can even manage access to their data, i.e. who can view or verify their identity.
Build your identity as a certified blockchain expert with 101 Blockchains’ Blockchain Certifications designed to provide enhanced career prospects.
Why do we need Decentralized Identity?
Hit by the Covid pandemic, if there is one thing we have realized it is that our dependence on the digital ecosystem has never been more prominent. Life today can not be imagined without the Internet for any kind of person. Whether it is a student wanting to study online, a business interacting with overseas clients, a vendor selling their goods, or any other entity, having a digital presence is absolutely necessary.
Therefore, this digital presence needs to be robust in order for us to have a reliable and credible interaction.
These records are also used to manipulate the user. For instance, if you search for sports shoes, you are bombarded with sports shoe advertisements on every social media platform that you use until you buy them. The data of users is being misused without their consent.
Therefore, the need for a decentralized digital Identity system has become cloudless in order to have a system that will allow users to control and manage their identity. Further, decentralized identity Blockchain will empower the users to have full control over their data and will take trust and security to next level for users, applications, devices, and service providers as well.
Digital identity management can use the features of blockchain to offer many improvements. Check out the blockchain identity management benefits here now.
How does it work?
Identity is no more restricted to the traditional paper-based proof. We interact with numerous devices, applications, and other people over the Internet. Decentralized Identity will let the users control their own identity data, the access to their data, and how that data will be used.
Before explaining how decentralized identity blockchain works in detail, there is a need to know about some particular terms to understand their roles in the process.
- Credentials: The unique information that distinguishes the identity of one person from another.
- Holder/Wallet: It is the digital place where the user stores their credentials.
- Issuer: An issuer is responsible for providing the digital credential to the user, signer by a digital signature to provide authenticity to the issued identity.
- Subject: The user for which the identity is being issued.
- Verifier: is the party that verifies the authenticity of the credentials of the user.
To explain how DID works, let us consider the following example of a student being issued an identity by the university. In this case, the students need a diploma from the university as proof that they have completed their course. This diploma has to be given to the organization where the student is going to be employed.
The various characteristics of the diploma can be shared digitally by the university and will be mapped to the DID of the student. The university will be the issuer, the student will be the subject and the organization will be the verifier.
In place of this university, there can be any other entity that is required or authorized to issue identity proof.
In the traditional system, the user needs to register with every service provider and get a separate identity from each of them. Just like on social media platforms we need different IDs and passwords for each platform. However, DID allows a user to get credentials from multiple service providers and those credentials are linked to a single ID. All credentials are stored in a digital wallet and can be accessed at any point in time.
These digital records act as a single source of truth that allows verifiers to digitally establish the identity of a person by referring to the credentials issued to them and verifying the issuing authority. Therefore, what DID provides is information of who issued the identity, to whom it was issued, and is it revoked or has been tampered with.
Blockchain, being an immutable distributed ledger, allows DID information to be stored in a cryptographically secured manner.
The Format of a DID
Considering the current autonomous network created by multiple Blockchain platforms and the lack of an interoperability standard, DID needs a global format that can be accepted by the masses.
Christopher Allen made a suggestion for DID format which was accepted by the developers in 2016. The purpose of this format was to enable the use of multiple Blockchain platforms for a DID network.
For this, each DID has to follow the URN specification:
The first component of the specification is the Scheme, the second is the DID method, and the third is the DID method-specific string.
Next is the DID document that contains all the cryptographic material needed to establish the secured connection between the entities.
Watch on-demand webinar on decentralizing the identity in blockchain with TrustID now!
Decentralized Identity on Hedera
A key consideration here is that a decentralized identity on Hedera does not necessarily require a Blockchain.
Blockchain can be thought of as a special type of distributed ledger technology which means that there are other distributed systems that do not follow the principles of a typical Blockchain but still cater to the need for decentralization.
Hedera is one such platform. It is public distributed ledger technology that uses a proof-of-stake algorithm. It is one of the few platforms that meet the GDPR requirements and is one of the most secured options for storing personal data.
Other features of Hedera include controlled mutability which means that the developers have the choice of making smart contracts immutable.
What makes it perfect for implementing a DID solution is the aforementioned characteristics along with the fact that Hedera has one of the most advanced signature types which allows users to grant and revoke access to their data in seconds. Therefore, decentralized identity on Hedera has become popular.
Want to get a better understating of digital identity and how blockchain falls into the ecosystem? Use our wide selection of blockchain courses to learn more about it.
Let us consider a scenario of John applying for a job at 101Blockchians.
For this, John is required to submit some identity proofs in order for 101Blockchains to trust that John is in fact, John.
Therefore, 101Blockchains requests some verifiable credentials(VCs) from John. He sends over the credentials along with cryptographic proof that he owns those credentials.
Now, 101Blockchains will extract the DID from the VC. depending upon where the registry is maintained, 101Blockchains resolve the DID into DID document metadata. This metadata is then used to validate the credentials of John. This includes validating the digital signatures of the issuer and the subject.
101Blockchains also check if the verified credentials have been suspended or revoked to establish more confidence in John’s credibility.
The same model is applicable in different situations where DID has to be sent and verified. The identity structure in Hedera such as the X.509 certificates or the federated models allows users to prove their identity in a secure manner. Other factors that can be considered here are the model of public keys or the control over the metadata.
Therefore, Decentralized Identity on Hedera is not only restricted to a Blockchain-based environment but can be used in any traditional system with the right implementation.
The part played by Hedera’s DLT platform is as follows:
- It creates a decentralized validation process
- The identity metadata is free from control by intermediaries
- Both parties can query data from each other directly
- The credibility of the identity can be established in real-time and in seconds
In addition to these, Hedera’s core architecture plays a crucial role in making it appropriate for the DID space.
The primary role played in defining the performance of a DLT or Blockchain-based identity system is by the consensus algorithm. The consensus algorithm is responsible for the validation and distribution of data on the network. Therefore, the DID framework can be as effective as the consensus algorithm allows it to be.
In short, the throughput, latency scalability, security, and decentralization of a platform depend on the underlying consensus algorithm being used.
Hedera Consensus Service or HCS is how Hedera becomes a viable solution for the DIDs and VCs and decentralized identity on Hedera becomes a defacto implementation.
Apart from the traditional mainnet approach, Hedera has an appnet which is the application network. The registry of the identity metadata which established the credibility of an entity is maintained by the nodes in the appnet rather than in the mainnet. This allows the network to optimize the querying capabilities as a defined set of nodes will be maintaining the required data to be used for resolving DIDs.
But this raises the question regarding the decentralization of the network. For this, the HCS model follows a unique approach. The mainnet nodes timestamp and maintain the order of messages corresponding to the actions on the registry. This allows the mainnet nodes to participate in the decentralization of the network without maintaining the registry and just the references to the registry. This is one of the primary reasons why Hedera can support a highly scalable application without the trade-off of decentralization.
One of the most popular identity solutions, Eath ID, has been built on Hedera displaying the appropriateness of the platform for the DID space.
Start learning Blockchain with World’s first Blockchain Career Paths with quality resources tailored by industry experts Now!
Digitalization has become the essence of the 21st century and in order to experience the true powers of a truly digital world, we need a digital identity solution that is not only scalable but reliable, robust, and secured. The digital identity space has been evolving decade after decade and the emergence of decentralized identity on Hedera comes as a sustainable option for the implementation of a suitable identity model.