Anonymous, pseudonymous, or real identities can be uniquely mapped on the blockchain, offering us the promise of owning our own identities, and not having them controlled by Google or Facebook. The vision of blockchain-based identity promises to empower users to be in complete control of their identity. This promise could lead to easy, single, or seamless sign-ons that zigzag Internet users straight through the maze of entry and access points to unlock personal information, access services, and transact with digital assets.
In its simplest form, the blockchain can be used to uniquely authenticate your identification, in irrefutable and immutable ways, because your “keys” are your identity. But what happens if you need several keys instead of just one, because every service you use requires a different one? Imagine if you had five keys to your house, and depending on the day, or the entry point, you’d need to use a different one. Or, if you had five different homes in different parts of the world, you would certainly come up with a way to keep your keys. It’s definitely possible, but burdensome. Online, we are already challenged by keeping track of multiple passwords in our heads, or in notes, and we’re always worried about getting hacked potentially, or forgetting them. I would expect that blockchain-assisted identity and access solutions can help us arrive at better solutions than the current ones.
In an ideal world, why could not our online and offline identities blur? Why do we accept that our driver’s license is only valid in physical settings (mostly), and our online identities (Facebook or other) are useless at airport security or at the bank? Of course, newly issued passports are beginning to bridge that divide when we scan them at the airport kiosks, and we complete our identification via a retinal scan, or other pieces of information to triangulate on our identity.
In the blockchain world, there are various approaches that are addressing identity and personal security, including granting us access to data and services. Some require new hardware solutions, others are software-based, and some integrate with business-to-business solutions.
1 Hardware. The analogy is similar to showing a passport, or other government-issued identity card, such as driver’s license. That card gives us access to travel, or authorizes us to drive a car. On the blockchain, some of these solutions are also combining biometric data to add to the authentication mix. Examples: ShoCard, Case.
2 Software. The closest analogy is the current Auth-based identifications we routinely perform on the Web when signing to websites using our Facebook, Twitter or Google IDs. But with blockchain solutions, the roles are reversed: you self-register your identity first, and then you link to your social accounts. Examples: Netki, OneName, BitID, Identifi.
3 Integration-first. Whereas the first two approaches generally start with the consumer, this segment starts by figuring out the integration requirements with existing business solutions.
Blockchain identification schemes have a chance, but there are uncertainties ahead. On the consumer side, could they replace our linking to Facebook, Google, or Twitter, and lure us to start with them instead? And on the business side, could they supplant already entrenched solutions such as SWIFT’s 3SKey multi-bank, multi-network personal identity solution, or Markit’s KYC? For blockchain-based solutions, the bar is high for simplicity requirements and reaching large numbers of users. They are going against the millions of Google, Facebook, and Twitter users, or the thousands of financial institutions already using SWIFT or Markit. Of course the blockchain industry could have its own solution. Why should we be subjected to repetitive Know Your Customer processes each time we register for a new cryptocurrency exchange? Let us not make the same mistake as in the physical world.
When it comes to the implementation and evolution of blockchain solutions, there are a few issues and questions:
Changing habits is one of the biggest hurdles to technology adoption, and this area is no different. We do not know yet if a full move to digital identities would invite some abuse, or decrease friction, and increase total user engagement.
- Is the separation of data and identity a good thing? Does it create multiple pseudo identities and personas ad nauseam?
- How about the impact of transaction history on our reputation? Will rating our online reputation become the new consumer credit score equivalent?
- Is anonymity a good thing, or can that moniker be abused to achieve malicious goals?
- Does this open up the market to promote financial inclusion, or does it raise the adoption bar higher?