The truth of the popular statement “everyone is online now” gets more grounded with each day that passes. Daily, millions of people come online to carry out different activities ranging from researching an academic topic, to shopping for new items, to dropping comments on social media platforms and even carrying out different financial transactions. The more transactions an individual carries out online, the more digital footprints they leave behind.
Problems Of Current Identity Management Systems
Most online transactions require that individuals disclose specific personal information before they can proceed to access services. For instance, before financial transactions can be carried out on platforms such as Amazon Pay, PayPal and Google Wallet, among others, users are always required to input their sign up/login details — i.e., financial and personal details. Thus, every time an individual discloses this information, it gets stored on numerous internet databases. As such, digital clones of one and the same individual spring into existence across these different platforms. This also exposes a lot of security issues. Thus, as evidenced by the Equifax hack, gaining access to a major database exposes all the personal information of users and exemplifies the high vulnerability of the current system.
In addition, most of the identity management solutions in existence have certain limitations in place, either by attribute sets or by a specified schema. Using the GOV.UK Verify as an example, although it is deemed to be a general identity assurance scheme for UK citizens, the system is, however, heavily affected by a limitation of data set. Thus, when the need arises, it might be impossible to conveniently expand the system to take additional set into account.
Most systems in place rely heavily on obtaining individual data without the knowledge of the owner, and third parties can, in turn, gain access to this data without the subject’s knowledge. Further, information contained on these online databases can be shared with third parties without the subject’s consent. Although this may sometimes be done in the interest or service of the subject, such as for recommending related goods and services the subject can try out, it doesn’t change the fact that the consent of the individual wasn’t obtained and control is left in the hands of those who own the database. This leaves the subject with little or no choice in deciding whether or not they want their data shared with other parties.
All these practices amount to breach of privacy and are not in tune with this digital age.
The problems highlighted above point to the single fact: that the current online identity management systems are far from being sustainable.
Having highlighted the problems, what then can be done to ensure that an identity management system is sustainable? It is fundamental to note at this point that blockchain technology has been suggested as a viable way out
Blockchain As A Panacea To Problems Of Identity Management
Blockchain can be used to create a platform that protects individuals’ identities from theft and massively reduces fraudulent activities. The technology can also help businesses build strong blockchains that handle the issues of authentication and reconciliation encountered in several industries. Additionally, it can allow individuals the freedom to create encrypted digital identities that will replace multiple usernames and passwords while offering more comprehensive security features capable of saving customers and institutions valuable time and resources.
The blockchain technology runs a system of decentralisation and transparency which makes it easy to detect and reduce fraudulent activities. For this, some crypto experts have posited that blockchain might be a highly effective means of securing online identity. It has been explained by some of the crypto experts that by putting our identity information on a blockchain, we will be able to control the use of the information. Further, with relevant applications, there will also be a possibility of determining how much information we are willing to disclose to a party who intends to identify us.
While some experts have expressed scepticism about its utility, others remain enthusiastic about the utility of the technology. One of those falling into the latter category is an IBM Fellow and VP of blockchain technologies, Jerry Cuomo, who stated that blockchain was capable of making a massive impact as more people demanded to remain in control of their identities. He described Blockchain as the fundamental technology championing the course of providing self-sovereign identity made possible by using networks that are decentralised. He added that the technology thrives on privacy and trust and the transactions done on it will be secure, verifiable and endorsed by users who will decide when to give their permissions.
Expressing that the utility of the technology depended on circumstances, the CEO of Ping Identity, Andre Durand, stated that there wasn’t the likelihood that blockchain technology would fully replace existing systems five years from now. However, he recognised that it would begin to play a role in areas involving keeping accurate records on a distributed system and become a part of the existing identity management system and bring about improvements to certain operations.
Blockchain can be used to create a platform which protects individuals’ identities from theft and massively reduces fraudulent activities. The technology can also help businesses to build strong blockchains that handle the issues of authentication and reconciliation encountered in several industries. The technology can also allow individuals the freedom to create encrypted digital identities that will replace multiple usernames and passwords while offering more comprehensive security features capable of saving customers and institutions valuable time and resources.
Individuals can also easily create a self-sovereign identity on blockchain. A self-sovereign identity simply refers to an individual identity which is fully controlled and maintained personally by the individual. It becomes difficult to steal such an identity from an individual, and this handles the issue of identity theft that is common on the traditional identity management system. The use of permissioned blockchains could also provide a decentralized method of registration which connotes that an individual would get an identity that isn’t dependent on any centralized authority and cannot, therefore, be controlled or interfered with by any third party without the individual’s consent.
The adoption of the bitcoin technology would also create an avenue to develop a trust model that allows individuals, and even organisations share personal and classified information in a secured manner without having to use a middleman or any intermediary system.
In essence, blockchain has been suggested as the way forward majorly because it stores data in a decentralised and immutable way which makes it possible to store a single user identity to be in a safe and incorruptible database which can be subsequently updated by the user. What more, the solutions offered by this technology isn’t sector-specific and can be effectively utilised in any sector, either private or public.
With the combination of the decentralized blockchain principle and a comprehensive system for verifying identity, it has been suggested that a digital ID can be created for each online user to serve as digital watermark affixed to all transactions carried out by the user. If properly utilized, there might be a possibility of ascertaining the truth of individual identity.
However, it is quite easy to set up a digital identity by creating a completely fake one or using that of an entirely different person. Even though people use passwords to secure their data, it has been established that the security of this password and the databases on which they are stored are highly vulnerable and can easily be hacked. Thus, rather than storing on different databases, Blockchain could be used to tackle these security issues as it is a system which thrives on security, immutability and uniqueness thereby slimming the chances of any intruder gaining access without adequate authorization.
In conclusion, blockchain may be the way forward for developing an identity management system that gives full control to users. The technology will also allow us as users to determine the data we desire to share across different transactional mediums while also protecting our identity from theft. It will also make things easier, more convenient and help the maintenance of an updated digital clone. However, the blockchain technology isn’t magic, and there is no feature that automatically makes everything included on the blockchain to be asserted as the truth. In the end, the authenticity and veracity of any information will still be on the part of the individuals who input their personal data on the blockchain and the organizations that have the ability and authority to vet and assert the authenticity of the data that’s stored on the blockchain.
This article has been edited with more content in addition to what was originally published on FORBES. You can visit the original article here .