Decentralized identity using blockchain – VentureBeat

Did you miss a session at the Data Summit? Watch On-Demand Here.

This article was contributed by Deepak Gupta, cofounder of LoginRadius, tech strategist, cybersecurity innovator, and author.
Today, almost all of our digital identities are linked through devices, apps, and services. Service providers control these digital identities and their respective digital identity data.
Because of this, users are now experiencing misuse of personal data and data breaches that affect their social, financial, and professional lives. 
Additionally, giving access to multiple third parties or service providers from different applications makes it harder for users to manage their personal data and revoke access to their information. Users need to own and control their digital identities to address these concerns, preferably from a single source.
A centralized system makes user identity data extremely prone to cyberattacks and privacy breaches. But decentralized identity solutions provide a new horizon by enabling users and service providers to have better authority over their identity and personal data. 
This article addresses the following:
Decentralized identity is based on a trust framework for identity management. It allows users to generate and control their own digital identity without depending on a specific service provider. 
For example, digital identities can get approval from multiple issuers such as an employer, a government, or a university that remains stored in a digital wallet called an “identity wallet.” Using the identity wallet, the user (i.e., the identity owner) can present proof of their identity to any third party. The wallet helps users give and revoke access to identity information from a single source, making it easier.
According to Forrester, “Decentralized digital identity (DDID) is not just a technology buzzword: It promises a complete restructuring of the currently centralized physical and digital identity ecosystem into a decentralized and democratized architecture.” 
The setup of decentralized identity with blockchain typically consists of the following elements: 
In a decentralized form of identity, an application (an identity wallet) allows users to create their own digital identity. Upon identity creation, the respective cryptographic keys (a public and a private key) are generated. 
The identity wallet submits a registration payload with a public key to the blockchain, which generates a unique identifier against your wallet. The private key remains with the user’s device/identity wallet and is used during the authentication.
Similarly, issuers such as the government, universities, and finance institutes verify the respective identity information and add to the digital identity data in a process that is like issuing certificates. The processes, for example, verifying user identity and issuing new credentials, require issuers to sign using their private keys.
These are the steps of authentication using decentralized identity and blockchain.
Let’s assume an online shopping scenario where the required data will transit from the wallet associated with the decentralized identity. The wallet in this scenario contains the verified identity, address, and financial data. 
The users share identity data to log in with the website by submitting the required information from the identity wallet. They are authenticated with the website without sharing the actual data. The same scenario applies to the checkout process; a user can place an order with the address and payment source already verified in his identity wallet.  
Consequently, a user can go through a smooth and secure online shopping experience without sharing an address or financial data with an ecommerce website owner.
From all the above facts, it is evident that decentralized identity with blockchain can completely transform the digital identity landscape. It will make digital identity management decentralized and seamless, as no particular organization will govern the user data.
More importantly, users will be able to easily authenticate themself without sharing their sensitive personal information with third parties.
Deepak Gupta is cofounder of LoginRadius, tech strategist, cybersecurity innovator, and author.
Welcome to the VentureBeat community!
DataDecisionMakers is where experts, including the technical people doing data work, can share data-related insights and innovation.
If you want to read about cutting-edge ideas and up-to-date information, best practices, and the future of data and data tech, join us at DataDecisionMakers.
You might even consider contributing an article of your own!
Read More From DataDecisionMakers
Head over to the Data Summit’s On-Demand section to dive into end-user case studies to untangle the complexity, importance and cost of data among various industry verticals.
Did you miss a session at the Data Summit? Head over to the On-Demand to catch up on all the sessions.
© 2022 VentureBeat. All rights reserved.
We may collect cookies and other personal information from your interaction with our website. For more information on the categories of personal information we collect and the purposes we use them for, please view our Notice at Collection.