Decentralized identity is an identity management framework based on open standards. It’s also referred to as self-sovereign identity.
To begin with, think about what an ID is. It stands for an identity document used to verify the identity of a person, for example, a passport issued by a central authority, like a government.
A digital ID is a digitized version of such documents, for instance, a driver’s license. We share this data for a raft of reasons when interacting with an app or a website. Although our consent is sometimes requested, we often don’t have much control over who owns the data.
Decentralized identity management recognizes our right to have greater control over our personal data and share only the relevant information for verification required in that particular context.
Decentralized Identifiers (DID)
Two fundamental concepts underpin decentralized identity management: decentralized identifiers (DID) and verified credentials (VC).
A DID is a globally recognized unique identifier that can refer to any subject, i.e., person, organization, or abstract entity. DIDs are created and generated cryptographically.
As the name implies, DIDs don’t rely on centralized registries. They use blockchain and distributed ledger technologies to validate the legitimacy of an identity. Therefore, they’re immutable; no third party can remove, censor, or manipulate them.
DIDs allow you to use your digital identity across many platforms and blockchains while protecting your privacy and assuring security. They’re user-generated and self-owned.
Verified Credentials (VC)
Our credentials, like university degrees, proof of work experience, or healthcare background issued by trusted entities, bring us many advantages in the physical world. However, they don’t yet work that efficiently in the digital realm. For that to happen, credentials must be digitally verified.
VCs represent tamper-proof digital versions of such credentials generated cryptographically. Like in the physical world, any trusted organization, such as a school or a hospital, can issue VCs. As such, verifiable credentials include the same information as physical credentials. In short, they can prove real-world attributes and skills in the digital world.
VCs and DIDs work in tandem through the implementation of open standards. As a result, we can collect, for example, many credentials from different sources and keep them all in one crypto wallet.
The leading standards used today for DIDs and VCs are provided by the World Wide Web Consortium (W3C). W3C’s standards require three roles:
- Holders are the owners of digital identities.
- Issuers are the trusted authorities that generate and issue credentials to holders.
- Verifiers are third parties that validate the authenticity of the controller’s identity.
When requested to share data, the holder can decide whether to authorize it or not. So, issuers or verifiers can only access the information shared by the DID holder. This information exchange can occur through various technologies, like NFC, QR, or Bluetooth. Zero-knowledge proofs are applied to restrict full information access.
Who’s providing decentralized identity management?
IOTA is building the Unified Identity Protocol (UIP) based on the W3C standards. UIP will allow anyone to generate a digital identity. IOTA uses its own distributed ledger known as Tangle, which is a feeless and scalable solution. That’s why generating decentralized identities using UIP is expected to be feeless as well. UIP will provide a platform to unite identity under one unified protocol. This means trustworthy relationships will be built not only with humans but also objects, cars, etc.
Ontology’s ONT ID is another decentralized identity solution built using the W3C standards. ONT ID enables developers to create VCs through SDKs written in Java and Golang languages. To combine VCs with DIDs, developers can use ID SDKs. Businesses can integrate Ontology’s decentralized ID solution seamlessly with their existing frameworks.